Web and social networking applications are essential parts of our daily life. We aim to make web and social networking applications secure and privacy-preserving. In particular, we study the social networks and web security and privacy problems that revolve around the data generated by them. For instance, the problems we focus on include, but not limited to, detecting fake and compromised users in social networking and web services, uncovering new privacy attacks (e.g., attribute inference attacks, link inference attacks) to social network users and their defenses, as well as developing new user authentication methods for social networking services. Our approach leverages artificial intelligence techniques including (trustworthy) machine/deep learning, network science, natural language processing, and optimization. A key challenge of leveraging artificial intelligence for web and social networks security and privacy is how to incorporate the unique characteristics of the security and privacy problems. We are interested in developing new artificial intelligence techniques to address the unique challenges of the security and privacy problems in social networks and web applications.
Publications
Inference attacks and their defenses
Machine learning is used by attackers to perform automated large-scale attacks. We develop new machine learning techniques as privacy attacks to infer users' private attributes (e.g., location, sexual orientation, political view), hidden social relationships, and identity, using users' data publicly available on social networks and web services. We also develop defenses for these inference attacks.
- Xinlei He, Jinyuan Jia, Michael Backes, Neil Zhenqiang Gong, and Yang Zhang. "Stealing Links from Graph Neural Networks". In USENIX Security Symposium, 2021.
-
Jinyuan Jia, Neil Zhenqiang Gong. "AttriGuard: A Practical Defense Against Attribute Inference Attacks via Adversarial Machine Learning". In USENIX Security Symposium, 2018. Code and data are available [here].
-
Neil Zhenqiang Gong, Bin Liu. "Attribute Inference Attacks in Online Social Networks". ACM Transactions on Privacy and Security (TOPS), 21(1), 2018.
-
Jinyuan Jia, Binghui Wang, Le Zhang, Neil Zhenqiang Gong. "AttriInfer: Inferring User Attributes in Online Social Networks Using Markov Random Fields". In International World Wide Web Conference (WWW), 2017.
-
Neil Zhenqiang Gong, Bin Liu. "You are Who You Know and How You Behave: Attribute Inference Attacks via Users' Social Friends and Behaviors". In USENIX Security Symposium, 2016.
-
Shouling Ji, Weiqing Li, Neil Zhenqiang Gong, Prateek Mittal, Raheem Beyah. "On Your Social Network De-anonymizablity: Quantification and Large Scale Evaluation with Seed Knowledge". In ISOC Network and Distributed System Security Symposium (NDSS), 2015.
-
Neil Zhenqiang Gong, Ameet Talwalkar, Lester Mackey, Ling Huang, Richard Shin, Emil Stefanov, Elaine Shi, Dawn Song. "Joint Link Prediction and Attribute Inference using a Social-Attribute Network". ACM Transactions on Intelligent Systems and Technology (TIST), 5(2), 2014.
-
Neil Zhenqiang Gong, Wenchang Xu, Ling Huang, Prateek Mittal, Emil Stefanov, Vyas Sekar, Dawn Song. "Evolution of Social-Attribute Networks: Measurements, Modeling, and Implications using Google+". In ACM/USENIX Internet Measurement Conference (IMC), 2012. Our Google+ dataset is available [here].
-
Arvind Narayanan, Hristo Paskov, Neil Zhenqiang Gong, John Bethencourt, Richard Shin, Emil Stefanov, Dawn Song. "On the Feasibility of Internet-Scale Author Identification". In IEEE Symposium on Security and Privacy (IEEE S&P), 2012. Featured in WNYC Studios, Boing Boing, Slashdot, etc.
Spam and fraud detection
We develop new machine learning methods to detect spam, fake accounts, and malicious accounts in social networking and web services.
- Dong Yuan, Yuanli Miao, Neil Zhenqiang Gong, Zheng Yang, Qi Li, Dawn Song, Qian Wang, and Xiao Liang. "Detecting Fake Accounts in Online Social Networks at the Time of Registrations". In ACM Conference on Computer and Communications Security (CCS), 2019.
- Binghui Wang and Neil Zhenqiang Gong. "Attacking Graph-based Classification via Manipulating the Graph Structure". In ACM Conference on Computer and Communications Security (CCS), 2019.
- Zenghua Xia, Chang Liu, Neil Zhenqiang Gong, Qi Li, Yong Cui, and Dawn Song. "Characterizing and Detecting Malicious Accounts in Privacy-Centric Mobile Social Networks: A Case Study". In ACM SIGKDD Conference on Knowledge Discovery and Data Mining (KDD), Applied Data Science Track, 2019.
- Binghui Wang, Jinyuan Jia, and Neil Zhenqiang Gong. "Graph-based Security and Privacy Analytics via Collective Classification with Joint Weight Learning and Propagation". In ISOC Network and Distributed System Security Symposium (NDSS), 2019.
Distinguished Paper Award Honorable Mention - Binghui Wang, Jinyuan Jia, Le Zhang, and Neil Zhenqiang Gong. "Structure-based Sybil Detection in Social Networks via Local Rule-based Propagation". IEEE Transactions on Network Science and Engineering (TNSE), 6(3), 2019. Fast tracked from our INFOCOM'17 paper.
- Binghui Wang, Le Zhang, and Neil Zhenqiang Gong. "SybilBlind: Detecting Fake Users in Online Social Networks without Manual Labels". In International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2018.
- Peng Gao, Binghui Wang, Neil Zhenqiang Gong, Sanjeev R. Kulkarni, Kurt Thomas, and Prateek Mittal. "SybilFuse: Combining Local Attributes with Global Structure to Perform Robust Sybil Detection." In IEEE Conference on Communications and Network Security (CNS), 2018.
- Binghui Wang, Neil Zhenqiang Gong, and Hao Fu. "GANG: Detecting Fraudulent Users in Online Social Networks via Guilt-by-Association on Directed Graphs". In IEEE International Conference on Data Mining (ICDM), regular paper, 2017.
- Hao Fu, Xing Xie, Yong Rui, Neil Zhenqiang Gong, Guangzhong Sun, and Enhong Chen. "Robust Spammer Detection in Microblogs: Leveraging User Carefulness". ACM Transactions on Intelligent Systems and Technology (TIST), 8(6), 2017.
- Jinyuan Jia, Binghui Wang, and Neil Zhenqiang Gong. "Random Walk based Fake Account Detection in Online Social Networks". In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2017.
- Binghui Wang, Le Zhang, and Neil Zhenqiang Gong. "SybilSCAR: Sybil Detection in Online Social Networks via Local Rule based Propagation". In IEEE International Conference on Computer Communications (INFOCOM), 2017.
Fast tracked to IEEE TNSE.
Only 10 papers were selected for fast tracking.
Code and data are available [here] - Neil Zhenqiang Gong, Mario Frank, and Prateek Mittal. "SybilBelief: A Semi-supervised Learning Approach for Structure-based Sybil Detection". IEEE Transactions on Information Forensics and Security (TIFS), 9(6), 2014.
Code and data are available [here]
Secure and privacy-preserving recommender systems
Recommender system is a key component of web services. We aim to make recommender systems secure and privacy-preserving.
- Minghong Fang, Neil Zhenqiang Gong, and Jia Liu. "Influence Function based Data Poisoning Attacks to Top-N Recommender Systems". In The Web Conference (WWW), 2020.
-
Minghong Fang, Guolei Yang, Neil Zhenqiang Gong, and Jia Liu. "Poisoning Attacks to Graph-Based Recommender Systems". In Annual Computer Security Applications Conference (ACSAC), 2018.
-
Guolei Yang, Neil Zhenqiang Gong, and Ying Cai. "Fake Co-visitation Injection Attacks to Recommender Systems". In ISOC Network and Distributed System Security Symposium (NDSS), 2017.
-
Jinyuan Jia, Neil Zhenqiang Gong. "AttriGuard: A Practical Defense Against Attribute Inference Attacks via Adversarial Machine Learning". In USENIX Security Symposium, 2018. Code and data are available [here].
-
Bin Liu, Deguang Kong, Lei Cen, Neil Zhenqiang Gong, Hongxia Jin, and Hui Xiong. "Personalized Mobile App Recommendation: Reconciling App Functionality and User Privacy Preference. In ACM International Conference on Web Search and Data Mining (WSDM), 2015.
User authentication
We leverage social networks to enhance user authentication.
- Sakshi Jain, Neil Zhenqiang Gong, Sreya Basuroy, Juan Lang, Dawn Song, and Prateek Mittal. "New Directions in Social Authentication". In Usable Security (USEC), 2015.
- Neil Zhenqiang Gong and Di Wang. "On the Security of Trustee-based Social Authentications". IEEE Transactions on Information Forensics and Security (TIFS), 9(8), 2014.
Social network measurement and modeling
- Neil Zhenqiang Gong, Wenchang Xu, Ling Huang, Prateek Mittal, Emil Stefanov, Vyas Sekar, and Dawn Song. "Evolution of Social-Attribute Networks: Measurements, Modeling, and Implications using Google+". ACM/USENIX Internet Measurement Conference (IMC), 2012.
- Neil Zhenqiang Gong and Wenchang Xu. "Reciprocal versus Parasocial Relationships in Online Social Networks". Springer Social Network Analysis and Mining (SNAM), 4(1), 2014.
Code and dataset
- Google+ Social Networks with Node Attributes.
- Twitter dataset for Sybil/fraudulent/fake user detection.
- Source code of SybilBelief, SybilSCAR, GANG, and SybilFuse.