Post on 20-Jul-2020
Hiding the Rumor Source in Anonymous MessagingSewoong Oh University of Illinois at Urbana-Champaign
Giulia Fanti P. ViswanathPeter Kairouz K. Ramchandran
Anonymous Social Media provide meta-data privacy
Existing anonymous messaging apps
10 m
iles
Threat is real
Anonymous messaging meets social filtering
Diffusion of rumor/contagion
Social network/contact network
Diffusion of rumor/contagion
message author
Diffusion of rumor/contagion
Diffusion of rumor/contagion
Diffusion of rumor/contagion
Diffusion of rumor/contagion
Diffusion of rumor/contagion
Diffusion of rumor/contagion
can we locate the message author?
Rumor source detection
1T =
5T = 4T = 4T =
3T =
6T =
6T =
TimingSnapshot
meta-datatime from to control10:12 Alice Spy1 101101
10:25 Bob Spy2 10100111:01 Mary Spy3 100100
Snapshot-based adversary
16
Snapshot reveals the source
▪ message author is likely to be in the “center”
Rumor Centrality [Shah, Zaman ’11]
low likelihood
high likelihood
Similar performance using Jordan centrality [Zhu, Ying ’13]
Our Goal (on infinite regular trees)
P(Detection) =
1
NT
Adaptive Diffusion
Diffusion
logNT
logP(detection)
Setting
▪ Contact network is infinite, regular, tree▪ Adversary has the contact network and the snapshot▪ Protocol is allowed to infect any 1-hop neighbors at each time
Line graph
Line graph: diffusion
Line graph: diffusion
p p
Line graph: diffusion
Line graph: diffusion
p p
Line graph: diffusion
Line graph: diffusion
p p
Line graph: diffusion
▪ equivalent to two independent random walks
Adversary with snapshot
nodes with the message
can we locate the message author?
Maximum likelihood detection
Likelihoods
Line graph: adaptive diffusion
-1-2 0 1 2
Line graph: adaptive diffusion
each neighbor is infected w.p. 1/2
-1-2 0 1 2
Line graph: adaptive diffusion
Node 1 receives message at T = 1
-1-2 0 1 2
Line graph: adaptive diffusion
-1-2 0 1 2
pinfect =h+ 1
T + 1
▪ Adaptive diffusion prescribes to pass at adaptive rate
Line graph: adaptive diffusion
▪ node 2 receives the message
-1-2 0 1 2
Line graph: adaptive diffusion
-1-2 0 1 2
pinfect =h+ 1
T + 1
Line graph: adaptive diffusion
▪ equivalent to Polya’s urn process▪ adaptive and asymmetric: Nodes that are infected earlier,
spread faster
-1-2 0 1 2
Given snapshot
can we locate the message author?
Maximum likelihood detection
Likelihoods
diffusion
adaptive diffusion
probability of detection ⇠ 1
N
▪ [Shah & Zaman ’11]
Probability of detection using Rumor Centrality
number of nodes with the message
spread with fixed probability p
Probability of detection using Jordan centrality
number of nodes with the message
spread with probability
p(h, t) =h+ 1
t+ 1
Analytical bound
▪ Strategy: ▪ Design the infection to be a symmetric ball of depth T/2 ▪ Such that the source is equally likely to be any node at
any given time T
T = 4
Virtual source
▪ initially, the author is also the virtual source▪ and randomly selects a neighbor to be next virtual source
T = 0
T = 1
T = 2
▪ at T=2, the virtual source passes the message to all its neighbors
keeping the virtual source token passing the virtual source token
▪ at T=2, the protocol has two options
T = 2
keeping the virtual source token passing the virtual source token
with probability ↵d,T,h with probability 1� ↵d,T,h
49
Passing the virtual source token
T = 2
50
T = 3
Passing the virtual source token
51
Passing the virtual source token
T = 4h = 2
Keeping the virtual source token
T = 2
Keeping the virtual source token
T = 3
54
Keeping the virtual source token
T = 4h = 1
Adversary with snapshot
can the adversary locate the message author?
Maximum likelihood estimation
low likelihood
high likelihood
▪ If virtual source is kept with prob.
▪ nodes that receive message faster, spread faster
↵d,T,h =(d� 1)
T2 +1�h � 1
(d� 1)T2 +1 � 1
57
Theorem. [Fanti, Kairouz, Oh, Viswanath 2015]
On an infinite d-regular tree, 1. adaptive diffusion spreads fast,
2. achieves almost perfect obfuscation
3. The expected distance between the estimated and the true source is T/2
P(Detection) =
1
NT � 1
NT ' (d� 1)T/2
Maximum likelihood estimation
58
v⇤
T = 0 dv =
⇢3 w.p. 0.55 w.p. 0.5
GT
What if the tree is irregular?
59
v⇤
T = 1 dv =
⇢3 w.p. 0.55 w.p. 0.5
GT
60
v⇤
T = 2 dv =
⇢3 w.p. 0.55 w.p. 0.5
GT
61
v⇤
T = 3 dv =
⇢3 w.p. 0.55 w.p. 0.5
GT
62
v⇤
T = 4 dv =
⇢3 w.p. 0.55 w.p. 0.5
GT
63
T = 4 dv =
⇢3 w.p. 0.55 w.p. 0.5
GT
v̂ML = arg max
v2@GT
1
dvsY
w2�(vs,v)\{vs,v}
(dw � 1)
| {z }F (GT )
64
T = 4 dv =
⇢3 w.p. 0.55 w.p. 0.5
GT
v̂ML = arg max
v2@GT
1
dvsY
w2�(vs,v)\{vs,v}
(dw � 1)
| {z }F (GT )
F (GT ) =1
5⇥ 2
65
Does adaptive diffusion still achieve perfect obfuscation?
100 101 102 10310−3
10−2
10−1
Number of Infected Nodes (N)
Prob
abilit
y of
Det
ectio
n (P
D)
(3,5)=>(0.5,0.5), do=5(3,6)=>(0.5,0.5), do=6(3,7)=>(0.5,0.5), do=7(3,10)=>(0.5,0.5), do=101/N
dv =
⇢3 w.p. 0.55 w.p. 0.5
dv =
⇢3 w.p. 0.510 w.p. 0.5
66
▪Probability of detection:
P(v̂ML = v⇤) =X
GT
P(GT )P(v̂ML = v⇤|GT )| {z }F (GT )
= E(F (GT ))
F (GT ) = max
v2@GT
1
dvsY
w2�(vs,v)\{vs,v}
(dw � 1)
Galton-Watson tree GT
67
If dv
=
(dmin w.p. pmin
.
.
.
.
.
.
, and (dmin � 1)pmin � 1, then
P(v̂ML = v⇤) = EGT
"max
v2@GT
1
dvs
Y
w2�(vs,v)\{vs,v}
(dw
� 1)
#
= (dmin � 1)
�T+o(T )
100 101 102 10310−3
10−2
10−1
Number of Infected Nodes (N)
Prob
abilit
y of
Det
ectio
n (P
D)
(3,5)=>(0.5,0.5), do=5(3,6)=>(0.5,0.5), do=6(3,7)=>(0.5,0.5), do=7(3,10)=>(0.5,0.5), do=101/N
dv =
⇢3 w.p. 0.55 w.p. 0.5
dv =
⇢3 w.p. 0.510 w.p. 0.5
Corollary
68
Proof idea for
dv =
⇢3 w.p. 0.55 w.p. 0.5
dv =
⇢3 w.p. 0.51 w.p. 0.5
X
X
minv2@GT
Y
w2�(vs,v)\{vs,v}
(dw
� 1) = (dmin � 1)T+o(T )
Messaging App: Wildfire
Alice
anonymous, distributed, secure implementation
Bob
Mary
Alice Faith Saul
Alice Faith Mike Saul
Bob Carol Mary
Wildfire empowers devices by removing central service providersIt also has stronger anonymity properties than Secret, Whisper, and Yik Yak.
Like
Wildfire empowers devices by removing central service providers
It also has stronger anonymity properties than Secret, Whisper, and Yik Yak.
Wildfire empowers devices by removing central service providers
It also has stronger anonymity properties than Secret, Whisper, and Yik Yak.
Like
Like