6,319 research outputs found
On the Anonymization of Differentially Private Location Obfuscation
Obfuscation techniques in location-based services (LBSs) have been shown
useful to hide the concrete locations of service users, whereas they do not
necessarily provide the anonymity. We quantify the anonymity of the location
data obfuscated by the planar Laplacian mechanism and that by the optimal
geo-indistinguishable mechanism of Bordenabe et al. We empirically show that
the latter provides stronger anonymity than the former in the sense that more
users in the database satisfy k-anonymity. To formalize and analyze such
approximate anonymity we introduce the notion of asymptotic anonymity. Then we
show that the location data obfuscated by the optimal geo-indistinguishable
mechanism can be anonymized by removing a smaller number of users from the
database. Furthermore, we demonstrate that the optimal geo-indistinguishable
mechanism has better utility both for users and for data analysts.Comment: ISITA'18 conference pape
Optimal Geo-Indistinguishable Mechanisms for Location Privacy
We consider the geo-indistinguishability approach to location privacy, and
the trade-off with respect to utility. We show that, given a desired degree of
geo-indistinguishability, it is possible to construct a mechanism that
minimizes the service quality loss, using linear programming techniques. In
addition we show that, under certain conditions, such mechanism also provides
optimal privacy in the sense of Shokri et al. Furthermore, we propose a method
to reduce the number of constraints of the linear program from cubic to
quadratic, maintaining the privacy guarantees and without affecting
significantly the utility of the generated mechanism. This reduces considerably
the time required to solve the linear program, thus enlarging significantly the
location sets for which the optimal mechanisms can be computed.Comment: 13 page
No Place to Hide that Bytes won't Reveal: Sniffing Location-Based Encrypted Traffic to Track a User's Position
News reports of the last few years indicated that several intelligence
agencies are able to monitor large networks or entire portions of the Internet
backbone. Such a powerful adversary has only recently been considered by the
academic literature. In this paper, we propose a new adversary model for
Location Based Services (LBSs). The model takes into account an unauthorized
third party, different from the LBS provider itself, that wants to infer the
location and monitor the movements of a LBS user. We show that such an
adversary can extrapolate the position of a target user by just analyzing the
size and the timing of the encrypted traffic exchanged between that user and
the LBS provider. We performed a thorough analysis of a widely deployed
location based app that comes pre-installed with many Android devices:
GoogleNow. The results are encouraging and highlight the importance of devising
more effective countermeasures against powerful adversaries to preserve the
privacy of LBS users.Comment: 14 pages, 9th International Conference on Network and System Security
(NSS 2015
ReverseCloak: A Reversible Multi-level Location Privacy Protection System
With the fast popularization of mobile devices and wireless networks, along with advances in sensing and positioning technology, we are witnessing a huge proliferation of Location-based Services (LBSs). Location anonymization refers to the process of perturbing the exact location of LBS users as a cloaking region such that a user's location becomes indistinguishable from the location of a set of other users. However, existing location anonymization techniques focus primarily on single level unidirectional anonymization, which fails to control the access to the cloaking data to let data requesters with different privileges get information with varying degrees of anonymity. In this demonstration, we present a toolkit for ReverseCloak, a location perturbation system to protect location privacy over road networks in a multi-level reversible manner, consisting of an 'Anonymizer' GUI to adjust the anonymization settings and visualize the multilevel cloaking regions over road network for location data owners and a 'De-anonymizer' GUI to de-anonymize the cloaking region and display the reduced region over road network for location data requesters. With the toolkit, we demonstrate the practicality and effectiveness of the ReverseCloak approach
- …