F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture...
-
Upload
mark-watson -
Category
Documents
-
view
226 -
download
0
Transcript of F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture...
![Page 1: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/1.jpg)
FEELING-BASED LOCATION PRIVACY PROTECTION FOR LOCATION-BASED SERVICES
CS587x LectureDepartment of Computer ScienceIowa State UniversityAmes, IA 50011
![Page 2: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/2.jpg)
LOCATION-BASED SERVICES
![Page 3: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/3.jpg)
DILEMMA
Users have to report their locations to LBS providers
LBS providers may abuse the collected location data
Internet
::::
LBS Server
::::
Com3
Com3
LBS Server
Network
Users
Other companies
![Page 4: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/4.jpg)
LOCATION EXPOSURE PRESENTS SIGNIFICANT THREATS
Threat1: Anonymity of service use A user may not want to be identified as the subscriber
E.g., where is the nearest
Threat2: Location privacy A user may not want to reveal where she is
E.g., a query is sent from
![Page 5: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/5.jpg)
RESTRICTED SPACE IDENTIFICATION A user’s location can be correlated to her identity
……… E.g., a location belonging to a private property indicates the user is most likely the property owner
A single location sample may not be linked to an individual, but a time-series sequence will do
identified
Once the user is identified
All her visits may be disclosed
![Page 6: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/6.jpg)
LOCATION DEPERSONALIZATION
Protect anonymous use of service Cloak the service user
with her neighbors Location privacy leak
Protect location privacy Cloak the service user
with nearby footprints Adversary cannot know
who’s there when the service is requested
![Page 7: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/7.jpg)
MOTIVATION Privacy modeling
Users specify their desired privacy with a number K Privacy is about personal feeling, and it is difficult for
users to choose a K value Robustness
Just ensuring each cloaking region has been visited by K people may NOT provide protection at level K It has to do with footprints distribution
![Page 8: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/8.jpg)
OUR SOLUTION Feeling-based modeling
A user specifies a public region A spatial region which a user
feels comfortable that it is reported as her location should she request a service inside it
The public region becomes her privacy requirement All location reported on her
behalf will be at least as popular as the public region she identifies
![Page 9: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/9.jpg)
CHALLENGE
How to measure the privacy level of a region?
The privacy level is determined by Number of visitors Footprints distribution
A good measure should involve both factors
![Page 10: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/10.jpg)
ENTROPY
We borrow the concept of entropy Entropy of R is computed using the number of
footprints in R belonging to different users
Entropy of R is E(R) = Its value denotes the amount of information needed
for the adversary to identify the client
![Page 11: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/11.jpg)
POPULARITY
Popularity of R is P(R) = 2E(R)
Its value denotes the actual number of users among which the client is indistinguishable
Popularity is a good measure of privacy More visitors – higher popularity More evener distribution – higher popularity
![Page 12: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/12.jpg)
LOCATION CLOAKING WITH OUR PRIVACY MODEL Sporadic LBSs
Each location update is independent Cloaking strategy: Ensuring each reported location
is a region which has a popularity no less than P(R) Continuous LBSs
A sequence of location updates which form a trajectory
The strategy for sporadic LBSs may not work Adversary may identify the common set of visitors
![Page 13: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/13.jpg)
P-POPULOUS TRAJECTORY We should compute the popularity of cloaking
boxes with respect to a common user set, called cloaking set Only the footprints of users in the cloaking set are
considered in entropy computation Entropy w.r.t. cloaking set U is Popularity w.r.t. U is PU(R) = 2Eu(R)
P-Populous Trajectory (PPT) The popularity of each cloaking box in the trajectory
w.r.t. a cloaking set is no less than P(R)
![Page 14: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/14.jpg)
SYSTEM STRUCTURE
Location & Request
Answer Answer
Cloaked region & Request
Base Station
Location Depersonalization
Server
LBS Server
Cellular Infrustructures
Internet ::::
Users
Com3
Com3
::::
LBS Server
![Page 15: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/15.jpg)
FOOTPRINT INDEXING Grid-based pyramid structure
4i-1 cells at level i Cells at the bottom level keep the footprint index
![Page 16: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/16.jpg)
TRAJECTORY CLOAKING
To receive an LBS, a client needs to submit Public region R Travel bound B Location updates repeatedly during her travel
In response, the server will Generate a cloaking box for each location update Ensure the sequence of cloaking boxes form a PPT
![Page 17: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/17.jpg)
CHALLENGE How to find the cloaking set?
Basic solution: Finding the users who have footprints closest to the service-user
o Resolution becomes worse
o There may exist another cloaking set which leads to a finer average resolution
![Page 18: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/18.jpg)
SELECTING CLOAKING SET Observation
Popular user: Who have footprints spanning the entire travel bound B
Cloaking with popular users tends to have a fine cloaking resolution Easy to find their footprints close to the service user no
matter where she moves
Idea Use the most popular users as the cloaking set
![Page 19: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/19.jpg)
FINDING MOST POPULAR USERS l-popular : the user has visited all cells at
level l overlapping with B Larger l : more popular user
u1, u2, u3 : 2-popular
u2, u3 : 3-popular
u3: 4-popular
E.g.
Strategy: Sort users by the level l, and choose the most popular ones as the cloaking set
![Page 20: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/20.jpg)
CLOAKING CLIENT’S LOCATION Let S be the cloaking set, p be the client’s location,
we cloak p in three steps1. Find closest footprints to p for each user in S2. Compute the minimal bounding box of these footprints,
say b3. Calculate PS(b)
If PS(b) < P(R), for each user find her closest footprint to p
among her footprints outside b, and goto 2. If PS(b) ≥ P(R), b is reported as the client’s location
![Page 21: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/21.jpg)
SIMULATION We implement two other strategies for comparison
Naive cloaks each location independently Plain selects cloaking set by finding footprints closest to service user’s start position
Performance metrics Cloaking area
Protection level
![Page 22: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/22.jpg)
EXPERIMENT
Location privacy aware gateway (LPAG) A prototype which involves location privacy
protection into a real LBS system Two software components
LBS system: Spatial messaging
![Page 23: F EELING - BASED L OCATION P RIVACY P ROTECTION FOR L OCATION - BASED S ERVICES CS587x Lecture Department of Computer Science Iowa State University Ames,](https://reader035.fdocuments.net/reader035/viewer/2022062717/56649e215503460f94b0e49e/html5/thumbnails/23.jpg)
CONCLUSION Feeling-based privacy modeling for location
privacy protection in LBSs Public region instead of K value
Trajectory cloaking Algorithm, simulation, experiment
Future work Investigate attacks other than restricted space
identification Observation implication attack