Presentation is loading. Please wait.

Presentation is loading. Please wait.

C LOAKING AND M ODELING T ECHNIQUES FOR LOCATION P RIVACY PROTECTION Ying Cai Department of Computer Science Iowa State University Ames, IA 50011.

Published bySylvia Nicholson Modified over 9 years ago

Similar presentations

Presentation on theme: "C LOAKING AND M ODELING T ECHNIQUES FOR LOCATION P RIVACY PROTECTION Ying Cai Department of Computer Science Iowa State University Ames, IA 50011."— Presentation transcript:

1 C LOAKING AND M ODELING T ECHNIQUES FOR LOCATION P RIVACY PROTECTION Ying Cai Department of Computer Science Iowa State University Ames, IA 50011

2 L OCATION - BASED S ERVICES

3 R ISKS A SSOCIATED WITH LBS Exposure of service uses Location privacy HospitalPolitical Party Nightclub Stalking….

4 C HALLENGE Restricted space identification Simply using a pseudonym is not sufficient because anonymous location data may be correlated with restricted spaces such as home and office for subject re-identification …… … identified

5 L OCATION D EPERSONALIZATION Basic idea: reducing location resolution Report a cloaking region, instead of actual location

6 L OCATION D EPERSONALIZATION Basic idea: reducing location resolution Report a cloaking region, instead of actual location Key Issue Each cloaking area must provide a desired level of depersonalization, and be as small as possible

7 E XISTING S OLUTION Ensuring each cloaking area contains a certain number of users [MobiSys’03, ICDCS’05, VLDB’07]

8 P ROBLEMS (1) The anonymity server needs frequent location update from all users Practicality Scalability Difficult to support continuous LBS Simply ensuring each cloaking region contains K users does not support K-anonymity protection

9 P ROBLEMS (2) Guarantee only anonymous uses of services, but not location privacy An adversary may not know who requests the service, but knows that the K users are all there at the time when the service is requested Where you are and whom you are with are closely related with what you are doing …

10 T HE ROOT OF THE PROBLEMS These techniques cloak a user’s position based on his current neighbors

11 O BSERVATION Public areas are naturally depersonalized A large number of visits by different people More footprints, more popular Park Highway

12 P ROPOSED SOLUTION [I NFOCOM ’08] Using footprints for location cloaking A footprint is a historical location sample Each cloaking region contains at least K different footprints Location privacy protection An adversary may be able to identify all these users, but will not know who was there at what time

13 F OOTPRINT DATABASE Source of footprints From wireless service carriers, which provide the communication infrastructure From the users of LBSs, who need to report location for cloaking

14 F OOTPRINT DATABASE Source of footprints From wireless service carriers, which provide the communication infrastructure From the users of LBSs, who need to report location for cloaking Trajectory indexing for efficient retrieval Partition network domain into cells Maintain a cell table for each cell

15 C LOAKING T ECHNIQUES Sporadic LBS Each a cloaking region needs to 1) be as small as possible, 2) contain footprints from at least K different users Continuous LBS Each trajectory disclosed must be a K- anonymity trajectory (KAT)

16 P RIVACY R EQUIREMENT M ODELING K -anonymity model To request a desired level of protection, a user needs to specify a value of K Problem: choosing an appropriate K is difficult Privacy is about feeling, and it is difficult to scale one’s feeling using a number A user can always choose a large K, but this will reduce location resolution unnecessarily

17 A feeling -based approach A user specifies a public region A spatial region which she feels comfortable that it is reported as her location should she request a service inside it The public region becomes her privacy requirement All location reported on her behalf will be at least as popular as the public region she identifies P ROPOSED S OLUTION [CCS09]

18 C HALLENGE How to measure the popularity of a spatial region? More visitors  higher popularity More even distribution  higher popularity Given a spatial region R, we define Entropy E(R) = Popularity P(R) = 2 E(R)

19 C LOAKING T ECHNIQUES Sporadic LBS Each cloaking region needs to 1) be as small as possible, 2) have a popularity no less than P(R) Continuous LBS A sequence of location updates which form a trajectory The strategy for sporadic LBSs may not work Adversary may identify the common set of visitors

20 C LOAKING T ECHNIQUES Sporadic LBS Each disclosed cloaking region must be as small as possible and have a popularity no less than P(R) Continuous LBS The time-series sequence of location samples must form a P-Populous Trajectory (PPT) A trajectory is a PPT if its popularity is no less than P The popularity of each cloaking region in the trajectory must be computed w.r.t. a common set of users

21 F INDING A CLOAKING SET A simple solution is to find the set of users who have footprints closest to the service-user Resolution becomes worse There may exist another cloaking set which leads to a finer average resolution

22 P ROPOSED SOLUTION Using populous users for cloaking Popular users have more footprints spanning in a larger regions Pyramid footprint indexing A user is l -popular if she has footprints in all cells at level l Sort users by the level l, and choose the most popular ones as the cloaking set

23 S IMULATION We implement two other strategies for comparison Naive cloaks each location independently Plain selects cloaking set by finding footprints closest to service user’s start position Performance metrics Cloaking area Protection level

24 E XPERIMENT A Location Privacy Aware Gateway (LPAG) ePost-It: a spatial messaging system [MobiSys’08]

25 C ONCLUDING R EMARKS Exploring historical location samples for location cloaking Up to date, this is the only solution that can prevent anonymous location data from being correlated with restricted spaces to derive who’s where at what time A feeling-based approach for users to express their location privacy requirement K-anonymity model was the only choice A suite of location cloaking algorithms Satisfy a required level of protection while resulting in good location resolution A location privacy-aware gateway prototype has been implemented

Download ppt "C LOAKING AND M ODELING T ECHNIQUES FOR LOCATION P RIVACY PROTECTION Ying Cai Department of Computer Science Iowa State University Ames, IA 50011."

Similar presentations

Cipher Techniques to Protect Anonymized Mobility Traces from Privacy Attacks Chris Y. T. Ma, David K. Y. Yau, Nung Kwan Yip and Nageswara S. V. Rao.

Cipher Techniques to Protect Anonymized Mobility Traces from Privacy Attacks Chris Y. T. Ma, David K. Y. Yau, Nung Kwan Yip and Nageswara S. V. Rao.
Location Based Services and Privacy Issues

Location Based Services and Privacy Issues
Efficient Evaluation of k-Range Nearest Neighbor Queries in Road Networks Jie BaoChi-Yin ChowMohamed F. Mokbel Department of Computer Science and Engineering.

Efficient Evaluation of k-Range Nearest Neighbor Queries in Road Networks Jie BaoChi-Yin ChowMohamed F. Mokbel Department of Computer Science and Engineering.
Quality Aware Privacy Protection for Location-based Services Zhen Xiao, Xiaofeng Meng Renmin University of China Jianliang Xu Hong Kong Baptist University.

Quality Aware Privacy Protection for Location-based Services Zhen Xiao, Xiaofeng Meng Renmin University of China Jianliang Xu Hong Kong Baptist University.
Scalable Content-Addressable Network Lintao Liu 2001.11.19.

Scalable Content-Addressable Network Lintao Liu
Ranveer Chandra , Kenneth P. Birman Department of Computer Science

Ranveer Chandra , Kenneth P. Birman Department of Computer Science
PRIVACY AND SECURITY ISSUES IN DATA MINING P.h.D. Candidate: Anna Monreale Supervisors Prof. Dino Pedreschi Dott.ssa Fosca Giannotti University of Pisa.

PRIVACY AND SECURITY ISSUES IN DATA MINING P.h.D. Candidate: Anna Monreale Supervisors Prof. Dino Pedreschi Dott.ssa Fosca Giannotti University of Pisa.
Mohamed F. Mokbel University of Minnesota

Mohamed F. Mokbel University of Minnesota
What’s the Problem Web Server 1 Web Server N Web system played an essential role in Proving and Retrieve information. Cause Overloaded Status and Longer.

What’s the Problem Web Server 1 Web Server N Web system played an essential role in Proving and Retrieve information. Cause Overloaded Status and Longer.
Content Based Image Clustering and Image Retrieval Using Multiple Instance Learning Using Multiple Instance Learning Xin Chen Advisor: Chengcui Zhang Department.

Content Based Image Clustering and Image Retrieval Using Multiple Instance Learning Using Multiple Instance Learning Xin Chen Advisor: Chengcui Zhang Department.
1 A Distortion-based Metric for Location Privacy Workshop on Privacy in the Electronic Society (WPES), Chicago, IL, USA - November 9, 2009 Reza Shokri.

1 A Distortion-based Metric for Location Privacy Workshop on Privacy in the Electronic Society (WPES), Chicago, IL, USA - November 9, 2009 Reza Shokri.
Location Privacy in Casper: A Tale of two Systems

Location Privacy in Casper: A Tale of two Systems
On Reducing Communication Cost for Distributed Query Monitoring Systems. Fuyu Liu, Kien A. Hua, Fei Xie MDM 2008 Alex Papadimitriou.

On Reducing Communication Cost for Distributed Query Monitoring Systems. Fuyu Liu, Kien A. Hua, Fei Xie MDM 2008 Alex Papadimitriou.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
CSE 830: Design and Theory of Algorithms

CSE 830: Design and Theory of Algorithms
A Scalable Content-Addressable Network Authors: S. Ratnasamy, P. Francis, M. Handley, R. Karp, S. Shenker University of California, Berkeley Presenter:

A Scalable Content-Addressable Network Authors: S. Ratnasamy, P. Francis, M. Handley, R. Karp, S. Shenker University of California, Berkeley Presenter:
Malicious parties may employ (a) structure-based or (b) label-based attacks to re-identify users and thus learn sensitive information about their rating.

Malicious parties may employ (a) structure-based or (b) label-based attacks to re-identify users and thus learn sensitive information about their rating.
CS 672 Paper Presentation Presented By Saif Iqbal “CarNet: A Scalable Ad Hoc Wireless Network System” Robert Morris, John Jannotti, Frans Kaashoek, Jinyang.

CS 672 Paper Presentation Presented By Saif Iqbal “CarNet: A Scalable Ad Hoc Wireless Network System” Robert Morris, John Jannotti, Frans Kaashoek, Jinyang.
1 Efficient Placement and Dispatch of Sensors in a Wireless Sensor Network Prof. Yu-Chee Tseng Department of Computer Science National Chiao-Tung University.

1 Efficient Placement and Dispatch of Sensors in a Wireless Sensor Network Prof. Yu-Chee Tseng Department of Computer Science National Chiao-Tung University.
MobiHide: A Mobile Peer-to-Peer System for Anonymous Location-Based Queries Gabriel Ghinita, Panos Kalnis, Spiros Skiadopoulos National University of Singapore.

MobiHide: A Mobile Peer-to-Peer System for Anonymous Location-Based Queries Gabriel Ghinita, Panos Kalnis, Spiros Skiadopoulos National University of Singapore.

Similar presentations

Ads by Google