Lin Yao,Chi Lin,Xiangwei Kong,Feng Xia,Guowei Wu

DOI: https://doi.org/10.1109/GreenCom-CPSCom.2010.109

2010-01-01

Abstract:In pervasive computing environments, Location-Based Services (LBSs) are becoming increasingly important due to continuous advances in mobile networks and positioning technologies. Nevertheless, the wide deployment of LBSs can jeopardize the location privacy of mobile users. Consequently, providing safeguards for location privacy of mobile users against being attacked is an important research issue. In this paper a new scheme for safeguarding location privacy is proposed. Our approach supports location K-anonymity for a wide range of mobile users with their own desired anonymity levels by clustering. The whole area of all users is divided into clusters recursively in order to get the Minimum Bounding Rectangle (MBR). The exact location information of a user is replaced by his MBR. Privacy analysis shows that our approach can achieve high resilience to location privacy threats and provide more privacy than users expect. Complexity analysis shows clusters can be adjusted in real time as mobile users join or leave. Moreover, the clustering algorithms possess strong robustness.

Guangming Cui,Qiang He,Feifei Chen,Hai Jin,Yang Xiang,Yun Yang

DOI: https://doi.org/10.1109/tsc.2021.3112659

IF: 11.019

2021-01-01

IEEE Transactions on Services Computing

Abstract:In the past several years, we have witnessed a variety of mechanisms for protecting mobile users’ location privacy, e.g., k-anonymity, cloaking, encryption, etc. Unfortunately, existing techniques suffer from a common limitation - mobile users’ locations must be sent to remote cloud servers. In this article, a novel architecture named LBS@E is proposed for building delocalized location-based services (LBSs) in the 5G mobile edge computing (MEC) environment that do not require users’ locations. Mobile users can retrieve local information from LBSs deployed on nearby edge servers based on LBS@E. In this way, LBS@E tackles the location privacy problem innovatively by resolving the root cause of the conventional location privacy problem. However, LBS@E raises new challenges to location privacy. A mobile user can still be localized to a particular privacy area co-covered by the edge servers accessed by the mobile user. A small privacy area puts the mobile user's location at the risk of being approximated. In the meantime, the size of the utility area, which determines the amount of local information retrievable for the mobile user, is positively correlated with the number of edge servers accessed by the mobile user. Thus, given a set of accessible edge servers, the mobile user needs to determine which ones to access so that the retrievable local information is maximized and the risk of being localized is minimized. In this article, we model this new location privacy protecting problem formally, analyze its problem hardness and propose an integer programming based approach for finding the optimal solution. Extensive experiments are conducted on a widely-used real-world dataset to evaluate the proposed approach.

computer science, information systems, software engineering

Yanzhe Che,Qinming He,Xiaoyan Hong,Kevin Chiew

DOI: https://doi.org/10.1002/dac.2650

2013-01-01

International Journal of Communication Systems

Abstract:While enjoying various LBS location-based services, users also face the threats of location privacy disclosure. This is because even if the communications between users and LBS providers can be encrypted and anonymized, the sensitive information inside LBS queries may disclose the exact location or even the identity of a user. The existing research on location privacy preservation in mobile peer-to-peer P2P networks assumed that users trust each other and directly share location information with each other. Nonetheless, this assumption is not practical for most of the mobile P2P scenarios, for example, an adversary can pretend to be a normal user and collect the locations of other users. Aiming at this issue, this paper presents x-region as a solution to preserve the location privacy in a mobile P2P environment where no trust relationships are assumed amongst mobile users. The main idea is to allow users to share a blurred region known as x-region instead of their exact locations so that one cannot distinguish any user from others inside the region. We propose a theoretical metric for measuring the anonymity property of x-region, together with three algorithms for generating an x-region, namely, benchmark algorithm, weighted expanding algorithm, and aggressive weighted expanding algorithm. These algorithms achieve the anonymity and QoS requirements with different strategies. Our experiments verify the performance of the algorithms against three key metrics. Copyright © 2013 John Wiley & Sons, Ltd.

Yichao Chen,Cheng Zeng,Xin Zhou,Liang Huang,Shibo He

DOI: https://doi.org/10.1109/iccc62479.2024.10681994

2024-01-01

Abstract:Mobile edge computing (MEC) is gaining popularity, as it can improve mobile application performance by offloading local computation to edge servers. However, due to the openness of wireless communication, the confidentiality of MEC data transmission, especially the uploading, is endangered by eavesdropping attacks, whose risks have not been thoroughly depicted, evaluated and managed in the literature. In this paper, we investigate the application of friendly jamming (FJ) from base station (BS) and a nearby user to improve physical layer security (PLS) for MEC services. Further, we propose an adjustable multilevel assessment framework for user to evaluate confidentiality risks, and model the impact of its subjective biases under uncertainty based on Prospect Theory (PT). Then, we formulate an operator’s net income maximization problem by jointly considering effective data rate, user satisfaction, antenna usage, upload/FJ power consumption and FJ incentive cost. To solve the highly complex problem, we propose a two-stage control scheme, which first optimizes the secrecy capacity and then maximizes the effective data rate that achieves user satisfaction. By simulation, we evaluate the secrecy performance of the scheme under various conditions, and compare it with the one based on expected utility theory (EUT).

Meng Han,Jinbao Wang,Mingyuan Yan,Chuyu Ai,Zhuojun Duan,Zhen Hong

DOI: https://doi.org/10.1016/j.procs.2018.03.079

2018-01-01

Procedia Computer Science

Abstract:While enjoying the amenities and convenience provided by the location-based service (LBS) in our daily life, wireless device users may surrender their location together with social activity privacy to the LBS provider. The untrusted LBS server has all the information about users in the LBS and it may track them in various ways or release their privacy data to third parties. To address the privacy protection issue, many location obfuscation algorithms behind a location-privacy preserving mechanisms (LPPMs) were proposed but only approached the trade-off between utility and privacy. Unlike the existing approaches, we propose the first methodology and application, to the best of our knowledge, that enables a near-complete location privacy protection for LBS users to achieve an cognitive optimal resolution by employing the social network associated with the LBS to separate the utility and privacy. Evaluation of both simulation and practical smartphone application shows that the proposed methodology could achieve a near-complete privacy protection in terms of entropy and significantly improve the quality of service utility.

Meng Han,Lei Li,Ying Xie,Jinbao Wang,Zhuojun Duan,Ji Li,Mingyuan Yan

DOI: https://doi.org/10.1109/access.2018.2805464

IF: 3.9

2018-01-01

IEEE Access

Abstract:While enjoying the convenience of location-based services (LBSs) in everyday life, wireless device users could also put their location privacy at risk. An untrusted LBS provider can store mobile users' data on its server, track users in various ways or share users location data to the third parties. To protect LBS users' privacy, many position confusion algorithms were proposed, but those algorithms often have difficulty balancing the utility-privacy tradeoffs. In this paper, we propose a new cognitive approach that enables nearcomplete privacy protection for LBS users by leveraging existing social network resources. We introduce a heterogeneous multi-server architecture that cuts off the direct connection between the LBS queries and the query issuers, and an auction-based incentive mechanism guaranteed user participation, which is critical for the success of the proposed architecture. A simulation system and a smartphone application were developed, and our evaluation results show that the proposed method can not only achieve the near-total privacy protection for LBS users, but also significantly improve the quality of the services.

Yichao Chen,Kai Zhao,Heng Zhang,Shibo He

DOI: https://doi.org/10.1109/jiot.2023.3272113

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Mobile edge computing (MEC) is becoming popular in many civilian applications. However, due to the broadcast nature of wireless connections, traditional MEC is open to eavesdropping attacks that endanger mobile users’ information confidentiality. Friendly jamming (FJ), as one of the physical layer security techniques, can efficiently protect users from such threats by degrading attackers’ wiretap channel capacities. In this paper, we propose an FJ-based physical layer security (PLS) mechanism to safeguard the confidentiality of data uploading in MEC services. We design a comprehensive security scheme that uses FJ from both base station (BS) and nearby mobile users to cover upload transmission. Accordingly, the eavesdropping risk zone (ERZ) is formulated as an area under high secrecy outage probability (SOP). To promote FJ from users, we further introduce Device-to-device (D2D) communication-based FJ, which is inspired by non-orthogonal multiple access (NOMA) techniques. Then, we formulate, simplify, and solve the problem by optimizing the MEC secrecy performance under the required risk, with efficiencies in data uploading, energy consumption, and incentive delivery. Furthermore, we tackle the challenge of efficient incentive design under information asymmetry by introducing Contract Theory and providing differentiated rewards. By simulations, we evaluate the mechanism in terms of secrecy performance and incentive efficiency under information asymmetry, and the results accordingly show the effectiveness of the proposed security mechanism.

computer science, information systems,telecommunications,engineering, electrical & electronic

Ting He,Ertugrul N. Ciftcioglu,Shiqiang Wang,Kevin S. Chan

DOI: https://doi.org/10.48550/arXiv.1709.03133

2017-09-11

Abstract:In this paper, we consider user location privacy in mobile edge clouds (MECs). MECs are small clouds deployed at the network edge to offer cloud services close to mobile users, and many solutions have been proposed to maximize service locality by migrating services to follow their users. Co-location of a user and his service, however, implies that a cyber eavesdropper observing service migrations between MECs can localize the user up to one MEC coverage area, which can be fairly small (e.g., a femtocell). We consider using chaff services to defend against such an eavesdropper, with focus on strategies to control the chaffs. Assuming the eavesdropper performs maximum likelihood (ML) detection, we consider both heuristic strategies that mimic the user's mobility and optimized strategies designed to minimize the detection or tracking accuracy. We show that a single chaff controlled by the optimal strategy or its online variation can drive the eavesdropper's tracking accuracy to zero when the user's mobility is sufficiently random. We further propose extended strategies that utilize randomization to defend against an advanced eavesdropper aware of the strategy. The efficacy of our solutions is verified through both synthetic and trace-driven simulations.

Distributed, Parallel, and Cluster Computing

Haijian Yu,Jing Liu,Chunjie Hu,Ziqi Zhu

DOI: https://doi.org/10.3390/s23010095

IF: 3.9

2022-12-23

Sensors

Abstract:In mobile edge computing (MEC), mobile devices can choose to offload their tasks to edge servers for execution, thereby effectively reducing the completion time of tasks and energy consumption of mobile devices. However, most of the data transfer brought by offloading relies on wireless communication technology, making the private information of mobile devices vulnerable to eavesdropping and monitoring. Privacy leakage, especially the location and association privacies, can pose a significant risk to users of mobile devices. Therefore, protecting the privacy of mobile devices during task offloading is important and cannot be ignored. This paper considers both location privacy and association privacy of mobile devices during task offloading in MEC and targets to reduce the leakage of location and association privacy while minimizing the average completion time of tasks. To achieve these goals, we design a privacy-preserving task offloading scheme to protect location privacy and association privacy. The scheme is mainly divided into two parts. First, we adopt a proxy forwarding mechanism to protect the location privacy of mobile devices from being leaked. Second, we select the proxy server and edge server for each task that needs to be offloaded. In the proxy server selection policy, we make a choice based on the location information of proxy servers, to reduce the leakage risk of location privacy. In the edge server selection strategy, we consider the privacy conflict between tasks, the computing ability, and location of edge servers, to reduce the leakage risk of association privacy plus the average completion time of tasks as much as possible. Simulated experimental results demonstrate that our scheme is effective in protecting the location privacy and association privacy of mobile devices and reducing the average completion time of tasks compared with the-state-of-art techniques.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Zhibo Wang,Yunan Sun,Defang Liu,Jiahui Hu,Xiaoyi Pang,Yuke Hu,Kui Ren

DOI: https://doi.org/10.1109/tmc.2023.3254553

IF: 6.075

2024-01-01

IEEE Transactions on Mobile Computing

Abstract:In mobile edge computing (MEC), users can offload tasks to nearby MEC servers to reduce computation cost. Considering that the size of offloaded tasks could disclose user location information, several location privacy-preserving task offloading mechanisms have been proposed under the single-server scenario. However, to the best of our knowledge, none of them could provide a strict privacy protection guarantee or be applicable to the multi-server scenario where the user's location can be inferred more accurately if servers collude with each other. In this paper, we propose a novel location privacy-aware task offloading framework (LPA-Offload) for both single-server and multi-server scenarios, which provides strict and provable location privacy protection while achieving efficient task offloading. Specifically, we propose a location perturbation mechanism that allows each user to perturb its real location within a rational perturbation region and provides a differential privacy guarantee. To make a satisfactory offloading strategy, we propose a perturbation region determination mechanism and an offloading strategy generation mechanism that adaptively select a proper perturbation region according to the customized privacy factor, and then generate an optimal offloading strategy based on the perturbed location within the decided region. The determination of the perturbation region could achieve personalized privacy requirements while reducing computation cost. LPA-Offload is proved to satisfy $(\epsilon ,\delta )$ -differential privacy, and the experiments demonstrate the effectiveness of our framework.

Hongbo Jiang,Jie Li,Ping Zhao,Fanzi Zeng,Zhu Xiao,Arun Iyengar

DOI: https://doi.org/10.1145/3423165

IF: 16.6

2022-01-31

ACM Computing Surveys

Abstract:Location-based services (LBSs) provide enhanced functionality and convenience of ubiquitous computing, but they open up new vulnerabilities that can be utilized to violate the users’ privacy. The leakage of private location data in the LBS context has drawn significant attention from academics and industry due to its importance, leading to numerous research efforts aiming to confront the related challenges. However, to the best of our knowledge, none of relevant studies have performed a qualitative and quantitative comparison and analysis of the complex topic of designing countermeasures and discussed the viability of their use with different kinds of services and the potential elements that could be deployed to meet new challenges. Accordingly, the purpose of this survey is to examine the privacy-preserving techniques in LBSs. We categorize and provide an inside-out review of the existing techniques. Performing a retrospective analysis of several typical studies in each category, we summarize their basic principles and recent advances. Additionally, we highlight the use of privacy-preserving techniques in LBSs for enabling new research opportunities. Providing an up-to-date and comprehensive overview of existing studies, this survey may further stimulate new research efforts into this promising field.

computer science, theory & methods

Alireza Partovi,Wei Zheng,Taeho Jung,Hai Lin

DOI: https://doi.org/10.48550/arXiv.2002.10055

2020-02-24

Abstract:In recent years, the widespread of mobile devices equipped with GPS and communication chips has led to the growing use of location-based services (LBS) in which a user receives a service based on his current location. The disclosure of user's location, however, can raise serious concerns about user privacy in general, and location privacy in particular which led to the development of various location privacy-preserving mechanisms aiming to enhance the location privacy while using LBS applications. In this paper, we propose to model the user mobility pattern and utility of the LBS as a Markov decision process (MDP), and inspired by probabilistic current state opacity notation, we introduce a new location privacy metric, namely $\epsilon-$privacy, that quantifies the adversary belief over the user's current location. We exploit this dynamic model to design a LPPM that while it ensures the utility of service is being fully utilized, independent of the adversary prior knowledge about the user, it can guarantee a user-specified privacy level can be achieved for an infinite time horizon. The overall privacy-preserving framework, including the construction of the user mobility model as a MDP, and design of the proposed LPPM, are demonstrated and validated with real-world experimental data.

Cryptography and Security

Yan Zhu,Di Ma,Dijiang Huang,Changjun Hu

DOI: https://doi.org/10.1145/2491266.2491272

2013-01-01

Abstract:The increasing spread of location-based services (LBSs) has led to a renewed research interest in the security of services. To ensure the credibility and availability of LBSs, there is a pressing requirement for addressing access control, authentication and privacy issues of LBSs in a synergistic way. In this paper, we propose an innovative location-based fine-grained access control mechanism for LBSs, enabling effective fine-grained access control, location-based authentication and privacy protection. Our proposed approach is based on the construction of a spatio-temporal predicate-based encryption by means of efficient secure integer comparison. Our experimental results not only validate the effectiveness of our scheme, but also demonstrate that the proposed integer comparison scheme performs better than previous bitwise comparison scheme.

Shengke Zeng,Yi Mu,Mingxing He,Yong Chen

DOI: https://doi.org/10.1007/s11277-018-5748-8

IF: 2.017

2018-01-01

Wireless Personal Communications

Abstract:Location-based services (LBS) are very popular for personal communications in the mobile Internet. In such applications, users make use of the mobile devices to obtain the information of the nearest gas stations, restaurants, banks etc from service provider (SP), as well as identification of the optimal route to reach destination according to user position. Obviously, location data is effective for service provisioning. Therefore, the privacy threat is the inherent problem in LBS. Previous known solutions for privacy-preserving LBS require to blind the location data to SP. Consequently, it certainly suffers from a privacy/quality of service trade-off. We present a new approach to handle such problem for privacy-aware LBS communications. In our protocol, the user submits the exact location to SP to obtain the high quality service, while his location data and the communication transcript cannot be the evidence to be obtained by any third party. Hence the privacy of this user is preserved. We take the deniable (ring) authentication as the building blocks. In this way, it is not necessary for the user to provide coarse location information which would degrade the service quality certainly.

zheng jiangyu,tan xiaobin,zou cliff,niu yukun,zhu jin

DOI: https://doi.org/10.1109/ChiCC.2014.6895872

2014-01-01

Abstract:With the widespread use of mobile devices, the location-based service (LBS) applications become increasingly popular, which introduces the new security challenge to protect user's location privacy. On one hand, a user expects to report his own location as far as possible away from his real location to protect his location privacy. On the other hand, in order to obtain high quality of service (QoS), users are required to report their locations as accurate as possible. To achieve the dedicated tradeoff between privacy requirement and QoS requirement, we propose a novel approach based on cloaking technique. We also discuss the disadvantage of the traditional general system model and propose an improved model. The basic idea of our approach is to select a sub-area from the generated cloaking area as user's reported location. The sub-area may not contain a user's real location, which prevents an adversary from performing attack with side information. Specifically, by defining an objective function with a novel location privacy metric and a QoS metric, we are able to convert the privacy issue to an optimization problem. Then, location privacy metric and QoS metric are given. To reduce the complexity of the optimization, a heuristic algorithm is proposed. Through privacy-preserving analysis and comparison with related work [8], we demonstrate the effectiveness and efficiency of our approach.

Guanghui Wang,Jianping Pan,Jianping He,Subin Shen

DOI: https://doi.org/10.1109/icccn.2017.8038376

2017-01-01

Abstract:Protecting location privacy of mobile systems is important for various location-based services in pervasive computing scenarios. How to quickly compute the target user's location without knowing each anchor user's location has drawn much attention. Under the classical nonadjacent subtraction based localization model, existing solutions based on homomophic encryption introduce much computation and communication overheads to achieve privacy-preserving localization. In this paper, an adjacent subtraction based localization model is proposed, which is suitable to efficiently protect users' privacy. Then, under such a model, an efficient privacy-preserving localization algorithm is developed without using homomophic encryption. A closed-form expression of the relationship between the localization error and the measurement noise is derived. Furthermore, a comprehensive analysis, including correctness analysis, privacy analysis, and efficiency analysis, is presented. Some simulations are conducted to show that the proposed model has equivalent accuracy and efficiency with the classical model. Some numerical results are presented to show the efficiency of the proposed privacy-preserving localization algorithm.

Sheng Zhong,Yanbin Grace Liu,Yang Richard Yang

2004-01-01

Abstract:Mobility is key to personal freedom. With the increasing availability of mobile devices, many providers begin to offer location-based services. Although these services greatly enrich our mobility experiences, with them also comes the privacy concerns, as a location-based service provider now can continuously track the location of a user. This tracking may allow unauthorized access and cause serious consequences. Although a few solutions have been proposed to address the privacy concerns in various aspects, there has not been any comprehensive study of the problem; furthermore, most of the existing solutions require that a user trust a third party such as a location server. In this paper, we investigate privacy-preserving location- based services for the three components involved in pro- viding location-based services: the location-based service component, the localization component, and the commu- nications component. The focus of our study is on the location-based service component, but we also take the other two components into consideration. We identify two major types of location-based services and present novel designs to implement them without using a trusted server. Specifically, we first identify the general location- notification service, whose goal is to transfer location information of users to authorized entities. We design a security protocol to implement the service without trusting the location server. Thus our design uses the efficiency of a location server but does not suffer from associated privacy issues. Next, we investigate the design of an even more challenging location-based service: a location service whose goal is not transfering user location information but computing an outcome that is a function of user locations. We use dating service as an example and illustrate that an efficient protocol can be built such that no extra information about user locations is revealed during the service. For the localization component, we present an impossibility result and propose a privacy preserving localization technique based on directed signals. For the communications component, we propose an anonymous communication protocol. Our extensive evaluations show that our protocols have low overheads and are suitable for

Yuan Tian,Mariya M. Kaleemullah,Mznah A. Rodhaan,Biao Song,Abdullah Al-Dhelaan,Tinghuai Ma

DOI: https://doi.org/10.1016/j.jpdc.2018.09.005

IF: 4.542

2018-01-01

Journal of Parallel and Distributed Computing

Abstract:The natural characteristics of Location Based Services (LBS) cause potential threats to location privacy. Users need to send their current locations to get the service, which may lead to the leakage of their location privacy. An effective way to protect user’s location privacy is to use an imprecise location and send this region to the Cloud-of-things system to replace his real location. When user moves and sends continuous queries, the user needs to transmit the region to the server continuously and an attacker is able to infer the real location from the overlapping regions. In this paper, we propose a novel location privacy pre-protection method for cloud-of things system to preserve user’s trajectory privacy. User’s moving behaviors are analyzed through Mobility Markov chain. The proposed location cloaking algorithm enlarges the small area to satisfy the user’s privacy requirements, so that the location trajectory privacy in the environment of cloud-of-things system is addressed efficiently. Experimental results show the performance of our method in terms of the number of moving steps, the cloaking threshold value, in addition to the user chosen anonymity value.

Fang-Jing Wu,Matthias R. Brust,Yan-Ann Chen,Tie Luo

DOI: https://doi.org/10.48550/arXiv.1808.01010

2018-08-02

Networking and Internet Architecture

Abstract:Mobile location-based services (LBSs) empowered by mobile crowdsourcing provide users with context-aware intelligent services based on user locations. As smartphones are capable of collecting and disseminating massive user location-embedded sensing information, privacy preservation for mobile users has become a crucial issue. This paper proposes a metric called privacy exposure to quantify the notion of privacy, which is subjective and qualitative in nature, in order to support mobile LBSs to evaluate the effectiveness of privacy-preserving solutions. This metric incorporates activity coverage and activity uniformity to address two primary privacy threats, namely activity hotspot disclosure and activity transition disclosure. In addition, we propose an algorithm to minimize privacy exposure for mobile LBSs. We evaluate the proposed metric and the privacy-preserving sensing algorithm via extensive simulations. Moreover, we have also implemented the algorithm in an Android-based mobile system and conducted real-world experiments. Both our simulations and experimental results demonstrate that (1) the proposed metric can properly quantify the privacy exposure level of human activities in the spatial domain and (2) the proposed algorithm can effectively cloak users' activity hotspots and transitions at both high and low user-mobility levels.

Zhengang Wu,Liangwen Yu,Jiawei Zhu,Huiping Sun,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-39527-7_31

2013-01-01

Abstract:With rapidly popular location-aware applications, location privacy becomes an emerging issue. This paper studies how to protect the two-fold privacy for both client-side and server-side in location-based queries. This technique is a significant component in privacy-friendly Location Based Services (LBS). Participants protect their own privacy. The LBS server protects against excessive disclose of location records in its Points of Interest (POIs) database while the mobile user protects his exact location by the cloaking technique. The proposed hybrid approach can achieve the challenging goal. Our solution integrates the cloaking technique with a cryptographic protocol, Private Set Intersection (PSI). In addition, this solution is secure in malicious model and also practical. © 2013 Springer-Verlag.