Location Privacy with Randomness Consistency

Open access


Location-Based Social Network (LBSN) applications that support geo-location-based posting and queries to provide location-relevant information to mobile users are increasingly popular, but pose a location-privacy risk to posts. We investigated existing LBSNs and location privacy mechanisms, and found a powerful potential attack that can accurately locate users with relatively few queries, even when location data is well secured and location noise is applied. Our technique defeats previously proposed solutions including fake-location detection and query rate limits.

To protect systems from this attack, we propose a simple, scalable, yet effective defense that quantizes the map into squares using hierarchical subdivision, consistently returns the same random result to multiple queries from the same square for posts from the same user, and responds to queries with different distance thresholds in a correlated manner, limiting the information gained by attackers, and ensuring that an attacker can never accurately know the quantized square containing a user. Finally, we verify the performance of our defense and analyze the trade-offs through comprehensive simulation in realistic settings. Surprisingly, our results show that in many environments, privacy level and user accuracy can be tuned using two independent parameters; in the remaining environments, a single parameter adjusts the tradeoff between privacy level and user accuracy. We also thoroughly explore the parameter space to provide guidance for actual deployments.

[1] Boundaries - Census Blocks (Chicago, IL). http://www.cityofchicago.org/city/en/depts/doit/dataset/boundaries_-_censusblocks.html.

[2] Facebook. Online socail mobile application. https://itunes.apple.com/us/app/facebook/id284882215?mt=8.

[3] Fact Finder. http://factfinder.census.gov/faces/nav/jsf/pages/index.xhtml.

[4] Hinge. Online dating mobile application. http://hinge.co.

[5] Match. Online dating mobile application. http://www.match.com.

[6] Skout. http://www.skout.com.

[7] Tinder. Online dating mobile application. https://www.gotinder.com.

[8] Whisper. Anonymous mobile social network. https: //whisper.sh.

[9] Yelp. http://www.yelp.com.

[10] Yik Yak. Anonymous mobile social network. http://www.yikyakapp.com.

[11] Police: Thieves robbed homes based on Facebook, social media sites. http://www.wmur.com/Police-Thieves-Robbed-Homes-Based-On-Facebook-Social-Media-Sites/11861116, 2010.

[12] New social App has juicy posts, all anonymous. http:// www.nytimes.com/2014/03/19/technology/new-social-apphas-juicy-posts-but-no-names.html?_r=0, 2014.

[13] G. Ananthanarayanan, V. N. Padmanabhan, L. Ravindranath, and C. A. Thekkath. Combine: leveraging the power of wireless peers through collaborative downloading. In Proceedings of the 5th international conference on Mobile systems, applications and services, pages 286-298. ACM, 2007.

[14] M. E. Andrés, N. E. Bordenabe, K. Chatzikokolakis, and C. Palamidessi. Geo-indistinguishability: Differential privacy for location-based systems. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 901-914. ACM, 2013.

[15] C. A. Ardagna, M. Cremonini, E. Damiani, S. D. C. Di Vimercati, and P. Samarati. Location privacy protection through obfuscation-based techniques. In Data and Applications Security XXI, pages 47-60. Springer, 2007.

[16] M. Bellare and P. Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the 1st ACM conference on Computer and communications security, pages 62-73. ACM, 1993.

[17] G. Danezis and P. Mittal. Sybilinfer: Detecting sybil nodes using social networks. In NDSS. San Diego, CA, 2009.

[18] R. A. Finkel and J. L. Bentley. Quad trees a data structure for retrieval on composite keys. Acta informatica, 4(1):1-9, 1974.

[19] B. Gedik and L. Liu. Location privacy in mobile systems: A personalized anonymization model. In Distributed Computing Systems, 2005. ICDCS 2005. Proceedings. 25th IEEE International Conference on, pages 620-629. IEEE, 2005.

[20] A. Gendar and A. Lisberg. How cell phone helped cops nail key murder suspect. Secret ’pings’ that gave bouncer away. http://www.nydailynews.com/archives/news/cell-phonehelped-cops-nail-key-murder-suspect-secret-pings-gavebouncer-article-1.599672, 2006.

[21] G. Ghinita, P. Kalnis, A. Khoshgozaran, C. Shahabi, and K.- L. Tan. Private queries in location based services: anonymizers are not necessary. In Proceedings of the 2008 ACM SIGMOD international conference on Management of data, pages 121-132. ACM, 2008.

[22] P. Golle and K. Partridge. On the anonymity of home/work location pairs. In Pervasive computing, pages 390-397. Springer, 2009.

[23] F. Grace. Stalker victims should check for GPS. http://www.cbsnews.com/news/stalker-victims-should-checkfor-gps/, 2003.

[24] M. Gruteser and D. Grunwald. Anonymous usage of location-based services through spatial and temporal cloaking. In Proceedings of the 1st international conference on Mobile systems, applications and services, pages 31-42. ACM, 2003.

[25] P. Harremoës and F. Topsøe. Maximum entropy fundamentals. Entropy, 3(3):191-226, 2001.

[26] M. Hendrickson. The state of location-based social networking on the iPhone. http://techcrunch.com/2008/09/28/thestate-of-location-based-social-networking-on-the-iphone, 2008.

[27] T. Jiang, H. J. Wang, and Y.-C. Hu. Preserving location privacy in wireless lans. In Proceedings of the 5th international conference on Mobile systems, applications and services, pages 246-257. ACM, 2007.

[28] P. Kalnis, G. Ghinita, K. Mouratidis, and D. Papadias. Preventing location-based identity inference in anonymous spatial queries. Knowledge and Data Engineering, IEEE Transactions on, 19(12):1719-1733, 2007.

[29] J. Krumm. Inference attacks on location tracks. In Pervasive Computing, pages 127-143. Springer, 2007.

[30] M. Li, H. Zhu, Z. Gao, S. Chen, L. Yu, S. Hu, and K. Ren. All your location are belong to us: Breaking mobile social networks for automated user location tracking. In Proceedings of the 15th ACM international symposium on Mobile ad hoc networking and computing, pages 43-52. ACM, 2014.

[31] N. Li and G. Chen. Analysis of a location-based social network. In Computational Science and Engineering, 2009. CSE’09. International Conference on, volume 4, pages 263-270. Ieee, 2009.

[32] M. F. Mokbel, C.-Y. Chow, and W. G. Aref. The new casper: A privacy-aware location-based database server. In Data Engineering, 2007. ICDE 2007. IEEE 23rd International Conference on, pages 1499-1500. IEEE, 2007.

[33] M. Motani, V. Srinivasan, and P. S. Nuggehalli. Peoplenet: engineering a wireless virtual social network. In Proceedings of the 11th annual international conference on Mobile computing and networking, pages 243-257. ACM, 2005.

[34] A. Narayanan, N. Thiagarajan, M. Lakhani, M. Hamburg, and D. Boneh. Location privacy via private proximity testing. In NDSS. Citeseer, 2011.

[35] S. Papadopoulos, S. Bakiras, and D. Papadias. Nearest neighbor search with strong location privacy. Proceedings of the VLDB Endowment, 3(1-2):619-629, 2010.

[36] I. Polakis, G. Argyros, T. Petsios, S. Sivakorn, and A. D. Keromytis. Where’s wally?: Precise user discovery attacks in location proximity services. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pages 817-828. ACM, 2015.

[37] K. P. Puttaswamy, S. Wang, T. Steinbauer, D. Agrawal, A. El Abbadi, C. Kruegel, and B. Y. Zhao. Preserving location privacy in geosocial applications. Mobile Computing, IEEE Transactions on, 13(1):159-173, 2014.

[38] K. P. Puttaswamy and B. Y. Zhao. Preserving privacy in location-based mobile social applications. In Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications, pages 1-6. ACM, 2010.

[39] B. Schilit, J. Hong, and M. Gruteser. Wireless location privacy protection. Computer, 36(12):135-137, 2003.

[40] R. Shokri, G. Theodorakopoulos, J.-Y. Le Boudec, and J.- P. Hubaux. Quantifying location privacy. In Security and privacy (sp), 2011 ieee symposium on, pages 247-262. IEEE, 2011.

[41] M. Siegler. Foodspotting is a location-based game that will make your mouth water. http://techcrunch.com/2010/03/04/foodspotting.

[42] M. Veytsman. How I was able to track the location of any Tinder user. http://blog.includesecurity.com/2014/02/howi-was-able-to-track-location-of-any.html.

[43] G. Wang, B. Wang, T. Wang, A. Nika, H. Zheng, and B. Y. Zhao. Whispers in the dark: Analysis of an anonymous social network. In IMC ’14 Proceedings of the 2014 Conference on Internet Measurement Conference, pages 137-150, New York, USA, 2014. ACM.

[44] Z. Yang, C. Wilson, X. Wang, T. Gao, B. Y. Zhao, and Y. Dai. Uncovering social network sybils in the wild. ACM Transactions on Knowledge Discovery from Data (TKDD), 8(1):2, 2014.

[45] G. Zhong, I. Goldberg, and U. Hengartner. Louis, lester and pierre: Three protocols for location privacy. In Privacy Enhancing Technologies, pages 62-76. Springer, 2007.

Journal Information


All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 109 109 10
PDF Downloads 37 37 4