Protecting Location Privacy against Location-Dependent Attacks in Mobile Services

Pan, Xiao; Xu, Jianliang; Meng, Xiaofeng

doi:10.1109/tkde.2011.105

Cited by 174 publications

(119 citation statements)

References 29 publications

Supporting

Mentioning

119

Contrasting

Order By: Relevance

“…Location k-anonymity [3] and its variation like l-diversity [20] and t-closeness [21] are proposed to measure the ability of the adversary to differentiate the real user from others within the anonymity set. To overcome the drawbacks of k-anonymity in quantifying location privacy, entropy-based metrics have been adopted in [5,13,22,23] for quantifying the information an adversary can obtain from one (or a series) of location update(s). Nonetheless, Shokri et al [24] show a lack of satisfactory correlation between these two metrics and the success of the adversary in inferring the users' actual position.…”

Section: Location Privacy Metricsmentioning

confidence: 99%

“…For location obfuscation mechanisms, most of them employ well-known location k-anonymity to protect user's privacy by blurring user's exact location into a sufficiently larger CR. Because of its simplicity, k-anonymity metric has been widely adopted in many different methods, including IntervalCloak [3], clique-based cloak [5], location differential perturbations [8], game-theoretic approach [12], dummy location selection [13], and hilbASR [28]. However, these methods suffer from the single point of failure due to the reliance on a TTP named anonymizer.…”

Section: Location Privacy Protectionmentioning

confidence: 99%

“…To assign a corresponding range in the 1-d space for each base cell, we Input: the T obtained from Algorithm 1, starting point 0 and curve orientation Output: a updated quad-tree root node T (1) initializes S(T) = 0 , (T)= , m = 0; (2) push T into the stack; (3) while (stack is not empty) do (4) N = pop the top element from the stack (5) if (N has child node) then (6) for (i= sw, se, ne, nw) do (7) set S(N i ), and (N i ) (8) push N i into the stack (9) end for (10) else (11) ℎ N = m (12) set the values of all corresponding POIs in the node N as m (13) m = m + 1 (14) end if (15) end while (16) outputs the updated quad-tree root node T.…”

Section: Modified Hilbert Curve Fillingmentioning

confidence: 99%

“…To address the privacy issues for mobile users in LBSs, a variety of privacy-preserving mechanisms and metrics have been proposed to allow users to make use of the LBSs while mitigating privacy concerns over the past few years [3][4][5][6][7][8][9][10][11][12][13][14][15]. These LBS privacy protection mechanisms (LPPMs) provide different privacy-utility trade-off, which offer alternatives to better meet personal requirements of different mobile users.…”

Section: Introductionmentioning

confidence: 99%

“…These LBS privacy protection mechanisms (LPPMs) provide different privacy-utility trade-off, which offer alternatives to better meet personal requirements of different mobile users. Roughly speaking, these LPPMs can be divided into two categories according to their architecture [16]: trusted anonymization server-based schemes [3,5,7,8,11,13] and mobile devices-based schemes [4,6,9,10,14,15]. In trusted anonymization serve-based schemes, a trusted thirdparty server (e.g., anonymizer [3]) is employed to perturb, obfuscate, and cloak user's query location by using the notion of k-anonymity [3].…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

A Context-Aware Location Differential Perturbation Scheme for Privacy-Aware Users in Mobile Environment

Zhang

Huang

et al. 2018

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

The proliferation of location-based services, representative services for the mobile networks, has posed a serious threat to users' privacy. In the literature, several privacy mechanisms have been proposed to preserve location privacy. Location obfuscation enforced using cloaking region is a widely used technique to achieve location privacy. However, it requires a trusted third-party (TTP) and cannot sufficiently resist various inference attacks based on background information and thus is vulnerable to location privacy breach. In this paper, we propose a context-aware location privacy-preserving solution with differential perturbations, which can enhance the user's location privacy without requiring a TTP. Our scheme utilizes the modified Hilbert curve to project every 2-d location of the user in the considered map to 1-d space and randomly generates the reasonable perturbation by adding Laplace noise via differential privacy. In order to solve the resource limitation of mobile devices, we use a quad-tree based scheme to transform and store the user context information as bit stream which achieves the high compression ratio and supports efficient retrieval. Security analysis shows that our proposed scheme can effectively preserve the location privacy. Experimental evaluation shows that our scheme retrieval accuracy is increased by an average of 15.4% compared with the scheme using standard Hilbert curve. Our scheme can provide strong privacy guarantees with a bounded accuracy loss while improving retrieval accuracy.

show abstract

Section: Location Privacy Metricsmentioning

confidence: 99%

Section: Location Privacy Protectionmentioning

confidence: 99%

Section: Modified Hilbert Curve Fillingmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A Context-Aware Location Differential Perturbation Scheme for Privacy-Aware Users in Mobile Environment

Zhang

Huang

et al. 2018

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

show abstract

Semantic analysis in location privacy preserving

Xiong

Zhang

Zhu

2015

Concurrency and Computation

View full text Add to dashboard Cite

SUMMARYWith the increasing use of location-based services, location privacy has recently started raising serious concerns. Location perturbation and obfuscation are most widely used for location privacy preserving. To protect a user from being identified, a cloaked spatial region that contains other k 1 nearest neighbors of the user is submitted to the location-based service provider, instead of the accurate position. In this paper, we consider the location-aware applications that services are different among regions. In such scenarios, the semantic distance between users should be considered besides the Euclidean distance for searching the neighbors of a user. We define a novel distance measurement that combines the semantic and the Euclidean distance to address the privacy-preserving issue in the aforementioned applications. We also present an algorithm kNNH to implement our proposed method. Moreover, we conduct performance study experiments on the proposed algorithm. The experimental results further suggest that the proposed distance metric and the algorithm can successfully retain the utility of the location services while preserving users' privacy. Copyright

show abstract

Search me if you can: Multiple mix zones with location privacy protection for mapping services

Memon

Arain

Memon

et al. 2017

Int J Communication

View full text Add to dashboard Cite

The mobile vehicle is gaining popularity nowadays using map services like Google Maps and other mapping services. However, map services users have to expose sensitive information like geographic locations (GPS coordinates) or address to personal privacy concerns as users share their locations and queries to obtain desired services. Existing mix zones location privacy protection methods are most general purposed and theoretical value while not applicable when applied to provide location privacy for map service users. In this paper, we present new (multiple mix zones location privacy protection) MMLPP method specially designed for map services on mobile vehicles over the road network. This method enables mobile vehicle users to query a route between 2 endpoints on the map, without revealing any confidential location and queries information. The basic idea is to strategically endpoints to nearby ones, such that (1) the semantic meanings encoded in these endpoints (eg, their GPS coordinates) change much, ie, location privacy is protected; (2) the routes returned by map services little change, ie, services usability are maintained. Specifically, a mobile client first privately retrieves point of interest close to the original endpoints, and then selects 2 points of interest as the shifted endpoints satisfying the property of geoindistinguishability. We evaluate our MMLPP approach road network application for GTMobiSim on different scales of map services and conduct experiments with real traces. Results show that MMLPP strikes a good balance between location privacy and service usability.

show abstract

Protecting Location Privacy against Location-Dependent Attacks in Mobile Services

Cited by 174 publications

References 29 publications

A Context-Aware Location Differential Perturbation Scheme for Privacy-Aware Users in Mobile Environment

A Context-Aware Location Differential Perturbation Scheme for Privacy-Aware Users in Mobile Environment

Semantic analysis in location privacy preserving

Search me if you can: Multiple mix zones with location privacy protection for mapping services

Contact Info

Product

Resources

About