Privacy Preservation in Location-Based Services: A Novel Metric and Attack Model

Recent years have seen rising needs for location-based services in our everyday life. Aside from the many advantages provided by these services, they have caused serious concerns regarding the location privacy of users. An adversary such as an untrusted location-based server can monitor the queried locations by a user to infer critical information such as the user's home address, health conditions, shopping habits, etc. To address this issue, dummy-based algorithms have been developed to increase the anonymity of users, and thus, protecting their privacy. Unfortunately, the existing algorithms only consider a limited amount of side information known by an adversary which may face more serious challenges in practice. In this paper, we incorporate a new type of side information based on consecutive location changes of users and propose a new metric called transition-entropy to investigate the location privacy preservation, followed by two algorithms to improve the transition-entropy for a given dummy generation algorithm. Then, we develop an attack model based on the Viterbi algorithm which can significantly threaten the location privacy of the users. Next, in order to protect the users from Viterbi attack, we propose an algorithm called robust dummy generation (RDG) which can resist against the Viterbi attack while maintaining a high performance in terms of the privacy metrics introduced in the paper. All the algorithms are applied and analyzed on a real-life dataset.

[1]  Ho-Jin Choi,et al.  Another dummy generation technique in location-based services , 2016, 2016 International Conference on Big Data and Smart Computing (BigComp).

[2]  Takahiro Hara,et al.  Dummy-Based User Location Anonymization Under Real-World Constraints , 2016, IEEE Access.

[3]  Maxim Raya,et al.  Mix-Zones for Location Privacy in Vehicular Networks , 2007 .

[4]  Chi-Yin Chow,et al.  Enabling Private Continuous Queries for Revealed User Locations , 2007, SSTD.

[5]  George Danezis,et al.  Towards an Information Theoretic Metric for Anonymity , 2002, Privacy Enhancing Technologies.

[6]  Jianliang Xu,et al.  Protecting Location Privacy against Location-Dependent Attacks in Mobile Services , 2012, IEEE Transactions on Knowledge and Data Engineering.

[7]  Ling Liu,et al.  MobiMix: Protecting location privacy with mix-zones over road networks , 2011, 2011 IEEE 27th International Conference on Data Engineering.

[8]  Wei-Ying Ma,et al.  Understanding mobility based on GPS data , 2008, UbiComp.

[9]  Chi-Yin Chow,et al.  A peer-to-peer spatial cloaking algorithm for anonymous location-based service , 2006, GIS '06.

[10]  Jianliang Xu,et al.  Privacy-Conscious Location-Based Queries in Mobile Environments , 2010, IEEE Transactions on Parallel and Distributed Systems.

[11]  Jr. G. Forney,et al.  The viterbi algorithm , 1973 .

[12]  Xing Xie,et al.  GeoLife: A Collaborative Social Networking Service among User, Location and Trajectory , 2010, IEEE Data Eng. Bull..

[13]  Andreas Pfitzmann,et al.  Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[14]  Jianfeng Ma,et al.  TrPF: A Trajectory Privacy-Preserving Framework for Participatory Sensing , 2013, IEEE Transactions on Information Forensics and Security.

[15]  Xiaoqing Li,et al.  Privacy-area aware dummy generation algorithms for Location-Based Services , 2014, 2014 IEEE International Conference on Communications (ICC).

[16]  Pierangela Samarati,et al.  Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression , 1998 .

[17]  Hua Lu,et al.  PAD: privacy-area aware, dummy-based location privacy in mobile services , 2008, MobiDE '08.

[18]  Helen J. Wang,et al.  Preserving location privacy in wireless lans , 2007, MobiSys '07.

[19]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[20]  Qinghua Li,et al.  Achieving k-anonymity in privacy-aware location-based services , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[21]  Qiong Huang,et al.  User-Defined Privacy Grid System for Continuous Location-Based Services , 2015, IEEE Transactions on Mobile Computing.

[22]  Markulf Kohlweiss,et al.  Privacy for Profitable Location Based Services , 2005, SPC.

[23]  Yu Zhang,et al.  Preserving User Location Privacy in Mobile Data Management Infrastructures , 2006, Privacy Enhancing Technologies.

[24]  Christian S. Jensen,et al.  Design and analysis of a ranking approach to private location-based services , 2011, TODS.

[25]  Ling Liu,et al.  Attack-Resilient Mix-zones over Road Networks: Architecture and Algorithms , 2015, IEEE Transactions on Mobile Computing.

[26]  Frank Stajano,et al.  Mix zones: user privacy in location-aware services , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[27]  Xiaohui Liang,et al.  Pseudonym Changing at Social Spots: An Effective Strategy for Location Privacy in VANETs , 2012, IEEE Transactions on Vehicular Technology.

[28]  Ying Cai,et al.  Exploring Historical Location Data for Anonymity Preservation in Location-Based Services , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[29]  Marco Gruteser,et al.  USENIX Association , 1992 .

[30]  Pierangela Samarati,et al.  Location privacy in pervasive computing , 2008 .

[31]  Xing Xie,et al.  Mining interesting locations and travel sequences from GPS trajectories , 2009, WWW '09.

[32]  Frank Dürr,et al.  A classification of location privacy attacks and approaches , 2012, Personal and Ubiquitous Computing.

[33]  Tom Rodden,et al.  A lightweight approach to managing privacy in location-based services , 2002 .

[34]  Tetsuji Satoh,et al.  An anonymous communication technique using dummies for location-based services , 2005, ICPS '05. Proceedings. International Conference on Pervasive Services, 2005..