Lin Yao,Chi Lin,Xiangwei Kong,Feng Xia,Guowei Wu

DOI: https://doi.org/10.1109/GreenCom-CPSCom.2010.109

2010-01-01

Abstract:In pervasive computing environments, Location-Based Services (LBSs) are becoming increasingly important due to continuous advances in mobile networks and positioning technologies. Nevertheless, the wide deployment of LBSs can jeopardize the location privacy of mobile users. Consequently, providing safeguards for location privacy of mobile users against being attacked is an important research issue. In this paper a new scheme for safeguarding location privacy is proposed. Our approach supports location K-anonymity for a wide range of mobile users with their own desired anonymity levels by clustering. The whole area of all users is divided into clusters recursively in order to get the Minimum Bounding Rectangle (MBR). The exact location information of a user is replaced by his MBR. Privacy analysis shows that our approach can achieve high resilience to location privacy threats and provide more privacy than users expect. Complexity analysis shows clusters can be adjusted in real time as mobile users join or leave. Moreover, the clustering algorithms possess strong robustness.

Hao Zhou,Yingjie Wu,Sisi Zhong,Zhao Luo,Xiaodong Wang

DOI: https://doi.org/10.1109/icicee.2012.418

2012-01-01

Abstract:The query privacy issue in location-based services (LBS) has recently received considerable attention. To protect the query privacy of users, current state-of-the-art techniques adopt cloaking which cloaks the sender's location to k-anonymized spatial region (ASR), such that an attack based on the sender's location cannot identify the query source with probability larger than 1/k, among other k-1 users. However, these techniques do not consider that these k-1 additional mobile users with different privacy requirements may send request at the same time. In this paper, we propose a new attack model that an adversary who observes all the ASRs at one time can identify the query source with probability larger than 1/k based on prior knowledge of the locations of all users. And we propose our two algorithms, namely, Basic and Adaptive Algorithms, which strengthen the privacy guarantee to defend such inference attack while still support personalized user privacy requirements. We verify the effectiveness of the proposed algorithms by experiments on location data which synthetically generated on real road maps.

Zhengang Wu,Liangwen Yu,Jiawei Zhu,Huiping Sun,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-39527-7_31

2013-01-01

Abstract:With rapidly popular location-aware applications, location privacy becomes an emerging issue. This paper studies how to protect the two-fold privacy for both client-side and server-side in location-based queries. This technique is a significant component in privacy-friendly Location Based Services (LBS). Participants protect their own privacy. The LBS server protects against excessive disclose of location records in its Points of Interest (POIs) database while the mobile user protects his exact location by the cloaking technique. The proposed hybrid approach can achieve the challenging goal. Our solution integrates the cloaking technique with a cryptographic protocol, Private Set Intersection (PSI). In addition, this solution is secure in malicious model and also practical. © 2013 Springer-Verlag.

Minghui Min,Liang Xiao,Jiahao Ding,Hongliang Zhang,Shiyin Li,Miao Pan,Zhu Han

DOI: https://doi.org/10.1109/twc.2021.3132464

IF: 10.4

2021-01-01

IEEE Transactions on Wireless Communications

Abstract:Indoor location-based services (LBS) are widely used in large-scale indoor buildings, such as high-rise hospitals and multi-story shopping malls. At the same time, location privacy protection in such three-dimensional (3D) space has recently attracted considerable attention. Currently, most existing location privacy protection schemes focus on two-dimensional (2D) location protection and fail to prevent location inference attacks when the user’s location data include height dimension, i.e., 3D geolocation. Enlightened by the concept of differential privacy, in this paper we first study the impact factors of the degree of indistinguishability of 3D geolocations. Then, we quantify location privacy for LBS applications in the 3D space with geo-indistinguishability (3D-GI) rigorously and provably. We develop a mechanism of three-variates Laplacian to generate perturbed locations considering the locations’ X, Y, and Z-coordinates simultaneously, guaranteeing geo-indistinguishability. Furthermore, the discretization noise-adding mechanism is studied to satisfy geo-indistinguishability in the 3D space under the finite precision of hardware/devices. Considering the discretized mechanism can only satisfy geo-indistinguishability in finite 3D space and users visit the limited regions, we further study the truncation of the Laplacian mechanism to limit the generated perturbed locations within a specific region. Simulation results demonstrate that the proposed 3D-GI outperforms the benchmarks while guaranteeing privacy regardless of the adversary’s prior knowledge.

telecommunications,engineering, electrical & electronic

Zhikai Xu,Hongli Zhang,Xiangzhan Yu,Shen Su

DOI: https://doi.org/10.1587/transinf.2015inp0001

2016-01-01

IEICE Transactions on Information and Systems

Abstract:Location-based services (LBSs) are useful for many applications in internet of things(IoT). However, LBSs has raised serious concerns about users' location privacy. In this paper, we propose a new location privacy attack in LBSs called hidden location inference attack, in which the adversary infers users' hidden locations based on the users' check-in histories. We discover three factors that influence individual check-in behaviors: geographic information, human mobility patterns and user preferences. We first separately evaluate the effects of each of these three factors on users' check-in behaviors. Next, we propose a novel algorithm that integrates the above heterogeneous factors and captures the probability of hidden location privacy leakage. Then, we design a novel privacy alert framework to warn users when their sharing behavior does not match their sharing rules. Finally, we use our experimental results to demonstrate the validity and practicality of the proposed strategy.

Jiaxun Hua,Yu Liu,Yibin Shen,Xiuxia Tian,Yifeng Luo,Cheqing Jin

DOI: https://doi.org/10.1007/s11704-019-8300-4

IF: 2.6688

2020-01-01

Frontiers of Computer Science

Abstract:1 Introduction and main contributions Location-based services are springing up around us,while leakages of users' privacy are inevitable during services.Even worse,adversaries may analyze intercepted service data,and extract more privacy like health and property.Therefore,privacy preservation is an indispensable guarantee on LBS security. Among the previous approaches to privacy preservation,k-anonymity-based ones have drawn much research attention [1-3].However,some privacy concern will be aroused if these schemes are adopted directly.For instance,Ut issues a query "Find the nearest hotel around me" in such an area as Fig.1 (privacy profile k =4).DLS algorithm [2] constructs anonymity set A because these four cells have similar probabilities of being queried in the past.However,experienced adversaries can exclude some cells if they have learned rich contextual knowledge (side information) from historical data,such as features of each cell and LBS users.

Meng Han,Lei Li,Ying Xie,Jinbao Wang,Zhuojun Duan,Ji Li,Mingyuan Yan

DOI: https://doi.org/10.1109/access.2018.2805464

IF: 3.9

2018-01-01

IEEE Access

Abstract:While enjoying the convenience of location-based services (LBSs) in everyday life, wireless device users could also put their location privacy at risk. An untrusted LBS provider can store mobile users' data on its server, track users in various ways or share users location data to the third parties. To protect LBS users' privacy, many position confusion algorithms were proposed, but those algorithms often have difficulty balancing the utility-privacy tradeoffs. In this paper, we propose a new cognitive approach that enables nearcomplete privacy protection for LBS users by leveraging existing social network resources. We introduce a heterogeneous multi-server architecture that cuts off the direct connection between the LBS queries and the query issuers, and an auction-based incentive mechanism guaranteed user participation, which is critical for the success of the proposed architecture. A simulation system and a smartphone application were developed, and our evaluation results show that the proposed method can not only achieve the near-total privacy protection for LBS users, but also significantly improve the quality of the services.

Hojjat Navidan,Vahideh Moghtadaiee,Niki Nazaran,Mina Alishahi

DOI: https://doi.org/10.1109/EuroSPW55150.2022.00061

2022-07-02

Abstract:The advent of numerous indoor location-based services (LBSs) and the widespread use of many types of mobile devices in indoor environments have resulted in generating a massive amount of people's location data. While geo-spatial data contains sensitive information about personal activities, collecting it in its raw form may lead to the leak of personal information relating to the people, violating their privacy. This paper proposes a novel privacy-aware framework for aggregating the indoor location data employing the Local Differential Privacy (LDP) technique, in which the user location data is changed locally in the user's device and is sent to the aggregator afterward. Therefore, the users' locations are kept hidden from a server or any attackers. The practical feasibility of applying the proposed framework is verified by two real-world datasets. The impact of dataset properties, the privacy mechanisms, and the privacy level on our framework are also investigated. The experimental results indicate that the presented framework can protect the location information of users, and the accuracy of the population frequency of different zones in the indoor area is close to that of the original population frequency with no knowledge about the location of people indoors.

Cryptography and Security

Gang Sun,Dan Liao,Hui Li,Hongfang Yu,Victor Chang

DOI: https://doi.org/10.1016/j.future.2016.08.023

IF: 7.307

2017-01-01

Future Generation Computer Systems

Abstract:The developments in positioning and mobile communication technology have made the location-based service (LBS) applications more and more popular. For privacy reasons and due to lack of trust in the LBS providers, k-anonymity and l-diversity techniques have been widely used to preserve privacy of users in distributed LBS architectures in Internet of Things (IoT). However, in reality, there are scenarios where the locations of users are identical or similar/near each other in IoT. In such scenarios the k locations selected by k-anonymity technique are the same and location privacy can be easily compromised or leaked. To address the issue of privacy preservation, in this paper, we introduce the location labels to distinguish locations of mobile users to sensitive and ordinary locations. We design a location-label based (LLB) algorithm for protecting location privacy of users while minimizing the response time for LBS requests. We also evaluate the performance and validate the correctness of the proposed algorithm through extensive simulations.

Yuanbo Cui,Fei Gao,Wenmin Li,Yijie Shi,Hua Zhang,Qiaoyan Wen,Emmanouil Panaousis

DOI: https://doi.org/10.3390/s20164651

IF: 3.9

2020-08-18

Sensors

Abstract:Location-Based Services (LBSs) are playing an increasingly important role in people’s daily activities nowadays. While enjoying the convenience provided by LBSs, users may lose privacy since they report their personal information to the untrusted LBS server. Although many approaches have been proposed to preserve users’ privacy, most of them just focus on the user’s location privacy, but do not consider the query privacy. Moreover, many existing approaches rely heavily on a trusted third-party (TTP) server, which may suffer from a single point of failure. To solve the problems above, in this paper we propose a Cache-Based Privacy-Preserving (CBPP) solution for users in LBSs. Different from the previous approaches, the proposed CBPP solution protects location privacy and query privacy simultaneously, while avoiding the problem of TTP server by having users collaborating with each other in a mobile peer-to-peer (P2P) environment. In the CBPP solution, each user keeps a buffer in his mobile device (e.g., smartphone) to record service data and acts as a micro TTP server. When a user needs LBSs, he sends a query to his neighbors first to seek for an answer. The user only contacts the LBS server when he cannot obtain the required service data from his neighbors. In this way, the user reduces the number of queries sent to the LBS server. We argue that the fewer queries are submitted to the LBS server, the less the user’s privacy is exposed. To users who have to send live queries to the LBS server, we employ the l-diversity, a powerful privacy protection definition that can guarantee the user’s privacy against attackers using background knowledge, to further protect their privacy. Evaluation results show that the proposed CBPP solution can effectively protect users’ location and query privacy with a lower communication cost and better quality of service.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Ben Niu,Sheng Gao,Fenghua Li,Hui Li,Zongqing Lu

DOI: https://doi.org/10.1109/iccnc.2016.7440649

2016-01-01

Abstract:Privacy issues in continuous Location-Based Services (LBSs) have gained attractive attentions in literature over recent years. In this paper, we illustrate the limitations of existing work and define an entropy-based privacy metric to quantify the privacy degree based on a set of vital observations. To tackle the privacy issues, we propose an efficient privacy-preserving scheme, DUMMY-T, which aims to protect LBSs user's privacy against adversaries with background information. By our Dummy Locations Generating (DLG) algorithm, we first generate a set of realistic dummy locations for each snapshot with considering the minimum cloaking region and background information. Further, our proposed Dummy Paths Constructing (DPC) algorithm guarantees the location reachability by taking the maximum distance of the moving mobile users into consideration. Security analysis and empirical evaluation results further verify the effectiveness and efficiency of our DUMMY-T.

Zhengang Wu,Zhong Chen,Jiawei Zhu,Huiping Sun,Zhi Guan

DOI: https://doi.org/10.1007/978-3-319-21042-1_24

2015-01-01

Abstract:In mobile Internet, popular Location-Based Services (LBSs) recommend Point-of-Interest (POI) data according to physical positions of smartphone users. However, untrusted LBS providers can violate location privacy by analyzing user requests semantically. Therefore, this paper aims at protecting user privacy in location-based applications by evaluating disclosure risks on sensitive location semantics. First, we introduce a novel method to model location semantics for user privacy using Bayesian inference and demonstrate details of computing the semantic privacy metric. Next, we design a cloaking region construction algorithm against the leakage of sensitive location semantics. Finally, a series of experiments evaluate this solution's performance to show its availability.

Zhengang Wu,Liangwen Yu,Jiawei Zhu,Huiping Sun,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.1109/UIC-ATC-ScalCom.2014.19

2014-01-01

Abstract:In mobile Internet, Location-Based Services (LBSs) as a popular kind of context-aware recommendation systems can recommend Point of Interest (POI) data according to current locations of users. However, the inherent feature leads to leak sensitive location information of users into untrusted LBS providers. This paper aims at the location privacy problem on query prediction which forecasts next locations and violates user privacy seriously. To tackle this, we propose a novel location privacy protection solution. The contribution is three-fold. First, we model query prediction on cloaking regions using the Bayesian inference. Next, the proposed location anonymization method can generalize locations into safer cloaking regions against such query prediction attacks. Finally, a series of experiments evaluate the performance of this solution and demonstrate its availability.

Rong Fang,Jianmin Han,Juan Yu,Xin Yao,Hao Peng,Jianfeng Lu

DOI: https://doi.org/10.1007/978-3-030-67540-0_5

2021-01-01

Abstract:Location-Based Service (LBS) is one of basic services in collaborative applications. However, LBS applications may disclose user’s location privacy, which receives considerable concerns. Many methods have been proposed to protect privacy in LBS. Planar Isotropic Mechanism (PIM) is a typical location privacy preservation method in the scenario of continuous location data release. However, the method is complicated, since it requires two convex hull transformations and one isotropic position transform. To solve the problem, we propose a Staircase Mechanism (SM) based location privacy preservation method for the scenario of continuous location data release. The proposed method replaces PIM with SM, whose implementation is simple and efficient. Furthermore, SM can achieve the same privacy budget with less noise addition, so it can maintain higher quality of services in LBS. Comprehensive experiments conducted on real location data demonstrate that the proposed method is efficient and can maintain high data utility compared with the method based on PIM.

Xiao Pan,Xiaofeng Meng

DOI: https://doi.org/10.1007/s11704-013-2020-y

2013-01-01

Abstract:Privacy preservation has recently received considerable attention in location-based services (LBSs). A large number of location cloaking algorithms have been proposed for protecting the location privacy of mobile users. However, most existing cloaking approaches assume that mobile users are trusted. And exact locations are required to protect location privacy, which is exactly the information mobile users want to hide. In this paper, we propose a p-anti-conspiration privacy model to anonymize over semi-honest users. Furthermore, two k*NNG-based cloaking algorithms, vk*NNCA and ek*NNCA, are proposed to protect location privacy without exact locations. The efficiency and effectiveness of the proposed algorithms are validated by a series of carefully designed experiments. The experimental results show that the price paid for location privacy protection without exact locations is small.

Meng Han,Jinbao Wang,Mingyuan Yan,Chuyu Ai,Zhuojun Duan,Zhen Hong

DOI: https://doi.org/10.1016/j.procs.2018.03.079

2018-01-01

Procedia Computer Science

Abstract:While enjoying the amenities and convenience provided by the location-based service (LBS) in our daily life, wireless device users may surrender their location together with social activity privacy to the LBS provider. The untrusted LBS server has all the information about users in the LBS and it may track them in various ways or release their privacy data to third parties. To address the privacy protection issue, many location obfuscation algorithms behind a location-privacy preserving mechanisms (LPPMs) were proposed but only approached the trade-off between utility and privacy. Unlike the existing approaches, we propose the first methodology and application, to the best of our knowledge, that enables a near-complete location privacy protection for LBS users to achieve an cognitive optimal resolution by employing the social network associated with the LBS to separate the utility and privacy. Evaluation of both simulation and practical smartphone application shows that the proposed methodology could achieve a near-complete privacy protection in terms of entropy and significantly improve the quality of service utility.

Bo Wang,Hongtao Li,Yina Guo,Xiaoyu Ren 

DOI: https://doi.org/10.3390/s23115219

IF: 3.9

2023-05-31

Sensors

Abstract:Location-based services (LBS) are widely used due to the rapid development of mobile devices and location technology. Users usually provide precise location information to LBS to access the corresponding services. However, this convenience comes with the risk of location privacy disclosure, which can infringe upon personal privacy and security. In this paper, a location privacy protection method based on differential privacy is proposed, which efficiently protects users’ locations, without degrading the performance of LBS. First, a location-clustering (L-clustering) algorithm is proposed to divide the continuous locations into different clusters based on the distance and density relationships among multiple groups. Then, a differential privacy-based location privacy protection algorithm (DPLPA) is proposed to protect users’ location privacy, where Laplace noise is added to the resident points and centroids within the cluster. The experimental results show that the DPLPA achieves a high level of data utility, with minimal time consumption, while effectively protecting the privacy of location information.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Dan Liao,Xunhui Huang,Vishal Anand,Gang Sun,Hongfang Yu

DOI: https://doi.org/10.1109/icc.2016.7510687

2016-01-01

Abstract:Location-Based Service (LBS) is one of the fundamental and central functionalities of mobile social networks. Since users usually have to report their locations to the LBS providers while using services, the protection of user's location privacy poses a critical challenge. Although many existing approaches can preserve user's location privacy effectively, most of them must include and use the user's real location. In this paper, we first propose an efficient k-anonymity based Dummy Location and divided Circular Area (k-DLCA) approach to protect the user's location privacy. Different from existing studies, the k-DLCA algorithm adopts a greedy strategy to select dummy locations and considers the semantic location information of the location. Moreover, the user's real location may not be contained in the chosen dummy locations. We then show that k-DLCA algorithm can resist the attacks from adversaries, and has a low probability of exposing the user's real location. We conduct extensive simulations to evaluate the efficiency of the proposed scheme. The simulation results demonstrate that our proposed scheme is promising.

Le Yu,Shufan Zhang,Yan Meng,Suguo Du,Yuling Chen,Yanli Ren,Haojin Zhu

DOI: https://doi.org/10.1109/tmc.2023.3348136

IF: 6.075

2024-01-01

IEEE Transactions on Mobile Computing

Abstract:As location data have been increasingly adopted in location-based advertising (LBA), revealing locations to untrusted service providers has raised severe privacy concerns. Recent studies propose obfuscation mechanisms built upon geo-indistinguishability (geo-IND) to provide formal privacy guarantee. Unfortunately, due to the high degree of spatiotemporal regularity in human mobility pattern, the privacy cost will be unacceptably high in this situation, leading to accurate inference of user real locations. In this study, we identify this privacy risk in LBA scenarios under long-term and multi-platform assumption. We demonstrate an attacker can infer 75%∼90% of top-1 locations within a range of only 200 meters. To address it, we propose PrivLocAd , a novel system which can provide longitudinal privacy guarantee. The novelty of PrivLocAd stems from a novel surrogate-based obfuscation, which generates multiple surrogate locations to improve the privacy-utility trade-off. In addition, two novel obfuscation mechanisms, the two-stage Gaussian and multi-level surrogate generation mechanism in charge of surrogate generation can achieve the longitudinal privacy guarantee in intra- and inter-platform condition respectively. Our experimental results demonstrate PrivLocAd is able to defend against the attack, which reduces the inference rate to less than 1% of user top-1 locations in the 200 meter range.

Xiaoyan Zhu,Haotian Chi,Shunrong Jiang,Xiaosan Lei,Hui Li

DOI: https://doi.org/10.1109/ICC.2014.6883667

2014-01-01

Abstract:Location-based services (LBSs) are attracting more and more attentions with the increasing popularity of mobile devices and online social networking. In LBSs, users can conveniently obtain their interested information by sending queries to the LBS server. However, users' queries include their identities, locations, interests, etc, which may result in the leakage of users' trajectory and other sensitive information. Although the existing obfuscation and location anonymization techniques along with a long-term pseudonym can protect users' location privacy to some extent, users' real identities and moving trajectories can still be deduced through long-term observation and side information aided inference attacks. To address these problems, we propose a dynamic pseudo-ID system, where unlinkable pseudo-IDs are used by users to completely hide their identities in the queries, in order to break the link between users' identities and their locations. Moreover, we employ certificates to ensure the verifiability and traceability of the dynamic pseudo-IDs. Security analysis and evaluation results show that the proposed scheme can enhance user' privacy and is feasible to implement into mobile devices.