Protecting query privacy in location-based services

The popularity of location-based services (LBSs) leads to severe concerns on users’ privacy. With the fast growth of Internet applications such as online social networks, more user information becomes available to the attackers, which allows them to construct new contextual information. This gives rise to new challenges for user privacy protection and often requires improvements on the existing privacy-preserving methods. In this paper, we classify contextual information related to LBS query privacy and focus on two types of contexts—user profiles and query dependency: user profiles have not been deeply studied in LBS query privacy protection, while we are the first to show the impact of query dependency on users’ query privacy. More specifically, we present a general framework to enable the attackers to compute a distribution on users with respect to issuing an observed request. The framework can model attackers with different contextual information. We take user profiles and query dependency as examples to illustrate the implementation of the framework and their impact on users’ query privacy. Our framework subsequently allows us to show the insufficiency of existing query privacy metrics, e.g., k-anonymity, and propose several new metrics. In the end, we develop new generalisation algorithms to compute regions satisfying users’ privacy requirements expressed in these metrics. By experiments, our metrics and algorithms are shown to be effective and efficient for practical usage.

[1]  Dino Pedreschi,et al.  Mining sequences with temporal annotations , 2006, SAC '06.

[2]  Panos Kalnis,et al.  Location Diversity: Enhanced Privacy Protection in Location Based Services , 2009, LoCA.

[3]  Pierangela Samarati,et al.  Protecting Respondents' Identities in Microdata Release , 2001, IEEE Trans. Knowl. Data Eng..

[4]  Jean-Yves Le Boudec,et al.  Quantifying Location Privacy , 2011, 2011 IEEE Symposium on Security and Privacy.

[5]  E. Jaynes Information Theory and Statistical Mechanics , 1957 .

[6]  Hui Xiong,et al.  Preserving privacy in gps traces via uncertainty-aware path cloaking , 2007, CCS '07.

[7]  Indrajit Ray,et al.  Query m-Invariance: Preventing Query Disclosures in Continuous Location-Based Services , 2010, 2010 Eleventh International Conference on Mobile Data Management.

[8]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[9]  Sushil Jajodia,et al.  Anonymity and Historical-Anonymity in Location-Based Services , 2009, Privacy in Location-Based Applications.

[10]  Marco Gruteser,et al.  USENIX Association , 1992 .

[11]  J. MacQueen Some methods for classification and analysis of multivariate observations , 1967 .

[12]  Claudio Bettini,et al.  Spatial generalisation algorithms for LBS privacy preservation , 2007, J. Locat. Based Serv..

[13]  H Gu,et al.  The effects of averaging subjective probability estimates between and within judges. , 2000, Journal of experimental psychology. Applied.

[14]  Hinrich Schütze,et al.  Book Reviews: Foundations of Statistical Natural Language Processing , 1999, CL.

[15]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[16]  Tetsuji Satoh,et al.  Protection of Location Privacy using Dummies for Location-based Services , 2005, 21st International Conference on Data Engineering Workshops (ICDEW'05).

[17]  Kyriakos Mouratidis,et al.  Preventing Location-Based Identity Inference in Anonymous Spatial Queries , 2007, IEEE Transactions on Knowledge and Data Engineering.

[18]  Claudio Bettini,et al.  Privacy in Georeferenced Context-aware Services: A Survey , 2009, PiLBA.

[19]  Paolo Bellavista,et al.  Location-Based Services: Back to the Future , 2008, IEEE Pervasive Computing.

[20]  Jun Pang,et al.  Measuring query privacy in location-based services , 2012, CODASPY '12.

[21]  Hua Lu,et al.  SpaceTwist: Managing the Trade-Offs Among Location Privacy, Query Performance, and Query Accuracy in Mobile Services , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[22]  Luc Devroye,et al.  Combinatorial methods in density estimation , 2001, Springer series in statistics.

[23]  Jun Pang,et al.  Constructing and comparing user mobility profiles for location-based services , 2013, SAC '13.

[24]  George Wright,et al.  Coherence and calibration in expert probability judgement , 1993 .

[25]  Nick Koudas,et al.  The design of a query monitoring system , 2009, TODS.

[26]  Walid G. Aref,et al.  Casper*: Query processing for location services without compromising privacy , 2006, TODS.

[27]  Alastair R. Beresford,et al.  Location privacy in ubiquitous computing , 2005 .

[28]  Vijayalakshmi Atluri,et al.  A profile anonymization model for location-based services , 2011, J. Comput. Secur..

[29]  Albert-László Barabási,et al.  Understanding individual human mobility patterns , 2008, Nature.

[30]  Cyrus Shahabi,et al.  Privacy in location-based applications; going beyond k-anonymity, cloaking and anonymizers , 2010 .

[31]  Jun Pang,et al.  Exploring dependency for query privacy protection in location-based services , 2013, CODASPY.

[32]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[33]  Ling Liu,et al.  Protecting Location Privacy with Personalized k-Anonymity: Architecture and Algorithms , 2008, IEEE Transactions on Mobile Computing.

[34]  Vijayalakshmi Atluri,et al.  A Profile Anonymization Model for Privacy in a Personalized Location Based Service Environment , 2008, The Ninth International Conference on Mobile Data Management (mdm 2008).

[35]  Jordi Forné,et al.  On the measurement of privacy as an attacker’s estimation error , 2012, International Journal of Information Security.

[36]  Thomas Brinkhoff,et al.  A Framework for Generating Network-Based Moving Objects , 2002, GeoInformatica.

[37]  Reza Shokri,et al.  Collaborative Location Privacy with Rational Users , 2011, GameSec.

[38]  Kyriakos Mouratidis,et al.  Spatial Cloaking Revisited: Distinguishing Information Leakage from Anonymity , 2009, SSTD.

[39]  Ying Cai,et al.  Feeling-based location privacy protection for location-based services , 2009, CCS.

[40]  Dino Pedreschi,et al.  Trajectory pattern mining , 2007, KDD '07.

[41]  Panos Kalnis,et al.  Private queries in location based services: anonymizers are not necessary , 2008, SIGMOD Conference.

[42]  Panos Kalnis,et al.  PRIVE: anonymous location-based queries in distributed mobile systems , 2007, WWW '07.

[43]  Sushil Jajodia,et al.  Preserving Anonymity of Recurrent Location-Based Queries , 2009, 2009 16th International Symposium on Temporal Representation and Reasoning.

[44]  Carmela Troncoso,et al.  Unraveling an old cloak: k-anonymity for location privacy , 2010, WPES '10.

[45]  R. Suganya,et al.  Data Mining Concepts and Techniques , 2010 .

[46]  George Danezis,et al.  Towards an Information Theoretic Metric for Anonymity , 2002, Privacy Enhancing Technologies.

[47]  Indrajit Ray,et al.  On the Formation of Historically k-Anonymous Anonymity Sets in a Continuous LBS , 2010, SecureComm.

[48]  Bart Preneel,et al.  Towards Measuring Anonymity , 2002, Privacy Enhancing Technologies.

[49]  Yu Zhang,et al.  Preserving User Location Privacy in Mobile Data Management Infrastructures , 2006, Privacy Enhancing Technologies.

[50]  Jun Pang,et al.  Constructing and Comparing User Mobility Profiles , 2014, TWEB.

[51]  Walid G. Aref,et al.  The New Casper: A Privacy-Aware Location-Based Database Server , 2007, 2007 IEEE 23rd International Conference on Data Engineering.