1 / 21

Quality Aware Privacy Protection for Location-based Services

Quality Aware Privacy Protection for Location-based Services. Zhen Xiao, Xiaofeng Meng Renmin University of China Jianliang Xu Hong Kong Baptist University Presented by Xiao Pan. Outline. Motivation Contributions Location K-Anonymity Model Cloaking Algorithm Improvement with Dummy

plato-slater
Download Presentation

Quality Aware Privacy Protection for Location-based Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Quality Aware Privacy Protection for Location-based Services Zhen Xiao, Xiaofeng Meng Renmin University of China Jianliang Xu Hong Kong Baptist University Presented by Xiao Pan

  2. Outline • Motivation • Contributions • Location K-Anonymity Model • Cloaking Algorithm • Improvement with Dummy • Experiments • Related Works • Conclusions

  3. Motivation: Privacy in LBS Where is my nearest hotel? LBS Provider Where is my way to The Emporium? • Unique identifier • Location information

  4. r2 r3 r1 r4 Privacy & QoS Trade-Off Privacy Requirements • Location anonymity • Sensitive location: clinic, nightclub L contains at least k-1 other users • Identifier anonymity • Sensitive message: political, financial l(x,y)is covered by at least k-1 other requests k-anonymity model location point l(x,y) cloaking region L

  5. Contribution • New quality-aware anonymity model • Protect location privacy • Satisfy QoS requirements • Directed-graph based cloaking algorithm • Maximize cloaking success rate with QoS guaranteed. • Improvement • Use dummy locations to achieve a 100% cloaking success rate

  6. System Model Location-based Service Providers anonymized request Anonymizing Expand the exact location point into cloaking region Trusted Anonymizing Proxy original request Mobile Clients

  7. Request formats • Anonymized Request • Pseudonym • Cloaking region • Service related content • Original Request • Identifier • Current location • Quality of service • Maximum cloaking latency • Maximum cloaking region • Location privacy • Minimum anonymity level • Service related content • Current time

  8. Location K-Anonymity Model For any request , if and only if • its cloaking region covers the locations of at least k-1 other requests (location anonymity set) • its location is covered by the cloaking regions of at least k-1 other requests (identifier anonymity set).

  9. Quality Aware Location K-anonymity Model • Location Privacy • to expand the user location into a cloaking region such that the location k-anonymity model is satisfied. • Temporal QoS • the request must be anonymized before the pre-defined maximum cloaking delay • Spatial QoS • the cloaking region size should not exceed a threshold

  10. Cloaking Algorithm • Directed graph • Find the location anonymity set and identifier anonymity set to satisfy the location k-anonymity model through neighbor ships of request nodes. • Spatial index • Use window query to facilitate construction and maintenance of neighbor ships in the graph • Min-heap • Order the requests according to their cloaking deadlines, detect the expiration of requests

  11. r2 r2 r3 r3 r1 r1 r4 r4 Directed Graph • G(V, E): directed graph • V: set of nodes (requests) • E: set of edges • edge eij=(ri, rj) ∈ E, iff | rirj | < ri. • edge eji=(rj, ri) ∈ E, iff | rirj | < rj. • rican be anonymized immediately if there are at least k-1 other forwarded requests in Uout and k-1 other forwarded requests in Uin Location anonymity set Uout= {r2, r3, r4 } outgoing neighbors Identifier anonymity set Uin= {r3, r4 } incoming neighbors

  12. original request Anonymizing Proxy id Min Heap Directed Graph Spatial Index Cloaking Algorithm: Maintenance Range Query C Location Anonymity Set r.Uout Identifier Anonymity Set r.Uin

  13. r Get the top request r Min Heap Directed Graph Spatial Index Min Heap Cloaking Algorithm: Cloaking Enough forwarded neighbors in Uout and Uin? remover in the graph remover in the graph Delay it until all its neighbors have been forwarded r

  14. Improvement with Dummy • Guarantee a 100% success rate. • Only need to maintain the in-degree and out-degree of each node r. • Cloaking region of each dummy request d is a random spatial region between MBR (r, d) and MBR (r.Uout). • Both in-degree neighbors and out-degree neighbors  high privacy level • Satisfy the spatial QoS requirement of r • Indistinguishable from actual requests

  15. Experimental Settings • Brinkhoff Network-based Generator of Moving Objects. • Input: • Road map of Oldenburg County • Output: • 20K moving objects with the location range [0-200] • Minimum Update interval=20K • The identifier, the location information (x,y). • K=2-5 • = 2-10 • =1000-3000, =10 • CliqueCloak vs. No Dummy vs. Dummy • The success rate with different requirements • The relative anonymity level • Cost of dummy

  16. Cloaking Success Rate • Our method (no dummy) has 5-25% higher success rate. • Larger k  lower success rate. • Our method (no dummy) is more robust. • Relative location anonymity level = k’ / k • Our method (no dummy) supports larger k values

  17. =[0.015-0.05]% of the space • =[0.05-0.25]% of the update interval. Cloaking Success Rate • Our method (no dummy) has higher success rate. • Larger or , more flexibility, higher success rate.

  18. Dummy Cost & Cloaking Efficiency • Portion = dummy / (dummy + true) • Larger k, more dummies • Average 10%, acceptable • Our method (no dummy) has much shorter cloaking time. • Larger k, longer time.

  19. Related Works • Quad-tree based Cloaking Algorithm • Recursively subdivides the entire into quadrants, until the quadrant includes the user and other k-1 users M. Gruteser and D. Grunwald. Anonymous usage of location-based services through spatial and temporal cloaking, MobiSys, 2003 • Clique-Cloak Algorithm • Personalized privacy requirements: k, spatial and temporal tolerance values • An undirected graph is constructed to search for clique that includes the user’s message and other k-1 messages. B. Gedik and L. Liu.Location Privacy in Mobile Systems: A Personalized Anonymization Model. ICDCS, 2005. • Casper • Grid-based cloaking algorithm • Privacy-aware query processor M. F. Mokbel, C. Chow and W. G. Aref. The New Casper: Query Processing for Location Services without Compromising Privacy. VLDB. 2006.

  20. Conclusions • Problem: quality-aware privacy protection inLBS • Classifylocationanonymity and identifier anonymity. • Solution • NewQuality-Aware K-Anonymity Model • Efficient directed-graph based cloaking algorithm • An option of using dummy requests • Experimental evaluation • Various privacy andQoS requirements • Efficient

  21. Thank you

More Related