MobiHide: A Mobile Peer-to-Peer System for Anonymous Location-Based Queries Gabriel Ghinita, Panos Kalnis, Spiros Skiadopoulos National University of Singapore.

Slides:

Advertisements

Similar presentations

SkipNet: A Scalable Overlay Network with Practical Locality Properties Nick Harvey, Mike Jones, Stefan Saroiu, Marvin Theimer, Alec Wolman Microsoft Research.

Advertisements

Location Based Services and Privacy Issues

Efficient Evaluation of k-Range Nearest Neighbor Queries in Road Networks Jie BaoChi-Yin ChowMohamed F. Mokbel Department of Computer Science and Engineering.

P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.

Quality Aware Privacy Protection for Location-based Services Zhen Xiao, Xiaofeng Meng Renmin University of China Jianliang Xu Hong Kong Baptist University.

Scalable Content-Addressable Network Lintao Liu

Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.

Personalized Privacy Preservation Xiaokui Xiao, Yufei Tao City University of Hong Kong.

PrivacyGrid Visualization Balaji Palanisamy Saurabh Taneja.

Mohamed F. Mokbel University of Minnesota

Fast Data Anonymization with Low Information Loss 1 National University of Singapore 2 Hong Kong University

1 A Distortion-based Metric for Location Privacy Workshop on Privacy in the Electronic Society (WPES), Chicago, IL, USA - November 9, 2009 Reza Shokri.

Spatial Data Security Methods Avinash Kumar Sahu Under Guidance of Prof. (Mrs.) P. Venkatachalam Centre of Studies in Resources Engineering Indian Institute.

Location Privacy in Casper: A Tale of two Systems

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

Eddie Bortnikov/Aran Bergman, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Recitation.

Peer to Peer File Sharing Huseyin Ozgur TAN. What is Peer-to-Peer?  Every node is designed to(but may not by user choice) provide some service that helps.

1 On the Anonymization of Sparse High-Dimensional Data 1 National University of Singapore 2 Chinese University of Hong.

SkipNet: A Scalable Overlay Network with Practical Locality Properties Nick Harvey, Mike Jones, Stefan Saroiu, Marvin Theimer, Alec Wolman Microsoft Research.

PRIVÉ : Anonymous Location-Based Queries in Distributed Mobile Systems 1 National University of Singapore 2 University.

Tracking Moving Objects in Anonymized Trajectories Nikolay Vyahhi 1, Spiridon Bakiras 2, Panos Kalnis 3, and Gabriel Ghinita 3 1 St. Petersburg State University.

Wide-area cooperative storage with CFS

PRIVACY CRITERIA. Roadmap Privacy in Data mining Mobile privacy (k-e) – anonymity (c-k) – safety Privacy skyline.

C LOAKING AND M ODELING T ECHNIQUES FOR LOCATION P RIVACY PROTECTION Ying Cai Department of Computer Science Iowa State University Ames, IA

Privacy-preserving Anonymization of Set Value Data Manolis Terrovitis, Nikos Mamoulis University of Hong Kong Panos Kalnis National University of Singapore.

Privacy-preserving Anonymization of Set Value Data Manolis Terrovitis Institute for the Management of Information Systems (IMIS), RC Athena Nikos Mamoulis.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

1 Preserving Privacy in GPS Traces via Uncertainty-Aware Path Cloaking by: Baik Hoh, Marco Gruteser, Hui Xiong, Ansaf Alrabady ACM CCS '07 Presentation:

Database Laboratory Regular Seminar TaeHoon Kim.

Roger ZimmermannCOMPSAC 2004, September 30 Spatial Data Query Support in Peer-to-Peer Systems Roger Zimmermann, Wei-Shinn Ku, and Haojun Wang Computer.

Towards Efficient Load Balancing in Structured P2P Systems Yingwu Zhu, Yiming Hu University of Cincinnati.

Gabriel Ghinita1 Panos Kalnis1 Ali Khoshgozaran2 Cyrus Shahabi2

1 Locating Application Data Across Service Discovery Domains MobiCom’01.

Shiyuan Wang, Divyakant Agrawal, Amr El Abbadi Department of Computer Science UC Santa Barbara DBSec 2010.

Location Privacy CompSci Instructor: Ashwin Machanavajjhala Some slides are from a tutorial by Mohamed Mokbel (ICDM 2008) Lecture 19: Fall.

LOGO Team ABACOPELAGO Dhawal Parkar Shashidhar Desai Tejaswinee Havaldar Team Report 3April 20, 2009.

Network Computing Laboratory Scalable File Sharing System Using Distributed Hash Table Idea Proposal April 14, 2005 Presentation by Jaesun Han.

Systems and Internet Infrastructure Security (SIIS) LaboratoryPage Systems and Internet Infrastructure Security Network and Security Research Center Department.

Super-peer Network. Motivation: Search in P2P Centralised (Napster) Flooding (Gnutella)  Essentially a breadth-first search using TTLs Distributed Hash.

ACOMP 2011 A Novel Framework for LBS Privacy Preservation in Dynamic Context Environment.

Enabling Peer-to-Peer SDP in an Agent Environment University of Maryland Baltimore County USA.

1 SpaceTwist: A Flexible Approach for Hiding Query User Location Speaker: Man Lung Yiu Aalborg University Joint work with Christian S. Jensen, Xuegang.

Related Works LOFConclusion Introduction Contents ICISS

Preserving Location Privacy in Wireless LANs Jiang, Wang and Hu MobiSys 2007 Presenter: Bibudh Lahiri.

What is SAM-Grid? Job Handling Data Handling Monitoring and Information.

Preserving Privacy in GPS Traces via Uncertainty- Aware Path Cloaking Baik Hoh, Marco Gruteser, Hui Xiong, Ansaf Alrabady Presented by Joseph T. Meyerowitz.

Virtual Trip Lines for Distributed Privacy- Preserving Traffic Monitoring Baik Hoh et al. MobiSys08 Slides based on Dr. Hoh’s MobiSys presentation.

Chord Fay Chang, Jeffrey Dean, Sanjay Ghemawat, Wilson C. Hsieh, Deborah A. Wallach, Mike Burrows, Tushar Chandra, Andrew Fikes, Robert E. Gruber Google,

Illustration: 3-Party Secure Sum Compare, match, and analyze data from different organizations without disclosing the private data to any other party Experimental.

Plethora: Infrastructure and System Design. Introduction Peer-to-Peer (P2P) networks: –Self-organizing distributed systems –Nodes receive and provide.

A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1.

Privately Querying Location-based Services with SybilQuery Pravin Shankar, Vinod Ganapathy, and Liviu Iftode Department of Computer Science Rutgers University.

Thesis Sumathie Sundaresan Advisor: Dr. Huiping Guo.

Location Privacy Protection for Location-based Services CS587x Lecture Department of Computer Science Iowa State University.

Peer-to-Peer Systems: An Overview Hongyu Li. Outline  Introduction  Characteristics of P2P  Algorithms  P2P Applications  Conclusion.

LOOKING UP DATA IN P2P SYSTEMS Hari Balakrishnan M. Frans Kaashoek David Karger Robert Morris Ion Stoica MIT LCS.

Bruce Hammer, Steve Wallis, Raymond Ho

Privacy-Preserving Publication of User Locations in the Proximity of Sensitive Sites Bharath Krishnamachari Gabriel Ghinita Panos Kalnis National University.

CMSC 691B Multi-Agent System A Scalable Architecture for Peer to Peer Agent by Naveen Srinivasan.

CS694 - DHT1 Distributed Hash Table Systems Hui Zhang University of Southern California.

Center for E-Business Technology Seoul National University Seoul, Korea Private Queries in Location Based Services: Anonymizers are not Necessary Gabriel.

 A Two-level Protocol to Answer Private Location-based Queries Roopa Vishwanathan Yan Huang [RoopaVishwanathan, Computer Science and.

Gabriel Ghinita1 Panos Kalnis1 Ali Khoshgozaran2 Cyrus Shahabi2

Fast Data Anonymization with Low Information Loss

Xiaokui Xiao and Yufei Tao Chinese University of Hong Kong

Location Cloaking for Location Safety Protection of Ad Hoc Networks

Plethora: Infrastructure and System Design

Location Privacy.

Athith Amarnath, graduate Student Database and Security Research Group

A Uniﬁed Framework for Location Privacy

Presentation transcript:

MobiHide: A Mobile Peer-to-Peer System for Anonymous Location-Based Queries Gabriel Ghinita, Panos Kalnis, Spiros Skiadopoulos National University of Singapore and University of Peloponnese, Greece

2 L ocation- B ased S ervices  LBS users Mobile devices with GPS capabilities NN and Range Queries  Location server is NOT trusted Google Maps, Mapquest, Microsoft Live, etc.  Privacy? Anonymity? “Find closest hospital to my present location”

3 Problem Statement  Hide IP address and username  But user location may disclose identity Triangulation of device signal Publicly available databases Physical surveillance  How to preserve query source anonymity? Even when exact user locations are known

4 K-Anonymity [Swe02] AgeZipCodeDisease Flu AIDS Cancer Gastritis Dyspepsia Bronchitis [Swe02] L. Sweeney. k-Anonymity: A Model for Protecting Privacy. Int. J. of Uncertainty, Fuzziness and Knowledge-Based Systems, 10(5): , NameAgeZipCode Andy Bill Ken Nash Mike Sam (a) Microdata (b) Voting Registration List (public) Quasi-identifier

5 K-Anonymity (cont.) AgeZipCodeDisease Flu AIDS Cancer Gastritis Dyspepsia Bronchitis (a) 2-anonymous microdata(b) Voting Registration List (public) NameAgeZipCode Andy Bill Ken Nash Mike Sam

6 A nonymizing S patial R egion  Identification probability ≤ 1/K

7 Centralized Anonymizer  Intermediate tier between users and LBS Bottleneck and single point of attack/failure

8 MobiHide – Fully Distributed

9 Existing Work: CloakP2P [Chow06]  Find K-1 NN of query source  Source likely to be closest to ASR center Vulnerable to “center-of-ASR” attack [Chow06] – Chow et al, A Peer-to-Peer Spatial Cloaking Algorithm for Anonymous Location- based Services, ACM GIS ’06 uquq 5-ASR NOT SECURE !!!

10 Existing Work: PRIVE [GKS07] A q has the reciprocity property iff i. |AS| ≥ K ii.  u i,u j  AS, u i  AS j  u j  AS i [GKS07] – PRIVÉ: Anonymous Location-based Queries in Distributed Mobile Systems, WWW ‘07

11 PRIVE (cont.)  Based on Hilbert space-filling curve index users by Hilbert value of location partition Hilbert sequence into “K-buckets”

12 PRIVE (cont.)  Based on Hilbert space-filling curve index users by Hilbert value of location partition Hilbert sequence into “K-buckets” StartEnd

13 PRIVÉ Hierarchical Architecture  But requires “global knowledge” Global rank of query source required PRIVÉ employs an annotated tree index

14 Motivation PRIVE CloakP2P MobiHide More secure Faster

15 MobiHide  Uses Hilbert transformation  Key Idea Remove the need for global knowledge Allow random group formation  Scalable DHT infrastructure employed Chord DHT

16 MobiHide: Group Formation K

17 MobiHide: Example

18 MobiHide: Privacy  MobiHide is not reciprocal  Privacy guaranty for uniform query distribution only  But offers strong privacy features in practice, even for skewed distribution

19 Correlation Attack (K = 4) U3U3 U2U2 U6U6 U4U4 U5U5 U9U9 U1U1 U8U8 U 10 U7U U6U6 U7U7 U8U8 U9U9 U 10 U1U1 U2U2 U3U3 U4U4 U5U5 4-anonymity not achieved However: Difficult attack in practice

20 MobiHide Implementation  Two-layer Chord DHT Each Chord node is a cluster of users  Bounded cluster size [,3)

21 User Join/Cluster Split

22 Load Balancing & Fault Tolerance  Load Balancing Cluster head rotation mechanism  Fault Tolerance Chord Periodic Stabilization Protocol Leader election protocol  In case of cluster head failure

23 Experimental Setup  San Francisco Bay Area road network  Network-based Generator of Moving Objects * Up to users Velocities from 18 to 68 km/h  Uniform and skewed query distribution * T. Brinkhoff. A Framework for Generating Network-Based Moving Objects. Geoinformatica, 6(2):153–180, 2002.

24 “Center-of-ASR” Attack

25 Correlation Attack

26 ASR Formation Latency Response Time (sec)

27 Points to Remember  LBS Privacy an important concern Existing solutions are either not secure … … or not scalable  MobiHide Privacy guaranty for uniform query workload Good best-effort privacy for skewed workload Excellent scalability inherited from Chord DHT

28 Bibliography on LBS Privacy

29 Bibliography  [Chow06] – Mokbel et al, A Peer-to-Peer Spatial Cloaking Algorithm for Anonymous Location-based Services, ACM GIS ’06  [Gru03] - Gruteser et al, Anonymous Usage of Location-Based Services Through Spatial and Temporal Cloaking, MobiSys 2003  [GKS07] – Ghinita G., Kalnis P., Skiadopoulos S., PRIVÉ: Anony- mous Location-based Queries in Distributed Mobile Systems, WWW 2007  [Mok06] – Mokbel et al, The New Casper: Query Processing for Location Services without Compromising Privacy, VLDB 2006