Abstract
Mobile devices with positioning capabilities allow users to participate in novel and exciting location-based applications. For instance, users may track the whereabouts of their acquaintances in location-aware social networking applications (e.g., Foursquare). Furthermore, users can request information about landmarks in their proximity. Such scenarios require users to report their coordinates to other parties, which may not be fully trusted. Reporting precise locations may result in serious privacy violations, such as disclosure of lifestyle details, sexual orientation, and so forth. A typical approach to preserve location privacy is to generate a cloaking region (CR) that encloses the user position. However, if locations are continuously reported, an attacker can correlate CRs from multiple timestamps to accurately pinpoint the user position within a CR.
In this work, we protect against a broad range of attacks that breach location privacy using knowledge about (1) maximum user velocity, (2) external events that may occur outside the process of self-reporting locations (e.g., social network posts tagged by peers), and (3) information about mutual proximity between users. Assume user u who reports two consecutive cloaked regions A and B. We consider two distinct protection scenarios: in the first case, the attacker does not have information about the sensitive locations on the map, and the objective is to ensure that u can reach some point in B from any point in A; in the second case, the attacker knows the placement of sensitive locations, and the objective is to ensure that u can reach any point in B from any point in A. We propose spatial and temporal cloaking transformations to preserve user privacy, and we show experimentally that privacy can be achieved without significant quality-of-service deterioration.
- Miguel E. Andrés, Nicolás E. Bordenabe, Konstantinos Chatzikokolakis, and Catuscia Palamidessi. 2013. Geo-indistinguishability: Differential privacy for location-based systems. In 2013 ACM SIGSAC Conference on Computer and Communications Security (CCS’13). Google ScholarDigital Library
- Mikhail J. Atallah. 1998. Algorithms and Theory of Computation Handbook. CRC Press. Google ScholarDigital Library
- Konstantinos Chatzikokolakis, Miguel E. Andrés, Nicolás Emilio Bordenabe, and Catuscia Palamidessi. 2013. Broadening the scope of differential privacy using metrics. In Symposium HotPets 2013. Online version: http://freehaven.net/anonbib/papers/pets2013/paper_57.pdf.Google ScholarCross Ref
- Konstantinos Chatzikokolakis, Catuscia Palamidessi, and Marco Stronati. 2014. A predictive differentially-private mechanism for mobility traces. In Proceedings of Privacy Enhancing Technologies - 14th International Symposium (PETS’14).Google ScholarCross Ref
- Reynold Cheng, Yu Zhang, Elisa Bertino, and Sunil Prabhakar. 2006. Preserving user location privacy in mobile data management infrastructures. In Proceedings of Privacy Enhancing Technologies Symposium (PETS’06). Google ScholarDigital Library
- Maria Luisa Damiani. 2014. Location privacy models in mobile applications: Conceptual view and research directions. GeoInformatica 18, 4 (2014), 819--842. Google ScholarDigital Library
- Maria Luisa Damiani, Elisa Bertino, and Claudio Silvestri. 2010. The PROBE framework for the personalized cloaking of private locations. Transactions on Data Privacy 3, 2 (2010), 123--148. Google ScholarDigital Library
- Maria Luisa Damiani, Claudio Silvestri, and Elisa Bertino. 2011. Fine-grained cloaking of sensitive positions in location-sharing applications. IEEE Pervasive Computing 10, 4 (2011), 64--72. Google ScholarDigital Library
- Mark de Berg, Marc van Kreveld, Mark Overmars, and Otfried Schwarzkopf. 2000. Computational Geometry: Algorithms and Applications (2nd ed.). Springer-Verlag. Google ScholarCross Ref
- Cynthia Dwork. 2006. Differential privacy. In Proceedings of Automata, Languages and Programming, 33rd International Colloquium (ICALP’06). Springer, 1--12. Google ScholarDigital Library
- Fox News. 2004. Man Accused of Stalking Ex-Girlfriend With GPS. http://www.foxnews.com/story/0,2933,131487,00.html. (Sept. 4, 2004).Google Scholar
- Dario Freni, Carmen Ruiz Vicente, Sergio Mascetti, Claudio Bettini, and Christian Jensen. 2010. Preserving location and absence privacy in geo-social networks. In Proceedings of the 19th ACM International Conference on Information and Knowledge Management (CIKM’10). Google ScholarDigital Library
- Bugra Gedik and Ling Liu. 2005. Location privacy in mobile systems: A personalized anonymization model. In Proceedings of International Conference on Distributed Computing Systems (ICDCS’05). Google ScholarDigital Library
- Gabriel Ghinita. 2013. Privacy for Location-Based Services. Morgan & Claypool Publishers. Google ScholarDigital Library
- Gabriel Ghinita, Panos Kalnis, Ali Khoshgozaran, Cyrus Shahabi, and Kian Lee Tan. 2008. Private queries in location based services: Anonymizers are not necessary. In Proceedings of ACM SIGMOD Conference (SIGMOD’08). Google ScholarDigital Library
- Marco Gruteser and Dirk Grunwald. 2003. Anonymous usage of location-based services through spatial and temporal cloaking. In Proceedings of USENIX MobiSys. Google ScholarDigital Library
- Marco Gruteser and Xuan Liu. 2004. Protecting privacy in continuous location-tracking applications. IEEE Security and Privacy 2, 2 (2004), 28--34. Google ScholarDigital Library
- Jeff Henrikson. 1999. Completeness and total boundedness of the Hausdorff metric. MIT Undergraduate Journal of Mathematics 1 (1999), 69--80.Google Scholar
- Panos Kalnis, Gabriel Ghinita, Kyriakos Mouratidis, and Dimitris Papadias. 2007. Preserving location-based identity inference in anonymous spatial queries. IEEE Transactions on Knowledge and Data Engineering 19, 12 (2007), 1719--1733. Google ScholarDigital Library
- Ali Khoshgozaran and Cyrus Shahabi. 2007. Blind evaluation of nearest neighbor queries using space transformation to preserve location privacy. In Proceedings of International Symposium on Spatial and Temporal Databases (SSTD’07). Google ScholarDigital Library
- Hidetoshi Kido, Yutaka Yanagisawa, and Tetsuji Satoh. 2005. An anonymous communication technique using dummies for location-based services. In Proceedings of International Conference on Pervasive Services (ICPS’05). 88--97.Google ScholarCross Ref
- John Krumm. 2009. A survey of computational location privacy. Personal and Ubiquitous Computing 13, 6 (2009), 391--399. Google ScholarDigital Library
- Yanhui Li, Ye Yuan, Guoren Wang, Lei Chen, and Jiajia Li. 2016. Semantic-aware location privacy preservation on road networks. In Proceedings of International Conference on Database Systems for Advanced Applications (DASFAA’16). Google ScholarDigital Library
- Mohamed F. Mokbel, Chi Yin Chow, and Walid G. Aref. 2006. The new Casper: Query processing for location services without compromising privacy. In Proceedings of Very Large Databases (VLDB’06). Google ScholarDigital Library
- Alexandra-Mihaela Olteanu, Kvin Huguenin, Reza Shokri, and Jean-Pierre Hubaux. 2014. Quantifying the effect of co-location information on location privacy. In Proceedings of Privacy Enhancing Technologies Symposium (PETS’14).Google ScholarCross Ref
- Carmen Ruiz-Vicente, Dario Freni, Claudio Bettini, and Christian Jensen. 2011. Location-related privacy in geo-social networks. IEEE Internet Computing 15 (2011), 20--27. Google ScholarDigital Library
- Reza Shokri, George Theodorakopoulos, Jean-Yves Le Boudec, and Jean-Pierre Hubaux. 2011. Quantifying location privacy. In Proceedings of IEEE Symposium on Security and Privacy. Google ScholarDigital Library
- Reza Shokri, George Theodorakopoulos, Carmela Troncoso, Jean-Pierre Hubaux, and Jean-Yves Le Boudec. 2012. Protecting location privacy: Optimal strategy against localization attacks. In Proceedings of ACM Conference on Computer and Communications Security (CCS’12). Google ScholarDigital Library
- Reza Shokri, Carmela Troncoso, Claudia Diaz, Julien Freudiger, and Jean-Pierre Hubaux. 2010. Unraveling an old cloak: K-anonymity for location privacy. In Proceedings of ACM Workshop on Privacy in the Electronic Society. Google ScholarDigital Library
- George Theodorakopoulos, Reza Shokri, Carmela Troncoso, Jean-Pierre Hubaux, and Jean-Yves Le Boudec. 2014. Prolonging the hide-and-seek game: Optimal trajectory privacy for location-based services. In Proceedings of Workshop on Privacy in the Electronic Society. Google ScholarDigital Library
- Toby Xu and Ying Cai. 2009. Feeling-based location privacy protection for location-based services. In Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS’09). Google ScholarDigital Library
- Emre Yigitoglu, Maria Luisa Damiani, Osman Abul, and Claudio Silvestri. 2012. Privacy-preserving sharing of sensitive semantic locations under road-network constraints. In Proceedings of IEEE International Conference on Mobile Data Management (MDM’12). Google ScholarDigital Library
- Man Lung Yiu, Christian Jensen, Xuegang Huang, and Hua Lu. 2008. SpaceTwist: Managing the trade-offs among location privacy, query performance, and query accuracy in mobile services. In Proceedings of IEEE International Conference on Data Engineering (ICDE’08). Google ScholarDigital Library
Index Terms
- Protecting Against Velocity-Based, Proximity-Based, and External Event Attacks in Location-Centric Social Networks
Recommendations
Preventing velocity-based linkage attacks in location-aware applications
GIS '09: Proceedings of the 17th ACM SIGSPATIAL International Conference on Advances in Geographic Information SystemsMobile devices with positioning capabilities allow users to participate in novel and exciting location-based applications. For instance, users may track the whereabouts of their acquaintances in location-aware social networking applications, e.g., ...
Protecting location privacy using location semantics
KDD '11: Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data miningAs the use of mobile devices increases, a location-based service (LBS) becomes increasingly popular because it provides more convenient context-aware services. However, LBS introduces problematic issues for location privacy due to the nature of the ...
Protecting Location Privacy with Personalized k-Anonymity: Architecture and Algorithms
Continued advances in mobile networks and positioning technologies have created a strong market push for location-based applications. Examples include location-aware emergency response, location-based advertisement, and location-based entertainment. An ...
Comments