Prevention of an Attack Scenario from Fake Identity in Online Social Networks in Multiparty Access...

8/12/2019 Prevention of an Attack Scenario from Fake Identity in Online Social Networks in Multiparty Access Control

http://slidepdf.com/reader/full/prevention-of-an-attack-scenario-from-fake-identity-in-online-social-networks 1/5

International Journal of Engineering Trends and Technology (IJETT) – Volume 4 Issue 9- Sep 2013

ISSN: 2231-5381 http://www.ijettjournal.org Page 3721

Prevention of an Attack Scenario from FakeIdentity in Online Social Networks in Multiparty

Access ControlS. Sri Harshini #1 , Prof C.Rajendra *2

1# M.Tech 2nd year, Dept of CSE, ASCET, GUDUR, AP, India2 Professor & Head, Dept of CSE, ASCET, GUDUR, AP, India

Abstract — In recent years people go for online social networks(OSNs) to share their personal information using popular socialnetworking sites like Facebook, Myspace and Mylife. TheseOSNs allow user to enforce privacy concerns over shared datawith single user only without providing any model andmechanism to enforce privacy concerns over data associated withmultiple users. To overcome this we come across an approach [1]to enable the protection of shared data associated with multipleusers by proposing a multiparty authorization framework thatallows collaborative management of shared data in OSNs.Multiparty Access Control (MPAC) model is also formulated inorder to capture the essence of multiparty authorizationrequirements. In this MPAC model some users collude with oneanother so as to manipulate the final access control. This MPACgave raise to three issues (1) There is no fake identity in OSNs.(2)All users tagged are real users appeared in the photo. (3) Allcontrollers of the photo are honest to specify their privacypreferences [1]. To overcome these issues we utilize acollaborative Face Recognition (FR) framework [9].in to OSNs.We also demonstrate a proof-of-concept prototype as part of anapplication in Facebook.

Keywords — Online Social Network, Multiparty Access Control,Collaboration, Face Annotation, Face Recognition, Personal

Photos, Social Context.

I. I NTRODUCTION Now a day’s OSNs like Facebook, Myspace and Mylifeare in born designed to permit individuals to share their personal and public information and even have social connections with ourfriends, coworkers, family and conjointly with strangers [3].Therefore Access management has become a central feature ofOSNs [2, 4].Even though OSNs presently give straightforwardaccess management techniques permitting users to regulateaccess to info contained in their own areas. Users, byunhealthy luck don't have any management on informationexisting outside their areas.In this paper we have a tendency to pursue a scientific answerto facilitate cooperative management of shared knowledge inOSNs. Therefore we have a tendency to propose a multipartyauthorization framework (MAF) to model and understandmultiparty access control (MPAC) model in OSNs. We have atendency to begin by examining however the dearth ofmultiparty access control model for shared knowledge in

OSNs will undermine the protection of user knowledge. Amultiparty authorization model is developed to capture thecore options of multiparty authorization needs that haven't todate accommodated by existing access management systemsand models for OSNs (e.g., [7, 8, 12, 14]). Meanwhile, asconflicts inevitable in multiparty authorization specificationand social control, systematic conflict resolution mechanism is

additionally self-addressed to deal with authorization and privacy conflicts in our framework. In this MPAC model userscollude with one another in order to manipulate final accesscontrol decision. Consider a collusion attack, in which a set of

poisonous users may want to make a shared photo available toa wider audience. Suppose they can access the photo and theycan all tag themselves or fake their identities to that photo.With this large number of colluding users that photo may beexposed to those users who are not expected to get the access.To prevent such an attack from existing we have to solve 3main issues such as (1) there is no fake identity in OSNs. (2)All users tagged are real users appeared in the photo. (3) Allcontrollers of the photo are honest to specify their privacy

preferences. To solve these issues we utilize a collaborative

Face Recognition (FR) framework in OSNs for effectivemanagement of personal photos in OSNs.The remainder of the paper is organized as follows. In

Section two provides pair of quick summary of connectedwork. We have a tendency to gift multiparty authorizationneeds for OSNs. We have a tendency to articulate our

projected multiparty authorization model, together withmultiparty authorization specification and multiparty policyanalysis in Section three. In Section four Overview ofcollaborative Face Recognition (FR) framework. In Sectionfive implementation details and experimental results aredelineated. Section six concludes this paper.

II.RELATED WORK

Several access management models for OSNs areintroduced (e.g., [7, 8, 12, and 14]). Previous accessmanagement solutions for OSNs introduced trust-based accessmanagement galvanized by the developments of trust andname computation in OSNs. The D-FOAF system [13] is

primarily a follower of a follower (FOAF) ontology-based





distributed identity management system for OSNs, whereverrelationships are related to a trust level, that indicates theextent of friendly relationship between the users collaboratingin an exceedingly given relationship introduced aconceptually-similar however a lot of comprehensive trust-

based access management model.

III. MULTIPARTY AUTHORIZATION FOR OSNS:-

This model permits the specification of access rulesfor on-line resources, wherever licensed users are denoted interms of the connection kind, depth, and trust level betweenusers in OSNs. They additional had given a semi-decentralized discretionary access management model and aconnected social control mechanism for controlled sharing ofdata in OSNs [8]. Fong et al. [12] projected Associate in anaccess management model that formalizes and generalizes theaccess management mechanism enforced in Facebook,admitting arbitrary policy vocabularies that are supportedtheoretical graph properties. Gates delineated relationship-

based access management united of recent security paradigmsthat addresses distinctive needs of internet a pair of 2.0 Then,

Fong [11] recently developed this paradigm known as aRelationship-Based Access management (ReBAC) model that bases authorization selections on the relationships between theresource owner and therefore the resource accessor inAssociate in an OSN. However, none of those existing workmight model and analyze access management needs withrelation to cooperative authorization management of sharedknowledge in OSNs.

The requirement of joint management for knowledgesharing, particularly photo sharing, in OSNs has beenrecognized by the recent work [5,15].The nearest work to the

present paper is maybe the answer provided by ref [14] forcollective privacy management in OSNs. Different connected

work includes general conflict resolution mechanisms foraccess management [11 , 12 ,] and learn-based generation of

privacy policies for OSNs.

Fig 1a: A shared content has multiple stakeholders

Fig: 1b.A shared content is published by a contributor

3.1 REQUIREMENTS

OSNs give intrinsic mechanisms for facultativeusers to communicate and share data with different members.OSN users will post statuses and notes, upload photos andvideos in their own spaces, and tag others to their contents andshare the contents with their friends. On the opposite hand,users may also post contents in their friends’ spaces. Theshared contents could also be connected with multiple users.

Take an example wherever a photo contains three users, Alice,Bob and Carol. If Alice uploads it to her own space and tagseach Bob and Carol within the photo, we have a tendency todecision Alice an owner of the photo, and Bob and Carolstakeholders of the photo. All of those users could specifyaccess management policies over this a data. Figure 1(a)depicts a data sharing state of affairs wherever the owner of adata item shares the info item with different OSN members,and therefore the data item has multiple stakeholders who mayadditionally wish to involve within the management ofinformation sharing.

Figure 1(b) shows another data sharing scenariowherever a contributor publishes an information item tosomebody else’s house and therefore the data item may

additionally have multiple stakeholders (e.g., labelled users).All associated users should be allowed to outline accessmanagement policies for the shared data item

3.2 MODELING SOCIAL NETWORKS

An OSN are often diagrammatical by a relationshipnetwork, a collection of user teams and a set of user data. Thelink network of an OSN may be a directed labelled graph,wherever every node denotes a user, and every edgerepresents a relationship between users. The label related toevery edge indicates the kind of the link. Edge directiondenotes that the initial node of a grip establishes the link andtherefore the terminal node of the string accepts the link. Thequantity and sort of supported relationships believe the preciseOSNs and its functions. Besides, OSNs embody a veryimportant feature that enables users to be organized in teams,wherever every cluster encompasses a distinctive name. Thisfeature permits users of an OSN to simply notice differentusers with whom they may share specific interests (e.g., samehobbies), demographic teams (e.g., finding out at an




ISSN: 2231-5381 http://www.ijettjournal.org 723

equivalent schools), political theory, and so on. Users willtake part teams without any approval from different clustermembers. Moreover, OSNs give every member with an onlinehouse wherever users will store and manage their personaldata together with profile info, friend list and user content.

3.3 MULTIPARTY AUTHORIZATION SPECIFICATION

To change a cooperative authorization management ofinformation sharing in OSNs, it's essential for multipartyaccess management policies to be in situ to control accessover shared data, representing authorization needs frommultiple associated users. Our policy specification theme isconstructed upon the above-named OSN model (Sectionthree.2). Recently, many access management schemes (e.g., [7,11, and 12]) are projected to support fine-grainedauthorization specifications for OSNs. Sadly, these schemeswill solely enable one manager (the resource owner) tospecify access control policies. Indeed, a versatile accessmanagement mechanism in a very multi-user setting likeOSNs is important to permit multiple managers related to theshared data item to specify access control policies. As we

have a tendency to mention in Section three.1, additionally tothe owner of information, different controllers, together withthe contributor, neutral and propagator of information,conjointly need to control access to the shared data.

3.4 MULTIPARTY POLICY ANALYSIS

In our projected multiparty authorization model,every controller will specify a collection of policies, whichcan contains each positive and negative policies, to controlaccess of the sharedinformation. .

Fig. 2. Multiparty Policy Evaluation

Item. Two steps should be performed to evaluate associate

access request over multiparty access management policies.The primary step checks the access request against policies ofevery controller and yields a choice for the controller.Conveyance in each positive and negative policy within the

policy set of a controller raises potential policy conflicts.Within the second step, decisions from all controllers

responding to the access request square measure aggregated tocreate a final decision for the access request. Since thosecontrollers could generate totally different choices (permit anddeny) for the access request, conflicts could happens oncemore. Figure 4 illustrates potential conflicts such as policyconflict resolution in one party, conflict resolution fordisseminated data that are present throughout the analysis ofmultiparty access management policies. So as to create

associate unambiguous final decision for every access request,it's crucial to adopt a scientific conflict resolution mechanismto resolve those known conflicts throughout multiparty policyanalysis.

IV. COLLABORATIVE FACE RECOGNITIONFRAMEWORK:-

Figure 3.Proposed collaborative FR framework in an OSN.(a)High-level visualization.

(b)Detailed visualization

The construction of our collaborative FRframework for a particular OSN member further referred to as the current user(“owner”). As shown in Fig. 6(a), the collaborativeFRframework for the current user (“owner”) is constructed

using M+1 differentFR engines: one FR engine belongs to thecurrent user (“owner)”,while M FR engines belong to Mdifferent contacts of the current user(“owner”) it may becontributor, stakeholder and disseminator. We assume that

photo collections and FR engines can be shared within thecollaborative FR framework. Here the current user isconsidered to as owner of shared photos

Fig. 6(b) illustrates that our collaborative FR frameworkconsists of two parts: 1.selection of suitable FR engines and 2.Merging of multiple FR results. For the selection of K suitableFR engines out of M+1 FR engines, we construct a socialgraph model (SGM) that represents the social relationships

between the different contacts considered.

4.1 SELECTION OF FR ENGINES BASED ON SOCIALGRAPH MODEL (SGM):-

In this we discusses about the selection of FRengines based on construction of social graph model. A socialgraph is represented by a weighted graph as below





G = {N, E, W} (1)In which N = { /m = 1,…..,M} U { is a set of nodesthat is a combination of both current user (“owner”) andhis/her contacts, E = { /m =1,….., M } is a set of edgesconnecting the node of the current user (“owner”) and theelement of and W represents the strength of the socialrelationship connected with .To compute this we estimate the identity occurrence andthe co-occurrence probabilities from all personal photocollection by given formulas:

, for (2)

, for (3)

By using equations (2) and (3) we compute as below= exp ( +

(4)Based on this value to select the appropriate FR enginesfor this we denote contact of the current user as .4.2 Merging face recognition (FR) results:-The main purpose of merging these multiple FR engine results

taken from several FR engines is to improve the accuracy ofour face annotation which is caused by combining multipleclassifications decisions based on the identity of a query faceimage calculated by using relevance score. For this we have 2main different solutions for this merging for this we have acommon mathematical notation as be a set having K

personalized FR engines. One solution is by fusion using aBayesian decision rule and the other one is by fusion usingConfidence-Based majority voting [17].

V. PROTOTYPE IMPLEMENTATION AND ANALYSIS:-

Fig. 4.Performance of Policy

To evaluate the performance of the policy evaluationmechanism in MController, we changed the number of the

controllers of a shared photo from 1 to 20. Also, weconsidered two cases for our evaluation. In the first case, eachcontroller has only one positive policy. The second caseexamines two policies (one positive policy and one negative

policy) of each controller. Figure 7 shows the policyevaluation cost while changing the number of the controllers.

For both cases, the experimental results show that the policyevaluation cost increased slightly with the increase of thenumber of the controllers. Also, we can observe thatMController performs fast enough to handle even a largenumber of controllers for collaboratively managing the shareddata. This manual input of the privacy preferences could be along and tedious task.

To overcome this we performed an experiment bycollecting all photos from the weblog of each volunteer whoare willing to participate and also all photos posted on theweblogs of the contacts of each volunteer. As a result of thiswe constructed a test bed for each volunteer which consists ofone photo collection that was acquired from the current user(“owner”) and the photo collection of contacts of the currentuser. Now all photos collected in each test bed are applied toViola-Jones face detection algorithm [18] and FERET

protocol [19] taking the center coordinates of eye by eyedetection algorithm [20] Based on this ground truth datasetsare arranged. Using these ground truth datasets we constructcorresponding sets of target and query face images in order toevaluate the accuracy of face annotation of this collaborative

FR framework. Figure 6 shows how it works. Now weconstruct an FR engine for that we assume that the currentuser (“owner”) make use of a personalized FR engine basedon this we constructed several training sets which are in turnused to construct several independent FR engines we selectedthe 15 most frequently appearing subjects in each photocollection always includes the owner of weblog. We mergethese FR engine results and tag the names in the personal

photo.

VI.CONCLUSION

In this paper, we have a multiparty authorizationframework that helps in collaborative management of the data

shared in OSNs. We have given an analysis of multipartyauthorization requirements in OSNs, and also formulated amultiparty access control model (MPAC). This access controlmodel is accompanied with a multiparty policy specificationscheme and corresponding policy evaluation mechanism.OSNs allowing MPAC have come to realize three issues [1]and in this paper we have shown ways to overcome theseissues by following a methodology of controlling the taggedusers to be part of the content by utilizing a collaborative FaceRecognition (FR) framework in OSNs. We also present a

proof of concept implementation of our approach calledMController and FR engines, which is a Facebook application,along with implementation and performance analysis.

REFERENCES[1] Multiparty Access Control for Online Social Networks: Model andMechanisms

[2] D.M. Boyd und N.B. Ellison. Social network sites: De nition, history, andscholarship. Journal of Computer-Mediated Communication, 13(1):210–230,2008.





[3]http://en.mercopress.com/2011/06/14/facebook-preparing-for-public-offering-company-value-over-100-billion-usd, 6 2011. Aufgerufen am28.6.2011.

[4] Myspace Privacy Policy,http://www.myspace.com/index.cfm?fuseaction=misc.privacy/ [5] Besmer, A., Lipford, H.R.: Moving beyond untagging: photo privacy in atagged world. In Proceedings of the 28th International Conference on HumanFactors in Computing Systems, pp. 1563–1572. ACM, New York (2010)[7] Carminati, B., Ferrari, E., Perego, A.: Rule-based access control for social

networks. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM2006Workshops.LNCS, vol. 4278, pp. 1734– 1744. Springer, Heidelberg (2006)[8] Carminati, B., Ferrari, E., Perego, A.: Enforcing access control in web-

based social networks. ACM Transactions on Information and SystemSecurity (TISSEC) 13(1), 1–38 (2009)

[9] Choi, J., DeNeve, W., Plataniotis, K., Ro, Y., Lee, S., Sohn, H., Yoo, H., Neve, W., Kim, C., Ro, Y., et al.: Collaborati ve Face Recogniti on forImproved Face Annotation in Personal Photo Collections.Shared on Online Social Networks. IEEE Transactions on Multimedia, 1–14(2010)

[10] Fang, L., LeFevre, K.: Privacy wizards for social networking sites. In:Proceedings of the 19th International Conference on World Wide Web, pp.351–360. ACM, New York (2010)

[11] Fong, P.: Relationship-Based Access Control: Protection Model andPolicy Language. In: Proceedings of the First ACM Conference on Data and

Application Security and Privacy. ACM, New York (2011)

[12] Fong, P., Anwar, M., Zhao, Z.: A privacy preservation model forfacebook-style social network systems. In: Backes, M., Ning, P. (eds.)ESORICS 2009. LNCS, vol. 5789, pp. 303– 320. Springer, Heidelberg (2009)

[13] Jin, J., Ahn, G.J., Hu, H., Covington, M.J., Zhang, X.: Patient-centricauthorization framework for electronic healthcare services. Computers &Security 30(2-3), 116–127 (2011)

[14] Kruk, S., Grzonkowski, S., Gzella, A., Woroniecki, T., Choi, H.: D-FOAF: Distributed identity management with access rights delegation. In:Mizoguchi, R., Shi, Z.-Z., Giunchiglia, F. (eds.) ASWC 2006. LNCS, vol.4185, pp. 140–154. Springer, Heidelberg (2006)

[15] Squicciarini, A., Shehab, M., Paci, F.: Collective privacy management insocial networks. In: Proceedings of the 18th International Conference onWorld Wide Web, pp. 521–530. ACM, New York (2009)

[16] Wondracek, G., Holz, T., Kirda, E., Kruegel, C.: A practical attack to de-anonymize social network users. In: 2010 IEEE Symposium on Security andPrivacy, pp. 223–238. IEEE, Los Alamitos (2010)

[17] J. Kittler, M. Hatef, R. P. W. Duin, and J. Matas, “On combiningclassifiers,”

IEEE Trans. Pattern Anal. Mach. Intell. , vol. 20, no. 3, pp.226–239, 1998.

[18] P. Viola and M. Jones, “Rapid object detection using a boosted cascadeof simple features,” in Proc. IEEE Int. Conf. CIVR , 2001.

[19] P. J. Phillips, H. Moon, S. A. Rizvi, and P. J. Rauss, “TheFERETevaluation methodology for face recognition algorithms,” IEEE Trans.Pattern Anal. Mach. Intell. , vol. 22, no. 10, pp. 1090–1104,2000.

[20] P.Wang, M. B. Green, and Q. Ji, “Automatic eye detection and itsvalidation,”in Proc. IEEE Int.Conf.Computer Vision and Pattern Recognition Workshops , 2005.

Prevention of an Attack Scenario from Fake Identity in Online Social Networks in Multiparty Access...

Documents

Transcript of Prevention of an Attack Scenario from Fake Identity in Online Social Networks in Multiparty Access...