Data-centric Research On Several Security Problems In Online Social Networks

During recent years, Online Social Network has been playing a role of more andmore importance in people’s work and life. OSN has been a new tie for people tokeep social connections. With the development of OSN, while it provides real-timeand convenient social services, the security problems of OSN are becoming seriousday by day: thousands of Sybil accounts, large quantities of spam, wide spread ofonline rumors. On one side, these problems have caused threats to the servicesthat ONS provides; on the other side, they have negative impact on legitimateusers’ experiences, which reduce the viscosity of users with respect to OSN andfurthermore cause heavy economic losses.Currently, the security problems in OSN have become research focus of theacademic feld. Based on the lifetime of data, this paper tries to be data-centricand studies the security issues within the generation, difusion and reception stagesof data in OSN. The security issues and corresponding solutions within each stageare described as follows:1. In the generation stage of data, with respect to the tag spam generated bymalicious users, this paper proposes DSpam, a tag spam demotion algorith-m which is based on the reputation model. DSpam calculates the relative reputation between two users based on their interaction of judging the qual-ity of each other’s tags. If there is no such interaction, then cosine-basedsimilarity degree is calculated and used as the relative reputation; if there issuch interaction, DSpam adopts both feedback reputation and recommenda-tion reputation. The feedback reputation is based on the accumulative resultsof tag quality judgment. Considering the social properties of OSN, the recom-mendation reputation is based on the friends’ feedback reputation and theirrecommendation weights. When a client searches the resources with respectto a tag, DSpam ranks the search results by the relative reputations of theannotators of the corresponding tags with respect to the client. Therefore, aresource with tag spam will be ranked in the end of the result list. The exper-iment proves that DSpam can obtain lower SpamFactor values compared toexisting demotion algorithms such as Boolean-based, Occurrence-based, andCoincidence-based. Besides, considering that existing demotion algorithmscannot defend against collusive attacks of tag spam, DSpam performs well indefending against collusive attacks launched by large quantities of malicioususers. The rapid decrement of reputation based on consecutive negative feed-back makes DSpam can defend against trick attacks of tag spam to a certainextent.2. In the difusion stage of data, with respect to the difusion of fake informationin OSN, this paper proposes a fake information difusion control method Fidic,which is based on PageRank. When controlling the difusion of information ofa certain theme, Fidic regards users in OSN as webpages, regards the difusionbehavior of users with respect to the information as hyperlinks between web-pages, and adopts PageRank to calculate the corresponding users’ rankings oftheir importance within the difusion. Users of higher rankings are controlledearlier so as to obtain a smaller coverage to which the fake information canreach. Besides, this paper also proposes the evaluation method of the efect ofinformation difusion in OSN so as to do corresponding quantitative analysis.The experiment proves that, compared to random-based, outdegree-based and indegree-based, Fidic can obtain the smallest coverage of fake information dif-fusion when the percentage of users controlled is set. Fidic also can obtain thesmallest percentage of users controlled when the coverage of fake informationdifusion is set.3. In the reception stage of data, with respect to current coarse-grained accesscontrol mechanisms in OSN, this paper proposes iSac, a social access controlmethod based on intimacy degrees of friends. iSac does statistics to the on-line social behaviors between users, calculates the weights of all types of socialatomic behaviors by supervised machine learning, and then gives the rankingresult of intimacy degrees of all the friends of a client based on all the socialbehavior data between the client and his friends in OSN. Users in OSN canmake personalized and intelligent access control policies based on the quanti-tative result of friend intimacy degrees. The experiment proves that, iSac haslower miss-covering-rate in the calculation of friend intimacy degrees, whichguarantees the efective implementation of fne-grained social access control.Besides, this paper also discusses the application of friend intimacy degree inprivacy protection, content recommendation and Sybil defense in OSN.