Differential Private Data Collection and Analysis Based on Randomized Multiple Dummies for Untrusted Mobile Crowdsensing

Mobile crowdsensing, which collects environmental information from mobile phone users, is growing in popularity. These data can be used by companies for marketing surveys or decision making. However, collecting sensing data from other users may violate their privacy. Moreover, the data aggregator and/or the participants of crowdsensing may be untrusted entities. Recent studies have proposed randomized response schemes for anonymized data collection. This kind of data collection can analyze the sensing data of users statistically without precise information about other users\u27 sensing results. However, traditional randomized response schemes and their extensions require a large number of samples to achieve proper estimation. In this paper, we propose a new anonymized data-collection scheme that can estimate data distributions more accurately. Using simulations with synthetic and real datasets, we prove that our proposed method can reduce the mean squared error and the JS divergence by more than 85% as compared with other existing studies

Analysis Based on SVM for Untrusted Mobile Crowd Sensing

Mobile crowdsensing, which collects environmental information from mobile phone users, is growing in popularity. These data can be used by companies for marketing surveys or decision making. However, collecting sensing data from other users may violate their privacy. Moreover, the data aggregator and/or the participants of crowdsensing may be untrusted entities. Recent studies have proposed randomized response schemes for anonymized data collection. We have Developed vehicle Survey Mobile Application for decision making and predict marketing survey. This kind of data collection can analyze the sensing data of users statistically without precise information about other users� sensing results. In this proposed work, we use SVM classifier for classifying the data can be used by companies for marketing surveys or decision making. In which we worked on Parameter of a city, which will help in analyzing vehicle count as well their availability according to vehicle type, vehicle model etc. The Result analyses will directly affects in predicting the result oriented strategies

DPWeVote: differentially private weighted voting protocol for cloud-based decision-making

© 2018, © 2018 Informa UK Limited, trading as Taylor & Francis Group. With the advent of Industry 4.0, cloud computing techniques have been increasingly adopted by industry practitioners to achieve better workflows. One important application is cloud-based decision-making, in which multiple enterprise partners need to arrive an agreed decision. Such cooperative decision-making problem is sometimes formed as a weighted voting game, in which enterprise partners express ‘YES/NO’ opinions. Nevertheless, existing cryptographic approaches to Cloud-Based Weighted Voting Game have restricted collusion tolerance and heavily rely on trusted servers, which are not always available. In this work, we consider the more realistic scenarios of having semi-honest cloud server/partners and assuming maximal collusion tolerance. To resolve the privacy issues in such scenarios, the DPWeVote protocol is proposed which incorporates Randomized Response technique and consists the following three phases: the Randomized Weights Collection phase, the Randomized Opinions Collection phase, and the Voting Results Release phase. Experiments on synthetic data have demonstrated that the proposed DPWeVote protocol managed to retain an acceptable utility for decision-making while preserving privacy in semi-honest environment

Game Theory Based Privacy Protection for Context-Aware Services

In the era of context-aware services, users are enjoying remarkable services based on data collected from a multitude of users. To receive services, they are at risk of leaking private information from adversaries possibly eavesdropping on the data and/or the un--trusted service platform selling off its data. Malicious adversaries may use leaked information to violate users\u27 privacy in unpredictable ways. To protect users\u27 privacy, many algorithms are proposed to protect users\u27 sensitive information by adding noise, thus causing context-aware service quality loss. Game theory has been utilized as a powerful tool to balance the tradeoff between privacy protection level and service quality. However, most of the existing schemes fail to depict the mutual relationship between any two parties involved: user, platform, and adversary. There is also an oversight to formulate the interaction occurring between multiple users, as well as the interaction between any two attributes. To solve these issues, this dissertation firstly proposes a three-party game framework to formulate the mutual interaction between three parties and study the optimal privacy protection level for context-aware services, thus optimize the service quality. Next, this dissertation extends the framework to a multi-user scenario and proposes a two-layer three-party game framework. This makes the proposed framework more realistic by further exploring the interaction, not only between different parties, but also between users. Finally, we focus on analyzing the impact of long-term time-serial data and the active actions of the platform and adversary. To achieve this objective, we design a three-party Stackelberg game model to help the user to decide whether to update information and the granularity of updated information

Trajectory Privacy Preservation and Lightweight Blockchain Techniques for Mobility-Centric IoT

Various research efforts have been undertaken to solve the problem of trajectory privacy preservation in the Internet of Things (IoT) of resource-constrained mobile devices. Most attempts at resolving the problem have focused on the centralized model of IoT, which either impose high delay or fail against a privacy-invading attack with long-term trajectory observation. These proposed solutions also fail to guarantee location privacy for trajectories with both geo-tagged and non-geo-tagged data, since they are designed for geo-tagged trajectories only. While a few blockchain-based techniques have been suggested for preserving trajectory privacy in decentralized model of IoT, they require large storage capacity on resource-constrained devices and can only provide conditional privacy when a set of authorities governs the blockchain. This dissertation addresses these challenges to develop efficient trajectory privacy-preservation and lightweight blockchain techniques for mobility-centric IoT. We develop a pruning-based technique by quantifying the relationship between trajectory privacy and delay for real-time geo-tagged queries. This technique yields higher trajectory privacy with a reduced delay than contemporary techniques while preventing a long-term observation attack. We extend our study with the consideration of the presence of non-geo-tagged data in a trajectory. We design an attack model to show the spatiotemporal correlation between the geo-tagged and non-geo-tagged data which undermines the privacy guarantee of existing techniques. In response, we propose a methodology that considers the spatial distribution of the data in trajectory privacy-preservation and improves existing solutions, in privacy and usability. With respect to blockchain, we design and implement one of the first blockchain storage management techniques utilizing the mobility of the devices. This technique reduces the required storage space of a blockchain and makes it lightweight for resource-constrained mobile devices. To address the trajectory privacy challenges in an authority-based blockchain under the short-range communication constraints of the devices, we introduce a silence-based one of the first technique to establish a balance between trajectory privacy and blockchain utility. The designed trajectory privacy- preservation techniques we established are light- weight and do not require an intermediary to guarantee trajectory privacy, thereby providing practical and efficient solution for different mobility-centric IoT, such as mobile crowdsensing and Internet of Vehicles

Differentially Private Mobile Crowd Sensing Considering Sensing Errors

An increasingly popular class of software known as participatory sensing, or mobile crowdsensing, is a means of collecting people’s surrounding information via mobile sensing devices. To avoid potential undesired side effects of this data analysis method, such as privacy violations, considerable research has been conducted over the last decade to develop participatory sensing that looks to preserve privacy while analyzing participants’ surrounding information. To protect privacy, each participant perturbs the sensed data in his or her device, then the perturbed data is reported to the data collector. The data collector estimates the true data distribution from the reported data. As long as the data contains no sensing errors, current methods can accurately evaluate the data distribution. However, there has so far been little analysis of data that contains sensing errors. A more precise analysis that maintains privacy levels can only be achieved when a variety of sensing errors are considered

Security and Privacy Preservation in Mobile Crowdsensing

Mobile crowdsensing (MCS) is a compelling paradigm that enables a crowd of individuals to cooperatively collect and share data to measure phenomena or record events of common interest using their mobile devices. Pairing with inherent mobility and intelligence, mobile users can collect, produce and upload large amounts of data to service providers based on crowdsensing tasks released by customers, ranging from general information, such as temperature, air quality and traffic condition, to more specialized data, such as recommended places, health condition and voting intentions. Compared with traditional sensor networks, MCS can support large-scale sensing applications, improve sensing data trustworthiness and reduce the cost on deploying expensive hardware or software to acquire high-quality data. Despite the appealing benefits, however, MCS is also confronted with a variety of security and privacy threats, which would impede its rapid development. Due to their own incentives and vulnerabilities of service providers, data security and user privacy are being put at risk. The corruption of sensing reports may directly affect crowdsensing results, and thereby mislead customers to make irrational decisions. Moreover, the content of crowdsensing tasks may expose the intention of customers, and the sensing reports might inadvertently reveal sensitive information about mobile users. Data encryption and anonymization techniques can provide straightforward solutions for data security and user privacy, but there are several issues, which are of significantly importance to make MCS practical. First of all, to enhance data trustworthiness, service providers need to recruit mobile users based on their personal information, such as preferences, mobility pattern and reputation, resulting in the privacy exposure to service providers. Secondly, it is inevitable to have replicate data in crowdsensing reports, which may possess large communication bandwidth, but traditional data encryption makes replicate data detection and deletion challenging. Thirdly, crowdsensed data analysis is essential to generate crowdsensing reports in MCS, but the correctness of crowdsensing results in the absence of malicious mobile users and service providers become a huge concern for customers. Finally yet importantly, even if user privacy is preserved during task allocation and data collection, it may still be exposed during reward distribution. It further discourage mobile users from task participation. In this thesis, we explore the approaches to resolve these challenges in MCS. Based on the architecture of MCS, we conduct our research with the focus on security and privacy protection without sacrificing data quality and users' enthusiasm. Specifically, the main contributions are, i) to enable privacy preservation and task allocation, we propose SPOON, a strong privacy-preserving mobile crowdsensing scheme supporting accurate task allocation. In SPOON, the service provider recruits mobile users based on their locations, and selects proper sensing reports according to their trust levels without invading user privacy. By utilizing the blind signature, sensing tasks are protected and reports are anonymized. In addition, a privacy-preserving credit management mechanism is introduced to achieve decentralized trust management and secure credit proof for mobile users; ii) to improve communication efficiency while guaranteeing data confidentiality, we propose a fog-assisted secure data deduplication scheme, in which a BLS-oblivious pseudo-random function is developed to enable fog nodes to detect and delete replicate data in sensing reports without exposing the content of reports. Considering the privacy leakages of mobile users who report the same data, the blind signature is utilized to hide users' identities, and chameleon hash function is leveraged to achieve contribution claim and reward retrieval for anonymous greedy mobile users; iii) to achieve data statistics with privacy preservation, we propose a privacy-preserving data statistics scheme to achieve end-to-end security and integrity protection, while enabling the aggregation of the collected data from multiple sources. The correctness verification is supported to prevent the corruption of the aggregate results during data transmission based on the homomorphic authenticator and the proxy re-signature. A privacy-preserving verifiable linear statistics mechanism is developed to realize the linear aggregation of multiple crowdsensed data from a same device and the verification on the correctness of aggregate results; and iv) to encourage mobile users to participating in sensing tasks, we propose a dual-anonymous reward distribution scheme to offer the incentive for mobile users and privacy protection for both customers and mobile users in MCS. Based on the dividable cash, a new reward sharing incentive mechanism is developed to encourage mobile users to participating in sensing tasks, and the randomization technique is leveraged to protect the identities of customers and mobile users during reward claim, distribution and deposit

Local Obfuscation Mechanisms for Hiding Probability Distributions

We introduce a formal model for the information leakage of probability distributions and define a notion called distribution privacy as the local differential privacy for probability distributions. Roughly, the distribution privacy of a local obfuscation mechanism means that the attacker cannot significantly gain any information on the distribution of the mechanism's input by observing its output. Then we show that existing local mechanisms can hide input distributions in terms of distribution privacy, while deteriorating the utility by adding too much noise. For example, we prove that the Laplace mechanism needs to add a large amount of noise proportionally to the infinite Wasserstein distance between the two distributions we want to make indistinguishable. To improve the tradeoff between distribution privacy and utility, we introduce a local obfuscation mechanism, called a tupling mechanism, that adds random dummy data to the output. Then we apply this mechanism to the protection of user attributes in location based services. By experiments, we demonstrate that the tupling mechanism outperforms popular local mechanisms in terms of attribute obfuscation and service quality.Comment: Full version of Proc. ESORICS 2019 (with a longer appendix