Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Hiding Stars with Fireworks: Location Privacy through Camouflage Joseph Meyerowitz Romit Roy Choudhury ECE and PhysicsDept. of ECE and CS.

Published byTheodore Beasley Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Hiding Stars with Fireworks: Location Privacy through Camouflage Joseph Meyerowitz Romit Roy Choudhury ECE and PhysicsDept. of ECE and CS."— Presentation transcript:

1 1 Hiding Stars with Fireworks: Location Privacy through Camouflage Joseph Meyerowitz Romit Roy Choudhury ECE and PhysicsDept. of ECE and CS

2 2 Context Better localization technology + Pervasive wireless connectivity = Location-based applications

3 3 Location-Based Apps For Example:  GeoLife shows grocery list near WalMart  Micro-Blog allows location scoped querying  Location-based ad: Coffee coupon at Starbucks  … Location expresses context of user  Facilitating content delivery Location is the IP address Its as iffor content

4 4 While location drives this new class of applications, it also violates user’s privacy Sharper the location, richer the app, deeper the violation Double-Edged Sword

5 5 While location drives this new class of applications, it also violates user’s privacy Sharper the location, richer the app, deeper the violation Moreover, range of apps are PUSH based. Require continuous location information Phone detected at Starbucks, PUSH a coffee coupon Phone located on highway, query traffic congestion Double-Edged Sword

6 6 Location Privacy Problem: Research: Continuous location exposure a serious threat to privacy Continuous location exposure a serious threat to privacy Preserve privacy without sacrificing the quality of continuous loc. based apps Preserve privacy without sacrificing the quality of continuous loc. based apps

7 7 Just Call Yourself ``Freddy” Pseudonymns [Gruteser04]  Effective only when infrequent location exposure  Else, spatio-temporal patterns enough to deanonymize … think breadcrumbs Romit’s Office John LeslieJack Susan Alex

8 8 Add Noise K-anonymity [Gedic05]  Convert location to a space-time bounding box  Ensure K users in the box  Location Apps reply to boxed region Issues  Poor quality of location  Degrades in sparse regions  Not real-time You Bounding Box K=4

9 9 Confuse Via Mixing Path intersections is an opportunity for privacy  If users intersect in space-time, cannot say who is who later

10 10 Confuse Via Mixing Path intersections is an opportunity for privacy  If users intersect in space-time, cannot say who is who later Unfortunately, users may not intersect in both space and time Unfortunately, users may not intersect in both space and time Hospital Airport ? ?

11 11 Hiding Until Mixed Partially hide locations until users mixed [Gruteser07]  Expose after a delay Hospital Airport

12 12 Hiding Until Mixed Partially hide locations until users mixed [Gruteser07]  Expose after a delay But delays unacceptable to real-time apps Hospital Airport

13 13 Existing solutions seem to suggest: Privacy and Quality of Localization (QoL) is a zero sum game Need to sacrifice one to gain the other

14 14 Our Goal Break away from this tradeoff Target: Spatial accuracy Real-time updates Privacy guarantees Even in sparse populations We design: CacheCloak

15 15 The Intuition Predict until paths intersect Hospital Airport

16 16 The Intuition Predict until paths intersect Hospital Airport Predict

17 17 The Intuition Predict until paths intersect  Expose predicted intersection to application Hospital Airport Cache the information on each predicted location Predict

18 18 CacheCloak System Design and Evaluation

19 19 Assume trusted privacy provider  Reveal location to CacheCloak  CacheCloak exposes anonymized location to Loc. App Architecture CacheCloak Loc. App1 Loc. App2 Loc. App3 Loc. App4

20 20 In Steady State … Location Based Application CacheCloak

21 21 Prediction Location Based Application Backward prediction Forward prediction CacheCloak

22 22 Prediction Location Based Application CacheCloak

23 23 Predicted Intersection Location Based Application Predicted Path CacheCloak

24 24 Query Location Based Application Predicted Path CacheCloak

25 25 Query Location Based Application ? ?? ? CacheCloak

26 26 LBA Responds Location Based Application Array of responses CacheCloak

27 27 Cached Location Based Application Cached Responses Location based Information CacheCloak

28 28 Cached Response Location Based Application Cached Responses Location based Information CacheCloak

29 29 Cached Response Location Based Application Cached Responses Location based Information CacheCloak

30 30 Cached Response Location Based Application Cached Responses CacheCloak

31 31 Cached Response Location Based Application Predicted Path CacheCloak

32 32 Benefits Real-time  Response ready when user arrives at predicted location High QoL  Responses can be specific to location  Overhead on the wired backbone (caching helps) Entropy guarantees  Entropy increases at traffic intersections Sparse population  Can be handled with dummy users, false branching Predicted Path

33 33 Quantifying Privacy City converted into grid of small sqaures (pixels)  Users are located at a pixel at a given time Each pixel associated with 8x8 matrix  Element (x, y) = probability that user enters x and exits y Probabilities diffuse  At intersections  Over time Privacy = entropy x y pixel

34 34 Diffusion Probability of user’s presence diffuses  Diffusion gradient computed based on history  i.e., what fraction of users take right turn at this intersection Time t 1 Time t 2 Time t 3 Road Intersection

35 35 Evaluation Trace based simulation  VanetMobiSim + US Census Bureau trace data  Durham map with traffic lights, speed limits, etc.  Vehicles follow Google map paths  Performs collision avoidance 6km x 6km 10m x 10m pixel 1000 cars 6km x 6km 10m x 10m pixel 1000 cars

36 36 Results High average entropy  Quite insensitive to user density (good for sparse regions)  Minimum entropy reasonably high Number of Users (N) Time (Minutes) Min. Max. Bits of Mean Entropy

37 37 Results Peak Counting  # of places where attacker’s confidence is > Threshold Time (Seconds) Mean # of Peaks

38 38 Results Peak Counting  # of places where attacker’s confidence is > Threshold Number of Users (N) Mean # of Peaks

39 39 Limitations, Discussions … CacheCloak overhead  Application replies to lot of queries  However, overhead on wired infrastructure  Caching reduces this overhead significantly CacheCloak assumes same, indistinguishable query  Different queries can deanonymize  Possible through query combination … future work Per-user privacy guarantee not yet supported  Adaptive branching & dummy users CacheCloak - a central trusted entity  Distributed version proposed in the paper

40 40 Closing Thoughts Two nodes may intersect in space but not in time Mixing not possible, without sacrificing timeliness Mobility prediction creates space-time intersections Enables virtual mixing in future

41 41 Closing Thoughts CacheCloak Implements the prediction and caching function High entropy possible even under sparse population Spatio-temporal accuracy remains uncompromised

42 42

43 43

44 44 Thank You For more related work, visit: http://synrg.ee.duke.edu

Download ppt "1 Hiding Stars with Fireworks: Location Privacy through Camouflage Joseph Meyerowitz Romit Roy Choudhury ECE and PhysicsDept. of ECE and CS."

Similar presentations

Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,

Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,
Preserving Location Privacy Uichin Lee KAIST KSE Slides based on by Ling Liuhttp://www.vldb.org/conf/2007/papers/tutorials/p1429-liu.pdf.

Preserving Location Privacy Uichin Lee KAIST KSE Slides based on by Ling Liuhttp://
1 (ECE 256: Wireless Networking and Mobile Computing) Location Privacy in Mobile Computing Topics: Pseudonymns, CliqueCloak, Path Confusion, CacheCloak.

1 (ECE 256: Wireless Networking and Mobile Computing) Location Privacy in Mobile Computing Topics: Pseudonymns, CliqueCloak, Path Confusion, CacheCloak.
Directed Diffusion for Wireless Sensor Networking

Directed Diffusion for Wireless Sensor Networking
The Role of History and Prediction in Data Privacy Kristen LeFevre University of Michigan May 13, 2009.

The Role of History and Prediction in Data Privacy Kristen LeFevre University of Michigan May 13, 2009.
Quality Aware Privacy Protection for Location-based Services Zhen Xiao, Xiaofeng Meng Renmin University of China Jianliang Xu Hong Kong Baptist University.

Quality Aware Privacy Protection for Location-based Services Zhen Xiao, Xiaofeng Meng Renmin University of China Jianliang Xu Hong Kong Baptist University.
Virtual Trip Lines for Distributed Privacy-Preserving Traffic Monitoring Baik Hoh, Marco Gruteser WINLAB / ECE Dept., Rutgers University Ryan Herring,

Virtual Trip Lines for Distributed Privacy-Preserving Traffic Monitoring Baik Hoh, Marco Gruteser WINLAB / ECE Dept., Rutgers University Ryan Herring,
VTrack: Accurate, Energy-Aware Road Traffic Delay Estimation Using Mobile Phones Arvind Thiagarajan, Lenin Ravindranath, Katrina LaCurts, Sivan Toledo,

VTrack: Accurate, Energy-Aware Road Traffic Delay Estimation Using Mobile Phones Arvind Thiagarajan, Lenin Ravindranath, Katrina LaCurts, Sivan Toledo,
1 Location Privacy. 2 Context Better localization technology + Pervasive wireless connectivity = Location-based applications.

1 Location Privacy. 2 Context Better localization technology + Pervasive wireless connectivity = Location-based applications.
1 ROME: Road Monitoring and Alert System through Geo-Cache Bin Zan, Tingting Sun, Marco Gruteser, Yanyong Zhang WINLAB, Rutgers University.

1 ROME: Road Monitoring and Alert System through Geo-Cache Bin Zan, Tingting Sun, Marco Gruteser, Yanyong Zhang WINLAB, Rutgers University.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
Vehicle-to-Vehicle Wireless Communication Protocols for Enhancing Highway Traffic Safety - A Comparative Study of Data Dissemination Models for VANETs.

Vehicle-to-Vehicle Wireless Communication Protocols for Enhancing Highway Traffic Safety - A Comparative Study of Data Dissemination Models for VANETs.
Putting People in their Places An Anonymous and Privacy-Sensitive Approach to Collecting Sensed Data in Location-Based Applications Karen P. Tang Pedram.

Putting People in their Places An Anonymous and Privacy-Sensitive Approach to Collecting Sensed Data in Location-Based Applications Karen P. Tang Pedram.
Computer Science Spatio-Temporal Aggregation Using Sketches Yufei Tao, George Kollios, Jeffrey Considine, Feifei Li, Dimitris Papadias Department of Computer.

Computer Science Spatio-Temporal Aggregation Using Sketches Yufei Tao, George Kollios, Jeffrey Considine, Feifei Li, Dimitris Papadias Department of Computer.
TCP over ad hoc networks Ad Hoc Networks will have to be interfaced with the Internet. As such backward compatibility is a big issue. One might expect.

TCP over ad hoc networks Ad Hoc Networks will have to be interfaced with the Internet. As such backward compatibility is a big issue. One might expect.
1 Location Information Management and Moving Object Databases “Moving Object Databases: Issues and Solutions” Ouri, Bo, Sam and Liqin.

1 Location Information Management and Moving Object Databases “Moving Object Databases: Issues and Solutions” Ouri, Bo, Sam and Liqin.
APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-based Services Zhichao Zhu and Guohong Cao Department of Computer Science and.

APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-based Services Zhichao Zhu and Guohong Cao Department of Computer Science and.
DAMN : A Distributed Architecture for Mobile Navigation Julio K. Rosenblatt Presented By: Chris Miles.

DAMN : A Distributed Architecture for Mobile Navigation Julio K. Rosenblatt Presented By: Chris Miles.
1 Preserving Privacy in GPS Traces via Uncertainty-Aware Path Cloaking by: Baik Hoh, Marco Gruteser, Hui Xiong, Ansaf Alrabady ACM CCS '07 Presentation:

1 Preserving Privacy in GPS Traces via Uncertainty-Aware Path Cloaking by: Baik Hoh, Marco Gruteser, Hui Xiong, Ansaf Alrabady ACM CCS '07 Presentation:
Baik Hoh Marco Gruteser Hui Xiong Ansaf Alrabady All images are credited to “ACM” Hoh et al (2007), pp. 161-170.

Baik Hoh Marco Gruteser Hui Xiong Ansaf Alrabady All images are credited to “ACM” Hoh et al (2007), pp

Similar presentations

Ads by Google