STAMP: Ad hoc spatial-temporal provenance assurance for mobile users

Location-based services are quickly becoming immensely popular. In addition to services based on users' current location, many potential services rely on users' location history, or their spatial-temporal provenance. Malicious users may lie about their spatial-temporal provenance without a carefully designed security system for users to prove their past locations. In this paper, we present the Spatial-Temporal provenance Assurance with Mutual Proofs (STAMP) scheme. In contrast to most existing location proof systems which rely on infrastructure like wireless APs, STAMP is based on co-located mobile devices mutually generating location proofs for each other. This makes STAMP desirable for a wider range of applications. STAMP ensures the integrity and non-transferability of the location proofs and protects users' privacy. We also examine different collusion scenarios and propose a light-weight entropy-based trust evaluation approach to detect fake proofs resulting from collusion attacks. Our prototype implementation on the Android platform shows that STAMP is low-cost in terms of computational and storage resources. Extensive simulation experiments show that our entropy-based trust model is able to achieve high (> 0.9) collusion detection accuracy.

[1]  Urs Hengartner,et al.  VeriPlace: a privacy-aware location proof architecture , 2010, GIS '10.

[2]  Moni Naor,et al.  Bit commitment using pseudorandomness , 1989, Journal of Cryptology.

[3]  Laurent Bussard,et al.  Distance-Bounding Proof of Knowledge to Avoid Real-Time Attacks , 2005, SEC.

[4]  Alec Wolman,et al.  Enabling new mobile applications with location proofs , 2009, HotMobile '09.

[5]  Randal C. Burns,et al.  Where Have You Been? Secure Location Provenance for Mobile Devices , 2011, ArXiv.

[6]  Guohong Cao,et al.  Toward Privacy Preserving and Collusion Resistance in a Location Proof Updating System , 2013, IEEE Transactions on Mobile Computing.

[7]  Joachim M. Buhmann,et al.  The Balanced Accuracy and Its Posterior Distribution , 2010, 2010 20th International Conference on Pattern Recognition.

[8]  Yih-Chun Hu,et al.  Wormhole attacks in wireless networks , 2006, IEEE Journal on Selected Areas in Communications.

[9]  Matthew K. Franklin,et al.  Privacy-preserving alibi systems , 2012, ASIACCS '12.

[10]  David A. Wagner,et al.  Secure verification of location claims , 2003, WiSe '03.

[11]  Silvio Micali,et al.  Practical and Provably-Secure Commitment Schemes from Collision-Free Hashing , 1996, CRYPTO.

[12]  George Danezis,et al.  A Survey of Anonymous Communication Channels , 2008 .

[13]  Gildas Avoine,et al.  The Swiss-Knife RFID Distance Bounding Protocol , 2008, ICISC.

[14]  Andreas Pfitzmann,et al.  Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[15]  Juan Manuel González Nieto,et al.  Detecting relay attacks with timing-based protocols , 2007, ASIACCS '07.

[16]  Omer Reingold,et al.  Statistically-hiding commitment from any one-way function , 2007, STOC '07.

[17]  Ivan Damgård,et al.  Commitment Schemes and Zero-Knowledge Protocols , 1998, Lectures on Data Security.

[18]  Felix C. Freiling,et al.  Location privacy in urban sensing networks: research challenges and directions [Security and Privacy in Emerging Wireless Networks] , 2010, IEEE Wireless Communications.

[19]  Bart Preneel,et al.  Location verification using secure distance bounding protocols , 2005, IEEE International Conference on Mobile Adhoc and Sensor Systems Conference, 2005..