Efficient Location Privacy In Mobile Applications

Location awareness is an essential part of today\u27s mobile devices. It is a well-established technology that offers significant benefits to mobile users. While location awareness has triggered the exponential growth of mobile computing, it has also introduced new privacy threats due to frequent location disclosures. Movement patterns could be used to identify individuals and also leak sensitive information about them, such as health condition, lifestyle, political/religious affiliations, etc. In this dissertation we address location privacy in the context of mobile applications. First we look into location privacy in the context of Dynamic Spectrum Access (DSA) technology. DSA is a promising framework for mitigating the spectrum shortage caused by fixed spectrum allocation policies. In particular, DSA allows license-exempt users to access the licensed spectrum bands when not in use by their respective owners. Here, we focus on the database-driven DSA model, where mobile users issue location-based queries to a white-space database in order to identify idle channels in their area. We present a number of efficient protocols that allow users to retrieve channel availability information from the white-space database while maintaining their location secret. In the second part of the dissertation we look into location privacy in the context of location-aware mobile advertising. Location-aware mobile advertising is expanding very rapidly and is forecast to grow much faster than any other industry in the digital era. Unfortunately, with the rise and expansion of online behavioral advertising, consumers have grown very skeptical of the vast amount of data that is extracted and mined from advertisers today. As a result, the consensus has shifted towards stricter privacy requirements. Clearly, there exists an innate conflict between privacy and advertisement, yet existing advertising practices rely heavily on non-disclosure agreements and policy enforcement rather than computational privacy guarantees. In the second half of this dissertation, we present a novel privacy-preserving location-aware mobile advertisement framework that is built with privacy in mind from the ground up. The framework consists of several methods which ease the tension that exists between privacy and advertising by guaranteeing, through cryptographic constructions, that (i) mobile users receive advertisements relative to their location and interests in a privacy-preserving manner, and (ii) the advertisement network can only compute aggregate statistics of ad impressions and click-through-rates. Through extensive experimentation, we show that our methods are efficient in terms of both computational and communication cost, especially at the client side

Leveraging P2P Interactions for Efficient Location Privacy in Database-driven Dynamic Spectrum Access

Abstract Dynamic spectrum access (DSA) is a novel communication paradigm that enables wireless clients to utilize statically allocated radio channels that are currently idle. Specifically, in the database-driven DSA model, clients learn their geographic location through a GPS device and use this location to retrieve a list of available channels from a centralized white-space database. To mitigate the potential privacy threats associated with location-based queries, existing work has proposed the use of private information retrieval (PIR) protocols when querying the database. Nevertheless, PIR protocols are very expensive and may lead to significant costs for highly mobile clients. In this paper, we propose a novel method that allows wireless users to collaborate in a peer-to-peer (P2P) manner, in order to share their cached channel availability information that is obtained from previous queries. To preserve location privacy against other users, we leverage an anonymous veto protocol that anonymizes the exchange of information among a group of users. Our experimental results with a real-life dataset show that our methods reduce the number of PIR queries by 50% to 60%, while incurring low computational and communication costs

Mitigating Autonomous Vehicle GPS Spoofing Attacks through Scene Text Observations

This paper investigates both from an empirical and a systems-based perspective, how surrounding textual information can be leveraged towards the mitigation of Autonomous Vehicle (AV) and self-driving cars Global Positioning System (GPS) signal spoofing attacks. The paper presents and proposes methods of how AVs and self-driving cars can extract, as they travel along a trajectory, surrounding textual information through machine-learning based Scene Text Recognition (STR). The paper researches and proposes geospatial models which can be applied to the extracted textual information in order to build a text-based geolocation system for the purposes of validating the received GPS signal. The ultimate contribution of the paper is to lay the groundwork towards enhancing the Cybersecurity of the current and future Autonomous Vehicle and self-driving car ecosystem by addressing its Achilles heel, namely insecure and inaccurate geolocation due to GPS spoofing attacks

Privacy-preserving location-aware mobile advertisement

© 2016 IEEE. Location-aware mobile advertising is expanding very rapidly and is forecast to grow much faster than any other industry in the digital era. Unfortunately, with the rise and expansion of on-line behavioral advertising, consumers have grown very skeptical of the vast amount of data that is extracted and mined from advertisers. As a result, the consensus has shifted towards stricter privacy requirements. In this paper, we introduce a novel privacy-preserving location-aware mobile advertisement framework that is built with privacy in mind from the ground up. Our proposed methods ease the tension that exists between privacy and advertising by guaranteeing, through cryptographic constructions, that (i) mobile users receive advertisements relative to their location and interests in a privacy-preserving manner, and (ii) the advertisement network can only compute aggregate statistics of ad impressions and click-through-rates. Through extensive experimentation, we show that our methods are efficient in terms of both computational and communication cost, especially at the client side