Lin Yao,Chi Lin,Xiangwei Kong,Feng Xia,Guowei Wu

DOI: https://doi.org/10.1109/GreenCom-CPSCom.2010.109

2010-01-01

Abstract:In pervasive computing environments, Location-Based Services (LBSs) are becoming increasingly important due to continuous advances in mobile networks and positioning technologies. Nevertheless, the wide deployment of LBSs can jeopardize the location privacy of mobile users. Consequently, providing safeguards for location privacy of mobile users against being attacked is an important research issue. In this paper a new scheme for safeguarding location privacy is proposed. Our approach supports location K-anonymity for a wide range of mobile users with their own desired anonymity levels by clustering. The whole area of all users is divided into clusters recursively in order to get the Minimum Bounding Rectangle (MBR). The exact location information of a user is replaced by his MBR. Privacy analysis shows that our approach can achieve high resilience to location privacy threats and provide more privacy than users expect. Complexity analysis shows clusters can be adjusted in real time as mobile users join or leave. Moreover, the clustering algorithms possess strong robustness.

LIN Xin,LI Shan-ping,YANG Zhao-hui

DOI: https://doi.org/10.3785/j.issn.1008-973x.2009.12.002

2009-01-01

Abstract:K-anonymization cannot effectively protect anonymity of continuous queries in location-based service (LBS). A continuous query issuing model aimed at the problem was proposed. The model incorpo-rated a query issuing interval model and a consecutive queries relationship model. An attacking algorithm aimed at the k-anonymization algorithm was presented based on the model. The algorithm associated a series of snapshots related to continuous queries in order to calculate the probability of each user in the an-onymity-set. Then the true query sender was identified by choosing the user with the highest probability. K-anonymized queries were re-identified with different continuity arguments and cardinalities of anonymity-set. Experiments demonstrate that the algorithm has high success rate (85%)in identifying query senders when the continuous queries have strong relationship, which is 1.5 times higher than the success rate without the attacking algorithm and severely undermines the anonymity of the queries.

Yanzhe Che,Kevin Chiew,Xiaoyan Hong,Qinming He

DOI: https://doi.org/10.1145/2442810.2442820

2012-01-01

Abstract:ABSTRACTThere is a potential privacy breach when users access various location-based social applications on a mobile social network (MSN), e.g., sharing locations with friends. To preserve location privacy, one of the most common methods is to use a coarse or fake location instead of a user's exact location. However, most of these previous approaches only provide geometric strategies without considering the semantic context of the geographical locations. For example, if a cloaked region contains a part of a lake, where no boats are allowed, an adversary can easily prune the cloaked region to a smaller range covering a user's actual location. In this paper, we propose SALS, a semantics-aware location sharing framework based on cloaking zone for an MSN environment. By considering a user's social relations and activities which are available in an MSN environment, SALS does not assume any trustworthy entities, including strangers, friends or any third parties. As a solution, SALS enables users to cooperate with each other, in a Peer-to-Peer (P2P) way, to generate the cloaking zones, which will be used instead of the actual locations. Different from the previous cloaking techniques, SALS considers the semantic location which can influence the distribution probability of a user's locations. We also propose metrics for measuring the quality of the cloaking zone. The evaluation shows that our method can well defend the semantic-location attack.

Yanzhe Che,Qinming He,Xiaoyan Hong,Kevin Chiew

DOI: https://doi.org/10.1002/dac.2650

2013-01-01

International Journal of Communication Systems

Abstract:While enjoying various LBS location-based services, users also face the threats of location privacy disclosure. This is because even if the communications between users and LBS providers can be encrypted and anonymized, the sensitive information inside LBS queries may disclose the exact location or even the identity of a user. The existing research on location privacy preservation in mobile peer-to-peer P2P networks assumed that users trust each other and directly share location information with each other. Nonetheless, this assumption is not practical for most of the mobile P2P scenarios, for example, an adversary can pretend to be a normal user and collect the locations of other users. Aiming at this issue, this paper presents x-region as a solution to preserve the location privacy in a mobile P2P environment where no trust relationships are assumed amongst mobile users. The main idea is to allow users to share a blurred region known as x-region instead of their exact locations so that one cannot distinguish any user from others inside the region. We propose a theoretical metric for measuring the anonymity property of x-region, together with three algorithms for generating an x-region, namely, benchmark algorithm, weighted expanding algorithm, and aggressive weighted expanding algorithm. These algorithms achieve the anonymity and QoS requirements with different strategies. Our experiments verify the performance of the algorithms against three key metrics. Copyright © 2013 John Wiley & Sons, Ltd.

Yilei Wang,Hao Zhou,Yingjie Wu,Lan Sun

DOI: https://doi.org/10.1109/iccse.2012.6295197

2012-01-01

Abstract:Recently, several techniques have been proposed to protect the user location privacy for location-based services in road network environments. A typical approach for user location privacy protection is to blur a user location into a cloaked set of road segments S such that S satisfies the user specified privacy requirements. However, these location cloaking algorithms work with snapshot locations only and do not consider the effect of continuous location updates. Applying these algorithms directly to continuous queries would lead to privacy leakage if attackers have knowledge about maximum user velocity, namely velocity-based Attack. In this paper, we present the privacy safety condition to defend against velocity-based attack, and propose an anonymity algorithm based on greedy strategy to preserve user privacy. The experiment results based on dataset of real network show the algorithm is effective and feasible.

林欣,李善平,杨朝晖

DOI: https://doi.org/10.3724/SP.J.1001.2009.03428

2009-01-01

Journal of Software

Abstract:k-Anonymity is an important solution to protecting privacy of queries in LBS (location-based service). However, it is pointed out in literatures that k-anonymity cannot protect privacy of continuous queries effectively. A continuous query issuing model is proposed, which incorporates a query issuing interval model and a consecutive queries relationship model. Under this continuous query issuing model, two attacking algorithms are proposed for Clique Cloaking and Non-clique Cloaking respectively. Then this paper argues that the cardinality of anonymity-set is not a good anonymity measurement under such attack and an entropy-based anonymity measurement AD (anonymity degree) is proposed. Experimental results demonstrate that the attacking algorithms have high success rate in identifying query senders when the consecutive queries have strong relationship, and that AD is a better anonymity measurement than the cardinality of anonymity-set.

Guofei Chai,Miao Xu,Wenyuan Xu,Zhiyun Lin

DOI: https://doi.org/10.1155/2012/648058

IF: 1.938

2012-01-01

International Journal of Distributed Sensor Networks

Abstract:Due to the shared nature of wireless communication media, a powerful adversary can eavesdrop on the entire radio communication in the network and obtain the contextual communication statistics, for example, traffic volumes, transmitter locations, and so forth. Such information can reveal the location of the sink around which the data traffic exhibits distinctive patterns. To protect the sink-location privacy from a powerful adversary with a global view, we propose to achieve k-anonymity in the network so that at least k entities in the network are indistinguishable to the nodes around the sink with regard to communication statistics. Arranging the location of k entities is complex as it affects two conflicting goals: the routing energy cost and the achievable privacy level, and both goals are determined by a nonanalytic function. We model such a positioning problem as a nonlinearly constrained nonlinear optimization problem. To tackle it, we design a generic-algorithm-based quasi-optimal (GAQO) method that obtains quasi-optimal solutions at quadratic time. The obtained solutions closely approximate the optima with increasing privacy requirements. Furthermore, to solve k-anonymity sink-location problems more efficiently, we develop an artificial potential-based quasi-optimal (APQO) method that is of linear time complexity. Our extensive simulation results show that both algorithms can effectively find solutions hiding the sink among a large number of network nodes.

Zhengang Wu,Liangwen Yu,Jiawei Zhu,Huiping Sun,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.1109/UIC-ATC-ScalCom.2014.19

2014-01-01

Abstract:In mobile Internet, Location-Based Services (LBSs) as a popular kind of context-aware recommendation systems can recommend Point of Interest (POI) data according to current locations of users. However, the inherent feature leads to leak sensitive location information of users into untrusted LBS providers. This paper aims at the location privacy problem on query prediction which forecasts next locations and violates user privacy seriously. To tackle this, we propose a novel location privacy protection solution. The contribution is three-fold. First, we model query prediction on cloaking regions using the Bayesian inference. Next, the proposed location anonymization method can generalize locations into safer cloaking regions against such query prediction attacks. Finally, a series of experiments evaluate the performance of this solution and demonstrate its availability.

YANG Zhao-hui,LI Shan-ping,LIN Xin

DOI: https://doi.org/10.3785/j.issn.1008-973x.2011.07.003

2011-01-01

Abstract:A limitation in current design of K-anonymity services for location based services(LBS) is that they only provide a given minimum level of anonymity as QoS guarantee and can't improve the anonymity level for users when service resources are capable.The anonymous query result size was proposed as a new QoS target in order to measure and constrain resource consumption on the K-anonymity service and LBS per user query.Then appropriate anonymity level can be selected under such constraint.Theoretical analysis was performed to find mathematical relation between anonymous query result size and anonymity level,leading to the construction of anonymity level adaptation algorithm.The simulation results accorded well with the theoretical relation.The anonymity level adaptation algorithm can control anonymous query result size to stay around the specified QoS target.

Zhengang Wu,Liangwen Yu,Huiping Sun,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.1007/978-3-319-11538-2_23

2014-01-01

Abstract:Location-Based Service (LBS) providers can send geo-tagged data to mobile users who report their current location information. Location-related user privacy is a vital concern since untrusted LBS can monitor and misuse user location information. This paper aims at how to efficiently protect location privacy in query processing. In proxy-based location anonymizers, location cloaking algorithms need heavy bandwidth for query processing after blurring exact locations into a region. To alleviate it, the proposed query framework can integrate location cloaking and data caching. Next, we devise a novel location anonymization algorithm which takes advantage of the caching feature. Finally, we evaluate this solution experimentally for showing its improvement.

Zhenqiang Gong,Guang-Zhong Sun,Xing Xie

DOI: https://doi.org/10.1109/MDM.2010.33

2010-01-01

Abstract:The emerging location-detection devices together with ubiquitous connectivity have enabled a large variety of location-based services (LBS). Unfortunately, LBS may threaten the users’ privacy. K-anonymity cloaking the user location to K-anonymizing spatial region (K-ASR) has been extensively studied to protect privacy in LBS. Traditional K-anonymity method needs complex query processing algorithms at the server side. SpaceTwist [8] rectifies the above shortcoming of traditional K-anonymity since it only requires incremental nearest neighbor (INN) queries processing techniques at the server side. However, Space Twist may fail since it cannot guarantee K-anonymity. In this paper, our proposed framework, called KAWCR (K-anonymity Without Cloaked Region), rectifies the shortcomings and retains the advantages of the above two techniques. KAWCR only needs the server to process INN queries and can guarantee that the users issuing the query is indistinguishable from at least K-1 other users. The extensive experimental results show that the communication cost of KAWCR for kNN queries is lower than that of both traditional K-anonymity and SpaceTwist.

Zhengang Wu,Liangwen Yu,Jiawei Zhu,Huiping Sun,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-39527-7_31

2013-01-01

Abstract:With rapidly popular location-aware applications, location privacy becomes an emerging issue. This paper studies how to protect the two-fold privacy for both client-side and server-side in location-based queries. This technique is a significant component in privacy-friendly Location Based Services (LBS). Participants protect their own privacy. The LBS server protects against excessive disclose of location records in its Points of Interest (POIs) database while the mobile user protects his exact location by the cloaking technique. The proposed hybrid approach can achieve the challenging goal. Our solution integrates the cloaking technique with a cryptographic protocol, Private Set Intersection (PSI). In addition, this solution is secure in malicious model and also practical. © 2013 Springer-Verlag.

D Hemkumar

DOI: https://doi.org/10.1007/s12083-023-01609-3

IF: 3.488

2024-01-25

Peer-to-Peer Networking and Applications

Abstract:Location-based service (LBS) servers are refined periodically due to the new type of privacy issues involved while providing various social benefits to the users. In literature, many privacy mechanisms are proposed for LBS servers, but these mechanisms fail to resist many possible inference attacks, such as multi-time publication attacks and multi-time continuous publication attacks from untrusted LBS servers. Hence, the LBS providers cannot provide strict privacy guarantees to participating users. To this end, the LBS servers require a privacy mechanism under differentially private, which resists the above two inference attacks and one common inference attack i.e., one-time inference attacks. The proposed privacy mechanism involves two phases; the first phase is finding a set of obscure locations using a sampling technique, and the second is finding a suitable obscure location using a clustering technique. Finally, conduct a series of experiments in order to validate the effectiveness of the proposed privacy mechanism with other state-of-the-art methods. The experimental results evince that the proposed privacy mechanism resists three possible inference attacks and provides a strict privacy guarantee as in the traditional differential private mechanism.

computer science, information systems,telecommunications

Sisi Zhong,Yingjie Wu,Zhao Luo,Hao Zhou,Xiaodong Wang

DOI: https://doi.org/10.1109/MINES.2011.117

2011-01-01

Abstract:When mobile users search points of interest from location based service, they always should provide their accurate locations, which may leak users' location privacy. To protect users' location privacy, some two-tie approaches have been imposed. However, existing approaches are either hard to implement or may lead to high communication cost. In this paper, we present a novel approach, called Guess-Answer. Through the interaction between the user and the server, a cloaked region, which satisfies the user's personal privacy requirement, can be generated. The experimental results show that our approaches are scalable and robust.

Hao Zhou,Xiaodong Wang,Sisi Zhong,Yingjie Wu,Zhao Luo

DOI: https://doi.org/10.1109/icicee.2012.419

2012-01-01

Abstract:Recently, several techniques have been proposed to preserve the user location privacy in road networks. To protect the location privacy of users, many of the existing techniques adopt cloaking which blurs the actual location into a set of segments. But these techniques do not take the weight of the segments into account in the situation of road networks. In this paper, we propose a new attack model that an adversary can infer the true location of the requester according to the weight distribution with a certain probability. And we also design an approach to solve this problem, which can guarantee better distribution of the weights in the cloaked set. The experiment result shows the effectiveness and feasibility of our algorithm.

Li Kuang,Yin Wang,Xiaosen Zheng,Lan Huang,Yu Sheng

DOI: https://doi.org/10.1186/s13638-019-1618-7

2020-01-14

EURASIP Journal on Wireless Communications and Networking

Abstract:Abstract With the rapid development of location-based services in the field of mobile network applications, users enjoy the convenience of location-based services on one side, and they are exposed to the risk of privacy disclosure on the other side. Attackers may attack based on the semantic of the user’s location and user’s query location. A few of existing works on location privacy protection consider to protect the user’s location and his query location simultaneously, while the query location may reflect his requirement. In this paper, based on the existing location privacy protection framework, we first generate sensitive weight documents based on the user’s sensitivity to different location semantics automatically, then obtain the best collaborative segment for k -anonymity of the user’s location by using the reinforcement learning algorithm, and finally, the bidirectional k -disturbance of the user’s location and query location is performed based on the location semantics in real road network environment. The experiment verifies the effectiveness of the proposed method.

telecommunications,engineering, electrical & electronic

Yu Wang,Dingbang Xu,Xiao He,Chao Zhang,Fan Li,Bin Xu

DOI: https://doi.org/10.1109/INFCOM.2012.6195577

2012-01-01

Abstract:Location privacy has been a serious concern for mobile users who use location-based services provided by the third-party provider via mobile networks. Recently, there have been tremendous efforts on developing new anonymity or obfuscation techniques to protect location privacy of mobile users. Though effective in certain scenarios, these existing techniques usually assume that a user has a constant privacy requirement along spatial and/or temporal dimensions, which may not be true in real-life scenarios. In this paper, we introduce a new location privacy problem: Location-aware Location Privacy Protection (L2P2) problem, where users can define dynamic and diverse privacy requirements for different locations. The goal of the L2P2 problem is to find the smallest cloaking area for each location request so that diverse privacy requirements over spatial and/or temporal dimensions are satisfied for each user. In this paper, we formalize two versions of the L2P2 problem, and propose several efficient heuristics to provide such location-aware location privacy protection for mobile users. Through multiple simulations on a large data set of trajectories for one thousand mobile users, we confirm the effectiveness and efficiency of the proposed L2P2 algorithms.

Claudio Bettini,Sergio Mascetti,X. Sean Wang,Dario Freni,Sushil Jajodia

DOI: https://doi.org/10.1007/978-3-642-03511-1_1

2009-01-01

Abstract:The problem of protecting user's privacy in Location-Based Services (LBS) has been extensively studied recently and several defense techniques have been proposed. In this contribution, we first present a categorization of privacy attacks and related defenses. Then, we consider the class of defense techniques that aim at providing privacy through anonymity and in particular algorithms achieving "historical k- anonymity" in the case of the adversary obtaining a trace of requests recognized as being issued by the same (anonymous) user. Finally, we investigate the issues involved in the experimental evaluation of anonymity based defense techniques; we show that user movement simulations based on mostly random movements can lead to overestimate the privacy protection in some cases and to overprotective techniques in other cases. The above results are obtained by comparison to a more realistic simulation with an agent-based simulator, considering a specific deployment scenario.

Huang Zhangwei,Xin Mingjun

DOI: https://doi.org/10.1109/NSWCTC.2010.243

2010-01-01

Abstract:In order to protect users' location privacy for Location-based Service (LBS), this paper proposes a spatial cloaking protocol satisfied k-anonymity, to generate a cloak area and guarantee users' privacy. Firstly, it analyzes the present solutions for privacy protection. Then, a distributed model is presented in this paper, which does not rely on the intermediate anonymizer. Furthermore, it elaborates the process of spatial cloaking for location privacy by introducing a communication chain, which updating the current minimum cloak area that covers k users. Finally, it discusses the robustness in two risk scenarios, and demonstrates the spatial cloaking protocol performs better than former method.

Tanzima Hashem,Lars Kulik,Rui Zhang

DOI: https://doi.org/10.1016/j.is.2012.07.001

IF: 3.18

2013-01-01

Information Systems

Abstract:An important class of LBSs is supported by the moving k nearest neighbor (MkNN) query, which continuously returns the k nearest data objects for a moving user. For example, a tourist may want to observe the five nearest restaurants continuously while exploring a city so that she can drop in to one of them anytime. Using this kind of services requires the user to disclose her location continuously and therefore may cause privacy leaks derived from the user's locations. A common approach to protecting a user's location privacy is the use of imprecise locations (e.g., regions) instead of exact positions when requesting LBSs. However, simply updating a user's imprecise location to a location-based service provider (LSP) cannot ensure a user's privacy for an MkNN query: continuous disclosure of regions enable LSPs to refine more precise location of the user. We formulate this type of attack to a user's location privacy that arises from overlapping consecutive regions, and provide the first solution to counter this attack. Specifically, we develop algorithms which can process an MkNN query while protecting the user's privacy from the above attack. Extensive experiments validate the effectiveness of our privacy protection technique and the efficiency of our algorithm.