TY - GEN
T1 - Turning attacks into protection
T2 - 2021 SIAM International Conference on Data Mining, SDM 2021
AU - Li, Xiaoting
AU - Chen, Lingwei
AU - Wu, Dinghao
N1 - Funding Information:
The work was supported in part by a seed grant from the Penn State Center for Security Research and Education (CSRE) and the PNC Technologies Career Development Professorship.
Publisher Copyright:
© 2021 by SIAM.
PY - 2021
Y1 - 2021
N2 - Machine learning, especially deep learning, has emerged as one of the most powerful tools for attribute inference attacks over social media, which poses serious threats to users’ privacy and security. In this paper, we explore a novel perspective of protecting data privacy in social media, where we take advantage of the vulnerability of machine learning, and introduce adversarial attacks to forge latent feature representations and mislead attribute inference attacks. Considering that text data in social media shares the most significant privacy of users, we investigate how text-space adversarial attacks can be elaborated to obfuscate users’ attributes, and accordingly present a text-space adversarial attack as defense, or AaaD for short. Specifically, we advance AaaD by constructing semantically and visually similar word candidates to perturb, and leveraging word importance scores as selection probabilities to upgrade a population-based optimization to expedite adversarial text generation. We evaluate the performance of AaaD on two social media data sets, while the experimental results validate its effectiveness against inference attacks. Our work yields great value and unveils a new insight on the applicability of adversarial attacks for attribute obfuscation and privacy protection.
AB - Machine learning, especially deep learning, has emerged as one of the most powerful tools for attribute inference attacks over social media, which poses serious threats to users’ privacy and security. In this paper, we explore a novel perspective of protecting data privacy in social media, where we take advantage of the vulnerability of machine learning, and introduce adversarial attacks to forge latent feature representations and mislead attribute inference attacks. Considering that text data in social media shares the most significant privacy of users, we investigate how text-space adversarial attacks can be elaborated to obfuscate users’ attributes, and accordingly present a text-space adversarial attack as defense, or AaaD for short. Specifically, we advance AaaD by constructing semantically and visually similar word candidates to perturb, and leveraging word importance scores as selection probabilities to upgrade a population-based optimization to expedite adversarial text generation. We evaluate the performance of AaaD on two social media data sets, while the experimental results validate its effectiveness against inference attacks. Our work yields great value and unveils a new insight on the applicability of adversarial attacks for attribute obfuscation and privacy protection.
UR - http://www.scopus.com/inward/record.url?scp=85119195555&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85119195555&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85119195555
T3 - SIAM International Conference on Data Mining, SDM 2021
SP - 208
EP - 216
BT - SIAM International Conference on Data Mining, SDM 2021
PB - Siam Society
Y2 - 29 April 2021 through 1 May 2021
ER -