The aim of proximity services is to raise alerts based on the distance between moving objects. While distance can be easily computed from the objects' geographical locations, privacy concerns in revealing these locations exist, especially when proximity among users is being computed. Distance preserving transformations have been proposed to solve this problem by enabling the service provider to acquire pairwise distances while not acquiring the actual objects positions. It is known that distance preserving transformations do not provide formal privacy guarantees in presence of certain background knowledge but it is still unclear which are the practical conditions that make distance preserving transformations “vulnerable”. We study these conditions by designing and testing an attack based on public density information and on partial knowledge of distances between users. A clustering-based technique first discovers the approximate position of users located in the largest cities. Then a technique based on trilateration reduces this approximation and discovers the approximate position of the other users. Our experimental results show that partial distance information, like the one exchanged in a friend-finder service, can be sufficient to locate up to 60% of the users in an area smaller than a city.

A practical location privacy attack in proximity services / S. Mascetti, L. Bertolaja, C. Bettini - In: IEEE 14th International conference on mobile data management : 3–6 june 2013 Milan, Italy : proceedingsLos Alamitos : Institute of electrical and electronics engineers, 2013. - ISBN 9780769549736. - pp. 87-96 (( Intervento presentato al 14. convegno IEEE International Conference on Mobile Data Management (MDM) tenutosi a Milano nel 2013.

A practical location privacy attack in proximity services

S. Mascetti
Primo
;
L. Bertolaja
Secondo
;
C. Bettini
Ultimo
2013

Abstract

The aim of proximity services is to raise alerts based on the distance between moving objects. While distance can be easily computed from the objects' geographical locations, privacy concerns in revealing these locations exist, especially when proximity among users is being computed. Distance preserving transformations have been proposed to solve this problem by enabling the service provider to acquire pairwise distances while not acquiring the actual objects positions. It is known that distance preserving transformations do not provide formal privacy guarantees in presence of certain background knowledge but it is still unclear which are the practical conditions that make distance preserving transformations “vulnerable”. We study these conditions by designing and testing an attack based on public density information and on partial knowledge of distances between users. A clustering-based technique first discovers the approximate position of users located in the largest cities. Then a technique based on trilateration reduces this approximation and discovers the approximate position of the other users. Our experimental results show that partial distance information, like the one exchanged in a friend-finder service, can be sufficient to locate up to 60% of the users in an area smaller than a city.
Distance preserving transformations; Location Privacy; Proximity-Based Services
Settore INF/01 - Informatica
Book Part (author)
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/230836
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 18
  • ???jsp.display-item.citation.isi??? 12
social impact