TY - GEN
T1 - Preventing velocity-based linkage attacks in location-aware applications
AU - Ghinita, Gabriel
AU - Damiani, Maria Luisa
AU - Silvestri, Claudio
AU - Bertino, Elisa
PY - 2009
Y1 - 2009
N2 - Mobile devices with positioning capabilities allow users to participate in novel and exciting location-based applications. For instance, users may track the whereabouts of their acquaintances in location-aware social networking applications, e.g., GoogleLatitude. Furthermore, users can request information about landmarks in their proximity. Such scenarios require users to report their coordinates to other parties, which may not be fully trusted. Reporting precise locations may result in serious privacy violations, such as disclosure of lifestyle details, sexual orientation, etc. A typical approach to preserve location privacy is to generate a cloaking region (CR) that encloses the user position. However, if locations are continuously reported, an attacker can correlate CRs from multiple timestamps to accurately pinpoint the user position within a CR. In this work, we protect against linkage attacks that infer exact locations based on prior knowledge about maximum user velocity. Assume user u who reports two consecutive cloaked regions A and B. We consider two distinct protection scenarios: in the first case, the attacker does not have information about the sensitive locations on the map, and the objective is to ensure that u can reach some point in B from any point in A. In the second case, the attacker knows the placement of sensitive locations, and the objective is to ensure that u can reach any point in B from any point in A. We propose spatial and temporal cloaking transformations to preserve user privacy, and we show experimentally that privacy can be achieved without significant quality of service deterioration.
AB - Mobile devices with positioning capabilities allow users to participate in novel and exciting location-based applications. For instance, users may track the whereabouts of their acquaintances in location-aware social networking applications, e.g., GoogleLatitude. Furthermore, users can request information about landmarks in their proximity. Such scenarios require users to report their coordinates to other parties, which may not be fully trusted. Reporting precise locations may result in serious privacy violations, such as disclosure of lifestyle details, sexual orientation, etc. A typical approach to preserve location privacy is to generate a cloaking region (CR) that encloses the user position. However, if locations are continuously reported, an attacker can correlate CRs from multiple timestamps to accurately pinpoint the user position within a CR. In this work, we protect against linkage attacks that infer exact locations based on prior knowledge about maximum user velocity. Assume user u who reports two consecutive cloaked regions A and B. We consider two distinct protection scenarios: in the first case, the attacker does not have information about the sensitive locations on the map, and the objective is to ensure that u can reach some point in B from any point in A. In the second case, the attacker knows the placement of sensitive locations, and the objective is to ensure that u can reach any point in B from any point in A. We propose spatial and temporal cloaking transformations to preserve user privacy, and we show experimentally that privacy can be achieved without significant quality of service deterioration.
KW - Location privacy
KW - Location-aware social networks
UR - http://www.scopus.com/inward/record.url?scp=74049132493&partnerID=8YFLogxK
U2 - 10.1145/1653771.1653807
DO - 10.1145/1653771.1653807
M3 - Conference contribution
AN - SCOPUS:74049132493
SN - 9781605586496
T3 - GIS: Proceedings of the ACM International Symposium on Advances in Geographic Information Systems
SP - 246
EP - 255
BT - 17th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems, ACM SIGSPATIAL GIS 2009
T2 - 17th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems, ACM SIGSPATIAL GIS 2009
Y2 - 4 November 2009 through 6 November 2009
ER -