With the evolution of location-based services(LBS),a new type of LBS has already gain a lot of attention and implementation,we name this kind of LBS as the Device-Dependent LBS(DLBS).In DLBS,the service provider(SP)wi...With the evolution of location-based services(LBS),a new type of LBS has already gain a lot of attention and implementation,we name this kind of LBS as the Device-Dependent LBS(DLBS).In DLBS,the service provider(SP)will not only send the information according to the user’s location,more significant,he also provides a service device which will be carried by the user.DLBS has been successfully practised in some of the large cities around the world,for example,the shared bicycle in Beijing and London.In this paper,we,for the first time,blow the whistle of the new location privacy challenges caused by DLBS,since the service device is enabled to perform the localization without the permission of the user.To conquer these threats,we design a service architecture along with a credit system between DLBS provider and the user.The credit system tie together the DLBS device usability with the curious behaviour upon user’s location privacy,DLBS provider has to sacrifice their revenue in order to gain extra location information of their device.We make the simulation of our proposed scheme and the result convince its effectiveness.展开更多
With the rapid development of the Internet of Things(IoT),Location-Based Services(LBS)are becoming more and more popular.However,for the users being served,how to protect their location privacy has become a growing co...With the rapid development of the Internet of Things(IoT),Location-Based Services(LBS)are becoming more and more popular.However,for the users being served,how to protect their location privacy has become a growing concern.This has led to great difficulty in establishing trust between the users and the service providers,hindering the development of LBS for more comprehensive functions.In this paper,we first establish a strong identity verification mechanism to ensure the authentication security of the system and then design a new location privacy protection mechanism based on the privacy proximity test problem.This mechanism not only guarantees the confidentiality of the user s information during the subsequent information interaction and dynamic data transmission,but also meets the service provider's requirements for related data.展开更多
Mobile Edge Computing(MEC)can support various high-reliability and low-delay applications in Maritime Networks(MNs).However,security risks in computing task offloading exist.In this study,the location privacy leakage ...Mobile Edge Computing(MEC)can support various high-reliability and low-delay applications in Maritime Networks(MNs).However,security risks in computing task offloading exist.In this study,the location privacy leakage risk of Maritime Mobile Terminals(MMTs)is quantified during task offloading and relevant Location Privacy Protection(LPP)schemes of MMT are considered under two kinds of task offloading scenarios.In single-MMT and single-time offloading scenario,a dynamic cache and spatial cloaking-based LPP(DS-CLP)algorithm is proposed;and under the multi-MMTs and multi-time offloading scenario,a pseudonym and alterable silent period-based LPP(PA-SLP)strategy is proposed.Simulation results show that the DS-CLP can save the response time and communication cost compared with traditional algorithms while protecting the MMT location privacy.Meanwhile,extending the alterable silent period,increasing the number of MMTs in the maritime area or improving the pseudonym update probability can enhance the LPP effect of MMTs in PA-SLP.Furthermore,the study results can be effectively applied to MNs with poor communication environments and relatively insufficient computing resources.展开更多
The 5G IoT(Internet of Things,IoT)is easier to implement in location privacy-preserving research.The terminals in distributed network architecture blur their accurate locations into a spatial cloaking region but most ...The 5G IoT(Internet of Things,IoT)is easier to implement in location privacy-preserving research.The terminals in distributed network architecture blur their accurate locations into a spatial cloaking region but most existing spatial cloaking algorithms cannot work well because of man-in-the-middle attacks,high communication overhead,time consumption,and the lower success rate.This paper proposes an algorithm that can recommend terminal’s privacy requirements based on getting terminal distribution information in the neighborhood after cross-layer authentication and therefore help 5G IoT terminals find enough collaborative terminals safely and quickly.The approach shows it can avoid man-in-the-middle attacks and needs lower communication costs and less searching time than 520ms at the same time.It has a great anonymization success rate by 93%through extensive simulation experiments for a range of 5G IoT scenarios.展开更多
With the rapid development of mobile wireless Internet and high-precision localization devices,location-based services(LBS)bring more convenience for people over recent years.In LBS,if the original location data are d...With the rapid development of mobile wireless Internet and high-precision localization devices,location-based services(LBS)bring more convenience for people over recent years.In LBS,if the original location data are directly provided,serious privacy problems raise.As a response to these problems,a large number of location-privacy protection mechanisms(LPPMs)(including formal LPPMs,FLPPMs,etc.)and their evaluation metrics have been proposed to prevent personal location information from being leakage and quantify privacy leakage.However,existing schemes independently consider FLPPMs and evaluation metrics,without synergizing them into a unifying framework.In this paper,a unified model is proposed to synergize FLPPMs and evaluation metrics.In detail,the probabilistic process calculus(calledδ-calculus)is proposed to characterize obfuscation schemes(which is a LPPM)and integrateα-entropy toδ-calculus to evaluate its privacy leakage.Further,we use two calculus moving and probabilistic choice to model nodes’mobility and compute its probability distribution of nodes’locations,and a renaming function to model privacy leakage.By formally defining the attacker’s ability and extending relative entropy,an evaluation algorithm is proposed to quantify the leakage of location privacy.Finally,a series of examples are designed to demonstrate the efficiency of our proposed approach.展开更多
Location-based services(LBS)in vehicular ad hoc networks(VANETs)must protect users’privacy and address the threat of the exposure of sensitive locations during LBS requests.Users release not only their geographical b...Location-based services(LBS)in vehicular ad hoc networks(VANETs)must protect users’privacy and address the threat of the exposure of sensitive locations during LBS requests.Users release not only their geographical but also semantic information of the visited places(e.g.,hospital).This sensitive information enables the inference attacker to exploit the users’preferences and life patterns.In this paper we propose a reinforcement learning(RL)based sensitive semantic location privacy protection scheme.This scheme uses the idea of differential privacy to randomize the released vehicle locations and adaptively selects the perturbation policy based on the sensitivity of the semantic location and the attack history.This scheme enables a vehicle to optimize the perturbation policy in terms of the privacy and the quality of service(QoS)loss without being aware of the current inference attack model in a dynamic privacy protection process.To solve the location protection problem with high-dimensional and continuous-valued perturbation policy variables,a deep deterministic policy gradientbased semantic location perturbation scheme(DSLP)is developed.The actor part is used to generate continuous privacy budget and perturbation angle,and the critic part is used to estimate the performance of the policy.Simulations demonstrate the DSLP-based scheme outperforms the benchmark schemes,which increases the privacy,reduces the QoS loss,and increases the utility of the vehicle.展开更多
Privacy is becoming one of the most notable challenges threatening wireless sensor networks(WSNs).Adversaries may use RF(radio frequency) localization techniques to perform hop-by-hop trace back to the source sensor&#...Privacy is becoming one of the most notable challenges threatening wireless sensor networks(WSNs).Adversaries may use RF(radio frequency) localization techniques to perform hop-by-hop trace back to the source sensor's location.A multiple k-hop clusters based routing strategy(MHCR) is proposed to preserve source-location privacy as well as enhance energy efficiency for WSNs.Owing to the inherent characteristics of intra-cluster data aggregation,each sensor of the interference clusters is able to act as a fake source to confuse the adversary.Moreover,dummy traffic could be filtered efficiently by the cluster heads during the data aggregation,ensuring no energy consumption be burdened in the hotspot of the network.Through careful analysis and calculation on the distribution and the number of interference clusters,energy efficiency is significantly enhanced without reducing the network lifetime.Finally,the security and delay performance of MHCR scheme are theoretically analyzed.Extensive analysis and simulation results demonstrate that MHCR scheme can improve both the location privacy security and energy efficiency markedly,especially in large-scale WSNs.展开更多
Location privacy means a user keeps his/her geographical location secret. If location information falls into the wrong hands, an adversary can physically locate a person. To address this privacy issue, Qi et al.(2004a...Location privacy means a user keeps his/her geographical location secret. If location information falls into the wrong hands, an adversary can physically locate a person. To address this privacy issue, Qi et al.(2004a; 2004b) proposed a special and feasible architecture, using blind signature to generate an authorized anonymous ID replacing the real ID of a legitimate mobile user. The original purpose of his architecture was to eliminate the relationship of authorized anonymous ID and real ID. We present an algorithm to break out Qi’s registration and re-confusion protocol, and then propose a new mechanism based on bilinear pairings to protect location privacy. Moreover we show that the administrator or third parity cannot obtain information on the legitimate user’s authorized anonymous ID and real ID in our proposed protocols.展开更多
In many wireless sensor networks(WSNs)applications,the preservation of source-location privacy plays a critical role in concealing context information,otherwise the monitored entities or subjects may be put in danger....In many wireless sensor networks(WSNs)applications,the preservation of source-location privacy plays a critical role in concealing context information,otherwise the monitored entities or subjects may be put in danger.Many traditional solutions have been proposed based on the creation of random routes,such as random walk and fake sources approach,which will lead to serious packet delay and high energy consumption.Instead of applying the routing in a blind way,this article proposes a novel solution for source location privacy in WSNs by utilizing sensor ability of perceiving the presence a mobile attacker nearby,for patient attackers in particular to increase the safety period and decrease the data delivery delay.The proposed strategy forms an intelligent silent zone(ISZ)by sacrificing only a minority of sensor nodes to entice patient attackers away from real packet routing path.The analysis and simulation results show that the proposed scheme,besides providing source location privacy energy efficiently,can significantly reduce real event reporting latency compared with the existing approaches.展开更多
With introducing Global Positioning System(GPS),one of position determination technologies,into non-military area from military locating utilities in United States,it brings both positive and negative effect into our ...With introducing Global Positioning System(GPS),one of position determination technologies,into non-military area from military locating utilities in United States,it brings both positive and negative effect into our society simultaneously.On the one hand,the location data from these new tracking and positioning system are becoming universally available for commercial,government,educational,scientific and non-profit purposes to improve people’s daily life.On the other hand,the application of GPS also raises some impact to personal location privacy,like everything else in this world which would bring us goodness invariably carries the ability to cause harm.In this article,I will briefly talk about the advantages of GPS tracking technology firstly.Then,I will analysis the problems raised by the application of GPS technology in details,such as the concerns about personal location privacy,the moral dilemma and the right dispute when using GPS tracking children or automobile.Finally,I will introduce some safeguards which can minimize the conflicts between the applications of GPS and location privacy information protection.展开更多
When the user getting location based services by the traditional technology,his location information of region is always be exposed.However,in modern mobile networks,even the current geographical region is a part of p...When the user getting location based services by the traditional technology,his location information of region is always be exposed.However,in modern mobile networks,even the current geographical region is a part of privacy information.To solve this problem,a new generalized k-anonymity location privacy protection scheme in location based services(LPPS-GKA)with the third trust servicer is proposed.And it can guarantee the users get good location-based services(LBS)without leaking the information of the geo-location region,which has protected the perfect privacy.Analysis shows that LPPS-GKA is more secure in protecting location privacy,including region information,and is more efficient than other similar schemes in computational and communicational aspects.It is suitable for dynamic environment for different user’s various privacy protection requests.展开更多
Existing location privacypreserving methods,without a trusted third party,cannot resist conspiracy attacks and active attacks.This paper proposes a novel solution for location based service(LBS) in vehicular ad hoc ne...Existing location privacypreserving methods,without a trusted third party,cannot resist conspiracy attacks and active attacks.This paper proposes a novel solution for location based service(LBS) in vehicular ad hoc network(VANET).Firstly,the relationship among anonymity degree,expected company area and vehicle density is discussed.Then,a companion set V is set up by k neighbor vehicles.Based on secure multi-party computation,each vehicle in V can compute the centroid,not revealing its location to each other.The centroid as a cloaking location is sent to LBS provider(P)and P returns a point of interest(POI).Due to a distributed secret sharing structure,P cannot obtain the positions of non-complicity vehicles by colluding with multiple internal vehicles.To detect fake data from dishonest vehicles,zero knowledge proof is adopted.Comparing with other related methods,our solution can resist passive and active attacks from internal and external nodes.It provides strong privacy protection for LBS in VANET.展开更多
As a distributed machine learning method,federated learning(FL)has the advantage of naturally protecting data privacy.It keeps data locally and trains local models through local data to protect the privacy of local da...As a distributed machine learning method,federated learning(FL)has the advantage of naturally protecting data privacy.It keeps data locally and trains local models through local data to protect the privacy of local data.The federated learning method effectively solves the problem of artificial Smart data islands and privacy protection issues.However,existing research shows that attackersmay still steal user information by analyzing the parameters in the federated learning training process and the aggregation parameters on the server side.To solve this problem,differential privacy(DP)techniques are widely used for privacy protection in federated learning.However,adding Gaussian noise perturbations to the data degrades the model learning performance.To address these issues,this paper proposes a differential privacy federated learning scheme based on adaptive Gaussian noise(DPFL-AGN).To protect the data privacy and security of the federated learning training process,adaptive Gaussian noise is specifically added in the training process to hide the real parameters uploaded by the client.In addition,this paper proposes an adaptive noise reduction method.With the convergence of the model,the Gaussian noise in the later stage of the federated learning training process is reduced adaptively.This paper conducts a series of simulation experiments on realMNIST and CIFAR-10 datasets,and the results show that the DPFL-AGN algorithmperforms better compared to the other algorithms.展开更多
The literary review presented in the following paper aims to analyze the tracking tools used in different countries during the period of the COVID-19 pandemic. Tracking apps that have been adopted in many countries to...The literary review presented in the following paper aims to analyze the tracking tools used in different countries during the period of the COVID-19 pandemic. Tracking apps that have been adopted in many countries to collect data in a homogeneous and immediate way have made up for the difficulty of collecting data and standardizing evaluation criteria. However, the regulation on the protection of personal data in the health sector and the adoption of the new General Data Protection Regulation in European countries has placed a strong limitation on their use. This has not been the case in non-European countries, where monitoring methodologies have become widespread. The textual analysis presented is based on co-occurrence and multiple correspondence analysis to show the contact tracing methods adopted in different countries in the pandemic period by relating them to the issue of privacy. It also analyzed the possibility of applying Blockchain technology in applications for tracking contagions from COVID-19 and managing health data to provide a high level of security and transparency, including through anonymization, thus increasing user trust in using the apps.展开更多
Due to the presence of a large amount of personal sensitive information in social networks,privacy preservation issues in social networks have attracted the attention of many scholars.Inspired by the self-nonself disc...Due to the presence of a large amount of personal sensitive information in social networks,privacy preservation issues in social networks have attracted the attention of many scholars.Inspired by the self-nonself discrimination paradigmin the biological immune system,the negative representation of information indicates features such as simplicity and efficiency,which is very suitable for preserving social network privacy.Therefore,we suggest a method to preserve the topology privacy and node attribute privacy of attribute social networks,called AttNetNRI.Specifically,a negative survey-based method is developed to disturb the relationship between nodes in the social network so that the topology structure can be kept private.Moreover,a negative database-based method is proposed to hide node attributes,so that the privacy of node attributes can be preserved while supporting the similarity estimation between different node attributes,which is crucial to the analysis of social networks.To evaluate the performance of the AttNetNRI,empirical studies have been conducted on various attribute social networks and compared with several state-of-the-art methods tailored to preserve the privacy of social networks.The experimental results show the superiority of the developed method in preserving the privacy of attribute social networks and demonstrate the effectiveness of the topology disturbing and attribute hiding parts.The experimental results show the superiority of the developed methods in preserving the privacy of attribute social networks and demonstrate the effectiveness of the topological interference and attribute-hiding components.展开更多
With the increase in IoT(Internet of Things)devices comes an inherent challenge of security.In the world today,privacy is the prime concern of every individual.Preserving one’s privacy and keeping anonymity throughou...With the increase in IoT(Internet of Things)devices comes an inherent challenge of security.In the world today,privacy is the prime concern of every individual.Preserving one’s privacy and keeping anonymity throughout the system is a desired functionality that does not come without inevitable trade-offs like scalability and increased complexity and is always exceedingly difficult to manage.The challenge is keeping confidentiality and continuing to make the person innominate throughout the system.To address this,we present our proposed architecture where we manage IoT devices using blockchain technology.Our proposed architecture works on and off blockchain integrated with the closed-circuit television(CCTV)security camera fixed at the rental property.In this framework,the CCTV security camera feed is redirected towards the owner and renter based on the smart contract conditions.One entity(owner or renter)can see the CCTV security camera feed at one time.There is no third-party dependence except for the CCTV security camera deployment phase.Our contributions include the proposition of framework architecture,a novel smart contract algorithm,and the modification to the ring signatures leveraging an existing cryptographic technique.Analyses are made based on different systems’security and key management areas.In an empirical study,our proposed algorithm performed better in key generation,proof generation,and verification times.By comparing similar existing schemes,we have shown the proposed architectures’advantages.Until now,we have developed this system for a specific area in the real world.However,this system is scalable and applicable to other areas like healthcare monitoring systems,which is part of our future work.展开更多
Human mobility prediction is important for many applications.However,training an accurate mobility prediction model requires a large scale of human trajectories,where privacy issues become an important problem.The ris...Human mobility prediction is important for many applications.However,training an accurate mobility prediction model requires a large scale of human trajectories,where privacy issues become an important problem.The rising federated learning provides us with a promising solution to this problem,which enables mobile devices to collaboratively learn a shared prediction model while keeping all the training data on the device,decoupling the ability to do machine learning from the need to store the data in the cloud.However,existing federated learningbased methods either do not provide privacy guarantees or have vulnerability in terms of privacy leakage.In this paper,we combine the techniques of data perturbation and model perturbation mechanisms and propose a privacy-preserving mobility prediction algorithm,where we add noise to the transmitted model and the raw data collaboratively to protect user privacy and keep the mobility prediction performance.Extensive experimental results show that our proposed method significantly outperforms the existing stateof-the-art mobility prediction method in terms of defensive performance against practical attacks while having comparable mobility prediction performance,demonstrating its effectiveness.展开更多
With its untameable and traceable properties,blockchain technology has been widely used in the field of data sharing.How to preserve individual privacy while enabling efficient data queries is one of the primary issue...With its untameable and traceable properties,blockchain technology has been widely used in the field of data sharing.How to preserve individual privacy while enabling efficient data queries is one of the primary issues with secure data sharing.In this paper,we study verifiable keyword frequency(KF)queries with local differential privacy in blockchain.Both the numerical and the keyword attributes are present in data objects;the latter are sensitive and require privacy protection.However,prior studies in blockchain have the problem of trilemma in privacy protection and are unable to handle KF queries.We propose an efficient framework that protects data owners’privacy on keyword attributes while enabling quick and verifiable query processing for KF queries.The framework computes an estimate of a keyword’s frequency and is efficient in query time and verification object(VO)size.A utility-optimized local differential privacy technique is used for privacy protection.The data owner adds noise locally into data based on local differential privacy so that the attacker cannot infer the owner of the keywords while keeping the difference in the probability distribution of the KF within the privacy budget.We propose the VB-cm tree as the authenticated data structure(ADS).The VB-cm tree combines the Verkle tree and the Count-Min sketch(CM-sketch)to lower the VO size and query time.The VB-cm tree uses the vector commitment to verify the query results.The fixed-size CM-sketch,which summarizes the frequency of multiple keywords,is used to estimate the KF via hashing operations.We conduct an extensive evaluation of the proposed framework.The experimental results show that compared to theMerkle B+tree,the query time is reduced by 52.38%,and the VO size is reduced by more than one order of magnitude.展开更多
With the rapid development of information technology,IoT devices play a huge role in physiological health data detection.The exponential growth of medical data requires us to reasonably allocate storage space for clou...With the rapid development of information technology,IoT devices play a huge role in physiological health data detection.The exponential growth of medical data requires us to reasonably allocate storage space for cloud servers and edge nodes.The storage capacity of edge nodes close to users is limited.We should store hotspot data in edge nodes as much as possible,so as to ensure response timeliness and access hit rate;However,the current scheme cannot guarantee that every sub-message in a complete data stored by the edge node meets the requirements of hot data;How to complete the detection and deletion of redundant data in edge nodes under the premise of protecting user privacy and data dynamic integrity has become a challenging problem.Our paper proposes a redundant data detection method that meets the privacy protection requirements.By scanning the cipher text,it is determined whether each sub-message of the data in the edge node meets the requirements of the hot data.It has the same effect as zero-knowledge proof,and it will not reveal the privacy of users.In addition,for redundant sub-data that does not meet the requirements of hot data,our paper proposes a redundant data deletion scheme that meets the dynamic integrity of the data.We use Content Extraction Signature(CES)to generate the remaining hot data signature after the redundant data is deleted.The feasibility of the scheme is proved through safety analysis and efficiency analysis.展开更多
In recent years,the research field of data collection under local differential privacy(LDP)has expanded its focus fromelementary data types to includemore complex structural data,such as set-value and graph data.Howev...In recent years,the research field of data collection under local differential privacy(LDP)has expanded its focus fromelementary data types to includemore complex structural data,such as set-value and graph data.However,our comprehensive review of existing literature reveals that there needs to be more studies that engage with key-value data collection.Such studies would simultaneously collect the frequencies of keys and the mean of values associated with each key.Additionally,the allocation of the privacy budget between the frequencies of keys and the means of values for each key does not yield an optimal utility tradeoff.Recognizing the importance of obtaining accurate key frequencies and mean estimations for key-value data collection,this paper presents a novel framework:the Key-Strategy Framework forKey-ValueDataCollection under LDP.Initially,theKey-StrategyUnary Encoding(KS-UE)strategy is proposed within non-interactive frameworks for the purpose of privacy budget allocation to achieve precise key frequencies;subsequently,the Key-Strategy Generalized Randomized Response(KS-GRR)strategy is introduced for interactive frameworks to enhance the efficiency of collecting frequent keys through group-anditeration methods.Both strategies are adapted for scenarios in which users possess either a single or multiple key-value pairs.Theoretically,we demonstrate that the variance of KS-UE is lower than that of existing methods.These claims are substantiated through extensive experimental evaluation on real-world datasets,confirming the effectiveness and efficiency of the KS-UE and KS-GRR strategies.展开更多
基金This work was supported by National Natural Science Foundation of China(Grant Nos.61871140,61702223,61702220,61572153,61723022,61601146)and the National Key research and Development Plan(Grant No.2018YFB0803504,2017YFB0803300).
文摘With the evolution of location-based services(LBS),a new type of LBS has already gain a lot of attention and implementation,we name this kind of LBS as the Device-Dependent LBS(DLBS).In DLBS,the service provider(SP)will not only send the information according to the user’s location,more significant,he also provides a service device which will be carried by the user.DLBS has been successfully practised in some of the large cities around the world,for example,the shared bicycle in Beijing and London.In this paper,we,for the first time,blow the whistle of the new location privacy challenges caused by DLBS,since the service device is enabled to perform the localization without the permission of the user.To conquer these threats,we design a service architecture along with a credit system between DLBS provider and the user.The credit system tie together the DLBS device usability with the curious behaviour upon user’s location privacy,DLBS provider has to sacrifice their revenue in order to gain extra location information of their device.We make the simulation of our proposed scheme and the result convince its effectiveness.
基金This work has been partly supported by the National Natural Science Foundation of China under Grant No.61702212the Fundamental Research Funds for the Central Universities under Grand NO.CCNU19TS017.
文摘With the rapid development of the Internet of Things(IoT),Location-Based Services(LBS)are becoming more and more popular.However,for the users being served,how to protect their location privacy has become a growing concern.This has led to great difficulty in establishing trust between the users and the service providers,hindering the development of LBS for more comprehensive functions.In this paper,we first establish a strong identity verification mechanism to ensure the authentication security of the system and then design a new location privacy protection mechanism based on the privacy proximity test problem.This mechanism not only guarantees the confidentiality of the user s information during the subsequent information interaction and dynamic data transmission,but also meets the service provider's requirements for related data.
基金supported by the National Key Research and Development Program of China (2021YFE0105500)the National Natural Science Foundation of China (61801166).
文摘Mobile Edge Computing(MEC)can support various high-reliability and low-delay applications in Maritime Networks(MNs).However,security risks in computing task offloading exist.In this study,the location privacy leakage risk of Maritime Mobile Terminals(MMTs)is quantified during task offloading and relevant Location Privacy Protection(LPP)schemes of MMT are considered under two kinds of task offloading scenarios.In single-MMT and single-time offloading scenario,a dynamic cache and spatial cloaking-based LPP(DS-CLP)algorithm is proposed;and under the multi-MMTs and multi-time offloading scenario,a pseudonym and alterable silent period-based LPP(PA-SLP)strategy is proposed.Simulation results show that the DS-CLP can save the response time and communication cost compared with traditional algorithms while protecting the MMT location privacy.Meanwhile,extending the alterable silent period,increasing the number of MMTs in the maritime area or improving the pseudonym update probability can enhance the LPP effect of MMTs in PA-SLP.Furthermore,the study results can be effectively applied to MNs with poor communication environments and relatively insufficient computing resources.
基金the Project“Research on Basic Theory of Cyber Mimic Defense”supported by Innovation Group Project of the National Natural Science Foundation of China(No.61521003)partly supported by National Natural Science Foundation of China(No.61772548)key universities and academic disciplines contruction project and Key Scientific and Technological Projects in Henan Province(Grant No.192102210092).
文摘The 5G IoT(Internet of Things,IoT)is easier to implement in location privacy-preserving research.The terminals in distributed network architecture blur their accurate locations into a spatial cloaking region but most existing spatial cloaking algorithms cannot work well because of man-in-the-middle attacks,high communication overhead,time consumption,and the lower success rate.This paper proposes an algorithm that can recommend terminal’s privacy requirements based on getting terminal distribution information in the neighborhood after cross-layer authentication and therefore help 5G IoT terminals find enough collaborative terminals safely and quickly.The approach shows it can avoid man-in-the-middle attacks and needs lower communication costs and less searching time than 520ms at the same time.It has a great anonymization success rate by 93%through extensive simulation experiments for a range of 5G IoT scenarios.
基金This research is supported in part by the National Key Research and Development Program of China(Grant No.2017YFB0803001)in part by the Key research and Development Program for Guangdong Province under grant(Grant No.2019B010136001)+1 种基金in part by the National Natural Science Foundation of China(Grant No.61872100)Guangxi Natural Science Foundation(No.2017GXNSFAA198372).
文摘With the rapid development of mobile wireless Internet and high-precision localization devices,location-based services(LBS)bring more convenience for people over recent years.In LBS,if the original location data are directly provided,serious privacy problems raise.As a response to these problems,a large number of location-privacy protection mechanisms(LPPMs)(including formal LPPMs,FLPPMs,etc.)and their evaluation metrics have been proposed to prevent personal location information from being leakage and quantify privacy leakage.However,existing schemes independently consider FLPPMs and evaluation metrics,without synergizing them into a unifying framework.In this paper,a unified model is proposed to synergize FLPPMs and evaluation metrics.In detail,the probabilistic process calculus(calledδ-calculus)is proposed to characterize obfuscation schemes(which is a LPPM)and integrateα-entropy toδ-calculus to evaluate its privacy leakage.Further,we use two calculus moving and probabilistic choice to model nodes’mobility and compute its probability distribution of nodes’locations,and a renaming function to model privacy leakage.By formally defining the attacker’s ability and extending relative entropy,an evaluation algorithm is proposed to quantify the leakage of location privacy.Finally,a series of examples are designed to demonstrate the efficiency of our proposed approach.
基金This work was supported in part by National Natural Science Foundation of China under Grant 61971366 and 61771474,and in part by the Fundamental Research Funds for the central universities No.20720200077,and in part by Major Science and Technology Innovation Projects of Shandong Province 2019JZZY020505 and Key R&D Projects of Xuzhou City KC18171,and in part by NSF EARS-1839818,CNS1717454,CNS-1731424,and CNS-1702850.
文摘Location-based services(LBS)in vehicular ad hoc networks(VANETs)must protect users’privacy and address the threat of the exposure of sensitive locations during LBS requests.Users release not only their geographical but also semantic information of the visited places(e.g.,hospital).This sensitive information enables the inference attacker to exploit the users’preferences and life patterns.In this paper we propose a reinforcement learning(RL)based sensitive semantic location privacy protection scheme.This scheme uses the idea of differential privacy to randomize the released vehicle locations and adaptively selects the perturbation policy based on the sensitivity of the semantic location and the attack history.This scheme enables a vehicle to optimize the perturbation policy in terms of the privacy and the quality of service(QoS)loss without being aware of the current inference attack model in a dynamic privacy protection process.To solve the location protection problem with high-dimensional and continuous-valued perturbation policy variables,a deep deterministic policy gradientbased semantic location perturbation scheme(DSLP)is developed.The actor part is used to generate continuous privacy budget and perturbation angle,and the critic part is used to estimate the performance of the policy.Simulations demonstrate the DSLP-based scheme outperforms the benchmark schemes,which increases the privacy,reduces the QoS loss,and increases the utility of the vehicle.
基金Project(2013DFB10070)supported by the International Science & Technology Cooperation Program of ChinaProject(2012GK4106)supported by the Hunan Provincial Science & Technology Program,ChinaProject(12MX15)supported by the Mittal Innovation Project of Central South University,China
文摘Privacy is becoming one of the most notable challenges threatening wireless sensor networks(WSNs).Adversaries may use RF(radio frequency) localization techniques to perform hop-by-hop trace back to the source sensor's location.A multiple k-hop clusters based routing strategy(MHCR) is proposed to preserve source-location privacy as well as enhance energy efficiency for WSNs.Owing to the inherent characteristics of intra-cluster data aggregation,each sensor of the interference clusters is able to act as a fake source to confuse the adversary.Moreover,dummy traffic could be filtered efficiently by the cluster heads during the data aggregation,ensuring no energy consumption be burdened in the hotspot of the network.Through careful analysis and calculation on the distribution and the number of interference clusters,energy efficiency is significantly enhanced without reducing the network lifetime.Finally,the security and delay performance of MHCR scheme are theoretically analyzed.Extensive analysis and simulation results demonstrate that MHCR scheme can improve both the location privacy security and energy efficiency markedly,especially in large-scale WSNs.
基金Project (No. 60402019/F0102) supported by the National NaturalScience Foundation of China
文摘Location privacy means a user keeps his/her geographical location secret. If location information falls into the wrong hands, an adversary can physically locate a person. To address this privacy issue, Qi et al.(2004a; 2004b) proposed a special and feasible architecture, using blind signature to generate an authorized anonymous ID replacing the real ID of a legitimate mobile user. The original purpose of his architecture was to eliminate the relationship of authorized anonymous ID and real ID. We present an algorithm to break out Qi’s registration and re-confusion protocol, and then propose a new mechanism based on bilinear pairings to protect location privacy. Moreover we show that the administrator or third parity cannot obtain information on the legitimate user’s authorized anonymous ID and real ID in our proposed protocols.
基金supported by the National Natural Science Foundation of China (Nos.61373015,61300052, 41301047)the Priority Academic Program Development of Jiangsu Higher Education Institutionsthe Important National Science and Technology Specific Project(No. BA2013049)
文摘In many wireless sensor networks(WSNs)applications,the preservation of source-location privacy plays a critical role in concealing context information,otherwise the monitored entities or subjects may be put in danger.Many traditional solutions have been proposed based on the creation of random routes,such as random walk and fake sources approach,which will lead to serious packet delay and high energy consumption.Instead of applying the routing in a blind way,this article proposes a novel solution for source location privacy in WSNs by utilizing sensor ability of perceiving the presence a mobile attacker nearby,for patient attackers in particular to increase the safety period and decrease the data delivery delay.The proposed strategy forms an intelligent silent zone(ISZ)by sacrificing only a minority of sensor nodes to entice patient attackers away from real packet routing path.The analysis and simulation results show that the proposed scheme,besides providing source location privacy energy efficiently,can significantly reduce real event reporting latency compared with the existing approaches.
文摘With introducing Global Positioning System(GPS),one of position determination technologies,into non-military area from military locating utilities in United States,it brings both positive and negative effect into our society simultaneously.On the one hand,the location data from these new tracking and positioning system are becoming universally available for commercial,government,educational,scientific and non-profit purposes to improve people’s daily life.On the other hand,the application of GPS also raises some impact to personal location privacy,like everything else in this world which would bring us goodness invariably carries the ability to cause harm.In this article,I will briefly talk about the advantages of GPS tracking technology firstly.Then,I will analysis the problems raised by the application of GPS technology in details,such as the concerns about personal location privacy,the moral dilemma and the right dispute when using GPS tracking children or automobile.Finally,I will introduce some safeguards which can minimize the conflicts between the applications of GPS and location privacy information protection.
基金This work was supported in part by the National Natural Science Foundation of China(Nos.61272492 and 61572521),Shaanxi Province Natural Science Foundation of China(No.2015JM6353)and the Basic Foundation of Engineering University of CAPF(No.WJY201521).
文摘When the user getting location based services by the traditional technology,his location information of region is always be exposed.However,in modern mobile networks,even the current geographical region is a part of privacy information.To solve this problem,a new generalized k-anonymity location privacy protection scheme in location based services(LPPS-GKA)with the third trust servicer is proposed.And it can guarantee the users get good location-based services(LBS)without leaking the information of the geo-location region,which has protected the perfect privacy.Analysis shows that LPPS-GKA is more secure in protecting location privacy,including region information,and is more efficient than other similar schemes in computational and communicational aspects.It is suitable for dynamic environment for different user’s various privacy protection requests.
基金the National Natural Science Foundation of China,by the Natural Science Foundation of Anhui Province,by the Specialized Research Fund for the Doctoral Program of Higher Education of China,the Fundamental Research Funds for the Central Universities
文摘Existing location privacypreserving methods,without a trusted third party,cannot resist conspiracy attacks and active attacks.This paper proposes a novel solution for location based service(LBS) in vehicular ad hoc network(VANET).Firstly,the relationship among anonymity degree,expected company area and vehicle density is discussed.Then,a companion set V is set up by k neighbor vehicles.Based on secure multi-party computation,each vehicle in V can compute the centroid,not revealing its location to each other.The centroid as a cloaking location is sent to LBS provider(P)and P returns a point of interest(POI).Due to a distributed secret sharing structure,P cannot obtain the positions of non-complicity vehicles by colluding with multiple internal vehicles.To detect fake data from dishonest vehicles,zero knowledge proof is adopted.Comparing with other related methods,our solution can resist passive and active attacks from internal and external nodes.It provides strong privacy protection for LBS in VANET.
基金the Sichuan Provincial Science and Technology Department Project under Grant 2019YFN0104the Yibin Science and Technology Plan Project under Grant 2021GY008the Sichuan University of Science and Engineering Postgraduate Innovation Fund Project under Grant Y2022154.
文摘As a distributed machine learning method,federated learning(FL)has the advantage of naturally protecting data privacy.It keeps data locally and trains local models through local data to protect the privacy of local data.The federated learning method effectively solves the problem of artificial Smart data islands and privacy protection issues.However,existing research shows that attackersmay still steal user information by analyzing the parameters in the federated learning training process and the aggregation parameters on the server side.To solve this problem,differential privacy(DP)techniques are widely used for privacy protection in federated learning.However,adding Gaussian noise perturbations to the data degrades the model learning performance.To address these issues,this paper proposes a differential privacy federated learning scheme based on adaptive Gaussian noise(DPFL-AGN).To protect the data privacy and security of the federated learning training process,adaptive Gaussian noise is specifically added in the training process to hide the real parameters uploaded by the client.In addition,this paper proposes an adaptive noise reduction method.With the convergence of the model,the Gaussian noise in the later stage of the federated learning training process is reduced adaptively.This paper conducts a series of simulation experiments on realMNIST and CIFAR-10 datasets,and the results show that the DPFL-AGN algorithmperforms better compared to the other algorithms.
文摘The literary review presented in the following paper aims to analyze the tracking tools used in different countries during the period of the COVID-19 pandemic. Tracking apps that have been adopted in many countries to collect data in a homogeneous and immediate way have made up for the difficulty of collecting data and standardizing evaluation criteria. However, the regulation on the protection of personal data in the health sector and the adoption of the new General Data Protection Regulation in European countries has placed a strong limitation on their use. This has not been the case in non-European countries, where monitoring methodologies have become widespread. The textual analysis presented is based on co-occurrence and multiple correspondence analysis to show the contact tracing methods adopted in different countries in the pandemic period by relating them to the issue of privacy. It also analyzed the possibility of applying Blockchain technology in applications for tracking contagions from COVID-19 and managing health data to provide a high level of security and transparency, including through anonymization, thus increasing user trust in using the apps.
基金supported by the National Natural Science Foundation of China(Nos.62006001,62372001)the Natural Science Foundation of Chongqing City(Grant No.CSTC2021JCYJ-MSXMX0002).
文摘Due to the presence of a large amount of personal sensitive information in social networks,privacy preservation issues in social networks have attracted the attention of many scholars.Inspired by the self-nonself discrimination paradigmin the biological immune system,the negative representation of information indicates features such as simplicity and efficiency,which is very suitable for preserving social network privacy.Therefore,we suggest a method to preserve the topology privacy and node attribute privacy of attribute social networks,called AttNetNRI.Specifically,a negative survey-based method is developed to disturb the relationship between nodes in the social network so that the topology structure can be kept private.Moreover,a negative database-based method is proposed to hide node attributes,so that the privacy of node attributes can be preserved while supporting the similarity estimation between different node attributes,which is crucial to the analysis of social networks.To evaluate the performance of the AttNetNRI,empirical studies have been conducted on various attribute social networks and compared with several state-of-the-art methods tailored to preserve the privacy of social networks.The experimental results show the superiority of the developed method in preserving the privacy of attribute social networks and demonstrate the effectiveness of the topology disturbing and attribute hiding parts.The experimental results show the superiority of the developed methods in preserving the privacy of attribute social networks and demonstrate the effectiveness of the topological interference and attribute-hiding components.
基金This work was supported by Institute of Information&Communications Technology Planning&Evaluation(IITP)under the Artificial Intelligence Convergence Innovation Human Resources Development(IITP-2023-RS-2023-00255968)Grantthe ITRC(Information TechnologyResearchCenter)Support Program(IITP-2021-0-02051)funded by theKorea government(MSIT).
文摘With the increase in IoT(Internet of Things)devices comes an inherent challenge of security.In the world today,privacy is the prime concern of every individual.Preserving one’s privacy and keeping anonymity throughout the system is a desired functionality that does not come without inevitable trade-offs like scalability and increased complexity and is always exceedingly difficult to manage.The challenge is keeping confidentiality and continuing to make the person innominate throughout the system.To address this,we present our proposed architecture where we manage IoT devices using blockchain technology.Our proposed architecture works on and off blockchain integrated with the closed-circuit television(CCTV)security camera fixed at the rental property.In this framework,the CCTV security camera feed is redirected towards the owner and renter based on the smart contract conditions.One entity(owner or renter)can see the CCTV security camera feed at one time.There is no third-party dependence except for the CCTV security camera deployment phase.Our contributions include the proposition of framework architecture,a novel smart contract algorithm,and the modification to the ring signatures leveraging an existing cryptographic technique.Analyses are made based on different systems’security and key management areas.In an empirical study,our proposed algorithm performed better in key generation,proof generation,and verification times.By comparing similar existing schemes,we have shown the proposed architectures’advantages.Until now,we have developed this system for a specific area in the real world.However,this system is scalable and applicable to other areas like healthcare monitoring systems,which is part of our future work.
基金supported in part by the National Key Research and Development Program of China under 2020AAA0106000the National Natural Science Foundation of China under U20B2060 and U21B2036supported by a grant from the Guoqiang Institute, Tsinghua University under 2021GQG1005
文摘Human mobility prediction is important for many applications.However,training an accurate mobility prediction model requires a large scale of human trajectories,where privacy issues become an important problem.The rising federated learning provides us with a promising solution to this problem,which enables mobile devices to collaboratively learn a shared prediction model while keeping all the training data on the device,decoupling the ability to do machine learning from the need to store the data in the cloud.However,existing federated learningbased methods either do not provide privacy guarantees or have vulnerability in terms of privacy leakage.In this paper,we combine the techniques of data perturbation and model perturbation mechanisms and propose a privacy-preserving mobility prediction algorithm,where we add noise to the transmitted model and the raw data collaboratively to protect user privacy and keep the mobility prediction performance.Extensive experimental results show that our proposed method significantly outperforms the existing stateof-the-art mobility prediction method in terms of defensive performance against practical attacks while having comparable mobility prediction performance,demonstrating its effectiveness.
文摘With its untameable and traceable properties,blockchain technology has been widely used in the field of data sharing.How to preserve individual privacy while enabling efficient data queries is one of the primary issues with secure data sharing.In this paper,we study verifiable keyword frequency(KF)queries with local differential privacy in blockchain.Both the numerical and the keyword attributes are present in data objects;the latter are sensitive and require privacy protection.However,prior studies in blockchain have the problem of trilemma in privacy protection and are unable to handle KF queries.We propose an efficient framework that protects data owners’privacy on keyword attributes while enabling quick and verifiable query processing for KF queries.The framework computes an estimate of a keyword’s frequency and is efficient in query time and verification object(VO)size.A utility-optimized local differential privacy technique is used for privacy protection.The data owner adds noise locally into data based on local differential privacy so that the attacker cannot infer the owner of the keywords while keeping the difference in the probability distribution of the KF within the privacy budget.We propose the VB-cm tree as the authenticated data structure(ADS).The VB-cm tree combines the Verkle tree and the Count-Min sketch(CM-sketch)to lower the VO size and query time.The VB-cm tree uses the vector commitment to verify the query results.The fixed-size CM-sketch,which summarizes the frequency of multiple keywords,is used to estimate the KF via hashing operations.We conduct an extensive evaluation of the proposed framework.The experimental results show that compared to theMerkle B+tree,the query time is reduced by 52.38%,and the VO size is reduced by more than one order of magnitude.
基金sponsored by the National Natural Science Foundation of China under grant number No. 62172353, No. 62302114, No. U20B2046 and No. 62172115Innovation Fund Program of the Engineering Research Center for Integration and Application of Digital Learning Technology of Ministry of Education No.1331007 and No. 1311022+1 种基金Natural Science Foundation of the Jiangsu Higher Education Institutions Grant No. 17KJB520044Six Talent Peaks Project in Jiangsu Province No.XYDXX-108
文摘With the rapid development of information technology,IoT devices play a huge role in physiological health data detection.The exponential growth of medical data requires us to reasonably allocate storage space for cloud servers and edge nodes.The storage capacity of edge nodes close to users is limited.We should store hotspot data in edge nodes as much as possible,so as to ensure response timeliness and access hit rate;However,the current scheme cannot guarantee that every sub-message in a complete data stored by the edge node meets the requirements of hot data;How to complete the detection and deletion of redundant data in edge nodes under the premise of protecting user privacy and data dynamic integrity has become a challenging problem.Our paper proposes a redundant data detection method that meets the privacy protection requirements.By scanning the cipher text,it is determined whether each sub-message of the data in the edge node meets the requirements of the hot data.It has the same effect as zero-knowledge proof,and it will not reveal the privacy of users.In addition,for redundant sub-data that does not meet the requirements of hot data,our paper proposes a redundant data deletion scheme that meets the dynamic integrity of the data.We use Content Extraction Signature(CES)to generate the remaining hot data signature after the redundant data is deleted.The feasibility of the scheme is proved through safety analysis and efficiency analysis.
基金supported by a grant fromthe National Key R&DProgram of China.
文摘In recent years,the research field of data collection under local differential privacy(LDP)has expanded its focus fromelementary data types to includemore complex structural data,such as set-value and graph data.However,our comprehensive review of existing literature reveals that there needs to be more studies that engage with key-value data collection.Such studies would simultaneously collect the frequencies of keys and the mean of values associated with each key.Additionally,the allocation of the privacy budget between the frequencies of keys and the means of values for each key does not yield an optimal utility tradeoff.Recognizing the importance of obtaining accurate key frequencies and mean estimations for key-value data collection,this paper presents a novel framework:the Key-Strategy Framework forKey-ValueDataCollection under LDP.Initially,theKey-StrategyUnary Encoding(KS-UE)strategy is proposed within non-interactive frameworks for the purpose of privacy budget allocation to achieve precise key frequencies;subsequently,the Key-Strategy Generalized Randomized Response(KS-GRR)strategy is introduced for interactive frameworks to enhance the efficiency of collecting frequent keys through group-anditeration methods.Both strategies are adapted for scenarios in which users possess either a single or multiple key-value pairs.Theoretically,we demonstrate that the variance of KS-UE is lower than that of existing methods.These claims are substantiated through extensive experimental evaluation on real-world datasets,confirming the effectiveness and efficiency of the KS-UE and KS-GRR strategies.
