Ben Niu

Achieving k-anonymity in privacy-aware location-based services

Location-Based Service (LBS) has become a vital part of our daily life. While enjoying the convenience provided by LBS, users may lose privacy since the untrusted LBS server has all the information about users in LBS and it may track them in various ways or release their personal data to third parties. To address the privacy issue, we propose a Dummy-Location Selection (DLS) algorithm to achieve k-anonymity for users in LBS. Different from existing approaches, the DLS algorithm carefully selects dummy locations considering that side information may be exploited by adversaries. We first choose these dummy locations based on the entropy metric, and then propose an enhanced-DLS algorithm, to make sure that the selected dummy locations are spread as far as possible. Evaluation results show that the proposed DLS algorithm can significantly improve the privacy level in terms of entropy. The enhanced-DLS algorithm can enlarge the cloaking region while keeping similar privacy level as the DLS algorithm.

Privacy-area aware dummy generation algorithms for Location-Based Services

Location-Based Services (LBSs) have been one of the most popular activities in our daily life. Users can send queries to the LBS server easily to learn their surroundings. However, these location-related queries may result in serious privacy concerns since the un-trusted LBS server has all the information about users and may track them in various ways. In this paper, we propose two dummy-based solutions to achieve k-anonymity for privacy-area aware users in LBSs with considering that side information may be exploited by adversaries. We first choose some candidates based on a virtual circle or grid method, then blur these candidates into the final positions of dummy locations based on the entropy-based privacy metric. Security analysis and evaluation results indicate that the V-circle solution can significantly improve the privacy anonymity level. The V-grid solution can further enlarge the cloaking region while keeping similar privacy level.

A novel attack to spatial cloaking schemes in location-based services

Location-based services (LBSs) have been one of the novel uses and most popular activities in internet of things (IoT). In such location-based applications, mobile users enjoy plenty of conveniences at the cost of privacy. To protect users location privacy, many research solutions have been proposed. In this paper, we focus on an important class of solutions, short-range communication-based spatial cloaking algorithms, which achieve k -anonymity within some collaborative groups. We first analyze the inherent drawbacks of existing P2P-based and encounter-based spatial cloaking approaches and propose a Variance-Based Attack (VBA) against them. Then we study the proposed attack on several existing spatial cloaking solutions. Finally, we propose a countermeasure R -cloak, which can mitigate VBA for current P2P cloaking algorithms. Our empirical evaluations further verify the effectiveness and efficiency of R -cloak. We design a variance-based attack to exploit weaknesses of some existing algorithms.We verify the effectiveness of our VBA on several existing algorithms.We propose a random walk-based cloaking algorithm to mitigate the proposed attack.

A fine-grained spatial cloaking scheme for privacy-aware users in Location-Based Services

In Location-Based Services (LBSs) mobile users submit location-related queries to the untrusted LBS server to get service. However, such queries increasingly induce privacy concerns from mobile users. To address this problem, we propose FGcloak, a novel fine-grained spatial cloaking scheme for privacy-aware mobile users in LBSs. Based on a novel use of modified Hilbert Curve in a particular area, our scheme effectively guarantees k-anonymity and at the same time provides larger cloaking region. It also uses a parameter σ for users to make fine-grained control on the system overhead based on the resource constraints of mobile devices. Security analysis and empirical evaluation results verify the effectiveness and efficiency of our scheme.

EPcloak: An Efficient and Privacy-Preserving Spatial Cloaking Scheme for LBSs

Location-Based Services (LBSs) have become one of the most popular activities and affected our daily life a lot. Mobile users can enjoy kinds of conveniences by submitting their location and interest-related queries to the LBS server. However, since these queries may expose sensitive information to the untrusted LBS server, privacy concerns arise. To address the serious privacy issues, we propose a novel collaborative scheme, EPcloak, which combines a privacy-preserving spatial cloaking algorithm and caching to protect users privacy. Different from existing schemes, users in EPcloak cache their past service data for future use. When LBSs are needed, a user first uses a Local Searching Algorithm (LSA) to look for service data from the nearby friends of a collaborative group through Ad Hoc networks. If the requirements cannot be satisfied, the user uses a Spatial Cloaking Algorithm (SCA) to forward the query to another user at a certain distance away through a set of forwarders. That user will query the LBS server to get service data for a larger area that can cover the original users query area, and send the data back to the original user. SCA protects both users location privacy and query privacy. Evaluation results indicate that our proposed LSA and SCA are effective and efficient.

A personalized two-tier cloaking scheme for privacy-aware location-based services

The ubiquity of modern mobile devices with GPS modules and Internet connectivity such as 3G/4G techniques have resulted in rapid development of Location-Based Services (LBSs). However, users enjoy the convenience provided by the untrusted LBS server at the cost of their privacy. To protect users sensitive information against adversaries with side information, we design a personalized spatial cloaking scheme, termed TTcloak, which provides k-anonymity for users location privacy, 1-diversity for query privacy and desired size of cloaking region for mobile users in LBSs, simultaneously. TTcloak uses Dummy Query Determining (DQD) algorithm and Dummy Location Determining (DLD) algorithm to find out a set of realistic cells as candidates, and employs a CR-refinement Module (CRM) to guarantee that dummy users are assigned into the cloaking region with desired size. Finally, thorough security analysis and empirical evaluation results verify our proposed TTcloak.

P-Match: Priority-Aware Friend Discovery for Proximity-Based Mobile Social Networks

With rapid developments of mobile devices and online social networks, users of Proximity-based Mobile Social Networks (PMSNs) can easily discover and make new social interactions with others at the cost of their growing privacy concerns. To address this problem, we propose a third party free scheme, P-match, to privately match the similarity with potential friends in vicinity. Unlike most existing work, P-match considers both the number of common interests and the corresponding priorities on each of them individually. The security and performance overhead of our scheme are then thoroughly analyzed and evaluated via detailed simulations.

Achieving secure friend discovery in social strength-aware PMSNs

With Proximity-based Mobile Social Networks (PMSNs), mobile users can discover and make new social interactions easily with physical-proximate others through WiFi/Bluetooth interfaces embedded in the smartphones. Unfortunately, users enjoy these conveniences at the cost of revealing their personal data. Furthermore, an important factor called social strength, which impacts the discovering result a lot, is always ignored. To address these problems, we propose S-match, which aims to achieve secure friend discovery in social strength-aware PMSNs. Specifically, S-match exploits a two-dimensional similarity vector with considering both priority-aware similarity coefficient and social strength-aware similarity coefficient. We construct a similarity evaluation model based on entropy method to measure profile similarity, as well as a novel priority-aware similarity coefficient by improving Jaccard similarity function. Finally, the combination of the homomorphic property and the priority-aware similarity coefficient guarantee the avoidance on the insider attacks. The security and performance are thoroughly analyzed and evaluated via detailed simulations.

An Exact and Efficient Privacy-Preserving Spatiotemporal Matching in Mobile Social Networks

With the rapid development of mobile smartphone and its built-in location-aware devices, people are possible to establish trust relationships and further interaction with each other based their matched interests, hobbies, experiences, or spatiotemporal profiles. However, the possibility of sensitive information leakage and heavy computation overhead constrain the widespread use of the matching schemes in mobile social networks. Many privacy-preserving matching schemes were proposed recently years, but how to achieve privacy-preserving spatiotemporal matching exactly and efficiently remains an open question. In this paper, the authors propose a novel spatiotemporal matching scheme. The overlapping grid system is introduced into the scheme to improve the accuracy of spatiotemporal matching, and many repetitive records in a users spatiotemporal profile are counted as one item so as to cut down the computation overhead. Their scheme decreases the spatiotemporal matching error, and promotes the efficiency of private matchmaking simultaneously. Thorough security analysis and evaluation results indicate that our scheme is effective and efficient.

Protection of location privacy in continuous LBSs against adversaries with background information

Privacy issues in continuous Location-Based Services (LBSs) have gained attractive attentions in literature over recent years. In this paper, we illustrate the limitations of existing work and define an entropy-based privacy metric to quantify the privacy degree based on a set of vital observations. To tackle the privacy issues, we propose an efficient privacy-preserving scheme, DUMMY-T, which aims to protect LBSs users privacy against adversaries with background information. By our Dummy Locations Generating (DLG) algorithm, we first generate a set of realistic dummy locations for each snapshot with considering the minimum cloaking region and background information. Further, our proposed Dummy Paths Constructing (DPC) algorithm guarantees the location reachability by taking the maximum distance of the moving mobile users into consideration. Security analysis and empirical evaluation results further verify the effectiveness and efficiency of our DUMMY-T.