Slides for our work presented at MobiQuitous 2017 Conference (http://mobiquitous.org/).
Full paper text: ftp://ftp.informatik.uni-stuttgart.de/pub/library/ncstrl.ustuttgart_fi/INPROC-2017-46/INPROC-2017-46.pdf
This paper focused on revealing weaknesses of existing location obfuscation approaches when an attacker possesses accurate or obfuscated location history information.
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Conference talk: Understanding Vulnerabilities of Location Privacy Mechanisms against Mobility Prediction Attacks
1. University of Stuttgart
Institute of Parallel and
Distributed Systems (IPVS)
Universitätsstraße 38
D-70569 Stuttgart
Understanding Vulnerabilities of Location Privacy
Mechanisms against Mobility Prediction Attacks
Zohaib Riaz, Frank Dürr, Kurt Rothermel
International Conference on Mobile and Ubiquitous Systems: Computing,
Networking and Services (MobiQuitous 2017)
9th Nov 2017
2. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
• Mobile apps promote location information sharing
◦ Let your friends know where your are!
◦ Tag tweets/photos with your location!
◦ Get location-based services, e.g., nearby POIs
• A single location update may convey:
◦ Geo-location
◦ Location semantics, e.g., restaurants, shops etc.
• Sensitive semantics (e.g., hospitals)
User privacy concerns!
Background and Motivation
2
{(lat,lon),
venue name,
type/semantics}
3. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Location Privacy mechanisms: State-of-the-art
• Suppression: avoids release of sensitive semantic info
(Götz et al. 2012)
Leaks no context
Secure against location-history based attacks
cuts utility harshly: no data no service/sharing
• Obfuscation: “cloaks” semantic info
(Yigitoglu et al. 2012)
allows approximate POI-searches/location-sharing
leaks contextual information
3
Home Meeting
No context!!
??
Home Meeting
(time, geo-location)
4. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Are existing obfuscation algorithms secure?
4
• Threat Model:
◦ Attackers can aggregate location history
information
▪ At least in the obfuscated form
▪ May possess accurate historic data
• Hypothesis: User privacy is at risk!
5. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Contributions
5
• Design of a semantic mobility model to represent attacker knowledge
◦ Both accurate and obfuscated historic location information
• Demonstration of its effectiveness as an attack against state-of-the-art
semantic obfuscation mechanisms
◦ Dataset: year-long location check-in histories of 278 Foursquare users
• Identification of fundamental design improvements for future semantic
obfuscation mechanisms.
• Identification of fundamental design improvements for future semantic
obfuscation mechanisms.
6. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
• Each user can specify his sensitive semantic locations
◦ Hospitals, bars, churches etc.
• Can also specify the degree of protection (see paper for details)
◦ l-diversity: Number of distinct locations inside a cloaking region
State-of-the-art Semantic Obfuscation Mechanisms
6
Generate CRs for City Map
(independent of user mobility)
Step 1: Preprocessing
(Damiani et al. 2010, Yigitoglu et al. 2012)
sensitive loc.
non-sensitive
loc.
Cloaking Region
Actual:
Published:
Step 2: Real-time location updates
𝑙 = 4
7. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Attack overview
7
User’s Semantic Mobility
Model
(location history-based)
Prior: 𝛀 𝐀𝐭𝐭
8am 11am 4pm 5pm 7pm
location updates in a single day …
??
+ recent updates
Observations
=
Posterior
8. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
The semantic mobility modeling problem (1)
• Goal: Learn 𝛀 𝐀𝐭𝐭 from location history
• A popular fundamental assumption:
Human Mobility can be modelled as a Discrete-time Markov chain
▪ Semantic locations modeled as states (𝒙 𝒕)
▫ 𝑥𝑖 ∈ 𝑆 = {𝑠1, … , 𝑠 𝑀}, e.g., home, work, shopping
▪ Inter-state transitions governed by probabilities:
▫ 𝑎𝑖𝑗 = 𝑃 𝑥𝑡 = 𝑠ℎ𝑜𝑝𝑝𝑖𝑛𝑔 𝑥𝑡−1 = ℎ𝑜𝑚𝑒)
8
𝑥 𝑡−1 𝑥 𝑡 𝑥 𝑡+1𝑥1Start End𝑥 𝑇
𝑡 = 1 𝑡 = 𝑇
Markov chain over a day of user’s movement
𝑎𝑖𝑗
9. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
The semantic mobility modeling problem (2)
• State information:
◦ not always clear
◦ is additionally accompanied by other observations
• How to model this information??
9
𝑥 𝑡−1 𝑥 𝑡 𝑥 𝑡+1𝑥1Start End𝑥 𝑇
?? Office Shopping Home
observed features {geo-location, hour-of-day, weekday, …}
states
10. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Hidden Markov Models (HMMs)
• Can accommodate:
◦ Cloaking Regions and missing state information
Hidden States 𝑎𝑖𝑗 = 𝑃 𝑥 𝑡 = 𝑗 𝑥 𝑡−1 = 𝑖)
◦ Observed features as state-dependent emissions
𝑏𝑗 𝑜 𝑘 = 𝑃 𝑜𝑡 = 𝑜 𝑘 𝑥 𝑡 = 𝑗
• Given Ω = {𝐴, 𝐵} and 𝑂 = {𝑜1, … , 𝑜 𝑇}
◦ Can efficiently compute 𝑃(𝑥 𝑡 = 𝑗)
10
𝑥 𝑡−1 𝑥 𝑡𝑥1Start End𝑥 𝑇
Observation sequence
𝑜𝑡−1 𝑜𝑡𝑜1 𝑜 𝑇
𝑎𝑖𝑗
𝑏𝑗 𝑜 𝑘
𝑥 𝑡= Home
𝑜𝑡 = 6 𝑎𝑚
11. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Training HMMs: Learning A and B
• Option 1: if dataset is fully labeled Maximum-likelihood
11
Home
Office
Cafe
Shopping
20
8
5
7
𝑃(𝑥 𝑡 = 𝑂𝑓𝑓𝑖𝑐𝑒 | 𝑥 𝑡−1 = 𝐻𝑜𝑚𝑒)
Transition probabilities
Hour of Day
𝑃(ℎ𝑜𝑢𝑟|𝐻𝑜𝑚𝑒)
𝑥 𝑡= Home
ℎ𝑜𝑢𝑟 𝑜𝑓 𝑑𝑎𝑦
12am
6am
3pm
7pm
1pm
11pm
10pm
8am
Emission probabilities
𝑥𝑡−1 𝑥𝑡 𝑥𝑡+1𝑥1Start End𝑥 𝑇
𝑜𝑡−1 𝑜𝑡 𝑜𝑡+1𝑜1 𝑜 𝑇
12. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Training HMMs: Learning A and B
• Option 1: if dataset is fully labeled Maximum-likelihood
12
𝑥𝑡−1 𝑥𝑡 𝑥𝑡+1𝑥1Start End𝑥 𝑇
𝑜𝑡−1 𝑜𝑡 𝑜𝑡+1𝑜1 𝑜 𝑇
Ω𝑖𝑛𝑖𝑡
(smoothed parameters,
see paper for details)
13. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Training HMMs: Learning A and B
• Option 2: If labels are not present Baum-Welch algorithm
• Begin with a prior model, e.g., Ω = Ω𝑖𝑛𝑖𝑡
◦ Step 1: generate probabilistic state-sequences using a model Ω
◦ Step 2: Estimate Ωnew using Maximum-likelihood estimation
◦ Set Ω = Ωnew and repeat steps 1&2 until convergence
13
𝑥𝑡−1 𝑥𝑡 𝑥𝑡+1𝑥1Start End𝑥 𝑇
𝑜𝑡−1 𝑜𝑡 𝑜𝑡+1𝑜1 𝑜 𝑇
𝑥𝑡−1 𝑥𝑡 𝑥 𝑡+1𝑥1Start End𝑥 𝑇
Ω𝑖𝑛𝑖𝑡
14. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Training HMMs: Learning A and B
14
𝑥𝑡−1 𝑥𝑡 𝑥𝑡+1𝑥1Start End𝑥 𝑇
𝑜𝑡−1 𝑜𝑡 𝑜𝑡+1𝑜1 𝑜 𝑇
𝑏𝑗 𝑜𝑡 = 0 ∀ 𝑠𝑗 ∉ 𝐶𝑅
Example
Office
{home,
shopping,
bar}
?
𝑥 𝑡= Office
𝑜𝑡 = 1 𝑎𝑚
𝑃 𝑥 𝑡 = 𝑗 ∝ 𝑃(𝑜𝑡|𝑥 𝑡 = 𝑗)
15. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
• Dataset:
◦ Crawled check-ins from Twitter’s public feed from Nov 2015- Nov 2016
◦ Got venue information (including surrounding venues) from Foursquare
◦ Necessary filtering leaves 278 users with 284,472 check-ins
◦ Mean length of check-in history: 246 days
Experimental Workflow
15
Location History
train test
Compute
𝛀 𝐀𝐭𝐭
𝛀 𝐀𝐭𝐭
Evaluate
Success
Map to time-slots
Obfuscate
Home
Clean
16. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Evaluation Metrics
16
low precision
high precision
ground truth
user 𝑖’s test-set
Attack
Precision of Attack
non-sensitive
trips
sensitive
trips
17. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
• Sensitive location selected s.t. it is visited at a certain frequency
Results
17
Minimum Precision Minimum Precision
18. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
• Sensitive location selected s.t. it is visited at a certain frequency
Results
18
Minimum Precision Minimum Precision
19. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
• Sensitive location selected s.t. it is visited at a certain frequency
Results
19
Minimum Precision Minimum Precision
20. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
• We show that the privacy guarantees offered by state-of-the-art
location obfuscation mechanisms are weak!
• Obfuscated location-history
◦ can be exploited for mobility modeling
◦ can be used to de-obfuscate user trips
• State-of-the-art location obfuscation mechanisms are more vulnerable
to de-obfuscation when used frequently
• The need of mobility-aware obfuscation algorithms is evident!
Conclusion
20
21. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Contact and Discussion
www.priloc.de
Zohaib Riaz
Institute for Parallel and Distributed Systems,
University of Stuttgart, Germany
zohaib.riaz@ipvs.uni-stuttgart.de