Privacy protection issues in Social Networking Sites (SNS) usually raise from insufficient user privacy control mechanisms offered by service providers, unauthorized usage of user’s data by SNS, and lack of appropriate privacy protection schemes for user’s data at the SNS servers. In this thesis, we propose a privacy protection model based on danger theory concept to provide automatic detection and blocking of sensitive user information revealed in social communications. By utilizing the dynamic adaptability feature of danger theory, we show how a privacy protection model for SNS users can be built with system effectiveness and reasonable computing cost. A prototype based on the proposed model is constructed and evaluated. Our experiment results show that the proposed model achieves 89.71% detection and blocking rate in average for user-sensitive data revealed by the services of SNS.

Privacy protection issues in Social Networking Sites (SNS) usually raise from insufficient user privacy control mechanisms offered by service providers, unauthorized usage of user’s data by SNS, and lack of appropriate privacy protection schemes for user’s data at the SNS servers. In this thesis, we propose a privacy protection model based on danger theory concept to provide automatic detection and blocking of sensitive user information revealed in social communications. By utilizing the dynamic adaptability feature of danger theory, we show how a privacy protection model for SNS users can be built with system effectiveness and reasonable computing cost. A prototype based on the proposed model is constructed and evaluated. Our experiment results show that the proposed model achieves 89.71% detection and blocking rate in average for user-sensitive data revealed by the services of SNS.

AbstractI
AcknowledgmentII
ContentsIII
List of FiguresV
List of TablesVI
List of PseudocodesVII
Chapter 1Introduction1
Chapter 2Literature Review4
2.1User Data and Privacy Issues on Social Networking Sites (SNS)4
2.2Privacy Protection Mechanisms7
2.2.1Privacy protection at service provider side7
2.2.2Privacy protection at the user side8
2.3Danger Theory9
Chapter 3Proposed Privacy Protection Model13
Chapter 4Prototype Design19
Chapter 5Implementation and Experiments25
Chapter 6Conclusion34
References35
Appendix AData Format for Users and Antigen Format39
A.1Data Format for Users39
A.2Antigen Format40

[1]A. Ho, A. Maiga, and E. Aimeur, “Privacy protection issues in social networking sites,” in Proceedings of the IEEE/ACS International Conference on Computer Systems and Applications, 2009, pp. 271–278.
[2]N. Talukder, M. Ouzzani, A. K. Elmagarmid, H. Elmeleegy, and M. Yakout, “Privometer: Privacy protection in social networks,” in Proceedings of the IEEE 26th International Conference on Data Engineering Workshops (ICDEW), 2010, pp. 266–269.
[3]M. Beye, A. J. P. Jeckmans, Z. Erkin, P. Hartel, R. Lagendijk, and Q. Tang, “Privacy in Online Social Networks,” in Proceedings of the Computational Social Networks, A. Abraham, Ed. Springer London, 2012, pp. 87–113.
[4]M. S. Choi, H. W. Kim, Y. H. Kim, K. H. Chung, and K. S. Ahn, “Private Infor-mation Protection System with Web-Crawler,” in Proceedings of the IEEE In-ternational Conference on Wireless and Mobile Computing, Networking and Communications, 2008, pp. 672–677.
[5]Z. Chi, S. Jinyuan, Z. Xiaoyan, and F. Yuguang, “Privacy and security for online social networks: challenges and opportunities,” IEEE Network, vol. 24, pp. 13–18, 2010.
[6]A. Machanavajjhala, J. Gehrke, D. Kifer, and M. Venkitasubramaniam, “L-diversity: privacy beyond k-anonymity,” in Proceedings of the 22nd Interna-tional Conference on Data Engineering, 2006, p. 24.
[7]R. C. W. Wong, J. Li, A. W. C. Fu, and K. Wang, “(α, k)-anonymity: an enhanced k-anonymity model for privacy preserving data publishing,” in Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining, Philadelphia, PA, USA, 2006, pp. 754–759.
[8]N. Li, T. Li, and S. Venkatasubramanian, “t-Closeness: Privacy Beyond k-Anonymity and l-Diversity,” in Proceedings of the IEEE 23rd International Conference on Data Engineering, 2007, pp. 106–115.
[9]P. Jurczyk and L. Xiong, “Privacy-preserving data publishing for horizontally partitioned databases,” in Proceedings of the 17th ACM conference on Informa-tion and knowledge management, Napa Valley, California, USA, 2008, pp. 1321–1322.
[10]X. Jin, nan Zhang, and G. Das, “Algorithm-safe privacy-preserving data pub-lishing,” in Proceedings of the 13th International Conference on Extending Da-tabase Technology, Lausanne, Switzerland, 2010, pp. 633–644.
[11]R. Koch, D. Holzapfel, and G. D. Rodosek, “Data control in social networks,” in Proceedings of the 5th International Conference on Network and System Security (NSS), 2011, pp. 274–279.
[12]A. P. A. G. Deshmukh and R. Qureshi, “Transparent Data Encryption - Solution for Security of Database Contents,” International Journal of Advanced Computer Science and Applications, vol. 2, no. 3, pp. 25–28, Mar. 2011.
[13]Xukai Zou, Peng Liu, and J. Y. Chen, “Personal genome privacy protection with feature-based hierarchical dual-stage encryption,” in Proceedings of the IEEE International Workshop on Genomic Signal Processing and Statistics (GENSIPS), 2011, pp. 178–181.
[14]S. Jahid, P. Mittal, and N. Borisov, “EASiER: Encryption-based Access Control in Social Networks with Efficient Revocation,” in Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, New York, NY, USA, 2011, pp. 411–415.
[15]L. Lin, L. Yiwen, Y. He, and Y. Chao, “Danger Theory: A new approach in big data analysis,” in Proceedings of the International Conference on Automatic Control and Artificial Intelligence (ACAI), 2012, pp. 739–742.
[16]A. Johnston and S. Wilson, “Privacy Compliance Risks for Facebook,” IEEE Technology and Society Magazine, vol. 31, pp. 59–64, 2012.
[17]S. Mahmood, “New Privacy Threats for Facebook and Twitter Users,” in Pro-ceedings of the 7th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), 2012, pp. 164–169.
[18]M. Smith, C. Szongott, B. Henne, and G. von Voigt, “Big data privacy issues in public social media,” in Proceedings of the 6th IEEE International Conference on Digital Ecosystems Technologies (DEST), 2012, pp. 1–6.
[19]D. J. Weitzner, “Google, Profiling, and Privacy,” IEEE Internet Computing, vol. 11, no. 6, pp. 95–96, c3, 2007.
[20]P. Matzinger, “Tolerance, Danger, and the Extended Family,” Annual Review of Immunology, vol. 12, no. 1, pp. 991–1045, Apr. 1994.
[21]P. Matzinger, “The Danger Model: A Renewed Sense of Self,” Science, vol. 296, no. 5566, pp. 301–305, Apr. 2002.
[22]T. Lu, K. Zheng, R. Fu, Y. Liu, B. Wu, and S. Guo, “A Danger Theory Based Mobile Virus Detection Model and Its Application in Inhibiting Virus,” Journal of Networks, vol. 7, pp. 1227–1232, 2012.
[23]M. Read, P. S. Andrews, and J. Timmis, “An Introduction to Artificial Immune Systems,” in Handbook of Natural Computing, G. Rozenberg, T. Back, and J. N. Kok, Eds. Springer Berlin Heidelberg, 2012, pp. 1575–1597.
[24]E. Hart and J. Timmis, “Application areas of AIS: The past, the present and the future,” Applied Soft Computing, vol. 8, pp. 191–201, 2008.
[25]U. Aickelin and S. Cayzer, “The Danger Theory and Its Application to Artificial Immune Systems,” in 1st International Conference on Artificial Immune Systems (ICARIS), Canterbury, UK., 2002, pp. 141–148.
[26]E. McCallister, T. Grance, Scarfone, and NIST U. S. Department of Commerce, Guide to Protecting the Confidentiality of Personally Identifiable Information (PII). 2010.
[27]M. E. Callahan and U. S. Department of Homeland Security, Handbook for Sa-feguarding Sensitive Personally Identifiable Information. 2012.