Protecting Location Privacy: Optimal Strategy against Localization Attacks Reza Shokri, George Theodorakopoulos, Carmela Troncoso, Jean-Pierre Hubaux,

Slides:



Advertisements
Similar presentations
TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST
Advertisements

You have been given a mission and a code. Use the code to complete the mission and you will save the world from obliteration…
Advanced Piloting Cruise Plot.
© 2008 Pearson Addison Wesley. All rights reserved Chapter Seven Costs.
Chapter 1 The Study of Body Function Image PowerPoint
1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.
By D. Fisher Geometric Transformations. Reflection, Rotation, or Translation 1.
Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.
Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination.
Thursday, March 7 Duality 2 – The dual problem, in general – illustrating duality with 2-person 0-sum game theory Handouts: Lecture Notes.
Ramin Khalili (T-Labs/TUB) Nicolas Gast (LCA2-EPFL)
Summary of Convergence Tests for Series and Solved Problems
Human Performance Improvement Process
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Title Subtitle.
Properties of Real Numbers CommutativeAssociativeDistributive Identity + × Inverse + ×
My Alphabet Book abcdefghijklm nopqrstuvwxyz.
0 - 0.
DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
MULTIPLYING MONOMIALS TIMES POLYNOMIALS (DISTRIBUTIVE PROPERTY)
FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.
Addition Facts
Year 6 mental test 5 second questions
ZMQS ZMQS
Solve Multi-step Equations
REVIEW: Arthropod ID. 1. Name the subphylum. 2. Name the subphylum. 3. Name the order.
BT Wholesale October Creating your own telephone network WHOLESALE CALLS LINE ASSOCIATED.
Spoofing State Estimation
ABC Technology Project
Shadow Prices vs. Vickrey Prices in Multipath Routing Parthasarathy Ramanujam, Zongpeng Li and Lisa Higham University of Calgary Presented by Ajay Gopinathan.
June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 1 A Robust Reputation System for P2P and Mobile Ad-hoc Networks.
On the Optimal Placement of Mix Zones Julien Freudiger, Reza Shokri and Jean-Pierre Hubaux PETS, 2009.
1 Undirected Breadth First Search F A BCG DE H 2 F A BCG DE H Queue: A get Undiscovered Fringe Finished Active 0 distance from A visit(A)
VOORBLAD.
15. Oktober Oktober Oktober 2012.
Quadratic Inequalities
1 Breadth First Search s s Undiscovered Discovered Finished Queue: s Top of queue 2 1 Shortest path from s.
Factor P 16 8(8-5ab) 4(d² + 4) 3rs(2r – s) 15cd(1 + 2cd) 8(4a² + 3b²)
Squares and Square Root WALK. Solve each problem REVIEW:
Do you have the Maths Factor?. Maths Can you beat this term’s Maths Challenge?
© 2012 National Heart Foundation of Australia. Slide 2.
Lets play bingo!!. Calculate: MEAN Calculate: MEDIAN
Understanding Generalist Practice, 5e, Kirst-Ashman/Hull
Chapter 5 Test Review Sections 5-1 through 5-4.
SIMOCODE-DP Software.
GG Consulting, LLC I-SUITE. Source: TEA SHARS Frequently asked questions 2.
Addition 1’s to 20.
25 seconds left…...
Slippery Slope
H to shape fully developed personality to shape fully developed personality for successful application in life for successful.
Januar MDMDFSSMDMDFSSS
Week 1.
We will resume in: 25 Minutes.
©Brooks/Cole, 2001 Chapter 12 Derived Types-- Enumerated, Structure and Union.
Dantzig-Wolfe Decomposition
A SMALL TRUTH TO MAKE LIFE 100%
1 Unit 1 Kinematics Chapter 1 Day
PSSA Preparation.
VPN AND REMOTE ACCESS Mohammad S. Hasan 1 VPN and Remote Access.
Immunobiology: The Immune System in Health & Disease Sixth Edition
1 PART 1 ILLUSTRATION OF DOCUMENTS  Brief introduction to the documents contained in the envelope  Detailed clarification of the documents content.
Basics of Statistical Estimation
NON - zero sum games.
Quantifying Location Privacy: The Case of Sporadic Location Exposure Reza Shokri George Theodorakopoulos George Danezis Jean-Pierre Hubaux Jean-Yves Le.
Quantifying Location Privacy Reza Shokri George Theodorakopoulos Jean-Yves Le Boudec Jean-Pierre Hubaux May 2011.
Presentation transcript:

Protecting Location Privacy: Optimal Strategy against Localization Attacks Reza Shokri, George Theodorakopoulos, Carmela Troncoso, Jean-Pierre Hubaux, Jean-Yves Le Boudec EPFL Cardiff University K. U. Leuven 19 th ACM Conference on Computer and Communications Security (CCS), October 2012

Location-based Services Sharing Location with Friends Sharing Location with Businesses Uploading location, tagging documents, photos, messages, … Asking for near-by services, finding near-by friends, … 2

Example: Facebook Location-Tagging Source: WHERE 2012, Josh Williams, "New Lines on the Horizon“, Justin Moore, "Ignite - Facebook's Data" >600M mobile users 3

Check-ins at Facebook, one-day Source: Where 2012, Josh Williams, "New Lines on the Horizon“, Justin Moore, "Ignite - Facebook's Data" 4

The contextual information attached to a trace tells much about our habits, interests, activities, and relationships A location trace is not only a set of positions on a map Threat 5

Location-Privacy Protection Mechanisms Anonymization (removing the user’s identity) – It has been shown inadequate, as a single defense – The traces can be de-anonymized, given an adversary with some knowledge on the users Obfuscation (reporting a fake location) – Service Quality? – Users share their locations to receive some services back. Obfuscation degrades the service quality in favor of location privacy 6

Designing a Protection Mechanism Challenges – Respect users’ required service quality – User-based protection – Real-time protection Common Pitfall – Ignor adversary knowledge Adversary can invert the obfuscation mechanism – Disregard optimal attack Given a protection mechanism, attacker designs an attack to minimize his estimation error in his inference attack 7

Our Objective: Design Optimal Protection Strategy A defense mechanism that anticipates the attacks that can happen against it, and maximizes the users’ location privacy against the most effective attack, and respects the users’ service quality constraint. 8

Outline Assumptions Model – User’s Profile – Protection Mechanism – Inference Attack Problem Statement Solution: Optimal strategy for user and adversary Evaluation 9

Assumptions LBS: Sporadic Location Exposure – Location check-in, search for nearby services, … Adversary: Service provider – Or any entity who eavesdrops on the users’ LBS accesses Attack: Localization – What is the user’s location when accessing LBS? Protection: User-centric obfuscation mechanism – So, we focus on a single user Privacy Metric: – Adversary’s expected error in estimating the user’s true location, given the user’s profile and her observed location 10

Adversary Knowledge: User’s “Location Access Profile” 11 Data source: Location traces collected by Nokia Lausanne (Lausanne Data Collection Campaign)Lausanne Data Collection Campaign

Location Obfuscation Mechanism Consequence: “Service Quality Loss” 12

Location Inference Attack Estimation Error: “Location Privacy” 13

Problem Statement 14

Zero-sum Bayesian Stackelberg Game User Adversary (leader) (follower) Game LBS message user gain / adversary loss 15

Optimal Strategy for the User Proper probability distribution Respect service quality constraint 16

Optimal Strategy for the Adversary Note: This is the dual of the previous optimization problem Proper probability distribution Shadow price of the service quality constraint. (exchange rate between service quality and privacy) Minimizing the user’s maximum privacy under the service quality constraint 17

Evaluation: Obfuscation Function 18

Output Visualization of Obfuscation Mechanisms Optimal ObfuscationBasic Obfuscation (k = 7) 19

Evaluation: Localization Attack Optimal attack against optimal obfuscation – Given the service quality constraint Bayesian attack against any obfuscation Optimal attack against any obfuscation – Regardless of any service quality constraint 20

Optimal vs. non-Optimal Service quality threshold is set to the service quality loss incurred by basic obfuscation. 21 k=1 k=30

Conclusion (Location) Privacy is an undisputable issue, with more people uploading their location more regularly Privacy (similar to any security property) is adversarial- dependent. Disregarding adversary’s strategy and knowledge limits the privacy protection Our game theoretic analysis helps solving optimal attack and optimal defense simultaneously – Given the service quality constraint Our methodology can be applied in other privacy domains 22

23

24

Optimal Attack & Optimal Defense 25 Service quality threshold is set to the service quality loss incurred by basic obfuscation.

“Optimal Strategies” Tradeoff between Privacy and Service Quality 26

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.