The Privacy Exposure Problem in Mobile Location-Based Services

Mobile location-based services (LBSs) empowered by mobile crowdsourcing provide users with context- aware intelligent services based on user locations. As smartphones are capable of collecting and disseminating massive user location-embedded sensing information, privacy preservation for mobile users has become a crucial issue. This paper proposes a metric called privacy exposure to quantify the notion of privacy, which is subjective and qualitative in nature, in order to support mobile LBSs to evaluate the effectiveness of privacy-preserving solutions. This metric incorporates activity coverage and activity uniformity to address two primary privacy threats, namely activity hotspot disclosure and activity transition disclosure. In addition, we propose an algorithm to minimize privacy exposure for mobile LBSs. We evaluate the proposed metric and the privacy-preserving sensing algorithm via extensive simulations. Moreover, we have also implemented the algorithm in an Android-based mobile system and conducted real-world experiments. Both our simulations and experimental results demonstrate that (1) the proposed metric can properly quantify the privacy exposure level of human activities in the spatial domain and (2) the proposed algorithm can effectively cloak users' activity hotspots and transitions at both high and low user-mobility levels

Constructing dummy query sequences to protect location privacy and query privacy in location-based services

© 2020, Springer Science+Business Media, LLC, part of Springer Nature. Location-based services (LBS) have become an important part of people’s daily life. However, while providing great convenience for mobile users, LBS result in a serious problem on personal privacy, i.e., location privacy and query privacy. However, existing privacy methods for LBS generally take into consideration only location privacy or query privacy, without considering the problem of protecting both of them simultaneously. In this paper, we propose to construct a group of dummy query sequences, to cover up the query locations and query attributes of mobile users and thus protect users’ privacy in LBS. First, we present a client-based framework for user privacy protection in LBS, which requires not only no change to the existing LBS algorithm on the server-side, but also no compromise to the accuracy of a LBS query. Second, based on the framework, we introduce a privacy model to formulate the constraints that ideal dummy query sequences should satisfy: (1) the similarity of feature distribution, which measures the effectiveness of the dummy query sequences to hide a true user query sequence; and (2) the exposure degree of user privacy, which measures the effectiveness of the dummy query sequences to cover up the location privacy and query privacy of a mobile user. Finally, we present an implementation algorithm to well meet the privacy model. Besides, both theoretical analysis and experimental evaluation demonstrate the effectiveness of our proposed approach, which show that the location privacy and attribute privacy behind LBS queries can be effectively protected by the dummy queries generated by our approach

Addressing the cyber safety challenge: from risk to resilience

Addressing the cyber safety challenge: from risk to resilience describes the cyber safety issues emerging from a range of technology trends, how different populations are using technologies and the risks they face, and how we can effectively respond to each group’s unique cyber safety needs. Written by the University of Western Sydney for Telstra Corporation Ltd, the report advocates for continuing to move cyber safety from a ‘risk and protection’ framework to one that focuses on building digital resilience, as well as fostering trust and confidence in the online environment. To do this we need to: Address the needs of populations often neglected by current policies and programs – including adults, seniors, parents, and small to medium enterprises Continue to build the digital literacy skills of all populations, because digital literacy strongly influences users’ ability to engage safely online – this is best achieved by a hands-on learning approach Keep risk in perspective – the risks and benefits of digital participation go hand in hand Broaden the focus from awareness-raising to long-term behaviour change. As digital technologies become further integrated into the everyday lives of Australians, users are potentially exposed to greater risks. However, the risks and benefits of digital participation go hand in hand. The challenge, therefore, is to support users to minimise the risks without limiting their digital participation and their capacity to derive the full benefits of connectivity. If Australians are to benefit as either consumers or providers of online services and products in the e-commerce environment, consumer safety and trust need to be improved. Cyber safety needs to be considered against a transforming backdrop of technology trends, products and practices. While the rise of social media has tended to dominate recent debate and developments in cyber safety, particularly in relation to young people, a range of other trends is also shaping how users engage online, the risks they potentially face in the new media landscape, and the strategies used to address them. These trends include the rise of user generated content and content sharing platforms; the uptake of mobile technologies and, in particular, the adoption of smartphones; cloud computing; platform integration and single sign-on mechanisms; and the rise of GPS and location based services

Experimental Analysis of Subscribers' Privacy Exposure by LTE Paging

Over the last years, considerable attention has been given to the privacy of individuals in wireless environments. Although significantly improved over the previous generations of mobile networks, LTE still exposes vulnerabilities that attackers can exploit. This might be the case of paging messages, wake-up notifications that target specific subscribers, and that are broadcasted in clear over the radio interface. If they are not properly implemented, paging messages can expose the identity of subscribers and furthermore provide information about their location. It is therefore important that mobile network operators comply with the recommendations and implement the appropriate mechanisms to mitigate attacks. In this paper, we verify by experiment that paging messages can be captured and decoded by using minimal technical skills and publicly available tools. Moreover, we present a general experimental method to test privacy exposure by LTE paging messages, and we conduct a case study on three different LTE mobile operators