27 research outputs found
On the Optimal Placement of Mix Zones
In mobile wireless networks, third parties can track the location of mobile nodes by monitoring the pseudonyms used for identification. A frequently proposed solution to protect the location privacy of mobile nodes suggests to change pseudonyms in regions called mix zones. In this paper, we propose a novel metric based on the mobility profiles of mobile nodes to evaluate the mixing effectiveness of possible mix zone locations. Then, as the location privacy achieved with mix zones depends on their placement in the network, we analyze the optimal placement of mix zones with combinatorial optimization techniques. The proposed algorithm maximizes the achieved location privacy in the system and takes into account the cost on mobile nodes induced by mix zones. By means of simulations, we show that the placement recommended by our algorithm significantly reduces the tracking success by the adversary
Optimal Geo-Indistinguishable Mechanisms for Location Privacy
We consider the geo-indistinguishability approach to location privacy, and
the trade-off with respect to utility. We show that, given a desired degree of
geo-indistinguishability, it is possible to construct a mechanism that
minimizes the service quality loss, using linear programming techniques. In
addition we show that, under certain conditions, such mechanism also provides
optimal privacy in the sense of Shokri et al. Furthermore, we propose a method
to reduce the number of constraints of the linear program from cubic to
quadratic, maintaining the privacy guarantees and without affecting
significantly the utility of the generated mechanism. This reduces considerably
the time required to solve the linear program, thus enlarging significantly the
location sets for which the optimal mechanisms can be computed.Comment: 13 page
A survey on pseudonym changing strategies for Vehicular Ad-Hoc Networks
The initial phase of the deployment of Vehicular Ad-Hoc Networks (VANETs) has
begun and many research challenges still need to be addressed. Location privacy
continues to be in the top of these challenges. Indeed, both of academia and
industry agreed to apply the pseudonym changing approach as a solution to
protect the location privacy of VANETs'users. However, due to the pseudonyms
linking attack, a simple changing of pseudonym shown to be inefficient to
provide the required protection. For this reason, many pseudonym changing
strategies have been suggested to provide an effective pseudonym changing.
Unfortunately, the development of an effective pseudonym changing strategy for
VANETs is still an open issue. In this paper, we present a comprehensive survey
and classification of pseudonym changing strategies. We then discuss and
compare them with respect to some relevant criteria. Finally, we highlight some
current researches, and open issues and give some future directions
Users Collaborative Mix-Zone to Resist the Query Content and Time Interval Correlation Attacks
In location-based services of continuous query, it is easier than snapshot to confirm whether a location belongs to a particular user, because sole location can be composed into a trajectory by profile correlation. In order to cut off the correlation and disturb the sub-trajectory, an un-detective region called mix-zone was proposed. However, at the time of this writing, the existing algorithms of this type mainly focus on the profiles of ID, passing time, transition probability, mobility patterns as well as road characteristics. In addition, there is still no standard way of coping with attacks of correlating each location by mining out query content and time interval from the sub-trajectory. To cope with such types of attack, users have to generalize their query contents and time intervals similarity. Hence, this paper first provided an attack model to simulate the adversary correlating the real location with a higher probability of query content and time interval similarity. Then a user collaboration mix-zone (CoMix) that can generalize these two types of profiles is proposed, so as to achieve location privacy. In CoMix, each user shares the common profile set to lowering the probability of success opponents to get the actual position through the correlation of location. Thirdly, entropy is utilized to measure the level of privacy preservation. At last, this paper further verifies the effectiveness and efficiency of the proposed algorithm by experimental evaluations
A uniformity-based approach to location privacy
As location-based services emerge, many people feel exposed to high privacy threats. Privacy protection is a major challenge for such services and related applications. A simple approach is perturbation, which adds an artificial noise to positions and returns an obfuscated measurement to the requester. Our main finding is that, unless the noise is chosen properly, these methods do not withstand attacks based on statistical analysis. In this paper, we propose UniLO, an obfuscation operator which offers high assurances on obfuscation uniformity, even in case of imprecise location measurement. We also deal with service differentiation by proposing three UniLO-based obfuscation algorithms that offer multiple contemporaneous levels of privacy. Finally, we experimentally prove the superiority of the proposed algorithms compared to the state-of-the-art solutions, both in terms of utility and resistance against inference attacks