Location Privacy in Device-Dependent Location-Based Services:Challenges and Solution

With the evolution of location-based services(LBS),a new type of LBS has already gain a lot of attention and implementation,we name this kind of LBS as the Device-Dependent LBS(DLBS).In DLBS,the service provider(SP)will not only send the information according to the user’s location,more significant,he also provides a service device which will be carried by the user.DLBS has been successfully practised in some of the large cities around the world,for example,the shared bicycle in Beijing and London.In this paper,we,for the first time,blow the whistle of the new location privacy challenges caused by DLBS,since the service device is enabled to perform the localization without the permission of the user.To conquer these threats,we design a service architecture along with a credit system between DLBS provider and the user.The credit system tie together the DLBS device usability with the curious behaviour upon user’s location privacy,DLBS provider has to sacrifice their revenue in order to gain extra location information of their device.We make the simulation of our proposed scheme and the result convince its effectiveness.

User location privacy protection mechanism for location-based services

With the rapid development of the Internet of Things(IoT),Location-Based Services(LBS)are becoming more and more popular.However,for the users being served,how to protect their location privacy has become a growing concern.This has led to great difficulty in establishing trust between the users and the service providers,hindering the development of LBS for more comprehensive functions.In this paper,we first establish a strong identity verification mechanism to ensure the authentication security of the system and then design a new location privacy protection mechanism based on the privacy proximity test problem.This mechanism not only guarantees the confidentiality of the user s information during the subsequent information interaction and dynamic data transmission,but also meets the service provider's requirements for related data.

Location privacy protection of maritime mobile terminals

Mobile Edge Computing(MEC)can support various high-reliability and low-delay applications in Maritime Networks(MNs).However,security risks in computing task offloading exist.In this study,the location privacy leakage risk of Maritime Mobile Terminals(MMTs)is quantified during task offloading and relevant Location Privacy Protection(LPP)schemes of MMT are considered under two kinds of task offloading scenarios.In single-MMT and single-time offloading scenario,a dynamic cache and spatial cloaking-based LPP(DS-CLP)algorithm is proposed;and under the multi-MMTs and multi-time offloading scenario,a pseudonym and alterable silent period-based LPP(PA-SLP)strategy is proposed.Simulation results show that the DS-CLP can save the response time and communication cost compared with traditional algorithms while protecting the MMT location privacy.Meanwhile,extending the alterable silent period,increasing the number of MMTs in the maritime area or improving the pseudonym update probability can enhance the LPP effect of MMTs in PA-SLP.Furthermore,the study results can be effectively applied to MNs with poor communication environments and relatively insufficient computing resources.

A Fast Physical Layer Security-Based Location Privacy Parameter Recommendation Algorithm in 5G IoT

The 5G IoT(Internet of Things,IoT)is easier to implement in location privacy-preserving research.The terminals in distributed network architecture blur their accurate locations into a spatial cloaking region but most existing spatial cloaking algorithms cannot work well because of man-in-the-middle attacks,high communication overhead,time consumption,and the lower success rate.This paper proposes an algorithm that can recommend terminal’s privacy requirements based on getting terminal distribution information in the neighborhood after cross-layer authentication and therefore help 5G IoT terminals find enough collaborative terminals safely and quickly.The approach shows it can avoid man-in-the-middle attacks and needs lower communication costs and less searching time than 520ms at the same time.It has a great anonymization success rate by 93%through extensive simulation experiments for a range of 5G IoT scenarios.

δ-Calculus:A New Approach to Quantifying Location Privacy

With the rapid development of mobile wireless Internet and high-precision localization devices,location-based services(LBS)bring more convenience for people over recent years.In LBS,if the original location data are directly provided,serious privacy problems raise.As a response to these problems,a large number of location-privacy protection mechanisms(LPPMs)(including formal LPPMs,FLPPMs,etc.)and their evaluation metrics have been proposed to prevent personal location information from being leakage and quantify privacy leakage.However,existing schemes independently consider FLPPMs and evaluation metrics,without synergizing them into a unifying framework.In this paper,a unified model is proposed to synergize FLPPMs and evaluation metrics.In detail,the probabilistic process calculus(calledδ-calculus)is proposed to characterize obfuscation schemes(which is a LPPM)and integrateα-entropy toδ-calculus to evaluate its privacy leakage.Further,we use two calculus moving and probabilistic choice to model nodes’mobility and compute its probability distribution of nodes’locations,and a renaming function to model privacy leakage.By formally defining the attacker’s ability and extending relative entropy,an evaluation algorithm is proposed to quantify the leakage of location privacy.Finally,a series of examples are designed to demonstrate the efficiency of our proposed approach.

A Trajectory Privacy Protection Method to Resist Long-Term Observation Attacks

Users face the threat of trajectory privacy leakage when using location-based service applications, especially when their behavior is collected and stored for a long period of time. This accumulated information is exploited by opponents, greatly increasing the risk of trajectory privacy leakage. This attack method is called a long-term observation attack. On the premise of ensuring lower time overhead and higher cache contribution rate, the existing methods cannot utilize cache to answer subsequent queries while also resisting long-term observation attacks. So this article proposes a trajectory privacy protection method to resist long-term observation attacks. This method combines caching technology and improves the existing differential privacy mechanism, while incorporating randomization factors that are difficult for attackers to recognize after long-term observation to enhance privacy. Search for locations in the cache of both the mobile client and edge server that can replace the user’s actual location. If there are replacement users in the cache, the query results can be obtained more quickly. Simultaneously obfuscating the spatiotemporal correlation of actual trajectories by generating confusion regions. If it does not exist, the obfuscated location generation method that resists long-term observation attacks is executed to generate the real anonymous area and send it to the service provider. The above steps can comprehensively protect the user’s trajectory privacy. The experimental results show that this method can protect user trajectories from long-term observation attacks while ensuring low time overhead and a high cache contribution rate.

Providing Location-Aware Location Privacy Protection for Mobile Location-Based Services

Location privacy has been a serious concern for mobile users who use location-based services provided by third-party providers via mobile networks. Recently, there have been tremendous efforts on developing new anonymity or obfuscation techniques to protect location privacy of mobile users. Though effective in certain scenarios, these existing techniques usually assume that a user has a constant privacy requirement along spatial and/or temporal dimensions, which may be not true in real-life scenarios. In this paper, we introduce a new location privacy problem： Location-aware Location Privacy Protection （L2P2） problem, where users can define dynamic and diverse privacy requirements for different locations. The goal of the L2P2 problem is to find the smallest cloaking area for each location request so that diverse privacy requirements over spatial and/or temporal dimensions are satisfied for each user. In this paper, we formalize two versions of the L2P2 problem, and propose several efficient heuristics to provide such location-aware location privacy protection for mobile users. Through extensive simulations over large synthetic and real-life datasets, we confirm the effectiveness and efficiency of the proposed L2P2 algorithms.

Preserving location privacy without exact locations in mobile services

Privacy preservation has recently received considerable attention in location-based services （LBSs）. A large number of location cloaking algorithms have been proposed for protecting the location privacy of mobile users. However, most existing cloaking approaches assume that mobile users are trusted. And exact locations are required to protect location privacy, which is exactly the information mobile users want to hide. In this paper, we propose a p-anti-conspiration privacy model to anonymize over semi-honest users. Further- more, two k＊NNG-based cloaking algorithms, vk＊NNCA and ek＊NNCA, are proposed to protect location privacy without exact locations. The efficiency and effectiveness of the pro- posed algorithms are validated by a series of carefully designed experiments. The experimental results show that the price paid for location privacy protection without exact locations is small.

Preserving Personalized Location Privacy in Ride-Hailing Service

Ride-hailing service has become a popular means of transportation due to its convenience and low cost.However,it also raises privacy concerns.Since riders’mobility information including the pick-up and drop-off location is tracked,the service provider can infer sensitive information about the riders such as where they live and work.To address these concerns,we propose location privacy preserving techniques that efficiently match riders and drivers while preserving riders’location privacy.We first propose a baseline solution that allows a rider to select the driver who is the closest to his pick-up location.However,with some side information,the service provider can launch location inference attacks.To overcome these attacks,we propose an enhanced scheme that allows a rider to specify his privacy preference.Novel techniques are designed to preserve rider’s personalized privacy with limited loss of matching accuracy.Through trace-driven simulations,we compare our enhanced privacy preserving solution to existing work.Evaluation results show that our solution provides much better ride matching results that are close to the optimal solution,while preserving personalized location privacy for riders.

HilAnchor:Location Privacy Protection in the Presence of Users' Preferences

Location privacy receives considerable attentions in emerging location based services.Most current practices however either ignore users＇ preferences or incompletely fulfill privacy preferences.In this paper,we propose a privacy protection solution to allow users＇ preferences in the fundamental query of k nearest neighbors （kNN）.Particularly,users are permitted to choose privacy preferences by specifying minimum inferred region.Via Hilbert curve based transformation,the additional workload from users＇ preferences is alleviated.Furthermore,this transformation reduces time-expensive region queries in 2-D space to range the ones in 1-D space.Therefore,the time efficiency,as well as communication efficiency,is greatly improved due to clustering properties of Hilbert curve.Further,details of choosing anchor points are theoretically elaborated.The empirical studies demonstrate that our implementation delivers both flexibility for users＇ preferences and scalability for time and communication costs.

MimiBS： Mimicking Base-Station to Provide Location PrivacyProtection in Wireless Sensor Networks

In a wireless sensor network (WSN), sink node/base station (BS) gathers data from surrounding nodes and sends them to a remote server via a gateway. BS holds important data. Therefore, it is necessary to hide its location from an inside/outside attacker. Providing BS location anonymity against a local and global adversary, we propose a novel technique called MimiBS 'Mimicking Base-Station'. The key idea is the integration of aggregator nodes (ANs) with sensor nodes (SNs), while fine tuning TTL (time to live) value for fake packets, and setting some threshold value for real packet counter rpctr. MimiBS creates multiple traffic-hotspots (zones), which shifts the focus from BS to the newly created ANs hotspots. Multiple traffic-hotspots confuse the adversary while determining the real BS location information. We defend the BS location information anonymity against traffic analysis attack, and traffic tracing attack. MimiBS gives an illusion of having multiple BSs, and thus, if the attacker knows any about AN, he/she will be deceived between the real BS and ANs. MimiBS outperforms BLAST (base-station location anonymity and security technique), RW (random walk), and SP (shortest path), while conducting routing without fake packets, with fake packets, without energy consideration, and with energy consideration respectively.

An Efficient Location Privacy Protection Scheme Based on the Chinese Remainder Theorem

Traditional k-anonymity schemes cannot protect a user＇s privacy perfectly in big data and mobile network environments. In fact, existing k-anonymity schemes only protect location in datasets with small granularity. But in larger granularity datasets, a user＇s geographical region-location is always exposed in realizations of k-anonymity because of interaction with neighboring nodes. And if a user could not find enough adjacent access points, most existing schemes would be invalid. How to protect location information has become an important issue. But it has not attracted much attention. To solve this problem, two location-privacy protection models are proposed. Then a new generalized k-anonymity Location Privacy Protection Scheme based on the Chinese Remainder Theorem （LPSS-CRT） in Location-Based Services （LBSs） is proposed. We prove that it can guarantee that users can access LBSs without leaking their region-location information, which means the scheme can achieve perfect anonymity. Analysis shows that LPPS-CRT is more secure in protecting location privacy, including region information, and is more efficient, than similar schemes. It is suitable for dynamic environments for different users＇ privacy protection requests.

A Novel Routing Strategy to Provide Source Location Privacy in Wireless Sensor Networks

In order to secure the source location privacy when information is sent back to the base station in wireless sensor network, we propose a novel routing strategy which routes the packets to the base station through three stages： directional random routing, h-hop routing in the annular region and the shortest path routing. These stages provide two fold protections to prevent the source location from being tracked down by the adversary. The analysis and simulation results show that proposed scheme, besides providing longer safety period, can significantly reduce energy consumption compared with two baseline schemes.

Complete Bipartite Anonymity for Location Privacy

Users are vulnerable to privacy risks when providing their location information to location-based services （LBS）. Existing work sacrifices the quality of LBS by degrading spatial and temporal accuracy for ensuring user privacy. In this paper, we propose a novel approach, Complete Bipartite Anonymity （CBA）, aiming to achieve both user privacy and quality of service. The theoretical basis of CBA is that： if the bipartite graph of k nearby users＇ paths can be transformed into a complete bipartite graph, then these users achieve k-anonymity since the set of ＂end points connecting to a specific start point in a graph＂ is an equivalence class. To achieve CBA, we design a Collaborative Path Confusion （CPC） protocol which enables nearby nsers to discover and authenticate each other without knowing their real identities or accurate locations, predict tile encounter location using users＇ moving pattern information, and generate fake traces obfuscating the real ones. We evaluate CBA using a real-world dataset, and compare its privacy performance with existing path confusion approach. The results show that CBA enhances location privacy by increasing the chance for a user confusing his/her path with others by 4 to 16 times in low user density areas. We also demonstrate that CBA is secure under the trace identification attack.

APPLSS:Adaptive Privacy Preserved Location Sharing Scheme Based on Attribute-Based Encryption

Unauthorized access to location information in location-based service is one of the most critical security threats to mobile Internet.In order to solve the problem of quality of location sharing while keeping privacy preserved,adaptive privacy preserved location sharing scheme called APPLSS is proposed,which is based on a new hierarchical ciphertext-policy attribute-based encryption algorithm.In the algorithm,attribute authority sets the attribute vector according to the attribute tags of registration from the location service providers.Then the attribute vector can be adaptively transformed into an access structure to control the encryption and decryption.The APPLSS offers a natural hierarchical mechanism in protecting location information when partially sharing it in mobile networks.It allows service providers access to end user’s sensitive location more flexibly,and satisfies a sufficient-but-no-more strategy.For end-users,the quality of service is obtained while no extra location privacy is leaked.To improve service response performance,outsourced decryption is deployed to avoid the bottlenecks of the service providers and location information providers.The performance analysis and experiments show that APPLSS is an efficient and practical location sharing scheme.

Location Privacy in Mobile Big Data:User Identifiability via Habitat Region Representation

Mobile big data collected by mobile network operators is of interest to many research communities and industries for its remarkable values.However,such spatiotemporal information may lead to a harsh threat to subscribers’privacy.This work focuses on subscriber privacy vulnerability assessment in terms of user identifiability across two datasets with significant detail reduced mobility representation.In this paper,we propose an innovative semantic spatiotemporal representation for each subscriber based on the geographic information,termed as daily habitat region,to approximate the subscriber’s daily mobility coverage with far lesser information compared with original mobility traces.The daily habitat region is realized via convex hull extraction on the user’s daily spatiotemporal traces.As a result,user identification can be formulated to match two records with the maximum similarity score between two convex hull sets,obtained by our proposed similarity measures based on cosine distance and permutation hypothesis test.Experiments are conducted to evaluate our proposed innovative mobility representation and user identification algorithms,which also demonstrate that the subscriber’s mobile privacy is under a severe threat even with significantly reduced spatiotemporal information.

Privacy Protection with Dynamic Pseudonym-Based Multiple Mix-Zones Over Road Networks

In this research we proposed a strategy for location privacy protection which addresses the issues related with existing location privacy protection techniques. Mix-Zones and pseudonyms are considered as the basic building blocks for location privacy; however, continuously changing pseudonyms process at multiple locations can enhance user privacy. It has been revealed that changing pseudonym at improper time and location may threat to user's privacy. Moreover, certain methods related to pseudonym change have been proposed to attain desirable location privacy and most of these solutions are based upon velocity, GPS position and direction of angle. We analyzed existing methods related to location privacy with mix zones, such as RPCLP, EPCS and MODP, where it has been observed that these methods are not adequate to attain desired level of location privacy and suffered from large number of pseudonym changes. By analyzing limitations of existing methods, we proposed Dynamic Pseudonym based multiple mix zone(DPMM) technique, which ensures highest level of accuracy and privacy. We simulate our data by using SUMO application and analysis results has revealed that DPMM outperformed existing pseudonym change techniques and achieved better results in terms of acquiring high privacy with small number of pseudonym change.

A Differential Privacy Budget Allocation Method Combining Privacy Security Level

Trajectory privacy protection schemes based on suppression strategies rarely take geospatial constraints into account,which is made more likely for an attacker to determine the user’s true sensitive location and trajectory.To solve this problem,this paper presents a privacy budget allocation method based on privacy security level(PSL).Firstly,in a custom map,the idea of P-series is contributed to allocate a given total privacy budget reasonably to the initially sensitive locations.Then,the size of privacy security level for sensitive locations is dynamically adjusted by comparing it with the customized initial level threshold parameterµ.Finally,the privacy budget of the initial sensitive location is allocated to its neighbors based on the relationship between distance and degree between nodes.By comparing the PSL algorithm with the traditional allocation methods,the results show that it is more flexible to allocate a privacy budget without compromising location privacy under the same preset conditions.

A Privacy-Preserving Scheme for Location-Based Services in the Internet of Vehicles

Ubiquitous information exchange is achieved among connected vehicles through the increasingly smart environment.The concept of conventional vehicular ad hoc network is gradually transformed into the Internet of vehicles(IoV).Meanwhile,more and more locationbased services(LBSs)are created to provide convenience for drivers.However,the frequently updated location information sent to the LBS server also puts user location privacy at risk.Thus,preserve user location privacy while allowing vehicles to have high-quality LBSs is a critical issue.Many solutions have been proposed in the literature to preserve location privacy.However,most of them cannot provide real-time LBS with accurate location updates.In this paper,we propose a novel location privacy-preserving scheme,which allows vehicles to send accurate real-time location information to the LBS server while preventing being tracked by attackers.In the proposed scheme,a vehicle utilizes the location information of selected shadow vehicles,whose route diverge from the requester,to generate multiple virtual trajectories to the LBS server so as to mislead attackers.Simulation results show that our proposed scheme achieves a high privacy-preserving level and outperforms other state-of-the-art schemes in terms of location entropy and tracking success ratio.

Multi-Dimensional Anonymization for Participatory Sensing Systems

Participatory sensing systems are designed to enable community people to collect, analyze, and share information for their mutual benefit in a cost-effective way. The apparently insensitive information transmitted in plaintext through the inexpensive infrastructure can be used by an eavesdrop-per to infer some sensitive information and threaten the privacy of the partic-ipating users. Participation of users cannot be ensured without assuring the privacy of the participants. Existing techniques add some uncertainty to the actual observation to achieve anonymity which, however, diminishes data quality/utility to an unacceptable extent. The subset-coding based anonymiza-tion technique, DGAS [LCN 16] provides the desired level of privacy. In this research, our objective is to overcome this limitation and design a scheme with broader applicability. We have developed a computationally efficient sub-set-coding scheme and also present a multi-dimensional anonymization tech-nique that anonymizes multiple properties of user observation, e.g. both loca-tion and product association of an observer in the context of consumer price sharing application. To the best of our knowledge, it is the first work which supports multi-dimensional anonymization in PSS. This paper also presents an in-depth analysis of adversary threats considering collusion of adversaries and different report interception patterns. Theoretical analysis, comprehensive simulation, and Android prototype based experiments are carried out to estab-lish the applicability of the proposed scheme. Also, the adversary capability is simulated to prove our scheme’s effectiveness against privacy risk.