Lin Yao,Chi Lin,Xiangwei Kong,Feng Xia,Guowei Wu

DOI: https://doi.org/10.1109/GreenCom-CPSCom.2010.109

2010-01-01

Abstract:In pervasive computing environments, Location-Based Services (LBSs) are becoming increasingly important due to continuous advances in mobile networks and positioning technologies. Nevertheless, the wide deployment of LBSs can jeopardize the location privacy of mobile users. Consequently, providing safeguards for location privacy of mobile users against being attacked is an important research issue. In this paper a new scheme for safeguarding location privacy is proposed. Our approach supports location K-anonymity for a wide range of mobile users with their own desired anonymity levels by clustering. The whole area of all users is divided into clusters recursively in order to get the Minimum Bounding Rectangle (MBR). The exact location information of a user is replaced by his MBR. Privacy analysis shows that our approach can achieve high resilience to location privacy threats and provide more privacy than users expect. Complexity analysis shows clusters can be adjusted in real time as mobile users join or leave. Moreover, the clustering algorithms possess strong robustness.

Imran Memon,Ibrar Hussain,Rizwan Akhtar,Gencai Chen

DOI: https://doi.org/10.1007/s11277-015-2699-1

IF: 2.017

2015-01-01

Wireless Personal Communications

Abstract:Past few years, the mobile technology and location based services have experienced a great increment in number of its users. The privacy issues related to these services are becoming main concerns because of the leakage of users' private information and contents. To prevent revelation of private information, many researchers have proposed several secure and authentication schemes which apply various technologies to provide integral security properties, such as symmetric encryption, digital signature, timestamp, etc. Unfortunately, some of these schemes still exhibit security and efficiency issues. In this research paper, we proposed an efficient and secure anonymous communication for location based service using asymmetric cryptography scheme over the wireless system was attempted missing some system detail. We also proposed the prevent user private information and secure communication by asymmetric cryptography scheme. We solved the wireless communication problem in A3 algorithm such as eavesdropping and this problem solved by asymmetric cryptography scheme because of its robustness against this type of attack by providing mutual authentication make the system more secure. Finally, performance and cost analysis show our scheme is more suitable for low-power and resource limited wireless system and thus availability for real implementation. According to our security analysis and performance, we can prove that our proposed asymmetric cryptography scheme is able to improve wireless communication system security and enhance efficiency in comparison to previous schemes.

Giuseppe Ateniese,Briland Hitaj,Luigi V. Mancini,Nino V. Verde,Antonio Villani

DOI: https://doi.org/10.48550/arXiv.1505.07774

2015-09-04

Abstract:News reports of the last few years indicated that several intelligence agencies are able to monitor large networks or entire portions of the Internet backbone. Such a powerful adversary has only recently been considered by the academic literature. In this paper, we propose a new adversary model for Location Based Services (LBSs). The model takes into account an unauthorized third party, different from the LBS provider itself, that wants to infer the location and monitor the movements of a LBS user. We show that such an adversary can extrapolate the position of a target user by just analyzing the size and the timing of the encrypted traffic exchanged between that user and the LBS provider. We performed a thorough analysis of a widely deployed location based app that comes pre-installed with many Android devices: GoogleNow. The results are encouraging and highlight the importance of devising more effective countermeasures against powerful adversaries to preserve the privacy of LBS users.

Cryptography and Security

Yeming Li,Hailong Lin,Jiamei Lv,Yi Gao,Wei Dong

DOI: https://doi.org/10.1109/infocom52122.2024.10621247

2024-01-01

Abstract:In recent years, Bluetooth Low Energy (BLE) has become one of the most wildly used wireless protocols and it is common that users carry one or more BLE devices. With the extensive deployment of BLE devices, there is a significant privacy risk if these BLE devices can be tracked. However, the common wisdom suggests that the risk of BLE location tracking is negligible. The reason is that researchers believe there are no stable BLE fingerprints that are stable across different scenarios (e.g., temperatures) for different BLE devices with the same model. In this paper, we introduce a novel physical-layer fingerprint named Transient Dynamic Fingerprint (TDF), which originated from the negative feedback control process of the frequency synthesizer. Because of the hardware imperfection, the dynamic features of the frequency synthesizer are different, making TDF unique among different devices, even with the same model. Furthermore, TDF keeps stable under different thermal conditions. Based on TDF, we propose BTrack, a practical BLE device tracking system and evaluate its tracking performance in different environments. The results show BTrack works well once BLE beacons are effectively received. The identification accuracy is 35.38%-57.41% higher than the existing method, and stable over temperatures, distances, and locations.

Mike Grace,Yajin Zhou,Zhi Wang,Xuxian Jiang

2011-01-01

Abstract:Recent years have witnessed increased popularity and adoption of smartphones partially due to the functionalities and convenience offered to their users (e.g., the ability to run third-party applications). To manage the amount of access given to smartphone applications, Android provides a permission-based security model, which requires each application to explicitly request permissions before it can be installed to run. In this paper, we systematically analyze eight flagship Android smartphones from leading manufacturers, including HTC, Motorola, and Samsung and found out that the stock phone images do not properly enforce the permission model. Several privileged permissions that protect the access to sensitive user data and dangerous features on the phones are unsafely exposed to other applications which do not need to request them for the actual use, a security violation termed capability leak in this paper. To facilitate identifying these capability leaks, we take a static analysis approach and have accordingly developed a system called Woodpecker. Our results with eight phone images show that among 13 privileged permissions examined so far, 11 were leaked, with individual phones leaking up to eight permissions. By exploiting these leaked capabilities, an untrusted application can manage to wipe out the user data, send out SMS messages (e.g., to premium numbers), record user conversation, or obtain user geo-locations on the affected phones – all without the need of asking for any permission.

Yanzhe Che,Qinming He,Xiaoyan Hong,Kevin Chiew

DOI: https://doi.org/10.1002/dac.2650

2013-01-01

International Journal of Communication Systems

Abstract:While enjoying various LBS location-based services, users also face the threats of location privacy disclosure. This is because even if the communications between users and LBS providers can be encrypted and anonymized, the sensitive information inside LBS queries may disclose the exact location or even the identity of a user. The existing research on location privacy preservation in mobile peer-to-peer P2P networks assumed that users trust each other and directly share location information with each other. Nonetheless, this assumption is not practical for most of the mobile P2P scenarios, for example, an adversary can pretend to be a normal user and collect the locations of other users. Aiming at this issue, this paper presents x-region as a solution to preserve the location privacy in a mobile P2P environment where no trust relationships are assumed amongst mobile users. The main idea is to allow users to share a blurred region known as x-region instead of their exact locations so that one cannot distinguish any user from others inside the region. We propose a theoretical metric for measuring the anonymity property of x-region, together with three algorithms for generating an x-region, namely, benchmark algorithm, weighted expanding algorithm, and aggressive weighted expanding algorithm. These algorithms achieve the anonymity and QoS requirements with different strategies. Our experiments verify the performance of the algorithms against three key metrics. Copyright © 2013 John Wiley & Sons, Ltd.

Muyuan Li,Haojin Zhu,Zhaoyu Gao,Si Chen,Kui Ren,Le Yu,Shangqian Hu

DOI: https://doi.org/10.1145/2632951.2632953

2013-01-01

Abstract:Location-based social networks (LBSNs) feature friend discovery by location proximity that has attracted hundreds of millions of users world-wide. While leading LBSN providers claim the well-protection of their users' location privacy, for the first time we show through real world attacks that these claims do not hold. In our identified attacks, a malicious individual with the capability of no more than a regular LBSN user can easily break most LBSNs by manipulating location information fed to LBSN client apps and running them as location oracles. We further develop an automated user location tracking system and test it on leading LBSNs including Wechat, Skout, and Momo. We demonstrate its effectiveness and efficiency via a 3 week real-world experiment on 30 volunteers and show that we could geo-locate any target with high accuracy and readily recover his/her top 5 locations. Finally, we also develop a framework that explores a grid reference system and location classifications to mitigate the attacks. Our result serves as a critical security reminder of the current LBSNs pertaining to a vast number of users.

Hao Zhou,Yingjie Wu,Sisi Zhong,Zhao Luo,Xiaodong Wang

DOI: https://doi.org/10.1109/icicee.2012.418

2012-01-01

Abstract:The query privacy issue in location-based services (LBS) has recently received considerable attention. To protect the query privacy of users, current state-of-the-art techniques adopt cloaking which cloaks the sender's location to k-anonymized spatial region (ASR), such that an attack based on the sender's location cannot identify the query source with probability larger than 1/k, among other k-1 users. However, these techniques do not consider that these k-1 additional mobile users with different privacy requirements may send request at the same time. In this paper, we propose a new attack model that an adversary who observes all the ASRs at one time can identify the query source with probability larger than 1/k based on prior knowledge of the locations of all users. And we propose our two algorithms, namely, Basic and Adaptive Algorithms, which strengthen the privacy guarantee to defend such inference attack while still support personalized user privacy requirements. We verify the effectiveness of the proposed algorithms by experiments on location data which synthetically generated on real road maps.

Xiao Han,Junjie Xiong,Wenbo Shen,Mingkui Wei,Shangqing Zhao,Zhuo Lu,Yao Liu

DOI: https://doi.org/10.1109/tdsc.2024.3352981

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Location spoofing attack deceiving a Wi-Fi positioning system has been studied for over a decade. However, it has been challenging to construct a practical spoofing attack in urban areas with dense coverage of legitimate Wi-Fi APs. This paper identifies the vulnerability of the Google Geolocation API, which returns the location of a mobile device based on the information of the Wi-Fi access points that the device can detect. We show that this vulnerability can be exploited by the attacker to reveal the black-box localization algorithms adopted by the Google Wi-Fi positioning system and easily launch the location spoofing attack in dense urban areas with a high success rate. Furthermore, we find that this vulnerability can also lead to severe consequences that hurt user privacy, including the leakage of sensitive information like precise locations, daily activities, and demographics. Ultimately, we discuss the potential countermeasures that may be used to mitigate this vulnerability and location spoofing attack.

Lan Zhang,Xibin Zhao,Ming Gu

2010-01-01

Abstract:As the wide use of personal mobile devices and rapid evolvement of location determining technologies, location-based services have largely enriched personal mobile applications. However, it brings a severe location privacy issue which has caught the attention of both industry and academia. This paper presents a brief survey of location determining technologies and location-based services. Then we proposed a formal model to mainly study the location privacy disclosure and protection problems on related work. Furthermore, there's a discussion about the potential future work.

Erik Rye,Dave Levin

2024-05-24

Abstract:Wi-Fi-based Positioning Systems (WPSes) are used by modern mobile devices to learn their position using nearby Wi-Fi access points as landmarks. In this work, we show that Apple's WPS can be abused to create a privacy threat on a global scale. We present an attack that allows an unprivileged attacker to amass a worldwide snapshot of Wi-Fi BSSID geolocations in only a matter of days. Our attack makes few assumptions, merely exploiting the fact that there are relatively few dense regions of allocated MAC address space. Applying this technique over the course of a year, we learned the precise locations of over 2 billion BSSIDs around the world.

Cryptography and Security,Networking and Internet Architecture

Xiao Han,Junjie Xiong,Wenbo Shen,Zhuo Lu,Yao Liu

DOI: https://doi.org/10.1145/3548606.3560623

2022-01-01

Abstract:Location spoofing attack deceiving a Wi-Fi positioning system has been studied for over a decade. However, it has been challenging to construct a practical spoofing attack in urban areas with dense coverage of legitimate Wi-Fi APs. This paper identifies the vulnerability of the Google Geolocation API, which returns the location of a mobile device based on the information of the Wi-Fi access points that the device can detect. We show that this vulnerability can be exploited by the attacker to reveal the black-box localization algorithms adopted by the Google Wi-Fi positioning system and easily launch the location spoofing attack in dense urban areas with a high success rate. Furthermore, we find that this vulnerability can also lead to severe consequences that hurt user privacy, including the leakage of sensitive information like precise locations, daily activities, and demographics. Ultimately, we discuss the potential countermeasures that may be used to mitigate this vulnerability and location spoofing attack.

Chen Wang,Chuyu Wang,Yingying Chen,Lei Xie,Sanglu Lu

DOI: https://doi.org/10.1109/icdcs.2017.139

2017-01-01

Abstract:While the mobile users enjoy the anytime anywhere Internet access by connecting their mobile devices through Wi-Fi services, the increasing deployment of access points (APs) have raised a number of privacy concerns. This paper explores the potential of smartphone privacy leakage caused by surrounding APs. In particular, we study to what extent the users' personal information such as social relationships and demographics could be revealed leveraging simple signal information from APs without examining the Wi-Fi traffic. Our approach utilizes users' activities at daily visited places derived from the surrounding APs to infer users' social interactions and individual behaviors. Furthermore, we develop two new mechanisms: the Closeness-based Social Relationships Inference algorithm captures how closely people interact with each other by evaluating their physical closeness and derives fine-grained social relationships, whereas the Behavior-based Demographics Inference method differentiates various individual behaviors via the extracted activity features (e.g., activeness and time slots) at each daily place to reveal users' demographics. Extensive experiments conducted with 21 participants' real daily life including 257 different places in three cities over a 6-month period demonstrate that the simple signal information from surrounding APs have a high potential to reveal people's social relationships and infer demographics with an over 90% accuracy when using our approach.

Zhengang Wu,Zhong Chen,Jiawei Zhu,Huiping Sun,Zhi Guan

DOI: https://doi.org/10.1007/978-3-319-21042-1_24

2015-01-01

Abstract:In mobile Internet, popular Location-Based Services (LBSs) recommend Point-of-Interest (POI) data according to physical positions of smartphone users. However, untrusted LBS providers can violate location privacy by analyzing user requests semantically. Therefore, this paper aims at protecting user privacy in location-based applications by evaluating disclosure risks on sensitive location semantics. First, we introduce a novel method to model location semantics for user privacy using Bayesian inference and demonstrate details of computing the semantic privacy metric. Next, we design a cloaking region construction algorithm against the leakage of sensitive location semantics. Finally, a series of experiments evaluate this solution's performance to show its availability.

Qiuyu Xiao,Jiayi Chen,Le Yu,Huaxin Li,Haojin Zhu,Muyuan Li,Kui Ren

DOI: https://doi.org/10.1145/2660267.2662367

2014-01-01

Abstract:The mobile users are facing a serious risk of losing location privacy (e.g., users' location information transmitted by open advertisement network, and the reported event of involuntary tracking of mobile users in popular mobile social apps). In this study, we design and implement LocMask, a system-level solution that provides location privacy protection in Android system. LocMask achieves the tradeoff of the privacy and the utility of location based services by providing the Quality of Protection (QoP) on demand, which sets different privacy protection levels to different locations based on how sensitive these locations are. Motivated by the fact that Top locations (e.g, user's home or office) are more sensitive than less visiting locations, LocMask provides location profile management module that records the user's mobility history and ranks the locations in terms of the user's visiting frequency. With users' location profiles, LocMask can automatically determines the sensitiveness of these locations as well as their corresponding privacy protection level. LocMask is also designed to incorporate various obfuscation techniques. The effectiveness of LocMask is supported by extensive real-world data based evaluations.

Fang-Jing Wu,Matthias R. Brust,Yan-Ann Chen,Tie Luo

DOI: https://doi.org/10.48550/arXiv.1808.01010

2018-08-02

Networking and Internet Architecture

Abstract:Mobile location-based services (LBSs) empowered by mobile crowdsourcing provide users with context-aware intelligent services based on user locations. As smartphones are capable of collecting and disseminating massive user location-embedded sensing information, privacy preservation for mobile users has become a crucial issue. This paper proposes a metric called privacy exposure to quantify the notion of privacy, which is subjective and qualitative in nature, in order to support mobile LBSs to evaluate the effectiveness of privacy-preserving solutions. This metric incorporates activity coverage and activity uniformity to address two primary privacy threats, namely activity hotspot disclosure and activity transition disclosure. In addition, we propose an algorithm to minimize privacy exposure for mobile LBSs. We evaluate the proposed metric and the privacy-preserving sensing algorithm via extensive simulations. Moreover, we have also implemented the algorithm in an Android-based mobile system and conducted real-world experiments. Both our simulations and experimental results demonstrate that (1) the proposed metric can properly quantify the privacy exposure level of human activities in the spatial domain and (2) the proposed algorithm can effectively cloak users' activity hotspots and transitions at both high and low user-mobility levels.

Yan Michalevsky,Gabi Nakibly,Aaron Schulman,Gunaa Arumugam Veerapandian,Dan Boneh

DOI: https://doi.org/10.48550/arXiv.1502.03182

2015-08-18

Abstract:Modern mobile platforms like Android enable applications to read aggregate power usage on the phone. This information is considered harmless and reading it requires no user permission or notification. We show that by simply reading the phone's aggregate power consumption over a period of a few minutes an application can learn information about the user's location. Aggregate phone power consumption data is extremely noisy due to the multitude of components and applications that simultaneously consume power. Nevertheless, by using machine learning algorithms we are able to successfully infer the phone's location. We discuss several ways in which this privacy leak can be remedied.

Cryptography and Security

Yanzi Zhu,Zhujun Xiao,Yuxin Chen,Zhijing Li,Max Liu,Ben Y. Zhao,Haitao Zheng

2018-01-01

Abstract:Our work demonstrates a new set of silent reconnaissance attacks, which leverages the presence of commodity WiFi devices to track users inside private homes and offices, without compromising any WiFi network, data packets, or devices. We show that just by sniffing existing WiFi signals, an adversary can accurately detect and track movements of users inside a building. This is made possible by our new signal model that links together human motion near WiFi transmitters and variance of multipath signal propagation seen by the attacker sniffer outside of the property. The resulting attacks are cheap, highly effective, and yet difficult to detect. We implement the attack using a single commodity smartphone, deploy it in 11 real-world offices and residential apartments, and show it is highly effective. Finally, we evaluate potential defenses, and propose a practical and effective defense based on AP signal obfuscation.

Xiaoyan Zhu,Haotian Chi,Shunrong Jiang,Xiaosan Lei,Hui Li

DOI: https://doi.org/10.1109/ICC.2014.6883667

2014-01-01

Abstract:Location-based services (LBSs) are attracting more and more attentions with the increasing popularity of mobile devices and online social networking. In LBSs, users can conveniently obtain their interested information by sending queries to the LBS server. However, users' queries include their identities, locations, interests, etc, which may result in the leakage of users' trajectory and other sensitive information. Although the existing obfuscation and location anonymization techniques along with a long-term pseudonym can protect users' location privacy to some extent, users' real identities and moving trajectories can still be deduced through long-term observation and side information aided inference attacks. To address these problems, we propose a dynamic pseudo-ID system, where unlinkable pseudo-IDs are used by users to completely hide their identities in the queries, in order to break the link between users' identities and their locations. Moreover, we employ certificates to ensure the verifiability and traceability of the dynamic pseudo-IDs. Security analysis and evaluation results show that the proposed scheme can enhance user' privacy and is feasible to implement into mobile devices.

Sheng Zhong,Yanbin Grace Liu,Yang Richard Yang

2004-01-01

Abstract:Mobility is key to personal freedom. With the increasing availability of mobile devices, many providers begin to offer location-based services. Although these services greatly enrich our mobility experiences, with them also comes the privacy concerns, as a location-based service provider now can continuously track the location of a user. This tracking may allow unauthorized access and cause serious consequences. Although a few solutions have been proposed to address the privacy concerns in various aspects, there has not been any comprehensive study of the problem; furthermore, most of the existing solutions require that a user trust a third party such as a location server. In this paper, we investigate privacy-preserving location- based services for the three components involved in pro- viding location-based services: the location-based service component, the localization component, and the commu- nications component. The focus of our study is on the location-based service component, but we also take the other two components into consideration. We identify two major types of location-based services and present novel designs to implement them without using a trusted server. Specifically, we first identify the general location- notification service, whose goal is to transfer location information of users to authorized entities. We design a security protocol to implement the service without trusting the location server. Thus our design uses the efficiency of a location server but does not suffer from associated privacy issues. Next, we investigate the design of an even more challenging location-based service: a location service whose goal is not transfering user location information but computing an outcome that is a function of user locations. We use dating service as an example and illustrate that an efficient protocol can be built such that no extra information about user locations is revealed during the service. For the localization component, we present an impossibility result and propose a privacy preserving localization technique based on directed signals. For the communications component, we propose an anonymous communication protocol. Our extensive evaluations show that our protocols have low overheads and are suitable for