TY - GEN
T1 - Is privacy possible without anonymity? The case for microblogging services
AU - Papadopoulos, Panagiotis
AU - Papadogiannakis, Antonis
AU - Polychronakis, Michalis
AU - Markatos, Evangelos P.
N1 - Publisher Copyright:
© 2019 Association for Computing Machinery.
PY - 2019/3/25
Y1 - 2019/3/25
N2 - Traditional approaches to privacy are usually based on top of anonymizing or pseudonymizing systems. For example, users who would like to protect their identity and/or hide their activities while browsing the web frequently use anonymizing systems (e.g., Tor) or services (e.g., VPNs and proxies). Although anonymizing systems are usually effective, recent revelations suggest that anonymization can be compromised and can be used to provide a false sense of security. In this paper we assume a world where anonymization is (practically) not possible. Imagine, for example, a community where the use of anonymizing systems is frowned upon or even forbidden. Is it possible for users to protect their privacy when they can not hide their identity? In this paper, we focus our question on users interested in following information channels in microblogging services and we show that it is possible for users to protect their privacy even if they can not hide their identity. To do so, we propose two obfuscation-based algorithms and quantify their effectiveness. We show that obfuscation can be used in such a way so that attackers can not use this service to increase their a priori knowledge on whether a user is interested in a channel or not.
AB - Traditional approaches to privacy are usually based on top of anonymizing or pseudonymizing systems. For example, users who would like to protect their identity and/or hide their activities while browsing the web frequently use anonymizing systems (e.g., Tor) or services (e.g., VPNs and proxies). Although anonymizing systems are usually effective, recent revelations suggest that anonymization can be compromised and can be used to provide a false sense of security. In this paper we assume a world where anonymization is (practically) not possible. Imagine, for example, a community where the use of anonymizing systems is frowned upon or even forbidden. Is it possible for users to protect their privacy when they can not hide their identity? In this paper, we focus our question on users interested in following information channels in microblogging services and we show that it is possible for users to protect their privacy even if they can not hide their identity. To do so, we propose two obfuscation-based algorithms and quantify their effectiveness. We show that obfuscation can be used in such a way so that attackers can not use this service to increase their a priori knowledge on whether a user is interested in a channel or not.
KW - Anonymous Subscription
KW - Obfuscation
KW - User Interests
UR - https://www.scopus.com/pages/publications/85066472353
U2 - 10.1145/3301417.3312498
DO - 10.1145/3301417.3312498
M3 - Conference contribution
AN - SCOPUS:85066472353
T3 - Proceedings of the 12th European Workshop on Systems Security, EuroSec 2019
BT - Proceedings of the 12th European Workshop on Systems Security, EuroSec 2019
PB - Association for Computing Machinery
T2 - 12th European Workshop on Systems Security, EuroSec 2019
Y2 - 25 March 2019
ER -