-
Network Members Can Hide from Group Centrality Measures
Authors:
Marcin Waniek,
Talal Rahwan
Abstract:
Group centrality measures are a generalization of standard centrality, designed to quantify the importance of not just a single node (as is the case with standard measures) but rather that of a group of nodes. Some nodes may have an incentive to evade such measures, i.e., to hide their actual importance, in order to conceal their true role in the network. A number of studies have been proposed in…
▽ More
Group centrality measures are a generalization of standard centrality, designed to quantify the importance of not just a single node (as is the case with standard measures) but rather that of a group of nodes. Some nodes may have an incentive to evade such measures, i.e., to hide their actual importance, in order to conceal their true role in the network. A number of studies have been proposed in the literature to understand how nodes can rewire the network in order to evade standard centrality, but no study has focused on group centrality to date. We close this gap by analyzing four group centrality measures: degree, closeness, betweenness, and GED-walk. We show that an optimal way to rewire the network can be computed efficiently given the former measure, but the problem is NP-complete given closeness and betweenness. Moreover, we empirically evaluate a number of hiding strategies, and show that an optimal way to hide from degree group centrality is also effective in practice against the other measures. Altogether, our results suggest that it is possible to hide from group centrality measures based solely on the local information available to the group members about the network topology.
△ Less
Submitted 15 December, 2023;
originally announced December 2023.
-
Coupled-Space Attacks against Random-Walk-based Anomaly Detection
Authors:
Yuni Lai,
Marcin Waniek,
Liying Li,
Jingwen Wu,
Yulin Zhu,
Tomasz P. Michalak,
Talal Rahwan,
Kai Zhou
Abstract:
Random Walks-based Anomaly Detection (RWAD) is commonly used to identify anomalous patterns in various applications. An intriguing characteristic of RWAD is that the input graph can either be pre-existing or constructed from raw features. Consequently, there are two potential attack surfaces against RWAD: graph-space attacks and feature-space attacks. In this paper, we explore this vulnerability b…
▽ More
Random Walks-based Anomaly Detection (RWAD) is commonly used to identify anomalous patterns in various applications. An intriguing characteristic of RWAD is that the input graph can either be pre-existing or constructed from raw features. Consequently, there are two potential attack surfaces against RWAD: graph-space attacks and feature-space attacks. In this paper, we explore this vulnerability by designing practical coupled-space attacks, investigating the interplay between graph-space and feature-space attacks. To this end, we conduct a thorough complexity analysis, proving that attacking RWAD is NP-hard. Then, we proceed to formulate the graph-space attack as a bi-level optimization problem and propose two strategies to solve it: alternative iteration (alterI-attack) or utilizing the closed-form solution of the random walk model (cf-attack). Finally, we utilize the results from the graph-space attacks as guidance to design more powerful feature-space attacks (i.e., graph-guided attacks). Comprehensive experiments demonstrate that our proposed attacks are effective in enabling the target nodes from RWAD with a limited attack budget. In addition, we conduct transfer attack experiments in a black-box setting, which show that our feature attack significantly decreases the anomaly scores of target nodes. Our study opens the door to studying the coupled-space attack against graph anomaly detection in which the graph space relies on the feature space.
△ Less
Submitted 23 October, 2023; v1 submitted 26 July, 2023;
originally announced July 2023.
-
Human intuition as a defense against attribute inference
Authors:
Marcin Waniek,
Navya Suri,
Abdullah Zameek,
Bedoor AlShebli,
Talal Rahwan
Abstract:
Attribute inference - the process of analyzing publicly available data in order to uncover hidden information - has become a major threat to privacy, given the recent technological leap in machine learning. One way to tackle this threat is to strategically modify one's publicly available data in order to keep one's private information hidden from attribute inference. We evaluate people's ability t…
▽ More
Attribute inference - the process of analyzing publicly available data in order to uncover hidden information - has become a major threat to privacy, given the recent technological leap in machine learning. One way to tackle this threat is to strategically modify one's publicly available data in order to keep one's private information hidden from attribute inference. We evaluate people's ability to perform this task, and compare it against algorithms designed for this purpose. We focus on three attributes: the gender of the author of a piece of text, the country in which a set of photos was taken, and the link missing from a social network. For each of these attributes, we find that people's effectiveness is inferior to that of AI, especially when it comes to hiding the attribute in question. Moreover, when people are asked to modify the publicly available information in order to hide these attributes, they are less likely to make high-impact modifications compared to AI. This suggests that people are unable to recognize the aspects of the data that are critical to an inference algorithm. Taken together, our findings highlight the limitations of relying on human intuition to protect privacy in the age of AI, and emphasize the need for algorithmic support to protect private information from attribute inference.
△ Less
Submitted 24 April, 2023;
originally announced April 2023.
-
Hiding in Temporal Networks
Authors:
Marcin Waniek,
Petter Holme,
Talal Rahwan
Abstract:
Social network analysis tools can infer various attributes just by scrutinizing one's connections. Several researchers have studied the problem faced by an evader whose goal is to strategically rewire their social connections in order to mislead such tools, thereby concealing their private attributes. However, to date, this literature has only considered static networks, while neglecting the more…
▽ More
Social network analysis tools can infer various attributes just by scrutinizing one's connections. Several researchers have studied the problem faced by an evader whose goal is to strategically rewire their social connections in order to mislead such tools, thereby concealing their private attributes. However, to date, this literature has only considered static networks, while neglecting the more general case of temporal networks, where the structure evolves over time. Driven by this observation, we study how the evader can conceal their importance from an adversary armed with temporal centrality measures. We consider computational and structural aspects of this problem: Is it computationally feasible to calculate optimal ways of hiding? If it is, what network characteristics facilitate hiding? This topic has been studied in static networks, but in this work, we add realism to the problem by considering temporal networks of edges changing in time. We find that it is usually computationally infeasible to find the optimal way of hiding. On the other hand, by manipulating one's contacts, one could add a surprising amount of privacy. Compared to static networks, temporal networks offer more strategies for this type of manipulation and are thus, to some extent, easier to hide in.
△ Less
Submitted 28 July, 2021;
originally announced July 2021.
-
Social Diffusion Sources Can Escape Detection
Authors:
Marcin Waniek,
Manuel Cebrian,
Petter Holme,
Talal Rahwan
Abstract:
Influencing (and being influenced by) others through social networks is fundamental to all human societies. Whether this happens through the diffusion of rumors, opinions, or viruses, identifying the diffusion source (i.e., the person that initiated it) is a problem that has attracted much research interest. Nevertheless, existing literature has ignored the possibility that the source might strate…
▽ More
Influencing (and being influenced by) others through social networks is fundamental to all human societies. Whether this happens through the diffusion of rumors, opinions, or viruses, identifying the diffusion source (i.e., the person that initiated it) is a problem that has attracted much research interest. Nevertheless, existing literature has ignored the possibility that the source might strategically modify the network structure (by rewiring links or introducing fake nodes) to escape detection. Here, without restricting our analysis to any particular diffusion scenario, we close this gap by evaluating two mechanisms that hide the source-one stemming from the source's actions, the other from the network structure itself. This reveals that sources can easily escape detection, and that removing links is far more effective than introducing fake nodes. Thus, efforts should focus on exposing concealed ties rather than planted entities; such exposure would drastically improve our chances of detecting the diffusion source.
△ Less
Submitted 11 November, 2021; v1 submitted 21 February, 2021;
originally announced February 2021.
-
Strategic Evasion of Centrality Measures
Authors:
Marcin Waniek,
Jan Woźnica,
Kai Zhou,
Yevgeniy Vorobeychik,
Talal Rahwan,
Tomasz Michalak
Abstract:
Among the most fundamental tools for social network analysis are centrality measures, which quantify the importance of every node in the network. This centrality analysis typically disregards the possibility that the network may have been deliberately manipulated to mislead the analysis. To solve this problem, a recent study attempted to understand how a member of a social network could rewire the…
▽ More
Among the most fundamental tools for social network analysis are centrality measures, which quantify the importance of every node in the network. This centrality analysis typically disregards the possibility that the network may have been deliberately manipulated to mislead the analysis. To solve this problem, a recent study attempted to understand how a member of a social network could rewire the connections therein to avoid being identified as a leader of that network. However, the study was based on the assumption that the network analyzer - the seeker - is oblivious to any evasion attempts by the evader. In this paper, we relax this assumption by modelling the seeker and evader as strategic players in a Bayesian Stackelberg game. In this context, we study the complexity of various optimization problems, and analyze the equilibria of the game under different assumptions, thereby drawing the first conclusions in the literature regarding which centralities the seeker should use to maximize the chances of detecting a strategic evader.
△ Less
Submitted 26 January, 2021;
originally announced January 2021.
-
Traffic networks are vulnerable to disinformation attacks
Authors:
Marcin Waniek,
Gururaghav Raman,
Bedoor AlShebli,
Jimmy Chih-Hsien Peng,
Talal Rahwan
Abstract:
Disinformation continues to attract attention due to its increasing threat to society. Nevertheless, a disinformation-based attack on critical infrastructure has never been studied to date. Here, we consider traffic networks and focus on fake information that manipulates drivers' decisions to create congestion. We study the optimization problem faced by the adversary when choosing which streets to…
▽ More
Disinformation continues to attract attention due to its increasing threat to society. Nevertheless, a disinformation-based attack on critical infrastructure has never been studied to date. Here, we consider traffic networks and focus on fake information that manipulates drivers' decisions to create congestion. We study the optimization problem faced by the adversary when choosing which streets to target to maximize disruption. We prove that finding an optimal solution is computationally intractable, implying that the adversary has no choice but to settle for suboptimal heuristics. We analyze one such heuristic, and compare the cases when targets are spread across the city of Chicago vs. concentrated in its business district. Surprisingly, the latter results in more far-reaching disruption, with its impact felt as far as 2 kilometers from the closest target. Our findings demonstrate that vulnerabilities in critical infrastructure may arise not only from hardware and software, but also from behavioral manipulation.
△ Less
Submitted 8 March, 2020;
originally announced March 2020.
-
Hiding in Multilayer Networks
Authors:
Marcin Waniek,
Tomasz P. Michalak,
Talal Rahwan
Abstract:
Multilayer networks allow for modeling complex relationships, where individuals are embedded in multiple social networks at the same time. Given the ubiquity of such relationships, these networks have been increasingly gaining attention in the literature. This paper presents the first analysis of the robustness of centrality measures against strategic manipulation in multilayer networks. More spec…
▽ More
Multilayer networks allow for modeling complex relationships, where individuals are embedded in multiple social networks at the same time. Given the ubiquity of such relationships, these networks have been increasingly gaining attention in the literature. This paper presents the first analysis of the robustness of centrality measures against strategic manipulation in multilayer networks. More specifically, we consider an "evader" who strategically chooses which connections to form in a multilayer network in order to obtain a low centrality-based ranking-thereby reducing the chance of being highlighted as a key figure in the network-while ensuring that she remains connected to a certain group of people. We prove that determining an optimal way to "hide" is NP-complete and hard to approximate for most centrality measures considered in our study. Moreover, we empirically evaluate a number of heuristics that the evader can use. Our results suggest that the centrality measures that are functions of the entire network topology are more robust to such a strategic evader than their counterparts which consider each layer separately.
△ Less
Submitted 14 November, 2019;
originally announced November 2019.
-
How weaponizing disinformation can bring down a city's power grid
Authors:
Gururaghav Raman,
Bedoor AlShebli,
Marcin Waniek,
Talal Rahwan,
Jimmy Chih-Hsien Peng
Abstract:
Social technologies have made it possible to propagate disinformation and manipulate the masses at an unprecedented scale. This is particularly alarming from a security perspective, as humans have proven to be the weakest link when protecting critical infrastructure in general, and the power grid in particular. Here, we consider an attack in which an adversary attempts to manipulate the behavior o…
▽ More
Social technologies have made it possible to propagate disinformation and manipulate the masses at an unprecedented scale. This is particularly alarming from a security perspective, as humans have proven to be the weakest link when protecting critical infrastructure in general, and the power grid in particular. Here, we consider an attack in which an adversary attempts to manipulate the behavior of energy consumers by sending fake discount notifications encouraging them to shift their consumption into the peak-demand period. We conduct surveys to assess the propensity of people to follow-through on such notifications and forward them to their friends. This allows us to model how the disinformation propagates through social networks. Finally, using Greater London as a case study, we show that disinformation can indeed be used to orchestrate an attack wherein unwitting consumers synchronize their energy-usage patterns, resulting in blackouts on a city-scale. These findings demonstrate that in an era when disinformation can be weaponized, system vulnerabilities arise not only from the hardware and software of critical infrastructure, but also from the behavior of the consumers.
△ Less
Submitted 31 July, 2019;
originally announced August 2019.
-
Strategic Attack & Defense in Security Diffusion Games
Authors:
Marcin Waniek,
Tomasz P. Michalak,
Aamena Alshamsi
Abstract:
Security games model the confrontation between a defender protecting a set of targets and an attacker who tries to capture them. A variant of these games assumes security interdependence between targets, facilitating contagion of an attack. So far only stochastic spread of an attack has been considered. In this work, we introduce a version of security games, where the attacker strategically drives…
▽ More
Security games model the confrontation between a defender protecting a set of targets and an attacker who tries to capture them. A variant of these games assumes security interdependence between targets, facilitating contagion of an attack. So far only stochastic spread of an attack has been considered. In this work, we introduce a version of security games, where the attacker strategically drives the entire spread of attack and where interconnections between nodes affect their susceptibility to be captured.
We find that the strategies effective in the settings without contagion or with stochastic contagion are no longer feasible when spread of attack is strategic. While in the former settings it was possible to efficiently find optimal strategies of the attacker, doing so in the latter setting turns out to be an NP-complete problem for an arbitrary network. However, for some simpler network structures, such as cliques, stars, and trees, we show that it is possible to efficiently find optimal strategies of both players. For arbitrary networks, we study and compare the efficiency of various heuristic strategies. As opposed to previous works with no or stochastic contagion, we find that centrality-based defense is often effective when spread of attack is strategic, particularly for centrality measures based on the Shapley value.
△ Less
Submitted 16 December, 2019; v1 submitted 23 September, 2018;
originally announced September 2018.
-
Attacking Similarity-Based Link Prediction in Social Networks
Authors:
Kai Zhou,
Tomasz P. Michalak,
Talal Rahwan,
Marcin Waniek,
Yevgeniy Vorobeychik
Abstract:
Link prediction is one of the fundamental problems in computational social science. A particularly common means to predict existence of unobserved links is via structural similarity metrics, such as the number of common neighbors; node pairs with higher similarity are thus deemed more likely to be linked. However, a number of applications of link prediction, such as predicting links in gang or ter…
▽ More
Link prediction is one of the fundamental problems in computational social science. A particularly common means to predict existence of unobserved links is via structural similarity metrics, such as the number of common neighbors; node pairs with higher similarity are thus deemed more likely to be linked. However, a number of applications of link prediction, such as predicting links in gang or terrorist networks, are adversarial, with another party incentivized to minimize its effectiveness by manipulating observed information about the network. We offer a comprehensive algorithmic investigation of the problem of attacking similarity-based link prediction through link deletion, focusing on two broad classes of such approaches, one which uses only local information about target links, and another which uses global network information. While we show several variations of the general problem to be NP-Hard for both local and global metrics, we exhibit a number of well-motivated special cases which are tractable. Additionally, we provide principled and empirically effective algorithms for the intractable cases, in some cases proving worst-case approximation guarantees.
△ Less
Submitted 31 December, 2018; v1 submitted 21 September, 2018;
originally announced September 2018.
-
Computational Aspects of Optimal Strategic Network Diffusion
Authors:
Marcin Waniek,
Khaled Elbassioni,
Flavio L. Pinheiro,
Cesar A. Hidalgo,
Aamena Alshamsi
Abstract:
Diffusion on complex networks is often modeled as a stochastic process. Yet, recent work on strategic diffusion emphasizes the decision power of agents and treats diffusion as a strategic problem. Here we study the computational aspects of strategic diffusion, i.e., finding the optimal sequence of nodes to activate a network in the minimum time. We prove that finding an optimal solution to this pr…
▽ More
Diffusion on complex networks is often modeled as a stochastic process. Yet, recent work on strategic diffusion emphasizes the decision power of agents and treats diffusion as a strategic problem. Here we study the computational aspects of strategic diffusion, i.e., finding the optimal sequence of nodes to activate a network in the minimum time. We prove that finding an optimal solution to this problem is NP-complete in a general case. To overcome this computational difficulty, we present an algorithm to compute an optimal solution based on a dynamic programming technique. We also show that the problem is fixed parameter-tractable when parametrized by the product of the treewidth and maximum degree. We analyze the possibility of developing an efficient approximation algorithm and show that two heuristic algorithms proposed so far cannot have better than a logarithmic approximation guarantee. Finally, we prove that the problem does not admit better than a logarithmic approximation, unless P=NP.
△ Less
Submitted 30 January, 2020; v1 submitted 10 September, 2018;
originally announced September 2018.
-
Attack Tolerance of Link Prediction Algorithms: How to Hide Your Relations in a Social Network
Authors:
Marcin Waniek,
Kai Zhou,
Yevgeniy Vorobeychik,
Esteban Moro,
Tomasz P. Michalak,
Talal Rahwan
Abstract:
Link prediction is one of the fundamental research problems in network analysis. Intuitively, it involves identifying the edges that are most likely to be added to a given network, or the edges that appear to be missing from the network when in fact they are present. Various algorithms have been proposed to solve this problem over the past decades. For all their benefits, such algorithms raise ser…
▽ More
Link prediction is one of the fundamental research problems in network analysis. Intuitively, it involves identifying the edges that are most likely to be added to a given network, or the edges that appear to be missing from the network when in fact they are present. Various algorithms have been proposed to solve this problem over the past decades. For all their benefits, such algorithms raise serious privacy concerns, as they could be used to expose a connection between two individuals who wish to keep their relationship private. With this in mind, we investigate the ability of such individuals to evade link prediction algorithms. More precisely, we study their ability to strategically alter their connections so as to increase the probability that some of their connections remain unidentified by link prediction algorithms. We formalize this question as an optimization problem, and prove that finding an optimal solution is NP-complete. Despite this hardness, we show that the situation is not bleak in practice. In particular, we propose two heuristics that can easily be applied by members of the general public on existing social media. We demonstrate the effectiveness of those heuristics on a wide variety of networks and against a plethora of link prediction algorithms.
△ Less
Submitted 1 September, 2018;
originally announced September 2018.
-
Hiding Individuals and Communities in a Social Network
Authors:
Marcin Waniek,
Tomasz Michalak,
Talal Rahwan,
Michael Wooldridge
Abstract:
The Internet and social media have fueled enormous interest in social network analysis. New tools continue to be developed and used to analyse our personal connections, with particular emphasis on detecting communities or identifying key individuals in a social network. This raises privacy concerns that are likely to exacerbate in the future. With this in mind, we ask the question: Can individuals…
▽ More
The Internet and social media have fueled enormous interest in social network analysis. New tools continue to be developed and used to analyse our personal connections, with particular emphasis on detecting communities or identifying key individuals in a social network. This raises privacy concerns that are likely to exacerbate in the future. With this in mind, we ask the question: Can individuals or groups actively manage their connections to evade social network analysis tools?
By addressing this question, the general public may better protect their privacy, oppressed activist groups may better conceal their existence, and security agencies may better understand how terrorists escape detection. We first study how an individual can evade "network centrality" analysis without compromising his or her influence within the network. We prove that an optimal solution to this problem is hard to compute. Despite this hardness, we demonstrate that even a simple heuristic, whereby attention is restricted to the individual's immediate neighbourhood, can be surprisingly effective in practice. For instance, it could disguise Mohamed Atta's leading position within the WTC terrorist network, and that is by rewiring a strikingly-small number of connections. Next, we study how a community can increase the likelihood of being overlooked by community-detection algorithms. We propose a measure of concealment, expressing how well a community is hidden, and use it to demonstrate the effectiveness of a simple heuristic, whereby members of the community either "unfriend" certain other members, or "befriend" some non-members, in a coordinated effort to camouflage their community.
△ Less
Submitted 1 August, 2016;
originally announced August 2016.