1,189 research outputs found
Location Privacy in Spatial Crowdsourcing
Spatial crowdsourcing (SC) is a new platform that engages individuals in
collecting and analyzing environmental, social and other spatiotemporal
information. With SC, requesters outsource their spatiotemporal tasks to a set
of workers, who will perform the tasks by physically traveling to the tasks'
locations. This chapter identifies privacy threats toward both workers and
requesters during the two main phases of spatial crowdsourcing, tasking and
reporting. Tasking is the process of identifying which tasks should be assigned
to which workers. This process is handled by a spatial crowdsourcing server
(SC-server). The latter phase is reporting, in which workers travel to the
tasks' locations, complete the tasks and upload their reports to the SC-server.
The challenge is to enable effective and efficient tasking as well as reporting
in SC without disclosing the actual locations of workers (at least until they
agree to perform a task) and the tasks themselves (at least to workers who are
not assigned to those tasks). This chapter aims to provide an overview of the
state-of-the-art in protecting users' location privacy in spatial
crowdsourcing. We provide a comparative study of a diverse set of solutions in
terms of task publishing modes (push vs. pull), problem focuses (tasking and
reporting), threats (server, requester and worker), and underlying technical
approaches (from pseudonymity, cloaking, and perturbation to exchange-based and
encryption-based techniques). The strengths and drawbacks of the techniques are
highlighted, leading to a discussion of open problems and future work
ReCon: Revealing and Controlling PII Leaks in Mobile Network Traffic
It is well known that apps running on mobile devices extensively track and
leak users' personally identifiable information (PII); however, these users
have little visibility into PII leaked through the network traffic generated by
their devices, and have poor control over how, when and where that traffic is
sent and handled by third parties. In this paper, we present the design,
implementation, and evaluation of ReCon: a cross-platform system that reveals
PII leaks and gives users control over them without requiring any special
privileges or custom OSes. ReCon leverages machine learning to reveal potential
PII leaks by inspecting network traffic, and provides a visualization tool to
empower users with the ability to control these leaks via blocking or
substitution of PII. We evaluate ReCon's effectiveness with measurements from
controlled experiments using leaks from the 100 most popular iOS, Android, and
Windows Phone apps, and via an IRB-approved user study with 92 participants. We
show that ReCon is accurate, efficient, and identifies a wider range of PII
than previous approaches.Comment: Please use MobiSys version when referencing this work:
http://dl.acm.org/citation.cfm?id=2906392. 18 pages, recon.meddle.mob
Privacy-Preserving Blockchain-Based Federated Learning for IoT Devices
Home appliance manufacturers strive to obtain feedback from users to improve
their products and services to build a smart home system. To help manufacturers
develop a smart home system, we design a federated learning (FL) system
leveraging the reputation mechanism to assist home appliance manufacturers to
train a machine learning model based on customers' data. Then, manufacturers
can predict customers' requirements and consumption behaviors in the future.
The working flow of the system includes two stages: in the first stage,
customers train the initial model provided by the manufacturer using both the
mobile phone and the mobile edge computing (MEC) server. Customers collect data
from various home appliances using phones, and then they download and train the
initial model with their local data. After deriving local models, customers
sign on their models and send them to the blockchain. In case customers or
manufacturers are malicious, we use the blockchain to replace the centralized
aggregator in the traditional FL system. Since records on the blockchain are
untampered, malicious customers or manufacturers' activities are traceable. In
the second stage, manufacturers select customers or organizations as miners for
calculating the averaged model using received models from customers. By the end
of the crowdsourcing task, one of the miners, who is selected as the temporary
leader, uploads the model to the blockchain. To protect customers' privacy and
improve the test accuracy, we enforce differential privacy on the extracted
features and propose a new normalization technique. We experimentally
demonstrate that our normalization technique outperforms batch normalization
when features are under differential privacy protection. In addition, to
attract more customers to participate in the crowdsourcing FL task, we design
an incentive mechanism to award participants.Comment: This paper appears in IEEE Internet of Things Journal (IoT-J
Privacy Leakage in Mobile Computing: Tools, Methods, and Characteristics
The number of smartphones, tablets, sensors, and connected wearable devices
are rapidly increasing. Today, in many parts of the globe, the penetration of
mobile computers has overtaken the number of traditional personal computers.
This trend and the always-on nature of these devices have resulted in
increasing concerns over the intrusive nature of these devices and the privacy
risks that they impose on users or those associated with them. In this paper,
we survey the current state of the art on mobile computing research, focusing
on privacy risks and data leakage effects. We then discuss a number of methods,
recommendations, and ongoing research in limiting the privacy leakages and
associated risks by mobile computing
- …