skip to main content


Title: Preserving Incumbent User’s Location Privacy Against Environmental Sensing Capability
In dynamic spectrum access (DSA), Environmental Sensing Capability (ESC) systems are implemented to detect the incumbent users' (IU) activities for protecting them from secondary users' (SU) interference as well as maximizing secondary spectrum usage. However, IU location information is often highly sensitive and hence it is preferable to hide its true location under the detection of ESCs. In this paper, we design novel schemes to preserve both static and moving IU's location information by adjusting IU's radiation pattern and transmit power. We first formulate IU privacy protection problem for static IU. Due to the intractable nature of this problem, we propose a heuristic approach based on sampling. We also formulate the privacy protection problem for moving IUs, in which two cases are analyzed: (1) protect IU's moving traces; (2) protect its real-time current location information. Our analysis provides insightful advice for IU to preserve its location privacy against ESCs. Simulation results show that our approach provides great protection for IU's location privacy.  more » « less
Award ID(s):
1824494 1547366
NSF-PAR ID:
10191642
Author(s) / Creator(s):
; ;
Date Published:
Journal Name:
2019 IEEE International Symposium on Dynamic Spectrum Access Networks (DySPAN)
Page Range / eLocation ID:
1 to 10
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. In dynamic spectrum access (DSA), secondary users (SU) should only be allowed to access a licensed band belonging to incumbent users (IU) when the quality-of-service (QoS) requirements of both IUs and SUs can be satisfied at the same time. However, IU’s location and its received interference strength are considered sensitive in many DSA systems which should not be revealed, making it very challenging to optimize the network utility subjected to satisfying the operation and security requirements of SUs and IUs. In this paper, we develop a secure and distributed SU transmit power control algorithm to solve this challenge. Our algorithm achieves optimal SU power control to maximize the sum of SU rates. The SINR-guaranteed coexistence between SUs and IUs are enabled to maintain effective communication, while no information is directly required from IUs. Local measurements of IU signals provided by Environmental sensing capability (ESC) also undergo a security masking process to ensure that IU location cannot be derived from its outputs. Convergence and stability properties of our algorithm and its privacy-protection strength are both theoretically analyzed and experimentally evaluated through simulations 
    more » « less
  2. Database driven dynamic spectrum sharing is one of the most promising dynamic spectrum access (DSA) solution to address the spectrum scarcity issue. In such a database driven DSA system, the centralized spectrum management infrastructure, called spectrum access system (SAS), makes its spectrum allocation decisions to secondary users (SUs) according to sensitive operational data of incumbent users (IUs). Since both SAS and SUs are not necessarily fully trusted, privacy protection against untrusted SAS and SUs become critical for IUs that have high operational privacy requirements. To address this problem, many IU privacy preserving solutions emerge recently. However, there is a lack of understanding and comparison of capability in protecting IU operational privacy under these existing approaches. In this paper, thus, we fill in the void by providing a comparative study that investigates existing solutions and explores several existing metrics to evaluate the strength of privacy protection. Moreover, we propose two general metrics to evaluate privacy preserving level and evaluate existing works with them. 
    more » « less
  3. Recently, the ubiquity of mobile devices leads to an increasing demand of public network services, e.g., WiFi hot spots. As a part of this trend, modern transportation systems are equipped with public WiFi devices to provide Internet access for passengers as people spend a large amount of time on public transportation in their daily life. However, one of the key issues in public WiFi spots is the privacy concern due to its open access nature. Existing works either studied location privacy risk in human traces or privacy leakage in private networks such as cellular networks based on the data from cellular carriers. To the best of our knowledge, none of these work has been focused on bus WiFi privacy based on large-scale real-world data. In this paper, to explore the privacy risk in bus WiFi systems, we focus on two key questions how likely bus WiFi users can be uniquely re-identified if partial usage information is leaked and how we can protect users from the leaked information. To understand the above questions, we conduct a case study in a large-scale bus WiFi system, which contains 20 million connection records and 78 million location records from 770 thousand bus WiFi users during a two-month period. Technically, we design two models for our uniqueness analyses and protection, i.e., a PB-FIND model to identify the probability a user can be uniquely re-identified from leaked information; a PB-HIDE model to protect users from potentially leaked information. Specifically, we systematically measure the user uniqueness on users' finger traces (i.e., connection URL and domain), foot traces (i.e., locations), and hybrid traces (i.e., both finger and foot traces). Our measurement results reveal (i) 97.8% users can be uniquely re-identified by 4 random domain records of their finger traces and 96.2% users can be uniquely re-identified by 5 random locations on buses; (ii) 98.1% users can be uniquely re-identified by only 2 random records if both their connection records and locations are leaked to attackers. Moreover, the evaluation results show our PB-HIDE algorithm protects more than 95% users from the potentially leaked information by inserting only 1.5% synthetic records in the original dataset to preserve their data utility. 
    more » « less
  4. In recent years, Online Social Networks (OSN) have become popular content-sharing environments. With the emergence of smartphones with high-quality cameras, people like to share photos of their life moments on OSNs. The photos, however, often contain private information that people do not intend to share with others (e.g., their sensitive relationship). Solely relying on OSN users to manually process photos to protect their relationship can be tedious and error-prone. Therefore, we designed a system to automatically discover sensitive relations in a photo to be shared online and preserve the relations by face blocking techniques. We first used the Decision Tree model to learn sensitive relations from the photos labeled private or public by OSN users. Then we defined a face blocking problem and developed a linear programming model to optimize the tradeoff between preserving relationship privacy and maintaining the photo utility. In this paper, we generated synthetic data and used it to evaluate our system performance in terms of privacy protection and photo utility loss. 
    more » « less
  5. Vincent Poor and Zhu Han (Ed.)
    Recently, blockchain has received much attention from the mobility-centric Internet of Things (IoT). It is deemed the key to ensuring the built-in integrity of information and security of immutability by design in the peer-to-peer network (P2P) of mobile devices. In a permissioned blockchain, the authority of the system has control over the identities of its users. Such information can allow an ill-intentioned authority to map identities with their spatiotemporal data, which undermines the location privacy of a mobile user. In this paper, we study the location privacy preservation problem in the context of permissioned blockchain-based IoT systems under three conditions. First, the authority of the blockchain holds the public and private key distribution task in the system. Second, there exists a spatiotemporal correlation between consecutive location-based transactions. Third, users communicate with each other through short-range communication technologies such that it constitutes a proof of location (PoL) on their actual locations. We show that, in a permissioned blockchain with an authority and a presence of a PoL, existing approaches cannot be applied using a plug-and-play approach to protect location privacy. In this context, we propose BlockPriv, an obfuscation technique that quantifies, both theoretically and experimentally, the relationship between privacy and utility in order to dynamically protect the privacy of sensitive locations in the permissioned blockchain. 
    more » « less