Meng Shen,Yiting Liu,Liehuang Zhu,Ke Xu,Xiaojiang Du,Nadra Guizani

DOI: https://doi.org/10.1109/mnet.011.1900366

IF: 10.294

2020-01-01

IEEE Network

Abstract:Traffic classification is a technology for classifying and identifying sensitive information from cluttered traffic. With the increasing use of encryption and other evasion technologies, traditional content- based network traffic classification becomes impossible, and traffic classification is increasingly related to security and privacy. Many studies have been conducted to investigate traffic classification in various scenarios. A major challenge to existing schemes is extending traffic classification technology to a broader space. In other words, most traffic classification work is not universal and can only show great performance on specific datasets. In this article, we present a systematic approach to optimizing feature selection for encrypted traffic classification. We summarize the optional encrypted traffic features and analyze the approaches of feature selection in detail for different datasets. The experimental result demonstrates that our scheme is more accurate and universal than other state-of-the-art approaches. More precisely, our mechanism provides a guideline for future research in the field of traffic classification.

Shi-Jie Xu,Guang-Gang Geng,Xiao-Bo Jin,Dong-Jie Liu,Jian Weng

DOI: https://doi.org/10.1109/tifs.2022.3179955

IF: 7.231

2022-06-22

IEEE Transactions on Information Forensics and Security

Abstract:Although many network traffic protection methods have been developed to protect user privacy, encrypted traffic can still reveal sensitive user information with sophisticated analysis. In this paper, we propose ETC-PS, a novel encrypted traffic classification method with path signature. We first construct the traffic path with a session packet length sequence to represent the interactions between the client and the server. Then, path transformations are conducted to exhibit its structure and obtain different information. A multiscale path signature is finally computed as a kind of distinctive feature to train the traditional machine learning classifier, which achieves highly robust accuracy and low training overhead. Six publicly available datasets with different traffic types of HTTPS/1, HTTPS/2, QUIC, VPN, non-VPN, Tor, and non-Tor are used to conduct closed-world and open-world evaluations to verify the effectiveness of ETC-PS. The experimental results demonstrate that ETC-PS is superior to the state-of-the-art methods in terms of accuracy, score, time complexity, and stability.

computer science, theory & methods,engineering, electrical & electronic

Wang,Gu

DOI: https://doi.org/10.3390/s24103078

IF: 3.9

2024-05-13

Sensors

Abstract:The widespread use of encrypted traffic poses challenges to network management and network security. Traditional machine learning-based methods for encrypted traffic classification no longer meet the demands of management and security. The application of deep learning technology in encrypted traffic classification significantly improves the accuracy of models. This study focuses primarily on encrypted traffic classification in the fields of network analysis and network security. To address the shortcomings of existing deep learning-based encrypted traffic classification methods in terms of computational memory consumption and interpretability, we introduce a Parameter-Efficient Fine-Tuning method for efficiently tuning the parameters of an encrypted traffic classification model. Experimentation is conducted on various classification scenarios, including Tor traffic service classification and malicious traffic classification, using multiple public datasets. Fair comparisons are made with state-of-the-art deep learning model architectures. The results indicate that the proposed method significantly reduces the scale of fine-tuning parameters and computational resource usage while achieving performance comparable to that of the existing best models. Furthermore, we interpret the learning mechanism of encrypted traffic representation in the pre-training model by analyzing the parameters and structure of the model. This comparison validates the hypothesis that the model exhibits hierarchical structure, clear organization, and distinct features.

engineering, electrical & electronic,instruments & instrumentation,chemistry, analytical

Juan Zheng,Zhiyong Zeng,Tao Feng

DOI: https://doi.org/10.1155/2022/4274139

IF: 1.968

2022-01-22

Security and Communication Networks

Abstract:Encrypted network traffic is the principal foundation of secure network communication, and it can help ensure the privacy and integrity of confidential information. However, it hides the characteristics of the data, increases the difficulty of detecting malicious traffic, and protects such malicious behavior. Therefore, encryption alone cannot fundamentally guarantee information security. It is also necessary to monitor traffic to detect malicious actions. At present, the more commonly used traffic classification methods are the method based on statistical features and the method based on graphs. However, these two methods are not always reliable when they are applied to the problem of encrypted malicious traffic detection due to their limitations. The former only focuses on the internal information of the network flow itself and ignores the external connections between the network flows. The latter is just the opposite. This paper proposes an encrypted malicious traffic detection method based on a graph convolutional network (GCN) called GCN-ETA, which considers the statistical features (internal information) of network flows and the structural information (external connections) between them. GCN-ETA consists of two parts: a feature extractor that uses an improved GCN and a classifier that uses a decision tree. Improving on the traditional GCN, the effect and speed of encrypted malicious traffic detection can be effectively improved and the deployment of the detection model in the real environment is increased, which provides a reference for the application of GCN in similar scenarios. This method has achieved excellent performance in experiments using real-world encrypted network traffic data for malicious traffic detection, with the accuracy, AUC, and F1-score exceeding 98% and more than 1,300 flows detected per second.

computer science, information systems,telecommunications

ZengRi Zeng,Peng Xun,Wei Peng,BaoKang Zhao

DOI: https://doi.org/10.1016/j.jisa.2023.103644

IF: 4.96

2023-12-07

Journal of Information Security and Applications

Abstract:The main methods for protecting user privacy and addressing cybersecurity problems caused by encrypted traffic are non-decryption detection approaches. However, these methods face problems such as the small number of trainable features and imbalanced training datasets, which seriously affect the robustness of existing malicious encrypted traffic detection systems (TDSs). To address these issues, we identify malicious encrypted traffic with a causality explainable detection system (METCXDS). Our detection tasks increase the number of noncryptographic features and eliminate noise features to improve interpretability . First, we extract and recombine temporal and statistical features to increase the number of trainable features. Then, the influence of causal features on the results is enhanced by weighting causal reasoning features, and noise features with low weights are removed to improve the causal interpretability of the detection results. Furthermore, samples are generated through a Wasserstein generative adversarial network (WGAN) that learns the causal feature distribution to balance the training samples. Finally, the METCXDS performance is evaluated through the detection balance index and causal feature index. On the CICIDS2017 and DoHBrw2020 datasets, compared with previous TDSs, our system improves the overall F1 score by up to >10 %. And the causality of the detection results is verified by the causal effects, which identify the causes of anomalies in encrypted traffic and clarify the decision-making process of the detection system.

computer science, information systems

Ziyu Jiang

DOI: https://doi.org/10.54097/mwyge502

2024-03-13

Abstract:Network traffic identification is crucial for network resource management and improving service quality. Traditional methods, such as port-based and deep packet inspection approaches, face challenges due to the increasing complexity of network environments, privacy concerns, and the emergence of encrypted traffic. This paper aims to address the issues of low accuracy and slow operation speed in encrypted traffic classification while ensuring the protection of user privacy. We propose a data processing method that transforms network traffic into images representing bidirectional flow packet arrival timestamps and packet sizes. By employing this data processing approach and utilizing deep recognition algorithms, the study conducts service analysis on network traffic. Experimental results demonstrate that the bidirectional flow-based image representation method achieves a 90.9% accuracy rate for the traffic analysis task on a TOR-encrypted imbalanced dataset, surpassing the accuracy of the unidirectional flow image method. Furthermore, the method also shows improvements in operation speed, enabling online network traffic detection.

Chenxin Duan,Kai Wang,Wenqi Chen,Guanglei Song,Jiahai Yang,Zhiliang Wang

DOI: https://doi.org/10.1109/noms54207.2022.9789817

2022-01-01

Abstract:Recent years have witnessed the proliferation of smart home ecosystems. Well-characterized traffic generated by smart home devices has promoted the development of security enhancing techniques for smart homes but exposes users to the privacy disclosure risk at the same time. Malicious eavesdroppers can infer working states of smart home devices and user activities based on spatial-temporal traffic characteristics. Existing countermeasures towards this kind of side channel attack ignore the utility of smart home traffic profiles and signatures for network management and attempt to completely eliminate them. In this paper, we give a comprehensive study on the trade offs between the usability of smart home traffic for security monitoring and its privacy threat. We propose to monitor the smart homes under differential privacy. Based on our solution, decoy traffic can be generated in a controlled manner so as to confound the attackers without disturbing the running monitoring systems. We prototyped our proposal and demonstrate its effectiveness empirically. An interview study is also conducted to learn the user acceptance of the proposed privacy preserving mechanism.

Liangchen Chen,Shu Gao,Baoxu Liu,Zhigang Lu,Zhengwei Jiang

DOI: https://doi.org/10.1007/s11227-020-03372-1

IF: 3.3

2020-06-29

The Journal of Supercomputing

Abstract:With the rapid increase in amount of network encrypted traffic and malware samples using encryption to evade identification, detecting encrypted malicious traffic presents challenges. The quality of the encrypted traffic sampling method directly affects the result of malware detection, but most existing machine learning methods for sampling flow-based encrypted traffic data are inherently inaccurate. To solve these problems, an innovative three-stage hierarchical sampling approach based on the improved density peaks clustering algorithm (THS-IDPC) is proposed to enhance the accuracy and efficiency of encrypted malicious traffic detection model. First, we propose an improved density peaks clustering algorithm based on grid screening, custom center decision value and mutual neighbor degree (DPC-GS-MND). In DPC-GS-MND, grid screening effectively reduces the computational complexity and mutual neighbor degree improves the clustering accuracy. Then, we extract and research the three categories features of encrypted traffic data related to malicious activities, and adopt a three-layer hierarchical clustering algorithm based on DPC-GS-MND. Finally, a three-stage sampling approach based on the three-layer hierarchical clustering algorithm (THS-IDPC) is proposed to sample the encrypted traffic data for further deep detection. The experimental results demonstrated that the proposed THS-IDPC is very effective to reduce normal traffic from massive network encrypted traffic simultaneously, and the encrypted malicious traffic detection model with THS-IDPC sampling method can detect multiple encrypted malicious traffic families with higher accuracy and efficiency. Meanwhile, DPC-GS-MND and THS-IDPC have good application prospects in network intrusion detection system under the big data environment.

Tiru Wu,Xi Xiao,Qing Li,Qixu Liu,Guangwu Hu,Xiapu Luo,Yong Jiang

DOI: https://doi.org/10.1109/secon58729.2023.10287511

2023-01-01

Abstract:With the increasing popularity of encryption pro-tocols in application and the rapid development of network applications, traffic classification has become a major challenge for mobile service providers. The failure of traditional classification methods and low classification accuracy are the problems that need to be solved urgently in traffic classification research. Therefore, we propose the scheme of BehavSniffer to sniff user behaviors from the encrypted traffic. The core idea is to propose Traffic Burst Graph (TBG) for extracting multidimensional features from bidirectional interactive data flows, and do feature fusion based on Kernel Principal Component Analysis (KPCA) and Deep Neural Network (DNN). In this way, BehavSniffer can learn both high and low-order combined structural features from traffic patterns of user behavior. Meanwhile, we propose the user behavior dataset, named WWT, from three widely used social media applications (WeChat, WhatsApp, Telegram). Experimental results show that BehavSniffer outperforms stateof-the-art methods, with AUC of 0.987 and accuracy of 99.8%, respectively.

Ming Liu,Qichao Yang,Wenqing Wang,Shengli Liu

DOI: https://doi.org/10.3390/s24206507

IF: 3.9

2024-10-11

Sensors

Abstract:The exponential growth of encrypted network traffic poses significant challenges for detecting malicious activities online. The scale of emerging malicious traffic is significantly smaller than that of normal traffic, and the imbalanced data distribution poses challenges for detection. However, most existing methods rely on single-category features for classification, which struggle to detect covert malicious traffic behaviors. In this paper, we introduce a novel semi-supervised approach to identify malicious traffic by leveraging multimodal traffic characteristics. By integrating the sequence and topological information inherent in the traffic, we achieve a multifaceted representation of encrypted traffic. We design two independent neural networks to learn the corresponding sequence and topological features from the traffic. This dual-feature extraction enhances the model's robustness in detecting anomalies within encrypted traffic. The model is trained using a joint strategy that minimizes both the reconstruction error from the autoencoder and the classification loss, allowing it to effectively utilize limited labeled data alongside a large amount of unlabeled data. A confidence-estimation module enhances the classifier's ability to detect unknown attacks. Finally, our method is evaluated on two benchmark datasets, UNSW-NB15 and CICIDS2017, under various scenarios, including different training set label ratios and the presence of unknown attacks. Our model outperforms other models by 3.49% and 5.69% in F1 score at labeling rates of 1% and 0.1%, respectively.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Peng Zhu,Gang Wang,Jingheng He,Yueli Dong,Yu Chang

DOI: https://doi.org/10.1016/j.array.2024.100338

2024-03-01

Array

Abstract:As data privacy issues become more and more sensitive, increasing numbers of websites usually encrypt traffic when transmitting it. This method can largely protect privacy, but it also brings a huge challenge. Aiming at the problem that encrypted traffic classification makes it difficult to obtain a global optimal solution, this paper proposes an encrypted traffic identification model called the ET-BERT and 1D-CNN fusion network (BCFNet), based on multi-scale feature fusion. This method combines feature learning with classification tasks, unified into an end-to-end model. The local features of encrypted traffic extracted based on the improved Inception one-dimensional convolutional neural network structure are fused with the global features extracted by the ET-BERT model. The one-dimensional convolutional neural network is more suitable for the encrypted traffic of a one-dimensional sequence than the commonly used two-dimensional convolutional neural network. The proposed model can learn the nonlinear relationship between the input data and the expected label and obtain the global optimal solution with a greater probability. This paper verifies the ISCX VPN-nonVPN dataset and compares the results of the BCFNet model with the other five baseline models on accuracy, precision, recall, and F1 indicators. The experimental results demonstrate that the BCFNet model has a greater overall effect than the other five models. Its accuracy can reach 98.88%.

Cheng Wang,Wei Zhang,Hao Hao,Huiling Shi

DOI: https://doi.org/10.3390/electronics13071236

IF: 2.9

2024-03-28

Electronics

Abstract:The demand for encrypted communication is increasing with the continuous development of secure and trustworthy networks. In edge computing scenarios, the requirement for data processing security is becoming increasingly high. Therefore, the accurate identification of encrypted traffic has become a prerequisite to ensure edge intelligent device security. Currently, encrypted network traffic classification relies on single-feature extraction methods. These methods have simple feature extraction, making distinguishing encrypted network data flows and designing compelling manual features challenging. This leads to low accuracy in multi-classification tasks involving encrypted network traffic. This paper proposes a hybrid deep learning model for multi-classification tasks to address this issue based on the synergy of dilated convolution and gating unit mechanisms. The model comprises a Gated Dilated Convolution (GDC) module and a CA-LSTM module. The GDC module completes the spatial feature extraction of encrypted network traffic through dilated convolution and gating unit mechanisms. In contrast, the CA-LSTM module focuses on extracting temporal network traffic features. By employing a collaborative approach to extract spatio-temporal features, the model ensures feature extraction diversity, guarantees robustness, and effectively enhances the feature extraction rate. We evaluate our multi-classification model using the ISCX VPN-nonVPN public dataset. Experimental results show that the proposed method achieves an accuracy rate of over 95% and a recall rate of over 90%, significantly outperforming existing methods.

engineering, electrical & electronic,computer science, information systems,physics, applied

Jinfu Chen,Luo Song,Saihua Cai,Haodi Xie,Shang Yin,Bilal Ahmad

DOI: https://doi.org/10.1145/3613960

IF: 2.717

2023-08-07

ACM Transactions on Privacy and Security

Abstract:In recent years, the use of TLS (Transport Layer Security) protocol to protect communication information has become increasingly popular as users are more aware of network security. However, hackers have also exploited the salient features of the TLS protocol to carry out covert malicious attacks, which threaten the security of network space. Currently, the commonly used traffic detection methods are not always reliable when applied to the problem of encrypted malicious traffic detection due to their limitations. The most significant problem is that these methods do not focus on the key features of encrypted traffic. To address this problem, this study proposes an efficient detection model for encrypted malicious traffic based on transport layer security protocol and a multi-head self-attention mechanism called TLS-MHSA. Firstly, we extract the features of TLS traffic during pre-processing and perform traffic statistics to filter redundant features. Then, we use a multi-head self-attention mechanism to focus on learning key features as well as generate the most important combined features to construct the detection model, thereby detecting the encrypted malicious traffic. Finally, we use a public dataset to verify the effectiveness and efficiency of the TLS-MHSA model, and the experimental results show that the proposed TLS-MHSA model has high precision, recall, F1-measure, AUC-ROC as well as higher stability than seven state-of-the-art detection models.

computer science, information systems

Geong Sen Poh,Dinil Mon Divakaran,Hoon Wei Lim,Jianting Ning,Achintya Desai

DOI: https://doi.org/10.48550/arXiv.2101.04338

2021-01-12

Cryptography and Security

Abstract:Middleboxes in a computer network system inspect and analyse network traffic to detect malicious communications, monitor system performance and provide operational services. However, encrypted traffic hinders the ability of middleboxes to perform such services. A common practice in addressing this issue is by employing a "Man-in-the-Middle" (MitM) approach, wherein an encrypted traffic flow between two endpoints is interrupted, decrypted and analysed by the middleboxes. The MitM approach is straightforward and is used by many organisations, but there are both practical and privacy concerns. Due to the cost of the MitM appliances and the latency incurred in the encrypt-decrypt processes, enterprises continue to seek solutions that are less costly. There were discussion on the many efforts required to configure MitM. Besides, MitM violates end-to-end privacy guarantee, raising privacy concerns and issues on compliance especially with the rising awareness on user privacy. Furthermore, some of the MitM implementations were found to be flawed. Consequently, new practical and privacy-preserving techniques for inspection over encrypted traffic were proposed. We examine them to compare their advantages, limitations and challenges. We categorise them into four main categories by defining a framework that consist of system architectures, use cases, trust and threat models. These are searchable encryption, access control, machine learning and trusted hardware. We first discuss the man-in-the-middle approach as a baseline, then discuss in details each of them, and provide an in-depth comparisons of their advantages and limitations. By doing so we describe practical constraints, advantages and pitfalls towards adopting the techniques. We also give insights on the gaps between research work and industrial deployment, which leads us to the discussion on the challenges and research directions.

Zuobin Ying,Shuanglong Cao,Ximeng Liu,Zhuo Ma,Jianfeng Ma,Robert H. Deng

DOI: https://doi.org/10.1109/tits.2022.3149600

IF: 8.5

2022-01-01

IEEE Transactions on Intelligent Transportation Systems

Abstract:A new trend of using deep reinforcement learning for traffic signal control has become a spotlight in the Intelligent Transportation System (ITS). However, the traditional intelligent traffic signal control system always collects and transmits vehicle information (e.g., vehicle location, speed, etc.) in the form of plaintext, which would result in the leakage of commuters’ privacy and thus bring unnecessary troubles to users. In this paper, we propose a privacy-preserving traffic signal control for an intelligent transportation system (PrivacySignal). It relies on the existing road facilities to achieve the privacy of commuters, which guarantees the practicality of the system. Real-time decision-making and confidentiality of the system can be achieved simultaneously via the design of a series of secure and efficient interactive protocols, that are based on additive secret sharing, to perform the deep $Q$ -network (DQN). Moreover, the security of PrivacySignal is testified, meanwhile, the system effectiveness, and the overall efficiency of PrivacySignal is demonstrated through theoretical analysis and simulation experiments. Compared with the existing privacy-preserving schemes of the intelligent traffic signal, PrivacySignal provides a general DQN based privacy-preserving traffic signal control strategy architecture with high efficiency and low-performance loss.

engineering, electrical & electronic,transportation science & technology, civil

Jiangang Hou,Tong Jiang,Yanmiao Li,Hao Guo,Zhen Zhang,Zhi Liu

DOI: https://doi.org/10.1109/CCCI52664.2021.9583191

2021-10-15

Abstract:With more and more encrypted traffic such as HTTPS, encrypted traffic protects not only normal traffic, but also malicious traffic. Identification of encrypted malicious traffic without decryption has become a research hotspot. Combined with deep learning, an important branch of machine learning, encrypted malicious traffic detection has achieved good results. This paper reviews the detection of encrypted malicious traffic in recent years. Firstly, we classify encrypted malicious traffic. Secondly, we sorts out the extraction characteristics of encrypted malicious traffic, the key and difficult problems we are facing at present. Then, with encrypted malicious traffic detection technology as the main line, we summarized the current detection model from the four core aspects of data collection, data processing, model training and evaluation improvement. Finally, we analyze the problems and point out future research directions.

Computer Science

Kai Zhang,Minjun Deng,Bei Gong,Yinbin Miao,Jianting Ning

DOI: https://doi.org/10.1109/jiot.2023.3297601

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Blockchain-based Industrial Internet-of-Things (IIoT) integrates the blockchain technology into the traditional IIoT infrastructure to provide secure and collaborative services. In IIoT, the traffic is usually encrypted using cipher suite (SSL/TLS) for secure communication, which makes it hard for middleboxes to detect malicious activity in the traffic. To address this problem, secure middleboxes that directly perform encrypted traffic inspection have been presented. Recently, a new privacy-preserving deep packet inspection (DPI) system on middlebox for IoT scenarios was proposed, but it suffered from the following two limitations: (i) no support for fast token detection; (ii) no support for tracing abnormal sources. To address the two limitations, we propose BTDPI, a privacy-preserving traceable DPI system that efficiently performs inspection over encrypted traffic in Blockchain-based IIoT. Technically, we adopt a two-layer filter architecture to improve the efficiency of detection, and moreover introduce a new online-offline certificateless aggregate signature with smart contract to design an identity traceability mechanism. The experiment result shows that BTDPI runs 26.7× faster for token detection with 3,000 tokens and 3,000 rules than the state-of-the-art work.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yapei Huang,Yun Tian,Zhijie Liu,Xiaowei Jin,Yanan Liu,Shifeng Zhao,Daxin Tian

DOI: https://doi.org/10.1145/3391707

IF: 5

2020-08-31

ACM Transactions on Intelligent Systems and Technology

Abstract:Acquiring traffic condition information is of great significance in transportation guidance, urban planning, and route recommendation. To date, traffic density data are generally acquired by road sound analysis, video data analysis, or in-vehicle network communication, which are usually financially or temporally expensive. Another way to get traffic conditions is to collect track data by crowdsourcing. However, this way lead to a greater risk of leaking users’ privacy. To avoid the risk, this article proposes a traffic density estimation model based on crowdsourcing privacy protection. First, in the acquisition process of the track data by crowdsourcing, dual servers are employed for transmission, and homomorphic encryption is carried out to encrypt the data to protect the data from being leaked during transmission. Second, sampling is implemented for randomization and anonymization to reduce the spatial continuity and temporal continuity of position data. In this way, the intermediate server cannot acquire users’ original data, and the main server cannot obtain users’ personal information. Finally, before data transmission, Laplace noising is performed on the users’ local position data to further protect the original location information. The proposed algorithm in this study realizes that only users have their original track data, and the servers involved in the work cannot infer the original track data, which ensures the real security of user privacy. The proposed algorithm was verified with the track data from the Didi Gaia Data Opening Plan. The experimental results showed that the proposed algorithm could still maintain the validity of data analysis results and the security of user data privacy after homomorphic encryption, noise addition, and sample collection, and displayed good robustness and scalability.

computer science, information systems, artificial intelligence

Wei Peng

2024-08-12

Abstract:Encrypted traffic classification is the task of identifying the application or service associated with encrypted network traffic. One effective approach for this task is to use deep learning methods to encode the raw traffic bytes directly and automatically extract features for classification (byte-based models). However, current byte-based models input raw traffic bytes, whether plaintext or encrypted text, for automated feature extraction, neglecting the distinct impacts of plaintext and encrypted text on downstream tasks. Additionally, these models primarily focus on improving classification accuracy, with little emphasis on the efficiency of models. In this paper, for the first time, we analyze the impact of plaintext and encrypted text on the model's effectiveness and efficiency. Based on our observations and findings, we propose a two-phase approach to balance the trade-off between plaintext and encrypted text in traffic classification. Specifically, Stage one is to Determine whether the Plain text is enough to be accurately Classified (DPC) using the proposed DPC Selector. This stage quickly identifies samples that can be classified using plaintext, leveraging explicit byte features in plaintext to enhance model's efficiency. Stage two aims to adaptively make a classification with the result from stage one. This stage incorporates encrypted text information for samples that cannot be classified using plaintext alone, ensuring the model's effectiveness on traffic classification tasks. Experiments on two datasets demonstrate that our proposed model achieves state-of-the-art results in both effectiveness and efficiency.

Cryptography and Security,Computation and Language

Weiqi Zhang,Zhenzhen Xie,Akshita Maradapu Vera Venkata Sai,Qasim Zia,Zaobo He,Guisheng Yin

DOI: https://doi.org/10.26599/tst.2023.9010072

2024-04-01

Abstract:The widespread availability of GPS has opened up a whole new market that provides a plethora of location-based services. Location-based social networks have become very popular as they provide end users like us with several such services utilizing GPS through our devices. However, when users utilize these services, they inevitably expose personal information such as their ID and sensitive location to the servers. Due to untrustworthy servers and malicious attackers with colossal background knowledge, users' personal information is at risk on these servers. Unfortunately, many privacy-preserving solutions for protecting trajectories have significantly decreased utility after deployment. We have come up with a new trajectory privacy protection solution that contraposes the area of interest for users. Firstly, Staying Points Detection Method based on Temporal-Spatial Restrictions (SPDM-TSR) is an interest area mining method based on temporal-spatial restrictions, which can clearly distinguish between staying and moving points. Additionally, our privacy protection mechanism focuses on the user's areas of interest rather than the entire trajectory. Furthermore, our proposed mechanism does not rely on third-party service providers and the attackers' background knowledge settings. We test our models on real datasets, and the results indicate that our proposed algorithm can provide a high standard privacy guarantee as well as data availability.

computer science, information systems,engineering, electrical & electronic, software engineering