Optimal Strategies for Defending Location Inference Attack in Database-driven CRNs

Database-driven Cognitive Radio Network (CRN) has been proposed to replace the requirement of spectrum sensing of terminal devices so that the operation of users is simplified. However, location privacy issues introduce a big challenge for securing database-driven CRN due to spectrum availability information. The existing works consider either PU or SU\u27s location privacy while not the both. In this study, we identify a unified attack framework in which a curious user could infer a target\u27s location based on the spectrum availability/utilization information. Further, we propose a location privacy protection mechanism, which allows both SU and PU to protect their location privacy by adopting a series of countermeasures. The location privacy and spectrum utility are the trade-off. In the countermeasures of location privacy preserving spectrum query process, both SU and database aim to maximize the location privacy with constraints of spectrum utility. Thus, they can obtain higher location privacy level with sacrifice of spectrum utility as long as the spectrum utility meets the requirements. We evaluate the unified attack and defence approaches based on simulation and demonstrate the effectiveness of the proposed location privacy preserving approaches.Date of Conference: 8-12 June 2015Conference Location: Londo

When the Hammer Meets the Nail: Multi-Server PIR for Database-Driven CRN with Location Privacy Assurance

We show that it is possible to achieve information theoretic location privacy for secondary users (SUs) in database-driven cognitive radio networks (CRNs) with an end-to-end delay less than a second, which is significantly better than that of the existing alternatives offering only a computational privacy. This is achieved based on a keen observation that, by the requirement of Federal Communications Commission (FCC), all certified spectrum databases synchronize their records. Hence, the same copy of spectrum database is available through multiple (distinct) providers. We harness the synergy between multi-server private information retrieval (PIR) and database- driven CRN architecture to offer an optimal level of privacy with high efficiency by exploiting this observation. We demonstrated, analytically and experimentally with deployments on actual cloud systems that, our adaptations of multi-server PIR outperform that of the (currently) fastest single-server PIR by a magnitude of times with information theoretic security, collusion resiliency, and fault-tolerance features. Our analysis indicates that multi-server PIR is an ideal cryptographic tool to provide location privacy in database-driven CRNs, in which the requirement of replicated databases is a natural part of the system architecture, and therefore SUs can enjoy all advantages of multi-server PIR without any additional architectural and deployment costs.Comment: 10 pages, double colum