SUSTAINABILITY- A MYTH OR A REALITY? Dipti Karnad Sumitra Mishra Sampada Shevde.
Preserving Privacy in Location-Based Services using Sudoku Structures A Presentation for ICISS-2014...
-
Upload
christopher-kennedy -
Category
Documents
-
view
212 -
download
0
Transcript of Preserving Privacy in Location-Based Services using Sudoku Structures A Presentation for ICISS-2014...
Preserving Privacy in Location-Based Services
using Sudoku Structures
A Presentation for ICISS-2014
IDRBT, Hyderabad
Authors : Sumitra Biswal, Goutam Paul & Shashwat Raizada
OUTLINE
• Introduction – case study• Location Privacy : Concept and background• Limitations encountered• Objective of the paper• Proposed Mechanism• Preventive measures against adversarial
attacks• Experimentations and inference• ConclusionNOTE: The presentation contains instances and certain pictures referred from internet
Introduction : Case Study
• Location Based Services (LBS) offer services anytime and anywhere.– Automate multiple tasks.– Quicker and given refined
facilities.– Time saving.
• Services seek Location to provide “Intelligent” service.
• LBS dark aspects – profit oriented, no guaranteed proof of secure data handling.
Retrieved from http://www.navigadget.com/index.php/2006/03/23/location-based-services-without-a-gps-receiver
Retrieved from http://www.consumerreports.org/cro/news/2011/06/senate-introduces-mobile-location-privacy-bill/index.htm
LBS post user target ads using location and time of
visit details• LBS owing to new Privacy Bills claim
their concern for user privacy.• No guaranteed proof of data security and
privacy found yet.
INEVITABLE QUESTION
“If you aren't doing anything wrong, what do you have to hide?”
MUCH MORE INEVITABLE ANSWER
“If I'm not doing anything wrong, then you have no cause to watch me.”
- Ref. (“The value of Privacy” - Schneier on Security)
Consistently keeping track of records with a notion of suspicion is “Spying” and is objectionable.
Retrieved from http://www.adweek.com/news-gallery/technology/how-pg-unilever-and-campbells-are-targeting-foursquare-check-ads-154536#holiday-nog-2
Location Privacy: A growing concern among users
52% respondents express concern with sharing their location
49% would be comfortable if they can clearly manage who sees their location information
84% concerned about sharing information without consent and losing privacy thereafter.
Location Privacy : Concept and background
Retrieved from http://news.microsoft.com/2011/01/26/data-privacy-day-tackles-concerns-as-location-based-services-grow-in-popularity/
Almost one-quarter of respondents said their greatest privacy concern was having their information used for marketing purposes.
The same percentage of people named having strangers know too much about their activities as their top worry.
Retrieved from http://www.marketresearchworld.net/content/view/4867/48/
Google Play developer Content Policy (with effect from August 2014)
Retrieved from http://www.futureofprivacy.org/2014/01/15/a-cutting-edge-guide-to-privacy-for-not-so-cutting-edge-phones/
Users given privilege to opt out of Promotion based Ads.
LBS not allowed to link Ad Id with user device Identifiers.
In case of violation, services will be cast out.
Yet another creepy incident: Uber watching you using “God View ”
Retrieved from http://thehill.com/policy/technology/225071-uber-ignites-new-privacy-fight
2011 : Stalker view showing locations of 30 Uber users in NY, real time.
Half of the people were familiar.
Notified one of current whereabouts.
Concerned user / victim quits service
Retrieved from http://www.forbes.com/sites/kashmirhill/2014/10/03/god-view-uber-allegedly-stalked-users-for-party-goers-viewing-pleasure/
• Legal policies are not sufficient to counteract the issue. Law and Technology must go hand in hand.
• LBS no more just concern to users, but also for LBS developers and marketeers.
Retrieved from https://www.eff.org/wp/locational-privacy
Limitations Encountered
Pseudonyms. Cloaking- Location Perturbation.
K-Anonymity and Obfuscation.
L-Diversity Technique.
HashingAdding Random Noise.
Not sufficient to ensure privacy
Cannot serve varying
environments
3rd Party usage. Cannot be used unless K-
identical users available.
Entropy alone cannot provide risk levels of
adversary and inference attacks.
Might not help in trajectory mode
of privacy
Cannot cater to
non-uniform domains
Ref : From miscellaneous sources
Objective of the paper
• Address the challenges faced in the field of Pervasive Computing.
• To provide solution against adversarial location service providers.
• To not to use third party service providers for anonymisation and obfuscation purpose.
• To provide cost effective solution to the problems associated.
• To ensure it stands up to adversaries.
Proposed Mechanism
Major challenges exhibited in previous works
– Dependency on Third Parties
– Failure in dynamic environment• Aim : To develop a technique that renders uniformity
as well as preserves uniqueness.• SUDOKU : Principle of two U’s – Uniqueness and
Uniformity.• Level of Confidence degrades at Adversary level and
increases at Users’ end.• Covers Location ,Query and Trajectory Privacy.• Client- Server Architecture. NO Third Parties involved.
Sudoku and its hardness solving properties
• NP – complete problem• Total solutions to a 9X9 grid is approx. • Possess greater Shannon’s entropy than any
randomly generated matrix• Maximum Distance Separable (MDS) matrix• Uniform distribution
Preventive measures against adversarial attacks
• Man in the middle – adversary grabs the response of service provider to find user’s exact location.
• Tracking movement – Collating POIs of user to build profile
Man-in-the middle attack
Area of concern = X sq. Km
Grid order = N
Cellsize =C
Number of grids mapping the area, G = X / (N2 .C2)
Number of each kind of block available , U = G. N = X / (N .C2)
Each block represents user. User’s ubiquity measured by U
E is set of k entities, e1, e2 …ek for a query
di is the ith pairwise distance between entities.
Adversary’s objective : Break user’s ubiquity and nail down exact block of user’s presence.
Adversarial attack complexities
• Scattering of scarce entities:
di ≥ (C√2) i,
• Scattering of abundant amount of entities:
di < (C√2) i,
Using POIs along with time stamp to build profile of user violates trajectory privacy.
Server End :
Using block ID for providing navigation or routes
User End : • Querying source and destination in terms of block ID• Compute appropriate route at device level and navigate• Each navigational route equipped with mix zone
concept and delayed time stamp
Tracking Movement
Experimentations and inferenceIncreasing variability of entities ensures less ubiquity of blocks
Each block represents a user.
User may lose ubiquity with increasing variability
Variability if (Grid Order AND Cellsize )
BLOCK HOSPITALS RESTAURANTS ATM_COUNTERS
1 84 236 470
2 6 14 23
3 4 13 27
4 86 237 480
Grid Order 4 with No. of Entities=1680; Cellsize=500m.
Grid Order 4 with No. of Entities=1680; Cellsize=50m.
BLOCK HOSPITALS RESTAURANTS ATM_COUNTERS
1 49 124 227
2 51 113 251
3 35 135 252
4 45 128 250
Suppose n (i,j) is the number of entities of type j in block i, 1≤ i ≤N, 1 ≤ j ≤M.
To capture the variability amongst the entities within a block, we define the following.
Variability: Sum of Standard Deviation values computed for each kind of entity across the blocks.
Degree of Variability vs. Cellsize for Grid Order 4
Degree of Variability vs. Cellsize for Grid Order 9
Mechanism against Trajectory Privacy Attack . Availability of routes from server for given source and destination
The data records released from user device are sanitized using mix-zone concepts (pseudonym for every block covered), random delay of time recorded for every move and user location replaced with block numbers (anonymization).
Cost Complexity, Ubiquity And Comparisons of H.Kido et al Work and Sudoku - Based Query and Location Privacy
Techniques
Ubiquity and Message cost for Order 4
Ubiquity and Message cost for Order 9
Cellsize Vs. Ubiquity
Cellsize Vs. Answer Message Cost
Conclusion• The paper focuses on :
– Adversarial location service providers– Extracting service without third party involvement– Mitigates unauthorised access to user device data logs– Involves real time coordinates. Improvisation envisaged
using real time meta data.– Provides solution for LBS providers to gain clients’
trust
• Obfuscation + encryption = Enhanced privacy and security
• Thriving challenge to be answered in future:– Resolve trade-off amidst privacy, QoS and cost
Thank you for your attention