skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Attention:

The NSF Public Access Repository (PAR) system and access will be unavailable from 8:00 PM ET on Friday, March 21 until 8:00 AM ET on Saturday, March 22 due to maintenance. We apologize for the inconvenience.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: KLAP for Real-World Protection of Location Privacy
In Location-Based Services (LBS), users are required to disclose their precise location information to query a service provider. An untrusted service provider can abuse those queries to infer sensitive information on a user through spatio-temporal and historical data analyses. Depicting the drawbacks of existing privacy-preserving approaches in LBS, we propose a user-centric obfuscation approach, called KLAP, based on the three fundamental obfuscation requirements: k number of locations, l-diversity, and privacy area preservation. Considering user's sensitivity to different locations and utilizing Real-Time Traffic Information (RTTI), KLAP generates a convex Concealing Region (CR) to hide user's location such that the locations, forming the CR, resemble similar sensitivity and are resilient against a wide range of inferences in spatio-temporal domain. For the first time, a novel CR pruning technique is proposed to significantly improve the delay between successive CR submissions. We carry out an experiment with a real dataset to show its effectiveness for sporadic, frequent, and continuous service use cases.  more » « less
Award ID(s):
1801552
PAR ID:
10135144
Author(s) / Creator(s):
; ; ; ; ;
Date Published:
Journal Name:
2018 IEEE World Congress on Services (SERVICES)
Page Range / eLocation ID:
17 to 18
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; ; ; (, ACM)
    One of the most popular location privacy-preserving mechanisms applied in location-based services (LBS) is location obfuscation, where mobile users are allowed to report obfuscated locations instead of their real locations to services. Many existing obfuscation approaches consider mobile users that can move freely over a region. However, this is inadequate for protecting the location privacy of vehicles, as their mobility is restricted by external factors, such as road networks and traffic flows. This auxiliary information about external factors helps an attacker to shrink the search range of vehicles' locations, increasing the risk of location exposure. In this paper, we propose a vehicle traffic flow aware attack that leverages public traffic flow information to recover a vehicle's real location from obfuscated location. As a countermeasure, we then develop an adaptive strategy to obfuscate a vehicle's location by a "fake" trajectory that follows a realistic traffic flow. The fake trajectory is designed to not only hide the vehicle's real location but also guarantee the quality of service (QoS) of LBS. Our experimental results demonstrate that 1) the new threat model can accurately track vehicles' real locations, which have been obfuscated by two state-of-the-art algorithms, and 2) the proposed obfuscation method can effectively protect vehicles' location privacy under the new threat model without compromising QoS. 
    more » « less
  2. ; (, Proceedings on Privacy Enhancing Technologies)
    Abstract We present the design, implementation and evaluation of a system, called MATRIX, developed to protect the privacy of mobile device users from location inference and sensor side-channel attacks. MATRIX gives users control and visibility over location and sensor (e.g., Accelerometers and Gyroscopes) accesses by mobile apps. It implements a PrivoScope service that audits all location and sensor accesses by apps on the device and generates real-time notifications and graphs for visualizing these accesses; and a Synthetic Location service to enable users to provide obfuscated or synthetic location trajectories or sensor traces to apps they find useful, but do not trust with their private information. The services are designed to be extensible and easy for users, hiding all of the underlying complexity from them. MATRIX also implements a Location Provider component that generates realistic privacy-preserving synthetic identities and trajectories for users by incorporating traffic information using historical data from Google Maps Directions API, and accelerations using statistical information from user driving experiments. These mobility patterns are generated by modeling/solving user schedule using a randomized linear program and modeling/solving for user driving behavior using a quadratic program. We extensively evaluated MATRIX using user studies, popular location-driven apps and machine learning techniques, and demonstrate that it is portable to most Android devices globally, is reliable, has low-overhead, and generates synthetic trajectories that are difficult to differentiate from real mobility trajectories by an adversary. 
    more » « less
  3. ; ; ; ; (, Wireless Communications and Mobile Computing)
    null (Ed.)
    While social networking sites gain massive popularity for their friendship networks, user privacy issues arise due to the incorporation of location-based services (LBS) into the system. Preferential LBS takes a user’s social profile along with their location to generate personalized recommender systems. With the availability of the user’s profile and location history, we often reveal sensitive information to unwanted parties. Hence, providing location privacy to such preferential LBS requests has become crucial. However, the current technologies focus on anonymizing the location through granularity generalization. Such systems, although provides the required privacy, come at the cost of losing accurate recommendations. Hence, in this paper, we propose a novel location privacy-preserving mechanism that provides location privacy through k -anonymity and provides the most accurate results. Experimental results that focus on mobile users and context-aware LBS requests prove that the proposed method performs superior to the existing methods. 
    more » « less
  4. ; ; ; ; ; ; (, OpenProceedings.org)
    Geo-obfuscation is a location privacy protection mechanism used by mobile users to conceal their precise locations when reporting location data, and it has been widely used to protect the location privacy of workers in spatial crowdsourcing (SC). However, this technique introduces inaccuracies in the reported locations, raising the question of how to control the quality loss that results from obfuscation in SC services. Prior studies have addressed this issue in time-insensitive SC settings, where some degree of quality degradation can be accepted and the locations can be expressed with less precision, which, however, is inadequate for time-sensitive SC. In this paper, we aim to minimize the quality loss caused by geo-obfuscation in time-sensitive SC applications. To this end, we model workers’ mobility on a fine-grained location field and constrain each worker’s obfuscation range to a set of peer locations, which have similar traveling costs to the destination as the actual location. We apply a linear programming (LP) framework to minimize the quality loss while satisfying both peer location constraints and geo-indistinguishability, a location privacy criterion extended from differential privacy. By leveraging the constraint features of the formulated LP, we enhance the time efficiency of solving LP through the geo-indistinguishability constraint reduction and the column generation algorithm. Using both simulation and real-world experiments, we demonstrate that our approach can reduce the quality loss of SC applications while protecting workers’ location privacy. 
    more » « less
  5. ; ; (, SIGIR '18 The 41st International ACM SIGIR Conference on Research & Development in Information Retrieval)
    Modern web search engines exploit users' search history to personalize search results, with a goal of improving their service utility on a per-user basis. But it is this very dimension that leads to the risk of privacy infringement and raises serious public concerns. In this work, we propose a client-centered intent-aware query obfuscation solution for protecting user privacy in a personalized web search scenario. In our solution, each user query is submitted with l additional cover queries and corresponding clicks, which act as decoys to mask users' genuine search intent from a search engine. The cover queries are sequentially sampled from a set of hierarchically organized language models to ensure the coherency of fake search intents in a cover search task. Our approach emphasizes the plausibility of generated cover queries, not only to the current genuine query but also to previous queries in the same task, to increase the complexity for a search engine to identify a user's true intent. We also develop two new metrics from an information theoretic perspective to evaluate the effectiveness of provided privacy protection. Comprehensive experiment comparisons with state-of-the-art query obfuscation techniques are performed on the public AOL search log, and the propitious results substantiate the effectiveness of our solution. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email