SGX-PrivInfer: A Secure Collaborative System for Quantifying and Mitigating Attribute Inference Risks in Social Networks
Hervais Simo, Michael Kreutzer
2025
Abstract
The growing popularity of Online Social Networks (OSNs) over the past decade has led to a significant portion of the global population sharing diverse personal information online, including relationship status, political affiliations, and religious views. However, research has shown that adversaries, such as third-party application providers and law enforcement agencies, can aggregate and correlate seemingly innocuous, publicly available data across various platforms. This process can uncover sensitive insights about individuals, often far beyond what users intend or realize they are disclosing. To mitigate this challenge, it is essential to provide OSN users with enhanced transparency and control over their digital footprints and the associated risks of attribute inference, as emphasized by regulations like the EU General Data Protection Regulation (GDPR). Innovative solutions in this domain often rely on Privacy Inference Detection Technologies (PIDTs), which empower users to understand and manage such risks. However, existing PIDTs raise significant privacy concerns, as they typically require highly sensitive data to be transferred to cloud services for analysis, exposing it to potential misuse or unauthorized access. To address these limitations, we introduce SGX-PrivInfer, a novel architecture that enables OSN users to collaboratively and securely detect and quantify attribute inference risks based on public profile data aggregated from multiple OSN domains. SGX-PrivInfer leverages Trusted Execution Environments (TEEs) to safeguard the confidentiality of both user data and the underlying attribute inference models, even in the presence of curious adversaries, such as cloud service providers. In its current design, we utilize Intel SGX as the implementation of TEEs to achieve these security guarantees. Our performance evaluation, conducted on real-world OSN datasets, demonstrates that SGX-PrivInfer is both practical and capable of supporting real-time processing. To the best of our knowledge, SGX-PrivInfer is the first architecture and implementation of a PIDT that offers strong security guarantees, data protection, and accountability, all backed by Intel SGX’s hardware-enforced isolation and integrity mechanisms.
DownloadPaper Citation
in Harvard Style
Simo H. and Kreutzer M. (2025). SGX-PrivInfer: A Secure Collaborative System for Quantifying and Mitigating Attribute Inference Risks in Social Networks. In Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP; ISBN 978-989-758-735-1, SciTePress, pages 111-122. DOI: 10.5220/0013390000003899
in Bibtex Style
@conference{icissp25,
author={Hervais Simo and Michael Kreutzer},
title={SGX-PrivInfer: A Secure Collaborative System for Quantifying and Mitigating Attribute Inference Risks in Social Networks},
booktitle={Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP},
year={2025},
pages={111-122},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013390000003899},
isbn={978-989-758-735-1},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP
TI - SGX-PrivInfer: A Secure Collaborative System for Quantifying and Mitigating Attribute Inference Risks in Social Networks
SN - 978-989-758-735-1
AU - Simo H.
AU - Kreutzer M.
PY - 2025
SP - 111
EP - 122
DO - 10.5220/0013390000003899
PB - SciTePress