A classification of location privacy attacks and approaches

In recent years, location-based services have become very popular, mainly driven by the availability of modern mobile devices with integrated position sensors. Prominent examples are points of interest finders or geo-social networks such as Facebook Places, Qype, and Loopt. However, providing such services with private user positions may raise serious privacy concerns if these positions are not protected adequately. Therefore, location privacy concepts become mandatory to ensure the user’s acceptance of location-based services. Many different concepts and approaches for the protection of location privacy have been described in the literature. These approaches differ with respect to the protected information and their effectiveness against different attacks. The goal of this paper is to assess the applicability and effectiveness of location privacy approaches systematically. We first identify different protection goals, namely personal information (user identity), spatial information (user position), and temporal information (identity/position + time). Secondly, we give an overview of basic principles and existing approaches to protect these privacy goals. In a third step, we classify possible attacks. Finally, we analyze existing approaches with respect to their protection goals and their ability to resist the introduced attacks.

[1]  Sheikh Iqbal Ahamed,et al.  Preventing multi-query attack in location-based services , 2010, WiSec '10.

[2]  Sushil Jajodia,et al.  Protecting Privacy Against Location-Based Personal Identification , 2005, Secure Data Management.

[3]  Mohamed F. Mokbel,et al.  Privacy in Location-Based Services: State-of-the-Art and Research Directions , 2007, 2007 International Conference on Mobile Data Management.

[4]  Sushil Jajodia,et al.  ProvidentHider: An Algorithm to Preserve Historical k-Anonymity in LBS , 2009, 2009 Tenth International Conference on Mobile Data Management: Systems, Services and Middleware.

[5]  Tetsuji Satoh,et al.  An anonymous communication technique using dummies for location-based services , 2005, ICPS '05. Proceedings. International Conference on Pervasive Services, 2005..

[6]  Ling Liu,et al.  Output privacy in data mining , 2011, TODS.

[7]  Tanzima Hashem,et al.  Privacy preserving group nearest neighbor queries , 2010, EDBT '10.

[8]  Frank Stajano,et al.  Location Privacy in Pervasive Computing , 2003, IEEE Pervasive Comput..

[9]  Elisa Bertino,et al.  The PROBE Framework for the Personalized Cloaking of Private Locations , 2010, Trans. Data Priv..

[10]  Leonidas Kazatzopoulos,et al.  Location privacy through secret sharing techniques , 2005, Sixth IEEE International Symposium on a World of Wireless Mobile and Multimedia Networks.

[11]  Panos Kalnis,et al.  MobiHide: A Mobilea Peer-to-Peer System for Anonymous Location-Based Queries , 2007, SSTD.

[12]  Panos Kalnis,et al.  Private queries in location based services: anonymizers are not necessary , 2008, SIGMOD Conference.

[13]  Jean-Yves Le Boudec,et al.  Quantifying Location Privacy , 2011, 2011 IEEE Symposium on Security and Privacy.

[14]  Christian S. Jensen,et al.  Design and analysis of a ranking approach to private location-based services , 2011, TODS.

[15]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[16]  Yan Huang,et al.  Cloaking locations for anonymous location based services: a hybrid approach , 2009, GeoInformatica.

[17]  Liviu Iftode,et al.  Privately querying location-based services with SybilQuery , 2009, UbiComp.

[18]  Ling Liu,et al.  MobiMix: Protecting location privacy with mix-zones over road networks , 2011, 2011 IEEE 27th International Conference on Data Engineering.

[19]  Jianliang Xu,et al.  Non-Exposure Location Anonymity , 2009, 2009 IEEE 25th International Conference on Data Engineering.

[20]  Franco Turini,et al.  Privacy Protection: Regulations and Technologies, Opportunities and Threats , 2008, Mobility, Data Mining and Privacy.

[21]  Panos Kalnis,et al.  PRIVE: anonymous location-based queries in distributed mobile systems , 2007, WWW '07.

[22]  Sushil Jajodia,et al.  Privacy in geo-social networks: proximity notification with untrusted service providers and curious buddies , 2010, The VLDB Journal.

[23]  Ernesto Damiani,et al.  Location Privacy Protection Through Obfuscation-Based Techniques , 2007, DBSec.

[24]  Walid G. Aref,et al.  Casper*: Query processing for location services without compromising privacy , 2006, TODS.

[25]  John Krumm,et al.  Inference Attacks on Location Tracks , 2007, Pervasive.

[26]  Ken Barker,et al.  A Data Privacy Taxonomy , 2009, BNCOD.

[27]  Chin-Chen Chang,et al.  A scheme for threshold multi-secret sharing , 2005, Appl. Math. Comput..

[28]  Elisa Bertino,et al.  Preventing velocity-based linkage attacks in location-aware applications , 2009, GIS.

[29]  Agusti Solanas,et al.  A TTP-free protocol for location privacy in location-based services , 2008, Comput. Commun..

[30]  Marco Cremonini,et al.  Landscape-aware location-privacy protection in location-based services , 2009, J. Syst. Archit..

[31]  Ling Liu,et al.  Location Privacy in Mobile Systems: A Personalized Anonymization Model , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[32]  Lars Kulik,et al.  A Formal Model of Obfuscation and Negotiation for Location Privacy , 2005, Pervasive.

[33]  Frank Dürr,et al.  PShare: Position sharing for location privacy based on multi-secret sharing , 2012, 2012 IEEE International Conference on Pervasive Computing and Communications.

[34]  Yu Zhang,et al.  Preserving User Location Privacy in Mobile Data Management Infrastructures , 2006, Privacy Enhancing Technologies.

[35]  Alexandre M. Bayen,et al.  Virtual trip lines for distributed privacy-preserving traffic monitoring , 2008, MobiSys '08.

[36]  Ashwin Machanavajjhala,et al.  l-Diversity: Privacy Beyond k-Anonymity , 2006, ICDE.

[37]  Frank Stajano,et al.  Mix zones: user privacy in location-aware services , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[38]  Josep Domingo-Ferrer,et al.  Micro-aggregation-based heuristics for p-sensitive k-anonymity: one step beyond , 2008, PAIS '08.

[39]  Nikos Mamoulis,et al.  Privacy Preservation in the Publication of Trajectories , 2008, The Ninth International Conference on Mobile Data Management (mdm 2008).

[40]  Ling Liu,et al.  Supporting anonymous location queries in mobile environments with privacygrid , 2008, WWW.

[41]  Marco Gruteser,et al.  USENIX Association , 1992 .

[42]  David Wetherall,et al.  Toward trustworthy mobile sensing , 2010, HotMobile '10.

[43]  Josep Domingo-Ferrer,et al.  Location Privacy in Location-Based Services: Beyond TTP-based Schemes , 2008, PiLBA.

[44]  Jae-Gil Lee,et al.  Trajectory clustering: a partition-and-group framework , 2007, SIGMOD '07.

[45]  Ling Liu,et al.  Protecting Location Privacy with Personalized k-Anonymity: Architecture and Algorithms , 2008, IEEE Transactions on Mobile Computing.

[46]  Philippe Golle,et al.  On the Anonymity of Home/Work Location Pairs , 2009, Pervasive.

[47]  Elisa Bertino,et al.  Protecting location privacy against spatial inferences: the PROBE approach , 2009, SPRINGL '09.

[48]  Hui Xiong,et al.  Preserving privacy in gps traces via uncertainty-aware path cloaking , 2007, CCS '07.

[49]  Frank Dürr,et al.  Position sharing for location privacy in non-trusted systems , 2011, 2011 IEEE International Conference on Pervasive Computing and Communications (PerCom).

[50]  Ling Liu,et al.  From Data Privacy to Location Privacy , 2009 .

[51]  Andreas Gutscher Coordinate transformation - a solution for the privacy problem of location based services? , 2006, Proceedings 20th IEEE International Parallel & Distributed Processing Symposium.

[52]  Chi-Yin Chow,et al.  Trajectory privacy in location-based services and data publication , 2011, SKDD.

[53]  Cyrus Shahabi,et al.  A taxonomy of approaches to preserve location privacy in location-based services , 2010, Int. J. Comput. Sci. Eng..

[54]  Kyriakos Mouratidis,et al.  Preventing Location-Based Identity Inference in Anonymous Spatial Queries , 2007, IEEE Transactions on Knowledge and Data Engineering.

[55]  John Krumm,et al.  A survey of computational location privacy , 2009, Personal and Ubiquitous Computing.

[56]  Sushil Jajodia,et al.  Anonymity and Historical-Anonymity in Location-Based Services , 2009, Privacy in Location-Based Applications.

[57]  Chi-Yin Chow,et al.  Spatial cloaking for anonymous location-based services in mobile peer-to-peer environments , 2011, GeoInformatica.

[58]  Jennifer Prestigiacomo,et al.  A Hybrid Approach , 2018, How High the Sky?.

[59]  Francesco Bonchi,et al.  Never Walk Alone: Uncertainty for Anonymity in Moving Objects Databases , 2008, 2008 IEEE 24th International Conference on Data Engineering.