Due to their low cost and agile movement ability, unmanned aerial vehicles (UAVs) are promising alternatives for a number of applications. However, they are often envisioned as compromising privacy by allowing access to areas that could not be observed in other manners. Different privacy-preserving mechanisms (PPMs) have been proposed to combat the privacy violations of UAVs in the sense that UAVs violate citizen's privacy [2]- [8]. For example, in [2], [3], an algorithm was developed based on the physical stimulus and the corresponding change in the channel traffic in order to determine whether a point of interest (PoI) is being video streamed illegitimately. A central management system was proposed in [4] where, given the restrictions and UAV's applications, it is in charge of permission to the applications as well as monitoring the drone in order to detect and handle violations at runtime.
What is considered less often is that the privacy of UAV users can itself be compromised by observations of UAV flight patterns. In this regard, [9] proposed privacy-preserving path design algorithms for a UAV while there is an adversary trying to infer the UAV's destination from its path. The authors in [9] consider two scenarios: the adversary can and cannot see the destinations, and they propose path planning algorithms to hide the destinations from the adversary.
In this paper, we consider two compelling scenarios where UAV user privacy can be compromised and consider privacyutility tradeoffs for metrics and PPMs matched to each case. First, we consider privacy in delivery applications which, for example, have been under development by Amazon Prime Air delivery since 2013 [10]. Importantly, the UAVs might not only deliver commercial packages but also provide emergency and health-related services at the destinations [11], hence making privacy preservation critical.
Next, we consider the privacy of users employing UAVs in an Internet of Things (IoT) data collection application [12] that addresses the limited power capacity and therefore short-range communication of IoT devices [13]. Privacy leakage of the IoT location can help the adversary to easily find the IoT device [14] for the sake of his benefit, i.e., either take it or destroy it. Location privacy in IoT networks has been investigated widely in the literature by developing different anonymization and obfuscation methods [15]. For example, perfect location privacy was introduced in [16] using anonymization. A differential privacy (DP)-based mechanism for IoT data location privacy was proposed in [17]. Also, decentralized mechanisms based on a blockchain for the location privacy-preserving problem were developed in [18], [19] for a mobile crowdsensing framework. Recently, a model-free obfuscation to combat pattern-matching attacks was introduced in [20].
However, it is worth noting that the aforementioned studies, along with similar ones, aim to ensure privacy by protecting "data" against adversarial attempts. For instance, in [21], although a privacy-preserving mechanism was proposed through UAV path-planning, the objective is to protect "data" from potential eavesdropping. In other words, a significant difference of our work is that the primary objective is to ensure privacy of the users' locations rather than users' data.
Therefore, this paper aims at providing PPMs for UAVs in two major applications: package delivery and IoT data collection. In particular, in the first scenario, we consider a UAV that is delivering packages or providing health services to residents, and its trajectory is observed by an adversary. In this scenario, the adversary tries to identify the UAV's destination based on observing the UAV's trajectory. Hence, the goal is to manipulate the trajectory in a randomized way so that the adversary would not be able to easily infer the destination, and we employ the minimum mean squared error (MMSE) of the adversary as the privacy metric. Applying a privacy mechanism always comes with costs in terms of utility. In the context of a delivery application where the UAV changes its trajectory to confuse the adversary, the energy consumption undesirably increases and will be employed as our utility measure.
In the second scenario, first, using the same privacy metric, we consider the privacy problem for a UAV collecting data from an IoT device while being observed by an adversary. In this scenario, the adversary aims at inferring the IoT's location by observing the UAV's location while collecting data. To the best of our knowledge, IoT privacy leakage from a UAV's location has not been considered in the literature despite its potential risks. We propose a different PPM from that of the package delivery scenario. In the package delivery scenario, the UAV needs to fly and hover exactly above the destination to accomplish its mission, but in the IoT data collection, this limiting condition is no longer necessary as the UAV can still collect data via wireless transmission while it is not hovering exactly above the destination.
Although the MMSE approach demonstrates promising results in the second scenario, employing MMSE as the privacy criterion requires knowledge of the a priori distributions of IoT devices. In other words, it cannot be used when the a priori distribution of the IoT's location is not available. To address this problem, we also propose a differential privacy (DP)-based PPM for the IoT locations' privacy.
The costs of applying a PPM are even more critical in the second scenario, i.e., IoT data collection. In particular, for IoT data utility, the age-of-information (AoI) has been widely recognized as a metric to assess the freshness of the updated data. Hence, from its advent in [22], a rich state-of-the-art has been developed towards analyzing the optimal tradeoffs with other performance metrics in different system models, e.g., [23]- [27]. Specifically, AoI analysis in UAV-aided IoT networks has been considered, for example, in [28]- [39], where typically IoT data AoI minimization is considered to obtain an optimal trajectory design for the UAVs as the data collector.
Therefore, considering AoI as the IoT data utility metric, the applicable question is whether applying a PPM to a data collection framework significantly increases the AoI of the collected data or not. If yes, this could be a substantial drawback as fresh update information from IoT devices and sensors to the destinations is vital due to the increasing demand for real-time applications [40], [41]. However, by analyzing the mean PAoI of the network, we will see that the mean PAoI is similar to the case where there is no privacy. In other words, the proposed PPM does not have a significant cost in terms of mean PAoI.
UAV applications rely heavily on wireless technology components to enable seamless communication. Hence, depending on the specific use case, different wireless technologies can be employed, such as Zigbee [42], LoRa [43], and Global Positioning System (GPS) [44] which are mostly used for applications that require low data rates, and communication protocols such as LT E [45] and 5G [46] suitable for applications with high data rates requirements. In this paper, for the package delivery application, we assume the UAV is equipped with a GPS module for delivery positioning. Furthermore, for the IoT data collection application, low data rates technologies such as Zigbee and LoRa can handle the data collection, in addition to utilizing a GPS module for precise positioning.
While UAVs have different hardware components in terms of the airframe, payload, power supply, communication module, computer system, etc. [47], it is important to mention that the UAV examined in the system models described in this paper can encompass a diverse range of models as long as they satisfy two key requirements: (1) they are capable of transporting packages for delivery purposes, and (2) they possess a communication module equipped with positioning capabilities for both applications. Finally, for both applications, employing a rotary-wing UAV (rotorcraft) is essential due to its hovering capabilities, in contrast to fixed-wing UAVs, which are primarily designed for sustained forward flight rather than stationary hovering.
In this paper, we develop several PPMs matched to the metrics of two compelling UAV applications and analyze the trade-offs between privacy and utility. In particular, the contributions of this paper are:
• We propose PPMs for a UAV in the package delivery application considering different UAV's maneuverabilities.
We then obtain a privacy guarantee as well as an energy consumption guarantee for the proposed PPMs and analyze the existing trade-offs between them. The system model of this part is different from [9] in several ways: (1) we do not consider any safe zone; hence, the adversary is able to observe the UAV's entire trajectory, and (2) we propose PPMs based on a single destination scenario where, independent of the number of other destinations, one can assure a privacy guarantee. • We propose a PPM for a UAV in the IoT data collection application. In this scenario, assuming that the IoT devices are initially distributed according to a Gaussian distribution and considering the MMSE of the adversary, we obtain a privacy guarantee for the proposed PPM.
• We analyze the mean PAoI of the IoT data collected by the UAV and obtain the trade-off between privacy and mean PAoI. • To deal with the limitations of the MMSE metric in some scenarios, we also provide a DP-based PPM considering both Laplacian and Gaussian methods. This paper is organized as follows: In Section II, we describe the system model for the package delivery application and the corresponding PPMs. The IoT data collection application is more complicated and thus covered in multiple sections. In Section III, we provide the system model for the IoT X X X
speed, i.e., E0 = E (d = 1). With this definition, the energy consumption of a path with length di is E i = diE0. Besides the energy on the linear path, we also define an energy unit for a turning point. In this regard, we assume that the drone consumes ζ amount of energy when it changes its direction. Therefore, the total amount of energy in a path with n different line segments is obtained as data collection application, and in Section I V we provide the proposed PPM. We provide a DP-based PPM for IoT in Section V. Finally, Section V I presents the numerical results, and Section V I I concludes the paper. Notations: Note that throughout this paper, ||.|| is the L 2 norm, P(.) is the probability, and E[.] is the expectation operator. Random variables are shown in bold letters.
In this section, we provide system models for the package delivery UAV application and their corresponding PPMs. We consider two types of maneuverability for each of which we propose a PPM.
We assume a system model in which there is a UAV aiming to deliver a package to a destination. There is also an adversary who is observing the UAV trajectory to infer the location of the destination. Below, we describe the assumptions on the UAV's mobility, the adversary, and the UAV's energy consumption in detail.
1) UAV's Trajectory Model: We assume that the UAV's trajectory is a combination of linear segments. In this regard, the drone can fly with a constant speed in a piecewise linear path with segments of different lengths denoted by di , i = 1, 2, . . . , N, as shown in Figure 1.
2) Adversary Model: We assume that the adversary can observe the entire path. However, he cannot observe the UAV's speed. We also assume that the adversary has no prior knowledge about the destinations. In other words, before observing the path, from the adversary's point of view, the destination is distributed uniformly in the area that includes the entire path. This assumption will be relaxed in the next part. Finally, the adversary knows the randomization mechanism along with its parameters, l, m which are explained in detail in the next section.
3) Energy Consumption Model: The goal is to design privacy-preserving trajectories that guarantee energy efficiency as well and analyze the tradeoff between the two performance metrics. Therefore, in this model, in order to analyze the energy consumption, we first define the energy consumption for a distance unit as E0. In other words, E0 is the energy consumed by the drone when traveling a distance unit with a constant i = 1 j = 1 i = 1
Now assume that the drone is supposed to travel from a source X to the destination Y on a single straight line of length d. In this scenario, the energy consumption of the UAV for a round trip is simply E = (2d + ζ) E0. In this case, the adversary can easily infer the exact location of Y . Hence, Y = Y , where Y is the adversary's inference of Y . In the next section, we propose privacy-preserving path planning for this scenario.
Figure 2 shows the schematic model for this scenario. The UAV intends to deliver a package from source X to destination Y . Normally, the UAV would choose the shortest path, which is the green arrow with length d in Fig. 2. However, for the sake of Y 's privacy, we randomize the trajectory. To do so, we define the random variable θ arcsin U as a deviation angle from the path X -Y , where U is a discrete uniform random variable with the following range:
where 0 < l ≤ dmin, and dmin = mini di , i = 1, . . . , N in a multi-destination scenario. Also, m N is another randomization parameter that shows the number of potential destinations on the line A -B in Fig 2 . As shown in this figure, instead of the path X -Y -X , the drone goes along the path X -A -B -X . Intuitively, as the θ increases, the path becomes longer which increases the privacy. On the other hand, the energy consumption increases as well.
In the next theorem, we obtain the privacy and energy consumption guarantees as a function of l and m. The privacy guarantee is defined as
where Inf is taken over all estimators of Y . We also define the energy consumption guarantee as
Opt where E p is the energy consumption of the proposed privacypreserving path, EOpt is the optimal energy consumption obtained when the drone travels through the X -Y -X path, and δ is a parameter to be determined below. Now we state the following theorem.
. .
The optimal path and the privacy-preserving path: in the optimal path the UAV flies from X to the destination located at Y directly as shown by the green arrow, whereas in the privacy-preserving path it flies from X to A and B , respectively, as shown by the red arrows. In this figure, l is the randomization parameter and θ is the deviation angle obtained as θ = arcsin (U ).
Theorem 1. For the proposed PPM, the privacy and energy consumption guarantees can be obtained as -ᵅ
Figure 3: Given an observation of the UAV's path, ψ, there are 2m + 1 points uniformly distributed across the line that the adversary considers for his estimation of the destination.
Opt
Proof. For the proof of (1), we first note that given the adversary's observation denoted by ψ = X -A -B -X , Y has a discrete uniform distribution over the line A -
. This essentially resulted from the proposed distributions for θ and U . In fact, given ψ = X -A -B -X , the adversary has 2m + 1 potential destinations according to the set Range(U ) = md , j = -m , -( m -1), . . . , m -1, m , where each of the elements times d are the distance of Y to the middle of the line. Figure 3 shows these potential points that the adversary considers for his estimation. To show this mathematically, we can write
where (a) comes from: (1) f Y (Yj ) = f Y (Yk ), since the prior information of the adversary is that the destination is uniformly distributed in the area, and (2) j = -m, . . . , m, given Y = Yj the probability that the line A -B is selected is actually the probability that the corresponding θ is selected uniformly amongst the 2m + 1 values for θ. In other words, given Y = Yj , the probability that X
Figure 4: Given Y = Yj , there can be different lines passing from Yj . In fact, there is a line corresponding to each value that θ can take which is 2m + 1. The orange line shows the real path, the dashed lines show the selected θs, and the solid lines l1, l2, l3, show the possible lines corresponding to the θs.
which gives us the posterior probability as P(Y = Yj|ψ = X -A -B -X ) = 2 m + 1 (See Fig. 4). Now considering the MMSE criterion, the best estimator is the mean value and the least estimation error is the variance,
To prove (2), we obtain the upper bound for E p and the corresponding δ. To do so, we note that in the worst-case scenario, Y is exactly in the middle of A -B and the energy
Equations ( 1) and ( 2) represent a tradeoff between the privacy guarantee and energy consumption as a function of l: the larger that l is, the tighter the privacy guarantee becomes. However, this increases the upperbound of the energy efficiency, i.e., 1 + δ, which is undesired. Hence, one needs to determine l such that a given privacy and energy guarantee are met.
We can extend the proposed PPM I to a multi-destination scenario where the UAV follows a trajectory similar to Figure 1. The difference is that, after completing its mission, the UAV moves toward the next destination through another privacy-preserving path from B in Figure 2 instead of returning to the origin X . Figure 5 shows the optimal and the extended PPM applied to a 4-destination scenario.
In this section, we provide the second PPM for the package delivery application. In the following, we provide the assumptions for this scenario in detail.
1) UAV's Trajectory Model: We assume that the drone can use any of the following two possible movements at each segment of its trajectory: (1) flying at a constant speed vl on a linear line segment, or (2) flying at a constant speed vc on a circular path by which we mean an arc of a circle. It is assumed that vc and vl are given and are potentially determined to ensure an optimal operation.
2) Adversary Model: We assume that the adversary can observe the entire path. However, he cannot observe changes in the drone's speed. Hence, he cannot infer if the drone stops at a location. The adversary also has no prior/side information about the direction of the destination. Specifically, assuming a polar coordinate for the destination point denoted by X , i.e., X = (R , θX ), he has no information about θX . This means that before observing the path, from the adversary's perspective, θ X is distributed uniformly in [0, 2π).
3) Energy Consumption Model: To model the energy consumption of the proposed system, as before we define E0 as the energy consumed by the drone when traveling a unit of distance on a straight line with the assumed constant speed, i.e., E0 = E (d = 1). With this definition, the energy consumption of a path with length di is Ei = diE0. We also define the energy consumption for the arc path. In particular, for an arc with angle θ and radius R , we model the energy consumption as below Ep (R, θ) = θRkE0,
where k ≥ 1 is due to the excess energy consumption resulting from the nonzero centripetal acceleration and a potential difference between vl and vc. Without loss of generality, we assume that the drone is initially located at location O(0, 0) and is supposed to deliver a package to the destination at X . From the energy consumption perspective, the optimal way would be to travel from the source O to the destination X on a single straight line (length R). Hence, in this scenario, the energy consumption is simply EOpt = 2RE0.
Similar to PPM I, the idea here is to deviate the UAV's trajectory randomly from its original shortest path. This is shown in Figure 6 where the privacy-preserving path of the proposed scheme is illustrated by red arrows. According to this mechanism and as shown in Figure 6, instead of the path O -X -O , the drone goes along the path O -A -B -O . In this mechanism, ω is a uniform random variable, i.e., ω U (0, Θ), where Θ is the design parameter. Intuitively, as Θ increases, the path becomes longer which improves the privacy but increases the energy consumption undesirably.
In the next theorem, we obtain the privacy and energy consumption guarantees as a function of Θ. The privacy guarantee is defined as
For the second proposed PPM, the privacy and A energy consumption guarantees can be obtained as To obtain an energy consumption guarantee, similar to the first scenario, we require that
Proof. Let ψ be the observation of the adversary, that is, the path O -A -B -O. For the proof of (3), we note that the adversary knows R based on his observation, ψ. Hence, given ψ, the phase of X has a uniform distribution over ( -Θ , Θ ).
In other words, X |ψ = (R, ϕ U ( -Θ , Θ )). This essentially resulted from the proposed privacy-preserving mechanism where we have assumed that ω U (0, Θ). Therefore, with the MMSE criterion, the best estimator for X in polar coordinates is
Therefore, X is estimated in polar coordinates as X = (a, 0), where a = E [R cos ϕ] and is obtained as
From Figure 7 we can obtain E||X -X|| 2 using the right triangle rule as
which completes the proof.
To obtain the energy efficiency's upperbound, we first note that the energy consumption for the proposed PPM is
Therefore, we can write the following equations:
where E p is the energy consumption of the proposed privacypreserving path, EOpt is the optimal energy consumption obtained when the drone travels through the O -X -O path, and δ is determined below.
where δ = k 2 . where the UAV randomly chooses a point (spot) associated with each device. The set of these random points or privacypreserving spots associated with devices is represented by W = {W1 , W2 , . . . , WN } where W i = ( x ′ , y ′ , H ) and we assume that the UAV chooses the same random spot whenever it returns to D i . The randomization process according to which a random spot is chosen is explained in detail in the next section. After locating the privacy-preserving spots, the UAV collects the data from the sensor and continues this process until all of the devices are visited, after which it flies back to the data center. Finally, the distance between the UAV at W i and device D i is obtained as di = ( x i -x ′ ) 2 + ( y i -y ′ ) 2 + H 2 . Figure 8: IoT data collection system model. The UAV flies at altitude H from D 0 to the IoT devices with respect to their index. Instead of hovering exactly above the devices, the UAV chooses a random spot around each device. The adversary can observe the entire path but cannot see the locations of IoT devices.
It can be seen from Theorem 2 that increasing Θ improves G ′ , while at the same time, it degrades energy efficiency by increasing δ. Hence, one should consider this trade-off to balance the performance of both guarantees as desired.
It is important to highlight that the values ϵ0, ζ , and k can be determined based on the specific hardware configuration of a given UAV. Finally, we note that employing the proposed privacy-preserving mechanism does not substantively increase the computation cost as it is based on adding a random number selection to the non-private operation. This applies to the IoT data collection application as well.
Figure 8 shows a typical IoT data collection system model where there are N IoT devices 1 in the network. We denote the set of IoT devices by D = {D1 , D2 , . . . , DN } where D i is the indicator of the i-th device. There is a UAV in the network as the IoT data collector that starts flying from the data center, denoted by D0 , to the set of sensors through a predetermined trajectory. The set of 2-D locations corresponding to set D are represented by U = {U1 , U2 , . . . , UN }, where U i = ( x i , y i ) is the 2-D location of device D i . Also, x i and y i are assumed to be independent and distributed according to a Gaussian distribution. In other words, U i N ( µ U , Σ U ), where µU R 2 and Σ U R 2 × 2 are the mean vector and the covariance matrix, respectively.
The UAV flies at a fixed height H over the region. Without considering IoT location privacy, the UAV hovers exactly above its intended sensor which favorably minimizes data collection time due to the minimum transmission range and the likely existence of a L o S link. However, for the sake of privacy, here a randomization mechanism is exploited 1 Throughout this paper, the terms IoT devices and sensors are used interchangeably.
1) Privacy Guarantee: For this scenario, we define the privacy guarantee as:
where the Inf is taken over all possible estimators. In the following section, we obtain the lower bound of the privacy guarantee.
2) AoI Analysis: At each time instant t, the AoI of D i , i = 1, . . . , N, is defined as [22] ∆ i ( t ) = t -δi, where δi is the time stamp at which data has been generated and is ready to be transmitted to the UAV. In this paper, we analyze the mean PAoI for the proposed PPM in the IoT network which is defined as the average of the mean peak AoI of the IoT devices. Mathematically speaking, if we denote the peak AoI of D i by ∆ m a x , the mean PAoI of N IoT devices, denoted by ∆ max is defined as
We first consider a single-device scenario and then extend the analysis to an IoT network with multiple devices.
1) Adversary Model: We assume that the adversary can observe the entire path, and we do not consider edge effects in the network. He is also assumed to know the number of IoT devices, N . Furthermore, we assume that the adversary knows the privacy-preserving mechanism and its parameters. However, he does not know the realizations of the randomizations.
2) Privacy-Preserving Mechanism: In order to provide location privacy for the IoT devices in the network, we apply a different randomization mechanism from that of the package delivery application. This is due to the fact that in the package delivery application, the UAV is required to fly over the destination. However, in the IoT data collection application, we take advantage of the fact that the UAV is not necessarily required to fly exactly over the destination. Hence, the proposed randomization is as follows: for each device, D i and given Σ Q R 2 × 2 , let Q i = (x q , yq ), where Q i N ( 0 , Σ Q ) is independent of Ui , be the noise vector random variable in
which x q and yq are assumed to be independent. Now, the UAV's privacy-preserving destination, W i = ( x ′ , y ′ , H ) is obtained as:
Now considering a minimum mean-squared error (MMSE) estimator for (xi , yi ), i = 1, 2, . . . , N , the adversary's estimate denoted by U i = ( x ˜i , y ˜ ) is the conditional expected value:
Hence, for each D i , W i is a Normal random variable with the mean µ W = µU and covariance Σ W = Σ U + Σ Q as W i is the sum of two independent Normal random variables. Thus, we have
We can write (5) in terms of x and y in the Cartesian basis as:
x i = x i + x q i , y i = y i + y q i . Now let the adversary's observation be denoted by ψ. Given ψ, the adversary's estimation of D i 's location denoted by U i = ( x ˜i , y ˜ ) can exploit knowledge of the a priori distribution of ( x i , y i ) to employ Bayesian estimation.
In fact, considering the a priori Normal distribution for the IoT devices, the PDF of Ui|ψ can be obtained as below:
The posterior distribution in terms of x i and y are obtained in the following lemma: Proposition 1. The posterior distributions of x i and y , i = 1, 2, . . . , N, given ( x ´i , y ´ ), can be obtained as:
x i | x ´i and f y | y ´i (yi|y ´ )
y i | y ´i A. Privacy Guarantee:
Lemma 1. For the MMSE estimator discussed above, the privacy guarantee of D i , denoted by GP i is lower bounded as:
Proof. Since the MMSE is the optimal estimator in terms of the mean-squared error (MSE), it is sufficient to obtain the MSE value of this estimator, as every other estimator will result in a greater MSE. Finally, since we have an independent error in a two dimension plane, we add the MSE of the two dimensions to obtain the overall MSE.
Intuitively, for the sake of protecting privacy, one may increase the lower bound in (9) to make sure that the adversary makes larger errors in his estimation. Therefore, to better protect privacy, one needs to increase the added noise variance. However, it is crucial to analyze the effect of this added noise on other performance metrics. In this paper, we consider the AoI of the IoT data.
1) Single Sensor scenario: We obtain the mean PAoI for a network with a single IoT device in the following lemma. Lemma 2. Let the time the UAV needs to hover over D i to collect its data be τi . Then, the mean PAoI for the proposed PPM in a single-sensor IoT network is obtained as r q
where we assume that σ u = σ x = σ y and σ q = σ x = σ y . Also, L n ( x ) is the Laguerre polynomial and can be calculated as Proof. If we denote the flight time from the data center to D i by t i and assume that after delivering the data to the data center the UAV will turn back to the device to recollect updated
data, then the maximum AoI of for a single device is obtained as
Figure 9 shows the AoI trend for a single device scenario (i = 1).
Lemma 3. The mean PAoI of the multi IoT device network, ∆ max , is obtained as
where q
and νi is given in (14). Now we note that for a privacy-preserving spot associated with D i located at ( x ´i , y ´ ), we have
x ´i + y´ , where we remember that x ´i N ( µ x i , σ x ´ = σ x i + σ 2 q ) and y´ N ( µ y i , σ y ´i = σ y i + σ y q i ). Therefore, assuming σ 2 = σ 2 = σ 2 + σ 2 , we can conclude that r i = x ´2 + y ´2 has a Rician distribution as: !
This completes the proof.
2) Multi Sensor Scenario: For a scenario where the UAV collects data from multiple IoT devices, we assume that the UAV flies to the devices in the order of their indices, i. In other words, starting from the data center it flies to D 1 then flies to D2 , D3 , and so on. In this setup, the mean PAoI is obtained in the following lemma.
Proof. Let the distance between the privacy-preserving s ots be denoted by li = l
Hence, the PDF of li is obtained as
and σ 2 = σ 2 i + σ 2 q + σ x i + 1 + σ x q = σ y i + σ y q + σ 2 i + 1 + σ 2 q assuming that σ 2 i = σ 2 i = σ 2 , and σ 2 q = σ 2 q = σ 2 , i = 1, 2, . . . , N . Hence, σ 2 = 2(σ 2 + σ 2 ).
Figure 10 shows the AoI trend for a multi-device scenario. In this figure, t1 = v , ti = v , i = 2, . . . , N -1, and t N = v . Note that we do not need the values of ∆ m i n , i = 1 :, . . . , N in our analysis.
Now the PAoI for each device i = 1, 2, . . . , N can be 3) Case 3: τi as a function of σ 2 : In this case, we consider obtained as as the case where the data collection time from the IoT device to
the UAV is a function of noise added for privacy protection. In ∆ max = 2 l + 2r + r + 2 τ other words, given σ 2 , we can obtain τ . We have the following
exists a time τ for which the IoT data is collected completely by the UAV with a high probability. Mathematically, we have:
.
where B is the bandwidth, γ is the signal-to-noise ratio (SNR), Therefore, the mean PAoI is obtained as
and Ω is the IoT data size in bits.
To obtain τ , first we compute the probability in ( 16) as:
where α is the path-loss exponent, ζ = x 2 + y 2 exp( 1 ),
this scenario, we assume that the collection time is negligible 2 σ 0 B q 0 in comparison to the flight time. Hence, for a single-sensor Therefore, given σ q , the mean PAoI can be obtained as
where the last term is obtained from the last sum in (15).
4) Case 4: τi as a function of σ 2 and fading: In this case, i = 1
we consider the case where the collection time is a function 2) Case 2: Constant collection time (τi = c): In this of noise and fading. In other words, we take into account the scenario, we consider the case where τi = c, and c is chosen effect of both σ 2 and the fading on τ . We assume a Rayleigh such that one can make sure the data is received at the UAV channel model for the link between the IoT device and the completely. In fact, we assume that the data collection time is UAV. Hence, to obtain τ , the minimum value of τ , similar to small enough that we can choose c arbitrarily large to make Case 3, we first calculate the probability term in (16) as below. sure the IoT data is received. Hence, ∆ max is obtained as
where the last term is obtained from the last sum in (15). the form of geo-indistinguishability which has received great attention ever since [49]- [51]. We consider two cases for the DP-based PPM: The Laplacian mechanism and the Gaussian mechanism.
A. Laplace Mechanism Definition 1. Given ϵ and for all locations u and u ´, a randomized mechanism A satisfies geo-indistinguishability iff [48] 0.15 ´.
Figure 11: The value of τ with respect to σ 2 in (18) for different values of ϵ0. (19), and in (20), η = e 2 σ q 2 and η2 20), is obtained by assuming h exp (1). Unfortunately, the integral in (20) is not analytically solvable, and therefore we present the results through simulations.
As mentioned earlier, the PPM based on the MMSE estimator developed in the previous part requires knowledge about the prior distribution of IoT devices. Therefore, for the cases where the prior distribution is not Gaussian or it is not known at all, we propose a DP-based PPM. In particular, in this section, we introduce a similar PPM based on a DP framework and investigate the trade-off between privacy and AoI. The notation of DP in location privacy has been introduced in [48] in Equation ( 21) can be equivalently written as A(u)(w ) ≤ e ϵ d ( u , u ´) A(u ´)(w ), for w W , and W is the set of possible outcomes.
To apply the Laplace mechanism, the noise added to u is derived from the following PDF: fϵ,u (w) = 2π e -ϵd(u,w ) . (
The PDF in (22) implies that the probability of selecting w decreases exponentially with increasing the distance from u, i.e., d(u, w). Substituting ϵ with ϵ/d0, where d0 is the desired indistinguishability distance, the mechanism provides a (d0, ϵ)-location privacy [52]. Adopting the same procedure for generating Laplacian noise from [48], we can apply the Laplacian mechanism to the IoT data collection scenario. The mean PAoI of the network then can be obtained through simulation presented in the next section.
For two neighboring datasets Z and Z and any output result T of a randomized mechanism M , the Gaussian mechanism of DP, also known as (ϵ, δ)-DP or approximate DP, where δ = 0, is defined as [53] P ( M ( Z ) T ) ≤ e ϵ P(M(Z ) T ) + δ.
(
To achieve (23), the sufficient condition is that an ϵ-DP is guaranteed with probability 1 -δ. In other words, with probability δ, ϵ-privacy is no longer guaranteed [53]. The Gaussian mechanism applied to location privacy is similar. In particular, applying the same procedure in [53], we can see that for any location u and u ´ and given ||u-u ´||2 ≤ d0, a Gaussian noise Q N (0, σ q ) provides an (ϵ, δ) differential privacy if σq ≥ d0 2 ln 2 . The proof is presented in an Appendix at the end of the paper. We will provide the AoI and the Gaussian mechanism trade-off in the next section.
In this section, we provide the numerical results for the privacy of the proposed PPMs and mean PAoI trade-offs. The parameters values are listed in Table I. Privacy guarantee (m 2 ). q q q q 2 q q AoI(s).
In this section, we provide the results for the MMSE-based PPMs. Figure 12a shows the AoI and privacy guarantee tradeoff for N = 5 IoT devices in Case 1 where τ = 0. In this case, AoI is only due to the time it takes the UAV to complete the data collection. The trade-off is also shown in Figure 12b. From the two figures, it can be seen that, for example, for a noise variance of σ 2 = 4000 m 2 , a privacy of 1600 m 2 is obtained for the adversary's mean squared estimation error. This is true for Cases 2 and 3 as well. Furthermore, we see that providing privacy comes with little cost. In particular, for σ 2 = 4000, which gives us a root mean squared (Rms) privacy of 40 m, we have only a 2.5% increase in AoI.
Figure 13a shows the trade-off in Case 2, where we assume a fixed data collection time. For simulation, we consider the least value of τ that would be needed for all values of σ 2 . That is, assuming ϵ0 = 0.001, we can consider τ ≥ 0.35 seconds. However, the AoI is increased by almost the very same 2.5%. Again, obtaining privacy has little cost on AoI. The achievable range is shown in the green shaded area in Figure 13b.
Figures 14a and14b show the same trade-off for Case 3, where we consider τ as a function of σ 2 , i.e., (18). In this case, and assuming ϵ0 = 0.001, it can be seen that the AoI is increased by almost 3% for σ q = 4000.
However, Case 4 is a little different as we recall that first, in this case, τ changes according to the fading as well as σ 2 . And second, the adversary not only observes the UAV's location but also the time duration the UAV spends at each privacypreserving point, τ . This leads to additional privacy leakage. Figure 15 shows the privacy leakage due to the observation of τ by the adversary. The point is that since the adversary only observes τ and has no idea about the channel power gains, h, (note that he knows σ 2 ), there is some error in his observations. For example, the adversary may infer that the IoT device is located at a distance d1 from the UAV's location by simply observing τ . However, the IoT device is in fact at a distance of d2 = d1 due to the presence of channel power gain. In this case, Figures 16a and16b show the AoI and privacy trade-off. It can be seen that the best Rms privacy guarantee of 40 m is decreased by 3.2% and the AoI is increased by 2.3%.
Now, we provide the results for the DP-based PPMs. Figure 17a shows the AoI-privacy trade-off for a Laplacian mechanism DP. Note in DP that smaller ϵ corresponds to larger privacy. Hence for the smaller values of ϵ and for a (a) AoI and privacy guarantee trends. geo-indistinguishability of d0 = 10 m, we observe an almost 20% increase and for d0 = 20 m a 60% increase in AoI, respectively. Finally, Figure 17b shows the AoI-privacy trade-off for the Gaussian-based DP which results in approximate DP. Assuming δ = 0.001, it can be seen that the AoI increase is negligible even for d0 = 20 m.
This paper proposed privacy-preserving mechanisms (PPMs) for UAVs in package delivery and IoT data collection applications. In the former, we proposed two PPMs for a UAV in which the goal is to confuse an adversary who is observing the UAV about the UAV's destination. This is accomplished through two randomization mechanisms. We obtained privacy guarantees along with energy efficiency guarantees for the proposed PPMs and analyzed the trade-offs. Then, we proposed a PPM for a UAV in the IoT data collection setting. The PPM is based on adding noise to the UAV's optimum location for data collection. We analyzed the privacy guarantee of the proposed PPM along with the AoI of the network. We showed that the proposed PPM has a negligible drawback on the AoI performance. Considering q AoI (s).
). q AoI (s).
).
AoI (s). (a) AoI and privacy guarantee trends.
Noise variance, 2 , (m 2 ).
(a) AoI and privacy guarantee trends. the limitations of the proposed PPM in some applications, we also provided DP-based counterparts for the proposed PPM and analyzed privacy trade-offs with the AoI. There can be several avenues for future work: One can consider optimization problems for the proposed PPMs and other performance metrics such as UAV energy consumption, IoT energy harvesting, maximum coverage of devices, etc. Another direction can be considering stronger adversaries. In particular, in the IoT data collection scenario, by observing τ and having side information on the channel gains (Cases 3 and 4), an adversary is able to estimate the IoT device's distance from the UAV to the IoT device accurately. Therefore, it is essential to design stronger PPMs for this problem. Finally, in the package delivery scenario, one can design PPMs for a strong adversary where he can observe the UAV's speed as well as the UAV's trajectory.
A P P E N D I X Here we show the proof of how the noise variance is obtained in the (ϵ, δ)-DP. Assume that x R 2 , y R 2 are two arbitrary points with independent elements for which we define v = x -y and ||v||2 = d0. Let x ′ = x + n, where n R 2 is a Gaussian