Privacy Preserving Social Network Publication Against Mutual Friend Attacks

Publishing social network data for research purposes has raised serious concerns for individual privacy. There exist many privacy-preserving works that can deal with different attack models. In this paper, we introduce a novel privacy attack model and refer it as a mutual friend attack. In this model, the adversary can re-identify a pair of friends by using their number of mutual friends. To address this issue, we propose a new anonymity concept, called k-NMF anonymity, i.e., k-anonymity on the number of mutual friends, which ensures that there exist at least k-1 other friend pairs in the graph that share the same number of mutual friends. We devise algorithms to achieve the k-NMF anonymity while preserving the original vertex set in the sense that we allow the occasional addition but no deletion of vertices. Further we give an algorithm to ensure the k-degree anonymity in addition to the k-NMF anonymity. The experimental results on real-word datasets demonstrate that our approach can preserve the privacy and utility of social networks effectively against mutual friend attacks.

💡 Research Summary

The paper addresses a novel privacy threat in published social network graphs called the “mutual friend attack.” In this attack, an adversary who can view the number of mutual friends (i.e., common neighbors) between two directly connected users can uniquely identify the edge linking those users, and potentially re‑identify the individuals themselves. The number of mutual friends of an edge is exactly the number of triangles that contain that edge. Because many social platforms (e.g., Facebook) expose mutual‑friend counts, this attack is realistic.

To counter this threat the authors introduce the concept of k‑NMF anonymity (k‑anonymity on the Number of Mutual Friends). A graph is k‑NMF anonymous if, for every edge, there are at least k‑1 other edges with the same mutual‑friend count. Consequently, the probability that an attacker correctly guesses the target edge is bounded by 1/k. The problem is formulated as an edge‑weight anonymization task where the weight of an edge is its NMF value.

A major difficulty is that adding or deleting a single edge can change the NMF values of many other edges, because each added edge creates new triangles and each removed edge destroys triangles. To avoid repeatedly re‑anonymizing edges, the authors propose the “Anonymized Triangle Preservation Principle (ATPP).” This principle requires that once an edge has been anonymized, any triangle containing that edge must not be destroyed (by deletion) nor newly created (by addition), thereby keeping the edge’s NMF stable after it has been processed.

Two algorithmic frameworks are presented.

1. ADD – anonymization by edge addition only. Edges are sorted by descending NMF and processed in groups. Each group must contain at least k edges with identical NMF. When an edge’s NMF is lower than the group target, the algorithm adds new edges to increase its NMF. Candidate vertices are selected using a breadth‑first search to keep the added edge as short as possible, and a “maximum mutual‑friend” tie‑breaker is applied to maximize the impact on the target edge while respecting ATPP. Two grouping strategies are explored: a simple “Intuit‑Group” that starts a new group after exactly k edges, and a “Greedy‑Group” that evaluates the cost of expanding the current group versus starting a new one.

2. ADD&DEL – anonymization by both addition and deletion. After the ADD phase, the algorithm may delete edges that are part of triangles already anonymized, thereby reducing NMF values where necessary without breaking ATPP. Deletions are chosen preferentially from edges whose removal affects the fewest other edges.

Both frameworks also include a post‑processing step that enforces k‑degree anonymity (k‑anonymity on vertex degrees) while preserving the original vertex set. This is achieved by adjusting degrees through additional edge insertions or deletions that do not interfere with the already satisfied k‑NMF condition.

Complexity analysis shows that ADD runs in O(m·|V|) time (m = number of edges, |V| = number of vertices), while ADD&DEL incurs an extra O(m·|V|²) factor due to triangle‑preserving deletions.

Experimental evaluation uses real‑world networks (Facebook, Twitter, DBLP, etc.) with varying sizes. The authors vary k from 2 to 10 and measure structural distortion using metrics such as average NMF error, clustering coefficient, average shortest‑path length, and connectivity. Results demonstrate that the proposed methods achieve the required k‑NMF anonymity with minimal impact on these metrics, often outperforming prior k‑degree anonymization approaches that require many vertex insertions or large edge modifications. Importantly, the vertex set is never reduced, preserving the ability to perform downstream analyses that rely on original node identities (e.g., centrality, community detection).

In summary, the paper makes the following contributions: (1) definition of a realistic mutual‑friend based re‑identification attack, (2) introduction of k‑NMF anonymity as a formal privacy guarantee, (3) design of edge‑centric anonymization algorithms that respect the anonymized‑triangle preservation principle, (4) integration of k‑degree anonymity without vertex deletion, and (5) empirical validation showing strong privacy protection with high utility on large social graphs. This work expands the toolkit for privacy‑preserving graph publishing by addressing a previously overlooked structural vulnerability.