| 1. |
- Bahri, Leila, et al.
(författare)
-
Beat the DIVa : Decentralized Identity Validation for Online Social Networks
- 2016
-
Ingår i: 2016 32ND IEEE INTERNATIONAL CONFERENCE ON DATA ENGINEERING (ICDE). - 9781509020201 ; , s. 1330-1333
-
Konferensbidrag (refereegranskat)abstract
- Fake accounts in online social networks (OSNs) have known considerable sophistication and are now attempting to gain network trust by infiltrating within honest communities. Honest users have limited perspective on the truthfulness of new online identities requesting their friendship. This facilitates the task of fake accounts in deceiving honest users to befriend them. To address this, we have proposed a model that learns hidden correlations between profile attributes within OSN communities, and exploits them to assist users in estimating the trustworthiness of new profiles. To demonstrate our method, we suggest, in this demo, a game application through which players try to cheat the system and convince nodes in a simulated OSN to befriend them. The game deploys different strategies to challenge the players and to reach the objectives of the demo. These objectives are to make participants aware of how fake accounts can infiltrate within their OSN communities, to demonstrate how our suggested method could aid in mitigating this threat, and to eventually strengthen our model based on the data collected from the moves of the players.
|
|
| 2. |
- Bahri, Leila, et al.
(författare)
-
Blockchain technology : Practical P2P computing (Tutorial)
- 2019
-
Ingår i: Proceedings - 2019 IEEE 4th International Workshops on Foundations and Applications of Self* Systems, FAS*W 2019. - : Institute of Electrical and Electronics Engineers (IEEE). - 9781728124063 ; , s. 249-250
-
Konferensbidrag (refereegranskat)abstract
- Blockchain technology comes with the promise to revolutionize the way current IT systems are organized as well as to revise how trust is perceived in the wider society. In spite of the wide attention that cyrpto-currencies (such as Bitcoin) have attracted, Blockchain technology is more likely to make an impact beyond ongoing speculations on cyrpto-currencies. Decentralized identity management, transparent supply-chain systems, and IoT governance and security are only few examples of research challenges for which this technology may hold substantial potential. Blockchain technology has emerged at the intersection of two well established research areas: peer-to-peer (P2P) computing and cryptography. In this tutorial, we provide a general overview of the main components behind this technology, we present the difference between the types of Blockchain available today, and we make a high level discussion on its potentials and limitations as well as possible research challenges.
|
|
| 3. |
- Bahri, Leila, et al.
(författare)
-
Decentralized privacy preserving services for Online Social Networks
- 2018
-
Ingår i: Online Social Networks and Media. - : Elsevier BV. - 2468-6964. ; 6, s. 18-25
-
Tidskriftsartikel (refereegranskat)abstract
- Current popular and widely adopted Online Social Networks (OSNs) all follow a logically centered architecture, by which one single entity owns unprecedented collections of personal data in terms of amount, variety, geographical span, and richness in detail. This is clearly constituting one of the major threats to users privacy and to their right to be-left-alone. Decentralization has then been considered as the panacea to privacy issues, especially in the realms of OSNs. However, with a more thoughtful consideration of the issue, it could be argued that decentralization, if not designed and implemented carefully and properly, can have more serious implications on users privacy rather than bringing radical solutions. Moreover, research on Decentralized Online Social Networks (DOSNs) has shown that there are more challenges to their realization that need proper attention and more innovative technical solutions. In this paper, we discuss the issues related to privacy preservation between centralization and decentralization, and we provide a review of available research work on decentralized privacy preserving services for social networks.
|
|
| 4. |
- Bahri, Leila, et al.
(författare)
-
Enhanced audit strategies for collaborative and accountable data sharing in social networks
- 2018
-
Ingår i: ACM Transactions on Internet Technology. - : Association for Computing Machinery (ACM). - 1533-5399 .- 1557-6051. ; 18:4
-
Tidskriftsartikel (refereegranskat)abstract
- Data sharing and access control management is one of the issues still hindering the development of decentralized online social networks (DOSNs), which are now gaining more research attention with the recent developments in P2P computing, such as the secure public ledger-based protocols (Blockchains) for monetary systems. In a previous work, we proposed an initial audit-based model for access control in DOSNs. In this article, we focus on enhancing the audit strategies and the privacy issues emerging from records kept for audit purposes. We propose enhanced audit and collaboration strategies, for which experimental results, on a real online social network graph with simulated sharing behavior, show an improvement in the detection rate of bad behavior of more than 50% compared to the basic model.We also provide an analysis of the related privacy issues and discuss possible privacy-preserving alternatives.
|
|
| 5. |
- Bahri, Leila
(författare)
-
Identity related threats, vulnerabilities and risk mitigation in online social networks : A tutorial
- 2017
-
Ingår i: CCS '17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. - New York, NY, USA : Association for Computing Machinery (ACM). - 9781450349468 ; , s. 2603-2605
-
Konferensbidrag (refereegranskat)abstract
- This tutorial provides a thorough review of the main research directions in the field of identity management and identity related security threats in Online Social Networks (OSNs). The continuous increase in the numbers and sophistication levels of fake accounts constitutes a big threat to the privacy and to the security of honest OSN users. Uninformed OSN users could be easily fooled into accepting friendship links with fake accounts, giving them by that access to personal information they intend to exclusively share with their real friends. Moreover, these fake accounts subvert the security of the system by spreading malware, connecting with honest users for nefarious goals such as sexual harassment or child abuse, and make the social computing environment mostly untrustworthy. The tutorial introduces the main available research results available in this area, and presents our work on collaborative identity validation techniques to estimate OSN profiles trustworthiness.
|
|
| 6. |
- Bahri, Leila, et al.
(författare)
-
Knowledge-based approaches for identity management in online social networks
- 2018
-
Ingår i: Wiley Interdisciplinary Reviews. Data Mining and Knowledge Discovery. - : Wiley. - 1942-4787 .- 1942-4795. ; 8:5
-
Forskningsöversikt (refereegranskat)abstract
- When we meet a new person, we start by introducing ourselves. We share our names, and other information about our jobs, cities, family status, and so on. This is how socializing and social interactions can start: we first need to identify each other. Identification is a cornerstone in establishing social contacts. We identify ourselves and others by a set of civil (e.g., name, nationality, ID number, gender) and social (e.g., music taste, hobbies, religion) characteristics. This seamlessly carried out identification process in face-to-face interactions is challenged in the virtual realms of socializing, such as in online social network (OSN) platforms. New identities (i.e., online profiles) could be created without being subject to any level of verification, making it easy to create fake information and forge fake identities. This has led to a massive proliferation of accounts that represent fake identities (i.e., not mapping to physically existing entities), and that poison the online socializing environment with fake information and malicious behavior (e.g., child abuse, information stealing). Within this milieu, users in OSNs are left unarmed against the challenging task of identifying the real person behind the screen. OSN providers and research bodies have dedicated considerable effort to the study of the behavior and features of fake OSN identities, trying to find ways to detect them. Some other research initiatives have explored possible techniques to enable identity validation in OSNs. Both kinds of approach rely on extracting knowledge from the OSN, and exploiting it to achieve identification management in their realms. We provide a review of the most prominent works in the literature. We define the problem, provide a taxonomy of related attacks, and discuss the available solutions and approaches for knowledge-based identity management in OSNs. This article is categorized under: Fundamental Concepts of Data and Knowledge > Human Centricity and User Interaction Application Areas> Internet and Web-Based Applications Application Areas> Society and Culture
|
|
| 7. |
- Bahri, Leila, et al.
(författare)
-
Trust Mends Blockchains: Living up to Expectations
- 2019
-
Ingår i: <em>IEEE 39th International Conference on Distributed Computing Systems (ICDCS), Dallas, July 7-10 2019</em>. ; , s. 1358-1368
-
Konferensbidrag (refereegranskat)abstract
- At the heart of Blockchains is the trustless leader election mechanism for achieving consensus among pseudoanonymous peers, without the need of oversight from any third party or authority whatsoever. So far, two main mechanisms are being discussed: proof-of-work (PoW) and proof-of-stake (PoS). PoW relies on demonstration of computational power, and comes with the markup of huge energy wastage in return of the stake in cyrpto-currency. PoS tries to address this by relying on owned stake (i.e., amount of crypto-currency) in the system. In both cases, Blockchains are limited to systems with financial basis. This forces non-crypto-currency Blockchain applications to resort to “permissioned” setting only, effectively centralizing the system. However, non-crypto-currency permisionless blockhains could enable secure and self-governed peer-to-peer structures for numerous emerging application domains, such as education and health, where some trust exists among peers. This creates a new possibility for valuing trust among peers and capitalizing it as the basis (stake) for reaching consensus. In this paper we show that there is a viable way for permisionless non-financial Blockhains to operate in completely decentralized environments and achieve leader election through proof-of-trust (PoT). In our PoT construction, peer trust is extracted from a trust network that emerges in a decentralized manner and is used as a waiver for the effort to be spent for PoW, thus dramatically reducing total energy expenditure of the system. Furthermore, our PoT construction is resilient to the risk of small cartels monopolizing the network (as it happens with the mining-pool phenomena in PoW) and is not vulnerable to sybils. We evluate security guarantees, and perform experimental evaluation of our construction, demonstrating up to 10-fold energy savings compared to PoW without trading off any of the decentralization characteristics, with further guarantees against risks of monopolization.
|
|
| 8. |
- Bahri, Leila, et al.
(författare)
-
When Trust Saves Energy - A Reference Framework for Proof-of-Trust (PoT) Blockchains
- 2018
-
Ingår i: WWW '18 Companion Proceedings of the The Web Conference 2018. - New York, New York, USA : ACM Digital Library. - 9781450356404 ; , s. 1165-1169
-
Konferensbidrag (refereegranskat)abstract
- Blockchains are attracting the attention of many technical, financial, and industrial parties, as a promising infrastructure for achieving secure peer-to-peer (P2P) transactional systems. At the heart of blockchains is proof-of-work (PoW), a trustless leader election mechanism based on demonstration of computational power. PoW provides blockchain security in trusless P2P environments, but comes at the expense of wasting huge amounts of energy. In this research work, we question this energy expenditure of PoW under blockchain use cases where some form of trust exists between the peers. We propose a Proof-of-Trust (PoT) blockchain where peer trust is valuated in the network based on a trust graph that emerges in a decentralized fashion and that is encoded in and managed by the blockchain itself. This trust is then used as a waiver for the difficulty of PoW; that is, the more trust you prove in the network, the less work you do.
|
|
| 9. |
- Carminati, Barbara, et al.
(författare)
-
Cyber Pandemics
- 2023
-
Ingår i: IEEE Internet Computing. - : Institute of Electrical and Electronics Engineers (IEEE). - 1089-7801 .- 1941-0131. ; 27:2, s. 5-6
-
Forskningsöversikt (refereegranskat)abstract
- The focus of this special issue is on studying the consequences of pandemics and cyber pandemics on privacy and trust both in the digital and the real worlds. In the aftermath of the recent COVID-19 pandemic that has shaken several aspects of our lives for almost two years of time, preliminary research indicates that the technological capabilities and the data that have been deployed and exploited to contain the spread of the disease may have affected people's privacy, sense of security, as well as their trust in their governing institutions. The enclosed articles explore both the effectiveness and the impacts of some of the deployed technologies in the handling of the COVID-19 pandemic on people's privacy as well as on their security and related risks.
|
|
| 10. |
- Giaretta, Lodovico, 1995-
(författare)
-
Towards Decentralized Graph Learning
- 2023
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Current Machine Learning (ML) approaches typically present either a centralized or federated architecture. However, these architectures cannot easily keep up with some of the challenges introduced by recent trends, such as the growth in the number of IoT devices, increasing awareness about the privacy and security implications of extensive data collection, and the rise of graph-structured data and Graph Representation Learning. Systems based on either direct data collection or Federated Learning contain centralized, privileged systems that may act as scalability bottlenecks and dangerous single points of failure, while requiring users to trust the privacy protections and security practices in place. The combination of these issues ultimately leads to data waste, as opportunities to extract insights from available data are missed and thus the full societal benefits of advanced data analytics and ML are not realized.In this thesis, we argue for a paradigm shift towards a completely decentralized and trustless architecture for privacy-aware Graph Representation Learning, which employs Gossip Learning and other gossip-based peer-to-peer techniques to achieve high levels of scalability and resilience while reducing the risk of privacy leaks. We then identify and pursue three key research directions necessary to achieve our vision: lifting unrealistic assumptions on Gossip Learning, identifying and developing specific use cases that are enabled or improved by gossip-based decentralization, and overcoming the obstacles to the deployment of decentralized training and inference for Graph Representation Learning models. Based on these key directions, our contributions are as follows. First, we analyze the robustness of Gossip Learning when several unrealistic but often assumed conditions are lifted. Then, we exploit Gossip Learning and gossip-based peer-to-peer protocols more in general across three use cases: the collaborative training of differentially-private Naive Bayes classifiers across organizations holding sensitive user data; the construction of decentralized, privacy-preserving data marketplaces; and the development and decentralization of early-stage IoT botnet detection systems based on Graph Representation Learning. Finally, we introduce a general framework for the fully-decentralized training of Graph Neural Networks, overcoming the typical requirement of these models to access non-local information during training and inference. The combination of these contributions removes major roadblocks towards decentralized graph learning, and also opens a new research direction aimed at further developing and optimizing the fully-decentralized training of Graph Representation Learning models.
|
|
