The Community for Technology Leaders
RSS Icon
Issue No.01 - Jan. (2013 vol.12)
pp: 51-64
Zhichao Zhu , The Pennsylvania State University, University Park
Guohong Cao , The Pennsylvania State University, University Park
Today's location-sensitive service relies on user's mobile device to determine the current location. This allows malicious users to access a restricted resource or provide bogus alibis by cheating on their locations. To address this issue, we propose A Privacy-Preserving LocAtion proof Updating System (APPLAUS) in which colocated Bluetooth enabled mobile devices mutually generate location proofs and send updates to a location proof server. Periodically changed pseudonyms are used by the mobile devices to protect source location privacy from each other, and from the untrusted location proof server. We also develop user-centric location privacy model in which individual users evaluate their location privacy levels and decide whether and when to accept the location proof requests. In order to defend against colluding attacks, we also present betweenness ranking-based and correlation clustering-based approaches for outlier detection. APPLAUS can be implemented with existing network infrastructure, and can be easily deployed in Bluetooth enabled mobile devices with little computation or power cost. Extensive experimental results show that APPLAUS can effectively provide location proofs, significantly preserve the source location privacy, and effectively detect colluding attacks.
Privacy, Servers, Mobile communication, Peer to peer computing, Mobile handsets, Monitoring, Bluetooth, colluding attacks, Location-based service, location proof, location privacy, pseudonym
Zhichao Zhu, Guohong Cao, "Toward Privacy Preserving and Collusion Resistance in a Location Proof Updating System", IEEE Transactions on Mobile Computing, vol.12, no. 1, pp. 51-64, Jan. 2013, doi:10.1109/TMC.2011.237
[1] A.R. Beresford and F. Stajano, "Location Privacy in Pervasive Computing," IEEE Security and Privacy, 2003.
[2] U. Brandes, "A Faster Algorithm for Betweenness Centrality," J. Math. Sociology, vol. 25, no. 2, pp. 163-177, 2001.
[3] S. Brands and D. Chaum, "Distance-Bounding Protocols," Proc. Workshop Theory and Application of Cryptographic Techniques on Advances in Cryptology (EUROCRYPT '93), 1994.
[4] L. Buttyán, T. Holczer, and I. Vajda, "On the Effectiveness of Changing Pseudonyms to Provide Location Privacy in VANETs," Proc. Fourth European Conf. Security and Privacy in Ad-Hoc and Sensor Networks, 2007.
[5] S. Capkun and J.-P. Hubaux, "Secure Positioning of Wireless Devices with Application to Sensor Networks," Proc. IEEE INFOCOM, 2005.
[6] L.P. Cox, A. Dalton, and V. Marupadi, "SmokeScreen: Flexible Privacy Controls for Presence-Sharing," Proc. ACM MobiSys, 2007.
[7] E.D. Demaine, D. Emanuel, A. Fiat, and N. Immorlica, "Correlation Clustering in General Weighted Graphs," Theoretical Computer Science, vol. 361, nos. 2/3, pp. 172-187, 2006.
[8] N. Eagle and A. Pentland, "CRAWDAD Data Set mit/reality (v. 2005-07-01)," , July 2005.
[9] J. Freudiger, M.H. Manshaei, J.P. Hubaux, and D.C. Parkes, "On Non-Cooperative Location Privacy: A Game-Theoretic Analysis," Proc. 16th ACM Conf. Computer and Comm. Security (CCS), 2009.
[10] B. Gedik and L. Liu, "A Customizable K-Anonymity Model for Protecting Location Privacy," Proc. IEEE Int'l Conf. Distributed Computing Systems (ICDCS), 2005.
[11] M. Gruteser and D. Grunwald, "Anonymous Usage of Location-Based Services through Spatial and Temporal Cloaking," Proc. ACM MobiSys, 2003.
[12] B. Hoh, M. Gruteser, R. Herring, J. Ban, D. Work, J.C. Herrera, A.M. Bayen, M. Annavaram, and Q. Jacobson, "Virtual Trip Lines for Distributed Privacy-Preserving Traffic Monitoring," Proc. ACM MobiSys, 2008.
[13] T. Jiang, H.J. Wang, and Y.-C. Hu, "Location Privacy in Wireless Networks," Proc. ACM MobiSys, 2007.
[14] V. Kostakos, "Experiences with Urban Deployment of Bluetooth," presentation given at the Univ. of California, San Diego, Mar. 2007.
[15] V. Lenders, E. Koukoumidis, P. Zhang, and M. Martonosi, "Location-Based Trust for Mobile User-Generated Content: Applications Challenges and Implementations," Proc. Ninth Workshop Mobile Computing Systems and Applications, 2008.
[16] M. Li, R. Poovendran, K. Sampigethaya, and L. Huang, "Caravan: Providing Location Privacy for VANET," Proc. Embedded Security in Cars (ESCAR) Workshop, 2005.
[17] M. Li, K. Sampigethaya, L. Huang, and R. Poovendran, "Swing & Swap: User-Centric Approaches Towards Maximizing Location Privacy," Proc. Fifth ACM Workshop Privacy in Electronic Soc., 2006.
[18] Y. Li and J. Ren, "Source-Location Privacy Through Dynamic Routing in Wireless Sensor Networks," Proc. IEEE INFOCOM, 2010.
[19] W. Luo and U. Hengartner, "Proving Your Location Without Giving Up Your Privacy," Proc. ACM 11th Workshop Mobile Computing Systems and Applications (HotMobile '10), 2010.
[20] J. Manweiler, R. Scudellari, Z. Cancio, and L.P. Cox, "We Saw Each Other on the Subway: Secure Anonymous Proximity-Based Missed Connections," Proc. ACM 10th Workshop Mobile Computing Systems and Applications (HotMobile '09), 2009.
[21] J. Manweiler, R. Scudellari, and L.P. Cox, "SMILE: Encounter-Based Trust for Mobile Social Services," Proc. ACM Conf. Computer and Comm. Security (CCS), 2009.
[22] F.J. MasseyJr., "The Kolmogorov-Smirnov Test for Goodness of Fit," J. Am. Statistical Assoc., vol. 46, no. 253, pp. 68-78, 1951.
[23] A. Pfitzmann and M. Hansen, "Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management—A Consolidated Proposal for Terminology" (Version v0.31 Feb. 15, 2008), http://dud.inf.tu-dresden.deliteratur, 2008.
[24] I. Rhee, M. Shin, K. Lee, and S. Chong, "On the Levy-Walk Nature of Human Mobility," Proc. IEEE INFOCOM, 2007.
[25] J.L. Romeu, "Kolmogorov-Simirnov: A Goodness of Fit Test for Small Samples," START: Selected Topics in Assurance Related Technologies, 2003.
[26] S. Saroiu and A. Wolman, "Enabling New Mobile Applications with Location Proofs," Proc. ACM 10th Workshop Mobile Computing Systems and Applications (HotMobile '09), 2009.
[27] M. Shao, Y. Yang, S. Zhu, and G. Cao, "Towards Statistically Strong Source Anonymity for Sensor Networks," Proc. IEEE INFOCOM, 2008.
[28] N. Smart et al., "Ecrypt II Yearly Report on Algorithms and Key Lengths (2009-2010)," ICT-2007-216676, Revision 1.0, 2010.
[29] A. Wald, Sequential Analysis. Dover, 2004.
[30] T. Xu and Y. Cai, "Feeling-Based Location Privacy Protection for Location-Based Services," Proc. 16th ACM Conf. Computer Comm. Security (CCS), 2009.
[31] Y. Yang, M. Shao, S. Zhu, B. Urgaonkar, and G. Cao, "Towards Event Source Unobservability with Minimum Network Traffic in Sensor Networks," Proc. First ACM Conf. Wireless Network Security (WiSec), 2008.
[32] Y. Zhang, W. Liu, and W. Lou, "Anonymous Communications in Mobile Ad Hoc Networks," Proc. IEEE INFOCOM, 2005.
[33] Z. Zhu and G. Cao, "APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-Based Services," Proc. IEEE INFOCOM, 2011.
[34] Z. Zhu, G. Cao, S. Zhu, S. Ranjan, and A. Nucci, "A Social Network Based Patching Scheme for Worm Containment in Cellular Networks," Proc. IEEE INFOCOM, 2009.
50 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool