• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.5
• /
• pp.1341-1368
• /
• 2024

The concept of privacy-preserving collaborative filtering (PPCF) has been gaining significant attention. Due to the fact that model-based recommendation methods with privacy are more efficient online, privacy-preserving memory-based scheme should be avoided in favor of model-based recommendation methods with privacy. Several studies in the current literature have examined ant colony clustering algorithms that are based on non-privacy collaborative filtering schemes. Nevertheless, the literature does not contain any studies that consider privacy in the context of ant colony clustering-based CF schema. This study employed the ant colony clustering model-based PPCF scheme. Attacks like shilling or profile injection could potentially be successful against privacy-preserving model-based collaborative filtering techniques. Afterwards, the scheme's robustness was assessed by conducting a shilling attack using six different attack models. We utilize masked data-based profile injection attacks against a privacy-preserving ant colony clustering-based prediction algorithm. Subsequently, we conduct extensive experiments utilizing authentic data to assess its robustness against profile injection attacks. In addition, we evaluate the resilience of the ant colony clustering model-based PPCF against shilling attacks by comparing it to established PPCF memory and model-based prediction techniques. The empirical findings indicate that push attack models exerted a substantial influence on the predictions, whereas nuke attack models demonstrated limited efficacy.

• Journal of Communications and Networks
• /
• v.15 no.2
• /
• pp.153-163
• /
• 2013

In recent years, more and more researches have been focusing on trust management of vehicle ad-hoc networks (VANETs) for improving the safety of vehicles. However, in these researches, little attention has been paid to the location privacy due to the natural conflict between trust and anonymity, which is the basic protection of privacy. Although traffic safety remains the most crucial issue in VANETs, location privacy can be just as important for drivers, and neither can be ignored. In this paper, we propose a beacon-based trust management system, called BTM, that aims to thwart internal attackers from sending false messages in privacy-enhanced VANETs. To evaluate the reliability and performance of the proposed system, we conducted a set of simulations under alteration attacks, bogus message attacks, and message suppression attacks. The simulation results show that the proposed system is highly resilient to adversarial attacks, whether it is under a fixed silent period or random silent period location privacy-enhancement scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.5
• /
• pp.1272-1290
• /
• 2013

Privacy-preserving collaborative filtering schemes are becoming increasingly popular because they handle the information overload problem without jeopardizing privacy. However, they may be susceptible to shilling or profile injection attacks, similar to traditional recommender systems without privacy measures. Although researchers have proposed various privacy-preserving recommendation frameworks, it has not been shown that such schemes are resistant to profile injection attacks. In this study, we investigate two memory-based privacy-preserving collaborative filtering algorithms and analyze their robustness against several shilling attack strategies. We first design and apply formerly proposed shilling attack techniques to privately collected databases. We analyze their effectiveness in manipulating predicted recommendations by experimenting on real data-based benchmark data sets. We show that it is still possible to manipulate the predictions significantly on databases consisting of masked preferences even though a few of the attack strategies are not effective in a privacy-preserving environment.

• International Journal of Computer Science & Network Security
• /
• v.21 no.1
• /
• pp.174-183
• /
• 2021

The advent of social media has revolutionized the speed of communication between millions of people around the world in various cultures and disciplines. Social media is the best platform for exchanging opinions and ideas, interacting with other users of similar interests and sharing different types of media and files. With the phenomenal increase in the use of social media platforms, the need to pay attention to protection and security from attacks and misuse has also increased. The present study conducts a comprehensive survey of the latest and most important research studies published from 2018-20 on security and privacy on social media and types of threats and attacks that affect the users. We have also reviewed the recent challenges that affect security features in social media. Furthermore, this research pursuit also presents effective and feasible solutions that address these threats and attacks and cites recommendations to increase security and privacy for the users of social media.

• Journal of KIISE
• /
• v.44 no.2
• /
• pp.195-207
• /
• 2017

In recent years, data are actively exploited in various fields. Hence, there is a strong demand for sharing and publishing data. However, sensitive information regarding people can breach the privacy of an individual. To publish data while protecting an individual's privacy with minimal information distortion, the privacy- preserving data publishing(PPDP) has been explored. PPDP assumes various attacker models and has been developed according to privacy models which are principles to protect against privacy breaching attacks. In this paper, we first present the concept of privacy breaching attacks. Subsequently, we classify the privacy models according to the privacy breaching attacks. We further clarify the differences and requirements of each privacy model.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.1
• /
• pp.63-70
• /
• 2009

As individuals spend more time doing social and economic life on the web, the importance of protecting privacy against Phishing and Pharming attacks also increases. Until now, there have been researches on the methods of protection against Phishing and Pharming. However, these researches don't provide efficient methods for protecting privacy and don't consider Pharming attacks. In this paper, we propose an authentication protocol that protects user information from Phishing and Pharming attacks. In this protocol, the messages passed between clients and servers are secure because they authenticate each other using a hash function of password and location information which are certificated to clients and servers only. These messages are used only once, so that the protocol is secure from replay attacks and man-in-the-middle attacks. Furthermore, it is also secure from Pharming attacks.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.20 no.2
• /
• pp.173-180
• /
• 2010

The research of the preserving privacy of sensitive information has been popular recently. Many researches about the techniques of generalizing records under k-anonymity rules have been done. Considering that data anonymity requires a lot of time and resources, it would be important to decide whether a table is vulnerable to privacy attacks before being opened in terms of the improvement of data utilization as well as the privacy protection. It is also important to check to which attack the table is vulnerable and which of anonymity methods should be applied in the table. This paper describe two possible privacy attacks based upon related references. Also, we suggest the technique to check whether data table is vulnerable to any attack of them and describe what kind of anonymity methods should be done in the table. The technique we suggest in this paper can also be applied for checking the safety of anonymity tables in which insert or delete operations occurred as well from privacy attacks.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12spc
• /
• pp.399-408
• /
• 2021

Information security reports four types of basic attacks on information. One of the attacks is named as fabrication. Even though mobile devices and applications are showing its maturity in terms of performance, security and ubiquity, location-based applications still faces challenges of quality of service, privacy, integrity, authentication among mobile devices and hence mobile users associated with the devices. There is always a continued fear as how location information of users or IoT appliances is used by third party LB Service providers. Even adversary or malicious attackers get hold of location information in transit or fraudulently hold this information. In this paper, location information fabrication scenarios are presented after knowing basic model of information attacks. Peer-to-Peer broadcast model of location privacy is proposed. This document contains introduction to fabrication, solutions to such threats, management of fabrication mitigation in collaborative or peer to peer location privacy and its cost analysis. There are various infrastructure components in Location Based Services such as Governance Server, Point of interest POI repository, POI service, End users, Intruders etc. Various algorithms are presented and analyzed for fabrication management, integrity, and authentication. Moreover, anti-fabrication mechanism is devised in the presence of trust. Over cost analysis is done for anti-fabrication management due to nature of various cryptographic combinations.

• Journal of Computing Science and Engineering
• /
• v.5 no.3
• /
• pp.197-209
• /
• 2011

The increasing popularity of graph data, such as social and online communities, has initiated a prolific research area in knowledge discovery and data mining. As more real-world graphs are released publicly, there is growing concern about privacy breaching for the entities involved. An adversary may reveal identities of individuals in a published graph, with the topological structure and/or basic graph properties as background knowledge. Many previous studies addressing such attacks as identity disclosure, however, concentrate on preserving privacy in simple graph data only. In this paper, we consider the identity disclosure problem in weighted graphs. The motivation is that, a weighted graph can introduce much more unique information than its simple version, which makes the disclosure easier. We first formalize a general anonymization model to deal with weight-based attacks. Then two concrete attacks are discussed based on weight properties of a graph, including the sum and the set of adjacent weights for each vertex. We also propose a complete solution for the weight anonymization problem to prevent a graph from both attacks. In addition, we also investigate the impact of the proposed methods on community detection, a very popular application in the graph mining field. Our approaches are efficient and practical, and have been validated by extensive experiments on both synthetic and real-world datasets.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.294-303
• /
• 2021

VANET is an upcoming technology with an encouraging prospect as well as great challenges, specifically in its security. This paper intends to survey such probable attacks and the correlating detection mechanisms that are introduced in the literature. Accordingly, administering security and protecting the owner's privacy has become a primary argument in VANETs. To furnish stronger security and preserve privacy, one should recognize the various probable attacks on the network and the essence of their behavior. This paper presents a comprehensive survey on diversified attacks and the recommended unfolding by the various researchers which concentrate on security services and the corresponding countermeasures to make VANET communications more secure.