Lin Yao,Chi Lin,Xiangwei Kong,Feng Xia,Guowei Wu

DOI: https://doi.org/10.1109/GreenCom-CPSCom.2010.109

2010-01-01

Abstract:In pervasive computing environments, Location-Based Services (LBSs) are becoming increasingly important due to continuous advances in mobile networks and positioning technologies. Nevertheless, the wide deployment of LBSs can jeopardize the location privacy of mobile users. Consequently, providing safeguards for location privacy of mobile users against being attacked is an important research issue. In this paper a new scheme for safeguarding location privacy is proposed. Our approach supports location K-anonymity for a wide range of mobile users with their own desired anonymity levels by clustering. The whole area of all users is divided into clusters recursively in order to get the Minimum Bounding Rectangle (MBR). The exact location information of a user is replaced by his MBR. Privacy analysis shows that our approach can achieve high resilience to location privacy threats and provide more privacy than users expect. Complexity analysis shows clusters can be adjusted in real time as mobile users join or leave. Moreover, the clustering algorithms possess strong robustness.

Rongxing Lu,Xiaodong Lin,Zhiguo Shi,Jun Shao

DOI: https://doi.org/10.1109/infocom.2014.6848003

2014-01-01

Abstract:In this paper, we propose a privacy-preserving framework, called PLAM, for local-area mobile social networks. The proposed PLAM framework employs a privacy-preserving request aggregation protocol with k-Anonymity and l-Diversity properties while without involving a trusted anonymizer server to keep user preference privacy when querying location-based service (LBS), and integrates unlinkable pseudo-ID technique to achieve user identity privacy, location privacy. Moreover, the proposed PLAM framework also introduces the privacy-preserving and verifiable polynomial computation to keep LBS provider's functions private while preventing the provider from cheating in computation. Detailed security analysis shows that the proposed PLAM framework can not only achieve desirable privacy requirements but also resist outside attacks on source authentication, data integrity and availability. In addition, extensive simulations are also conducted, and simulation results guide us on how to set proper thresholds for k-anonymity, l-diversity to make a tradeoff between the desirable user preference privacy level and the request delay in different scenarios.

Yanzhe Che,Qinming He,Xiaoyan Hong,Kevin Chiew

DOI: https://doi.org/10.1002/dac.2650

2013-01-01

International Journal of Communication Systems

Abstract:While enjoying various LBS location-based services, users also face the threats of location privacy disclosure. This is because even if the communications between users and LBS providers can be encrypted and anonymized, the sensitive information inside LBS queries may disclose the exact location or even the identity of a user. The existing research on location privacy preservation in mobile peer-to-peer P2P networks assumed that users trust each other and directly share location information with each other. Nonetheless, this assumption is not practical for most of the mobile P2P scenarios, for example, an adversary can pretend to be a normal user and collect the locations of other users. Aiming at this issue, this paper presents x-region as a solution to preserve the location privacy in a mobile P2P environment where no trust relationships are assumed amongst mobile users. The main idea is to allow users to share a blurred region known as x-region instead of their exact locations so that one cannot distinguish any user from others inside the region. We propose a theoretical metric for measuring the anonymity property of x-region, together with three algorithms for generating an x-region, namely, benchmark algorithm, weighted expanding algorithm, and aggressive weighted expanding algorithm. These algorithms achieve the anonymity and QoS requirements with different strategies. Our experiments verify the performance of the algorithms against three key metrics. Copyright © 2013 John Wiley & Sons, Ltd.

Jun Liu,Wei Guo,Bai Long Xiao,Fei Huang

DOI: https://doi.org/10.1109/icma.2005.1626658

2005-01-01

Abstract:We propose a novel location service called the dynamic distributed hierarchy location service (DDHLS) for ad hoc networks using geographical location information. Two new strategies are introduced in DDHLS. One is the distributed hierarchy strategy which divides the network area into different hierarchy from the view of the individual node itself, the other is the sub-zone moving strategy which makes the hierarchy view change with the node's movement. To efficiently decrease the location updates, we deploy larger concomitant sub-zones to control the transmission of location updates. Through dynamic distributed hierarchy, DDHLS greatly decreases the probability of the node's boundary crossing movement and restricts the location update messages into a smaller region. Simulations show that, compared with the existing approaches, DDHLS greatly decreases the overhead of location service.

Sheng Zhong,Yanbin Grace Liu,Yang Richard Yang

2004-01-01

Abstract:Mobility is key to personal freedom. With the increasing availability of mobile devices, many providers begin to offer location-based services. Although these services greatly enrich our mobility experiences, with them also comes the privacy concerns, as a location-based service provider now can continuously track the location of a user. This tracking may allow unauthorized access and cause serious consequences. Although a few solutions have been proposed to address the privacy concerns in various aspects, there has not been any comprehensive study of the problem; furthermore, most of the existing solutions require that a user trust a third party such as a location server. In this paper, we investigate privacy-preserving location- based services for the three components involved in pro- viding location-based services: the location-based service component, the localization component, and the commu- nications component. The focus of our study is on the location-based service component, but we also take the other two components into consideration. We identify two major types of location-based services and present novel designs to implement them without using a trusted server. Specifically, we first identify the general location- notification service, whose goal is to transfer location information of users to authorized entities. We design a security protocol to implement the service without trusting the location server. Thus our design uses the efficiency of a location server but does not suffer from associated privacy issues. Next, we investigate the design of an even more challenging location-based service: a location service whose goal is not transfering user location information but computing an outcome that is a function of user locations. We use dating service as an example and illustrate that an efficient protocol can be built such that no extra information about user locations is revealed during the service. For the localization component, we present an impossibility result and propose a privacy preserving localization technique based on directed signals. For the communications component, we propose an anonymous communication protocol. Our extensive evaluations show that our protocols have low overheads and are suitable for

Chang Xu,Xuan Xie,Liehuang Zhu,Kashif Sharif,Chuan Zhang,Xiaojiang Du,Mohsen Guizani

DOI: https://doi.org/10.1007/s11432-019-1508-6

2020-01-01

Science China Information Sciences

Abstract:The recent proliferation of mobile devices has given rise to mobile online social networks(m OSNs), an emerging network paradigm that uses social networks as its main design element. As one of the most critical components in m OSNs, location sharing plays an important role in helping users share information and strengthen their social bonds, which however may compromise users’ privacy, including location information and social relationship details. To address these challenges, some solutions have been proposed. However, none of them considers the privacy of inter-user threshold distance, which effectively can be used to identify users, their friends, and location information, by malicious or undesired elements of the system. To overcome this limitation, we propose a secure distance comparison protocol. Furthermore,we present a privacy-preserving location-sharing scheme(PPLS), which allows users to build more complex access control policies. The safety of our scheme is validated by the security analysis and the experimental results demonstrate the efficiency of PPLS scheme.

Ebtisam Amar,Selma Boumerdassi,Éric Renault

DOI: https://doi.org/10.48550/arXiv.1003.3092

2010-03-16

Networking and Internet Architecture

Abstract:Position-based routing protocols take advantage of location information to perform a stateless and efficient routing. To enable position-based routing, a node must be able to discover the location of the messages' destination node. This task is typically accomplished by a location service. Recently, several location service protocols have been developed for ad hoc networks. In this paper we propose a novel location service called PHLS: Predictive Hierarchical Location Service. In PHLS, the entire network is partitioned into a hierarchy of smaller and smaller regions. For each node, one node in each-level region of the hierarchy is chosen as its local location server. When the network initializes or when a node attaches the network, nodes contact their local location server with their current location information (ie. position and velocity). Then, they only need to update their location server when they move away from their current region. Finally, nodes query their location servers and get the exact or predicted location of destination nodes.

Gang Sun,Yuxia Xie,Dan Liao,Hongfang Yu,Victor I. Chang

DOI: https://doi.org/10.1016/j.jnca.2016.11.024

2017-01-01

Abstract:With the fusion of social networks and location-based services, location sharing is one of the most important services in mobile online social networks (mOSNs). In location-sharing services, users have to provide their location information to service provider. However, location information is sensitive to users, which may cause a privacy-preserving issue needs to be solved. In the existing research, location-sharing services, such as friends query, does not consider the attacks from friends. In fact, a user may not trust all of his/her friends, so just a part of his/her friends will be allowed to obtain the user's location information. In addition, users location privacy and social network privacy should be guaranteed. In order to solve the above problems, we propose a new architecture and a new scheme called User-Defined Privacy Location-Sharing (UDPLS) system for mOSNs. In our scheme, the query time is almost irrelevant to the number of friends. We also evaluate the performance and validate the correctness of our proposed algorithm through extensive simulations.

Hua Bei,Liao Hongbo,Xiong Yan,Guo Yan

IF: 1.019

2006-01-01

Chinese Journal of Electronics

Abstract:This paper researches into the position security problem in location service in mobile ad hoc networks, and on the basis of which sets forward and implements a node-hiding protocol. Firstly it analyzes the origination of the problem in mobile ad hoc networks, and suggests that both node position and node significance should be covered up. Then it discusses in detail the design idea of the node-hiding protocol, which guarantees the position security by using a randomized and dynamically changed keyword to decouple the relationship between permanent identifier and geographical location of node, and further assures the security by distributing keyword only among trusted nodes. After that, it gives a brief description of the protocol, including message definition, procedure for joining and leaving a trust group, and keyword synchronization within a trust group. Finally, it presents the simulation scheme and analyzes the simulation results, which show that our protocol works well in dynamic circumstances. We believe that this node-hiding protocol could greatly improve the position security of mobile nodes, while at the same time retains their functions of providing common routing and locations services in network; so this protocol could become a very important complement to nowadays location services.

Wei Wang,Chinya V. Ravishankar

DOI: https://doi.org/10.1007/s11036-008-0144-3

2009-01-01

Abstract:A location service is an essential prerequisite for geographic routing protocols for MANETs. We present VHLS, a new distributed location service protocol, that features a dynamic location server selection mechanism and adapts to network traffic workload, minimizing the overall location service overhead. We demonstrate that the ratio of location queries to updates is an important performance parameter in such protocols. Our analysis and simulations show that VHLS provides better query success rates, location service quality, and geographic routing performance than the GLS and GHLS protocols. VHLS also scales well as the network size and traffic workload increases.

Hao Zhou,Yingjie Wu,Sisi Zhong,Zhao Luo,Xiaodong Wang

DOI: https://doi.org/10.1109/icicee.2012.418

2012-01-01

Abstract:The query privacy issue in location-based services (LBS) has recently received considerable attention. To protect the query privacy of users, current state-of-the-art techniques adopt cloaking which cloaks the sender's location to k-anonymized spatial region (ASR), such that an attack based on the sender's location cannot identify the query source with probability larger than 1/k, among other k-1 users. However, these techniques do not consider that these k-1 additional mobile users with different privacy requirements may send request at the same time. In this paper, we propose a new attack model that an adversary who observes all the ASRs at one time can identify the query source with probability larger than 1/k based on prior knowledge of the locations of all users. And we propose our two algorithms, namely, Basic and Adaptive Algorithms, which strengthen the privacy guarantee to defend such inference attack while still support personalized user privacy requirements. We verify the effectiveness of the proposed algorithms by experiments on location data which synthetically generated on real road maps.

Hui Zhu,Rongxing Lu,Cheng Huang,Le Chen,Hui Li

DOI: https://doi.org/10.1109/TVT.2015.2499791

IF: 6.8

2016-01-01

IEEE Transactions on Vehicular Technology

Abstract:With the pervasiveness of location-aware mobile electronic devices and the advances of wireless communications, location-based services (LBS), which can help people enjoy a convenient life, has attracted considerable interest recently. However, the privacy issues of LBS are still challenging today. Aiming at the challenges, in this paper, we present a new efficient and privacy-preserving LBS query...

Shengchao Liu,Jessie Hui Wang,Jilong Wang,Qianli Zhang

DOI: https://doi.org/10.1109/access.2020.2978488

IF: 3.9

2020-01-01

IEEE Access

Abstract:As location-based services become widely used in daily life, there is growing concern in preserving location privacy of users to avoid that attackers infer information about users by collecting and analyzing requests initiated by users. We argue that a good location privacy preservation scheme should have these properties. First, a user should never expose its precise location to any other entity. Second, a user should be able to specify its own requirement on the strength of privacy preservation, since a stricter preservation requirement may increase its overhead. Third, the scheme should be able to preserve as many as possible aspects of users' privacy under various attacks. With these desired properties in mind, we carefully design an encoding scheme of users' identifiers and a fully distributed architecture for our purpose and propose a privacy preservation scheme based on them. With the help of the encoding scheme and the distributed architecture, we develop a distributed negotiation algorithm to help users conduct negotiations among themselves to find their cloaked regions that satisfy their self-defined requirements without exposing their precise locations. The negotiations are completed without coordination from any central servers, and a random proxy is selected for each individual request, therefore the potential risks caused by any central server (location-based service servers or trusted-third-party servers) are mitigated as much as possible. Experiments show that our scheme can satisfy different strengths of privacy preservation required by each user even under the most severe scenarios.

Meng Han,Lei Li,Ying Xie,Jinbao Wang,Zhuojun Duan,Ji Li,Mingyuan Yan

DOI: https://doi.org/10.1109/access.2018.2805464

IF: 3.9

2018-01-01

IEEE Access

Abstract:While enjoying the convenience of location-based services (LBSs) in everyday life, wireless device users could also put their location privacy at risk. An untrusted LBS provider can store mobile users' data on its server, track users in various ways or share users location data to the third parties. To protect LBS users' privacy, many position confusion algorithms were proposed, but those algorithms often have difficulty balancing the utility-privacy tradeoffs. In this paper, we propose a new cognitive approach that enables nearcomplete privacy protection for LBS users by leveraging existing social network resources. We introduce a heterogeneous multi-server architecture that cuts off the direct connection between the LBS queries and the query issuers, and an auction-based incentive mechanism guaranteed user participation, which is critical for the success of the proposed architecture. A simulation system and a smartphone application were developed, and our evaluation results show that the proposed method can not only achieve the near-total privacy protection for LBS users, but also significantly improve the quality of the services.

Jin Wang,Hao Wu,Yudian Liu

DOI: https://doi.org/10.1155/2015/743160

IF: 1.938

2015-01-01

International Journal of Distributed Sensor Networks

Abstract:With the development of mobile communication networks and intelligent terminals, recent years have witnessed a rapid popularization of location-based service (LBS). While obtaining convenient services, the exploitation of mass location data is inevitably leading to a serious concern about location privacy security. Obviously, high quality of service (QoS) will result in poor location privacy protection, so that a trade-off is needed to fulfill users’ individual demands for both sides. Although existing methods perform well in certain scenarios, few have considered the abovementioned balance problem. Therefore, by combining k -anonymity-based cloaking technique and obfuscation method, a new distributed user-demand-driven (DUDD) location privacy protection scheme is put forward in this paper. The basic idea is still to select a subcloaking area within the cloaking area generated by Location Anonymization Server. Moreover, by using the improved LBS system model, this paper constructs a distributed framework, in which location privacy protection is wholly occupied in server side and LBS provider is only dedicated to QoS-guarantee. In addition, normalized privacy demand and QoS metrics are given and a user-defined weight parameter is introduced to ensure location privacy security without decreasing QoS. The feasibility of the proposed method is proved through simulation.

computer science, information systems,telecommunications

Shuyang Tang,Shengli Liu,Xinyi Huang,Zhiqiang Liu

DOI: https://doi.org/10.1504/ijcse.2019.103946

2019-01-01

International Journal of Computational Science and Engineering

Abstract:We propose an efficient privacy-preserving, content-protecting location-based service (LBS) scheme. Our proposal gives refined data classification and uses generalised ElGamal to support flexible access to different data classes. We also make use of pseudo-random function (PRF) to protect users' position query. Since PRF is light-weight primitive, our proposal enables the cloud server to locate position efficiently while preserving the privacy of the queried position.

Cheng Huang,Dongxiao Liu,Anjia Yang,Rongxing Lu,Xuemin Shen

DOI: https://doi.org/10.1109/tmc.2024.3366340

IF: 6.075

2024-01-01

IEEE Transactions on Mobile Computing

Abstract:In this paper, we propose a privacy-preserving range-based positioning scheme, named PPRP, which can preserve the location privacy of both user equipment (UE) and anchors (ACs) in mobile networks. Specifically, PPRP is established on a decentralized trust-based framework that divides trust between two location management function (LMF) servers. With such a framework, UE and ACs are allowed to securely upload their range/range-difference measurement data to LMF servers using lightweight additive secret sharing techniques (ASS) instead of cumbersome cryptographic operations. Then, PPRP takes secret-shared measurement data as inputs and decomposes UE's location estimation procedures into secure two-party matrix computation sub-protocols, which are elaborately crafted using somewhat homomorphic encryption and randomization techniques to ensure both efficiency and privacy preservation in positioning. Furthermore, to mitigate the negative effects arising from non-line-of-sight (NLoS) ACs, PPRP achieves privacy-preserving residual-based NLoS analysis. To this end, we additionally propose a series of secure two-party sub-protocols to support various non-linear functions, including comparison, division, square root computation, oblivious shuffle and sorting. These sub-protocols serve as fundamental modules that can be effectively combined to perform sophisticated operations of NLoS analysis in a privacy-preserving manner. A comprehensive simulation-based security analysis demonstrates that PPRP can achieve location privacy preservation. Finally, we develop a proof-of-concept prototype and conduct extensive experiments to show PPRP's high performance in terms of positioning accuracy, computational efficiency, and communication complexity.

Ming Chen,Wenzhong Li,Xu Chen,Zhuo Li,Sanglu Lu,Daoxu Chen

DOI: https://doi.org/10.1155/2016/7164126

2016-01-01

Abstract:Recent years have witnessed the rapid growth of location-based services (LBSs) for mobile social network applications. To enable location-based services, mobile users are required to report their location information to the LBS servers and receive answers of location-based queries. Location privacy leak happens when such servers are compromised, which has been a primary concern for information security. To address this issue, we propose the Location Privacy Preservation Scheme (LPPS) based on distributed cache pushing. Unlike existing solutions, LPPS deploys distributed cache proxies to cover users mostly visited locations and proactively push cache content to mobile users, which can reduce the risk of leaking users’ location information. The proposed LPPS includes three major process. First, we propose an algorithm to find the optimal deployment of proxies to cover popular locations. Second, we present cache strategies for location-based queries based on the Markov chain model and propose update and replacement strategies for cache content maintenance. Third, we introduce a privacy protection scheme which is proved to achievek-anonymity guarantee for location-based services. Extensive experiments illustrate that the proposed LPPS achieves decent service coverage ratio and cache hit ratio with lower communication overhead compared to existing solutions.

Hongyu Jin,Panos Papadimitratos

DOI: https://doi.org/10.1145/3319401

2020-01-22

Abstract:Location-Based Services (LBSs) provide valuable services, with convenient features for mobile users. However, the location and other information disclosed through each query to the LBS erodes user privacy. This is a concern especially because LBS providers can be honest-but-curious, collecting queries and tracking users' whereabouts and infer sensitive user data. This motivated both centralized and decentralized location privacy protection schemes for LBSs: anonymizing and obfuscating LBS queries to not disclose exact information, while still getting useful responses. Decentralized schemes overcome disadvantages of centralized schemes, eliminating anonymizers, and enhancing users' control over sensitive information. However, an insecure decentralized system could create serious risks beyond private information leakage. More so, attacking an improperly designed decentralized LBS privacy protection scheme could be an effective and low-cost step to breach user privacy. We address exactly this problem, by proposing security enhancements for mobile data sharing systems. We protect user privacy while preserving accountability of user activities, leveraging pseudonymous authentication with mainstream cryptography. We show our scheme can be deployed with off-the-shelf devices based on an experimental evaluation of an implementation in a static automotive testbed.

Cryptography and Security

Junliang Liu,Zheng Yang,Yunhao Liu

DOI: https://doi.org/10.1109/icpads.2012.36

2012-01-01

Abstract:Location-based Service (LBS) becomes increasingly important for wireless and mobile networks. In current LBS schemes, Service Providers (SPs) require users report their accurate locations, which can be illegally used by adversaries to infer sensitive information of users. Privacy disclosure raises serious concerns and limits the application of LBS. Previous solutions either rely on pre-installed centralized intermediary or assume cooperative users. Other distributed solutions, lacking of user obligation, only provide relatively poor anonymity. In this study, we propose a new solution of pseudonym change, which works for non-cooperative users and in the absence of intermediary. The basic idea behind our solution is ad-hoc anonymity. The proposed solution allows users to decide whether or not participating according to their own wills. In addition, artificially generated dummies mix up all the users who have participated in pseudonym changes at different times. Theoretical analysis demonstrates that asynchronous pseudonym change and dummy participation notably enhance privacy protection. We implement our solution on a real-world dataset of mobile phone users, which is collected at Boston, MA, and by the Reality Mining, MIT. The simulation results show that our approach significantly outperforms existing solutions.