CERIAS Security Seminar: Forgetting the Forgotten: Conceal Content Deletions from Persistent Observers

The Center for Education and Research in Information Assurance and Security
November 20, 2019
4:30 PM - 5:30 PM
STEW G52 (Suite 050B), West Lafayette Campus

Description

Speaker:
Mohsen Minaei
Purdue University

Abstract: Most social platforms offer mechanisms allowing users to delete their posts, and a significant fraction of users exercise this right to be forgotten. However, ironically, users’ attempt to reduce attention to sensitive posts via deletion, in practice, attracts unwanted attention from stalkers specifically to those (deleted) posts. Thus, deletions may leave users more vulnerable to attacks on their privacy in general. Users hoping to make their posts forgotten face a “damned if I do, damned if I don’t” dilemma.
In this talk, we will look into two new proposed deletion mechanisms that provide privacy for the deletion of users.
In the first approach, in the form of intermittent withdrawals, we present, Lethe, a novel solution to this problem of (really) forgetting the forgotten. If the next-generation social platforms are willing to give up the uninterrupted availability of non-deleted posts by a very small fraction, Lethe provides privacy to the deleted posts over long durations. Furthermore, we introduce Deceptive Deletion, a new decoy mechanism that minimizes the adversarial advantage. Our mechanism creates a two-player min-max game between, an adversary that seeks to classify damaging content among the deleted posts, and a challenger that employs decoy deletions to masquerade real damaging deletions.

We evaluate the systems using the Twitter data samples and show that in the presence of a strong adversary our systems protect the privacy of the users' deletions.

About: Mohsen Minaei is a Ph.D. candidate at Purdue University working with Professor Aniket Kate. His research focuses on designing and implementing better privacy-enhancing mechanisms for content deletion and using cryptocurrencies as covert channels to bootstrap the censor circumvention tools. Prior to joining Purdue, he received his bachelor's degree from Sharif University in Tehran.
He has completed three internships with the fraud detection and Xbox teams at Microsoft and one with the blockchain team at Visa Research.

The weekly security seminar has been held every semester since spring of 1992. We invite personnel at Purdue and visitors from outside to present on topics of particular interest to them in the areas of computer and network security, computer crime investigation, information warfare, information ethics, public policy for computing and security, the computing "underground," and other related topics. More info

Contact Details

Add to calendar