My Privacy My Decision: Control Of Photo Sharing On Online Social Networks

ABSTRACT:

Photo sharing is an attractive feature which popularizes Online Social Networks (OSNs). Unfortunately, it may leak users’ privacy if they are allowed to post, comment, and tag a photo freely. In this paper, we attempt to address this issue and study the scenario when a user shares a photo containing individuals other than himself/herself (termed co-photo for short). To prevent possible privacy leakage of a photo, we design a mechanism to enable each individual in a photo be aware of the posting activity and participate in the decision making on the photo posting. For this purpose, we need an efficient facial recognition (FR) system that can recognize everyone in the photo. However, more demanding privacy setting may limit the number of the photos publicly available to train the FR system. To deal with this dilemma, our mechanism attempts to utilize users’ private photos to design a personalized FR system specifically trained to differentiate possible photo co-owners without leaking their privacy. We also develop a distributed consensus based method to reduce the computational complexity and protect the private training set. We show that our system is superior to other possible approaches in terms of recognition ratio and efficiency. Our mechanism is implemented as a proof of concept Android application on Facebook’s platform.

AIM

Our mechanism attempts to utilize user`s private photos to design a personalized FR system specifically trained to differentiate possible photo co-owners without leaking their privacy.

SCOPE

 The Scope of this project is to reduce the computational complexity and protect the private training set.

EXISTING SYSTEM

For instance, nowadays we can share any photo as we like on OSNs, regardless of whether this photo contains other people (is a co-photo) or not. Currently there is no restriction with sharing of co-photos, on the contrary, social network service providers like Face book we need to elaborate on the privacy issues over OSNs. Traditionally, privacy is regarded as a state of social withdrawal. According to Altman’s privacy regulation theory, privacy is a dialectic and dynamic boundary regulation process where privacy is not static but “a selective control of access to the self or to ones group”. In this theory, “dialectic” refers to the openness and closeness of self to others and “dynamic” means the desired privacy level changes with time according to environment.

DISADVANTAGES:

1. It  may leak users’ privacy if they are allowed to post, comment, and tag a photo freely
2. Photo sharing and tagging are added, the situation becomes more complicated.

PROPOSED SYSTEM

In this paper, we propose a novel consensus based approach to achieve efficiency and privacy at the same time. The idea is to let each user only deal with his/her private photo set as the local train data and use it to learn out the local training result. After this, local training results are exchanged among users to form a global knowledge. In the next round, each user learns over his/hers local data again by taking the global knowledge as a reference. Finally the information will be spread over users and consensus could be reached. We show later that by performing local learning in parallel, efficiency and privacy could be achieved at the same time.

ADVANTAGES

1.  Designed a privacy-preserving FR system to identify individuals in a co-photo.
2.  our proposed scheme be very useful in protecting users’ privacy in photo/image sharing over online social networks

 SYSTEM ARCHITECTURE:

SYSTEM CONFIGURATION

HARDWARE REQUIREMENTS:-

·                Processor          -   Pentium –III

·                Speed                -    1.1 Ghz

·                RAM                 -    256 MB(min)

·                Hard Disk         -   20 GB

·                Floppy Drive    -    1.44 MB

·                Key Board         -    Standard Windows Keyboard

·                Mouse               -    Two or Three Button Mouse

·                Monitor             -    SVGA

SOFTWARE REQUIREMENTS:-

·                Operating System              : Windows  7                                       

·                Front End                  : JSP AND SERVLET

·                Database                  : MYSQL

·                Tool                           :NETBEANS

REFERENCE:

Xu, K,Guo, Y,  Guo, L.  Fang, Y. “My Privacy My Decision: Control Of Photo Sharing On Online Social Networks”, IEEE Transactions on Dependable and Secure Computing, Volume PP,  Issue 99, JUNE  2015.

Key-Recovery Attacks On Kids, A Keyed Anomaly Detection System

ABSTRACT:

Most anomaly detection systems rely on machine learning algorithms to derive a model of normality that is later used to detect suspicious events. Some works conducted over the last years have pointed out that such algorithms are generally susceptible to deception, notably in the form of attacks carefully constructed to evade detection. Various learning schemes have been proposed to overcome this weakness. One such system is KIDS (Keyed IDS), introduced at DIMVA’10. KIDS’ core idea is akin to the functioning of some cryptographic primitives, namely to introduce a secret element (the key) into the scheme so that some operations are infeasible without knowing it. In KIDS the learned model and the computation of the anomaly score are both key-dependent, a fact which presumably prevents an attacker from creating evasion attacks. In this work we show that recovering the key is extremely simple provided that the attacker can interact with KIDS and get feedback about probing requests. We present realistic attacks for two different adversarial settings and show that recovering the key requires only a small amount of queries, which indicates that KIDS does not meet the claimed security properties. We finally revisit KIDS’ central idea and provide heuristic arguments about its suitability and limitations.

AIM

The aims of this paper KIDS the learned model and the computation of the anomaly score are both key-dependent, a fact which presumably prevents an attacker from creating evasion attacks.

SCOPE

 The Scope of this project is show that recovering the key is extremely simple provided that the attacker can interact with KIDS and get feedback about probing requests.

EXISTING SYSTEM

Accurately pointed out that security problems differ from other application domains of machine learning in, at least, one fundamental feature: the presence of an adversary who can strategically play against the algorithm to accomplish his goals. Thus for example, one major objective for the attacker is to avoid detection. Evasion attacks exploit weaknesses in the underlying classifiers, which are often unable to identify a malicious sample that has been conveniently modified so as to look normal. Examples of such attacks abound. For instance, spammers regularly obfuscate their emails in various ways to avoid detection, e.g. by modifying words that are usually found in spam, or by including a large number of words that do not. Similarly malware and other pieces of attack code can be carefully adapted so as to evade Intrusion Detection Systems (IDS) without compromising the functionality of the attack

 DISADVANTAGES:

1. Anomaly  detection systems rely on machine learning algorithms to derive a model of normality that is later used to detect suspicious events
2. Such  algorithms are generally susceptible to deception, notably in the form of attacks carefully constructed to evade detection.

PROPOSED SYSTEM

KIDS (Keyed Intrusion Detection System) , introduced by Mrdovic and Drazenovic at DIMVA’10. KIDS is an application layer network anomaly detection system that extracts a number of features (“words”) from each payload. The system then builds a model of normality based both on the frequency of observed features and their relative positions in the payload. KIDS’ core idea to impede evasion attacks is to incorporate the notion of a “key”, this being a secret element used to determine how classification features are extracted from the payload. The security argument here is simple: even though the learning and testing algorithms are public, an adversary who is not in possession of the key will not know exactly how a request will be processed and, consequently, will not be able to design attacks that thwart detection

ADVANTAGES

1.  It has been on recovering the key through efficient procedures, demonstrating that the classification process leaks information about it that can be leveraged by an attacker.
2.  The  ultimate goal is to evade the system, and we have just assumed that knowing the key is essential to craft an attack that evades detection or, at least, that significantly facilitates the process

SYSTEM CONFIGURATION

HARDWARE REQUIREMENTS:-

·                Processor          -   Pentium –III

·                Speed                -    1.1 Ghz

·                RAM                 -    256 MB(min)

·                Hard Disk         -   20 GB

·                Floppy Drive    -    1.44 MB

·                Key Board         -    Standard Windows Keyboard

·                Mouse               -    Two or Three Button Mouse

·                Monitor             -    SVGA

SOFTWARE REQUIREMENTS:-

·                Operating System              : Windows  7                                       

·                Front End                  : JSP AND SERVLET

·                Database                  : MYSQL

·                Tool                           :NETBEANS

REFERENCE:

Tapiador, J.E, Orfila, A. ; Ribagorda, A. ; Ramos, B.. “Key-Recovery Attacks On Kids, A Keyed Anomaly Detection System”, IEEE Transactions on Dependable and Secure Computing, Volume 12  Issue 3  , SEPTEMBER 2013..

Improved Privacy-Preserving P2p Multimedia Distribution Based On Recombined Fingerprints

ABSTRACT

Anonymous fingerprint has been suggested as a convenient solution for the legal distribution of multimedia contents with copyright protection whilst preserving the privacy of buyers, whose identities are only revealed in case of illegal re-distribution. However, most of the existing anonymous fingerprinting protocols are impractical for two main reasons: 1) the use of complex time-consuming protocols and/or homomorphic encryption of the content, and 2) a unicast approach for distribution that does not scale for a large number of buyers. This paper stems from a previous proposal of recombined fingerprints which overcomes some of these drawbacks. However, the recombined fingerprint approach requires a complex graph search for traitor tracing, which needs the participation of other buyers, and honest proxies in its P2P distribution scenario. This paper focuses on removing these disadvantages resulting in an efficient, scalable, privacy-preserving and P2P-based fingerprinting system.

AIM

The aim of this paper is the recombined fingerprint approach requires a complex graph search for traitor tracing, which needs the participation of other buyers, and honest proxies in its P2P distribution scenario.

SCOPE:

The Scope of this paper focuses on removing these disadvantages resulting in an efficient, scalable, privacy-preserving and P2P-based fingerprinting system.

EXISTING SYSTEM

Most fingerprinting systems can be classified in three categories, namely symmetric, asymmetric and anonymous schemes. In symmetric schemes, the merchant is the one who embeds the fingerprint into the content and forwards the result to the buyer; hence, the buyer cannot be formally accused of illegal redistribution, since the merchant also had access to the fingerprinted content and could be responsible for the redistribution. In asymmetric fingerprinting, the merchant does not have access to the fingerprinted copy, but he can recover the fingerprint in case of illegal re-distribution and thereby identify the offending buyer. In anonymous fingerprinting, in addition to asymmetry, the buyer preserves her anonymity (privacy) and hence she cannot be linked to the purchase of a specific content, unless she participates in an illegal re-distribution. Anonymous fingerprinting is, thus, the most convenient strategy to protect both the buyers’ privacy and the owner’s rights, since it guarantees the following properties: 1) only the buyer obtains the fingerprinted copy of the content, making it impossible for the merchant to accuse her of unlawful re-distribution, and 2) it preserves the anonymity of the buyers’ identities with respect to the merchant

DISADVANTAGES

1. The  use of complex time-consuming protocols and/or homomorphic encryption of the content,
2. A unicast approach for distribution that does not scale for a large number of buyers.

PROPOSED SYSTEM

This paper reviews the main features of the proposal suggested in  highlights its main drawbacks, and suggests several significant improvements to achieve a more efficient and practical system, especially as traitor tracing is concerned, since it avoids the situations in which illegal re-distributors cannot be traced with the proposal of  Furthermore, better security properties against potentially malicious proxies are obtained. Although the system proposed in this paper uses public-key encryption in the distribution and traitor tracing protocols, it must be taken into account that this encryption is only applied to short bit strings, such as the binary fingerprints and hashes, not to the content. The fragments of the content are encrypted using symmetric cryptography, which is much more efficient.

ADVANTAGES

1.  Efficient and scalable distribution of multimedia contents in P2P networks.
2.  Avoidance of (complex) homomorphic (or any type of public-key) encryption of the multimedia content.

SYSTEM CONFIGURATION

HARDWARE REQUIREMENTS:-

·                Processor          -   Pentium –III

·                Speed                -    1.1 Ghz

·                RAM                 -    256 MB(min)

·                Hard Disk         -   20 GB

·                Floppy Drive    -    1.44 MB

·                Key Board         -    Standard Windows Keyboard

·                Mouse               -    Two or Three Button Mouse

·                Monitor             -    SVGA

SOFTWARE REQUIREMENTS:-

·                Operating System              : Windows  7                                       

·                Front End                  : JSP AND SERVLET

·                Database                  : MYSQL

·                Tool                           :NETBEANS

 

REFERENCE

Megias, D ,“ Improved Privacy-Preserving P2p Multimedia Distribution Based On Recombined Fingerprints,” IEEE Transactions on Dependable and Secure Computing, Volume 12  Issue 2 , April 2014.