Presentation is loading. Please wait.

Presentation is loading. Please wait.

Quality Aware Privacy Protection for Location-based Services Zhen Xiao, Xiaofeng Meng Renmin University of China Jianliang Xu Hong Kong Baptist University.

Similar presentations


Presentation on theme: "Quality Aware Privacy Protection for Location-based Services Zhen Xiao, Xiaofeng Meng Renmin University of China Jianliang Xu Hong Kong Baptist University."— Presentation transcript:

1 Quality Aware Privacy Protection for Location-based Services Zhen Xiao, Xiaofeng Meng Renmin University of China Jianliang Xu Hong Kong Baptist University Presented by Xiao Pan

2 Outline  Motivation  Contributions  Location K-Anonymity Model  Cloaking Algorithm  Improvement with Dummy  Experiments  Related Works  Conclusions

3 Motivation: Privacy in LBS  Unique identifier  Location information LBS Provider Where is my nearest hotel? Where is my way to The Emporium?

4 Privacy Requirements  Location anonymity –Sensitive location: clinic, nightclub Privacy & QoS Trade-Off r1 r2 r4 r3 L contains at least k-1 other users k-anonymity model  Identifier anonymity –Sensitive message: political, financial location point l(x,y) l(x,y) is covered by at least k-1 other requests cloaking region L

5 Contribution  New quality-aware anonymity model –Protect location privacy –Satisfy QoS requirements  Directed-graph based cloaking algorithm –Maximize cloaking success rate with QoS guaranteed.  Improvement –Use dummy locations to achieve a 100% cloaking success rate

6 System Model Trusted Anonymizing Proxy Anonymizing Expand the exact location point into cloaking region Mobile Clients Location-based Service Providers original request anonymized request

7 Request formats  Original Request –Identifier –Current location –Quality of service Maximum cloaking latency Maximum cloaking region –Location privacy Minimum anonymity level –Service related content –Current time  Anonymized Request –Pseudonym –Cloaking region –Service related content

8 Location K-Anonymity Model For any request, if and only if its cloaking region covers the locations of at least k- 1 other requests (location anonymity set) its location is covered by the cloaking regions of at least k-1 other requests (identifier anonymity set).

9 Quality Aware Location K-anonymity Model  Location Privacy –to expand the user location into a cloaking region such that the location k-anonymity model is satisfied.  Temporal QoS –the request must be anonymized before the pre- defined maximum cloaking delay  Spatial QoS –the cloaking region size should not exceed a threshold

10 Cloaking Algorithm  Directed graph –Find the location anonymity set and identifier anonymity set to satisfy the location k-anonymity model through neighbor ships of request nodes.  Spatial index –Use window query to facilitate construction and maintenance of neighbor ships in the graph  Min-heap –Order the requests according to their cloaking deadlines, detect the expiration of requests

11 Directed Graph  G (V, E): directed graph –V: set of nodes (requests) –E: set of edges –edge e ij =(r i, r j ) ∈ E, iff | r i r j | < r i. –edge e ji =(r j, r i ) ∈ E, iff | r i r j | < r j. –r i can be anonymized immediately if there are at least k-1 other forwarded requests in U out and k-1 other forwarded requests in U in r1r2 r4 r3 r1 r2 r4 r3 Location anonymity set U out = {r 2, r 3, r 4 } outgoing neighbors Identifier anonymity set Uin= {r3, r4 } incoming neighbors

12 Cloaking Algorithm: Maintenance Anonymizing Proxy original request Spatial Index Min Heap Directed Graph id Range Query Location Anonymity Set r.Uout Identifier Anonymity Set r.Uin C

13 Cloaking Algorithm: Cloaking Min Heap r Get the top request r Directed Graph remove r in the graph Delay it until all its neighbors have been forwarded Spatial Index Min Heap  r r Enough forwarded neighbors in Uout and Uin?

14 Improvement with Dummy  Guarantee a 100% success rate.  Only need to maintain the in-degree and out-degree of each node r.  Cloaking region of each dummy request d is a random spatial region between MBR (r, d) and MBR (r.U out ).  Both in-degree neighbors and out-degree neighbors  high privacy level  Satisfy the spatial QoS requirement of r  Indistinguishable from actual requests

15 Experimental Settings  Brinkhoff Network-based Generator of Moving Objects.  Input: –Road map of Oldenburg County  Output: –20K moving objects with the location range [0-200] –Minimum Update interval=20K –The identifier, the location information (x,y). –K=2-5 – = 2-10 – =1000-3000, =10 CliqueCloak vs. No Dummy vs. DummyCliqueCloak –The success rate with different requirements –The relative anonymity level Cost of dummy

16 Cloaking Success Rate  Our method (no dummy) has 5-25% higher success rate.  Larger k  lower success rate.  Our method (no dummy) is more robust.  Relative location anonymity level = k’ / k  Our method (no dummy) supports larger k values

17 Cloaking Success Rate  =[0.015-0.05]% of the space  =[0.05-0.25]% of the update interval.  Our method (no dummy) has higher success rate.  Larger or, more flexibility, higher success rate.

18 Dummy Cost & Cloaking Efficiency  Our method (no dummy) has much shorter cloaking time.  Larger k, longer time.  Portion = dummy / (dummy + true)  Larger k, more dummies  Average 10%, acceptable

19 Related Works  Quad-tree based Cloaking Algorithm –Recursively subdivides the entire into quadrants, until the quadrant includes the user and other k-1 users M. Gruteser and D. Grunwald. Anonymous usage of location-based services through spatial and temporal cloaking, MobiSys, 2003  Clique-Cloak Algorithm – Personalized privacy requirements: k, spatial and temporal tolerance values – An undirected graph is constructed to search for clique that includes the user’s message and other k-1 messages. B. Gedik and L. Liu. Location Privacy in Mobile Systems: A Personalized Anonymization Model. ICDCS, 2005.  Casper –Grid-based cloaking algorithm –Privacy-aware query processor M. F. Mokbel, C. Chow and W. G. Aref. The New Casper: Query Processing for Location Services without Compromising Privacy. VLDB. 2006.

20 Conclusions  Problem: quality-aware privacy protection in LBS  Classify location anonymity and identifier anonymity.  Solution –New Quality-Aware K-Anonymity Model –Efficient directed-graph based cloaking algorithm –An option of using dummy requests  Experimental evaluation –Various privacy and QoS requirements –Efficient

21 Thank you


Download ppt "Quality Aware Privacy Protection for Location-based Services Zhen Xiao, Xiaofeng Meng Renmin University of China Jianliang Xu Hong Kong Baptist University."

Similar presentations


Ads by Google