PA-CTM: privacy aware collaborative traffic monitoring system using autonomous location update mechanism

Collaborative Traffic Monitoring (CTM) systems exploit the location information continuously collected from vehicles. Users collaborate by providing their location information to have a global picture of the current traffic in real-time. However, location information is very sensitive information that made privacy a major obstacle for the widespread usage of CTM systems. Some of these systems depend on periodic location updates, where a vehicle updates location periodically [1]; other systems trigger update at particular regions [2], or with random time periods [3]. For privacy issues, these systems rely on a trusted third party for enforcing a predetermined privacy level. They may also generate low quality data because of the low precision in both time and space [4]. In this paper, we present a privacy aware collaborative traffic monitoring system, PA-CTM, where moving objects send their location updates to a traffic server, the latter then processes current data and provides its users with current traffic status. Users authenticate themselves to traffic server using pseudonyms that are changed according to user's privacy preferences. PA-CTM deploys two mechanisms for enhancing privacy, the first mechanism is the use of pseudonyms (to authenticate to the traffic server) to hide real identities, and changing these pseudonyms to hide trajectory information from the traffic server. Users can control their privacy by frequently changing their pseudonyms and hence become anonymous to traffic server. The second privacy enhancement technique in PA-CTM is the use of a novel autonomous location update mechanism, ALUM. In ALUM, location update is performed according to moving objects' behavior (change in speed or direction) without the need to a trusted third party. Unlike state-of-the art techniques, ALUM does not require a trusted third-party for triggering vehicles to update their locations. We utilized the existence of location prediction errors to calculate the region where a particular vehicle is expected to be in and hence to calculate anonymity level at that region. We compared ALUM against periodic and random silent period update mechanisms and it showed better privacy results in terms of k-anonymity metric.

[1]  Matthias Gerlach,et al.  Privacy in VANETs using Changing Pseudonyms - Ideal and Real , 2007, 2007 IEEE 65th Vehicular Technology Conference - VTC2007-Spring.

[2]  Marco Gruteser,et al.  Protecting Location Privacy Through Path Confusion , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[3]  Panagiotis Papadimitratos,et al.  SECURING VEHICULAR COMMUNICATIONS , 2006, IEEE Wireless Communications.

[4]  Jianliang Xu,et al.  PAM: An Efficient and Privacy-Aware Monitoring Framework for Continuously Moving Objects , 2010, IEEE Transactions on Knowledge and Data Engineering.

[5]  Yücel Saygin,et al.  P2-CTM: privacy preserving collaborative traffic monitoring , 2010, SPRINGL '10.

[6]  Ling Liu,et al.  Protecting Location Privacy with Personalized k-Anonymity: Architecture and Algorithms , 2008, IEEE Transactions on Mobile Computing.

[7]  Chi-Yin Chow,et al.  A peer-to-peer spatial cloaking algorithm for anonymous location-based service , 2006, GIS '06.

[8]  Panagiotis Papadimitratos,et al.  Efficient and robust pseudonymous authentication in VANET , 2007, VANET '07.

[9]  Emre Kaplan,et al.  Discovering private trajectories using background information , 2010, Data Knowl. Eng..

[10]  Lee A. Vierling,et al.  Effects of habitat on GPS collar performance: using data screening to reduce location error , 2007 .

[11]  A. Prasad Sistla,et al.  Modeling and querying moving objects , 1997, Proceedings 13th International Conference on Data Engineering.

[12]  Michael E. Theologou,et al.  Architecture and Scalability Issues for the Provision of Anonymous Real-Time Mobile Community Services , 2007, 2007 IEEE 18th International Symposium on Personal, Indoor and Mobile Radio Communications.

[13]  Yan Huang,et al.  Cloaking locations for anonymous location based services: a hybrid approach , 2009, GeoInformatica.

[14]  Alexandre M. Bayen,et al.  Virtual trip lines for distributed privacy-preserving traffic monitoring , 2008, MobiSys '08.

[15]  Pierangela Samarati,et al.  Protecting Respondents' Identities in Microdata Release , 2001, IEEE Trans. Knowl. Data Eng..

[16]  Yücel Saygin,et al.  CoRPPS: Collusion Resistant Pseudonym Providing System , 2011, 2011 IEEE Third Int'l Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third Int'l Conference on Social Computing.

[17]  Huirong Fu,et al.  Privacy Issues of Vehicular Ad-Hoc Networks , 2010 .

[18]  Maxim Raya,et al.  Mix-Zones for Location Privacy in Vehicular Networks , 2007 .

[19]  Florian Dötzer,et al.  Privacy Issues in Vehicular Ad Hoc Networks , 2005, Privacy Enhancing Technologies.

[20]  Victor C. M. Leung,et al.  Wireless Location Privacy Protection in Vehicular Ad-Hoc Networks , 2010, Mob. Networks Appl..

[21]  Levente Buttyán,et al.  On the Effectiveness of Changing Pseudonyms to Provide Location Privacy in VANETs , 2007, ESAS.

[22]  Radha Poovendran,et al.  AMOEBA: Robust Location Privacy Scheme for VANET , 2007, IEEE Journal on Selected Areas in Communications.

[23]  Thomas Brinkhoff,et al.  A Framework for Generating Network-Based Moving Objects , 2002, GeoInformatica.

[24]  Francesco Bonchi,et al.  Anonymization of moving objects databases by clustering and perturbation , 2010, Inf. Syst..