Slides for our work presented at IEEE Networked Systems Conference 2015 (https://www.netsys2015.com/). In this paper, we extend privacy-preserving Position-sharing approaches to perform multiple location updates while incurring significantly lower communication overhead.
Call US Pooja 9892124323 ✓Call Girls In Mira Road ( Mumbai ) secure service,
Conference talk: Optimized Location Update Protocols for Secure and Efficient Position Sharing
1. University of Stuttgart
Institute of Parallel and
Distributed Systems (IPVS)
Universitätsstraße 38
D-70569 Stuttgart
Optimized Location Update Protocols for Secure and
Efficient Position Sharing
Zohaib Riaz, Frank Dürr, Kurt Rothermel
International Conference on Networked Systems 2015 (NetSys'15)
Thursday, 12th March 2015
2. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Motivation
• Advanced location-based applications
are often based on a location server (LS)
infrastructure
◦ LSs store and manage mobile object positions
▪ e.g. Google Map Tracks, Geoloqi etc.
◦ Applications query mobile object positions from
LSs
• Can LSs guarantee safety of location
data?
2
LS
LBA LBA
3. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Motivation
3
Consequence: No service provider can guarantee that
personal information is safe
• Compromised LS can reveal stored positions
• LS provider might misuse or “lose” position information
eBay asks 145 million users to change
passwords after data breach
Online commerce giant eBay asked users to change
their passwords Wednesday after hackers stole
encrypted passwords and other personal information,
including names, e-mail addresses, physical addresses,
phone numbers and dates of birth.
(2014)
Adobe warns 2.9 million customers of data
breach after cyber-attack
Software company discloses hack and advises
customers that names and encrypted credit card
numbers may have been stolen.
(2013)
4. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Motivation
• Solution: Position Sharing (Dürr et al. 2011)
◦ Split and Distribute location information
▪ ‘n’ instead of 1 LS, all from different providers
◦ No single point of failure
◦ Graceful degradation of privacy under data
breaches
◦ Flexible privacy levels for LBAs
• Problem:
◦ Position Sharing for frequent location updates (movement
trajectories) incurs high communication overhead
4
5. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Our Work
• Goal: extend Position Sharing to movement trajectories
while:
◦ minimizing communication overhead of location updates
◦ maintaining privacy guarantees of Position Sharing
• Contributions:
◦ Three efficient location update protocols
◦ Avoidance of movement speed based attacks
◦ Evaluation on real world GPS trajectories
5
6. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Outline
• System Model
• The Position Sharing Approach
• Location update protocols
• Evaluation
◦ Performance
◦ Privacy
• Related Work
• Conclusion & Future Work
6
8. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Position Sharing: Share generation
• For precise user location 𝜋, generate:
◦ Master share: circle 𝒄 𝟎 with radius 𝑟0
◦ Refinement shares: vector set {𝑠1, … , 𝑠 𝑛}
▪ Vector length: random ∈ [0, 𝚫 𝝓 =
𝒓 𝟎
𝒏
]
▪ Vector direction: random
• Distribution of shares:
◦ Each LS gets Master share
◦ Each LS gets only one refinement share
8
𝑠1 𝑠2 𝑠3
(𝑐0, 𝑠1) (𝑐0, 𝑠2) (𝑐0, 𝑠3)
9. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Position Sharing: Share fusion
• Given that a client has access to 𝑘 out of 𝑛 LSs
• Share fusion:
◦ For each refinement share 𝑠𝑖
▪ Shift center of current circle using vector 𝑠𝑖
▪ Decrease circle radius by Δ 𝜙 = 𝑟0/𝑛
9
(𝑐0, 𝑠1) (𝑐0, 𝑠2) (𝑐0, 𝑠3)
10. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Location Update Protocols
• Three protocols:
◦ Dead-Reckoning
◦ Selective Update
◦ Selective Dead Reckoning
10
11. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
• Basic principal from (Sistla et al. 1997):
◦ Reduce location updates by location prediction
• Predict new location based on:
◦ last known location and velocity
◦ 𝑙𝑜𝑐 𝑐𝑢𝑟𝑟𝑒𝑛𝑡
′
= 𝑓𝑝𝑟𝑒𝑑 𝑙𝑜𝑐𝑙𝑎𝑠𝑡, 𝑣𝑙𝑎𝑠𝑡, 𝑡
• Location servers predict object location
• Mobile Object sends new location updates if
predicted location deviates by more than a
maximum error value
Dead-Reckoning (DR)
11
Actual Location
Predicted Location
𝑣𝑙𝑎𝑠𝑡
𝑙𝑜𝑐𝑙𝑎𝑠𝑡
𝑣𝑙𝑎𝑠𝑡
𝑙𝑜𝑐𝑙𝑎𝑠𝑡
12. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
• For Position Sharing:
◦ Apply dead-reckoning to master share
◦ While “prediction error” < 𝑡ℎ 𝐷𝑅:
▪ Last set of generated master and refinement shares stay valid
Dead-Reckoning (DR)
12
13. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
• Basic principal:
◦ Partial location updates: re-use shares where possible
◦ Which shares to re-generate?
◦ New Shares are generated if
▪ 𝑑𝑖𝑠𝑡 𝜋 𝑛𝑒𝑤, 𝑝0 > 𝑡ℎ 𝑆𝑈
Selective Update
13
𝑡ℎ 𝑆𝑈
14. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
• 𝑆𝑈𝑐𝑜𝑚
• 𝑆𝑈𝑠𝑒𝑐
Selective Update
14
Shares get aligned along
𝑝0 𝜋
New shares with
minimal correlation
new shares
re-used shares
15. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Selective Dead Reckoning (SDR)
• Short overview (see paper for details):
◦ Combines Dead Reckoning (DR) with Selective Update (SU)
◦ DR economical for straighter parts of trajectory
◦ SU robust against turns
15
16. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Evaluation: Simulation Setup
• Real-world GPS traces from GPSLib1:
• Fix 𝑛 = 5
16
1. Gpslib - gps tracks hosting service. Online: http://gpslib.net/
17. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Evaluation: Performance
• Performance metric for a complete trajectory:
◦ Percentage reduction in overall communication size for our
location update protocols compared to Position Sharing
17
𝐷𝑅 𝑆𝑈𝑐𝑜𝑚 𝑆𝑈𝑠𝑒𝑐 𝑆𝐷𝑅 𝑐𝑜𝑚 𝑆𝐷𝑅 𝑠𝑒𝑐
Minimum
Percentage
Reduction for
all trace
categories
44%
82%
75%
81% 79%
18. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
𝑐0
Evaluation: Privacy Attack
• Adversary has 𝑘 refinement shares
◦ refines location to circle 𝑐 𝑘
◦ approximates 𝜋 as 𝜋 𝑎𝑡𝑡𝑎𝑐𝑘 inside 𝑐 𝑘 (using
knowledge of our algorithms)
• We measure adversary’s success:
◦ 𝑃𝑎𝑡𝑡𝑎𝑐𝑘(𝜙) = Probability that 𝜋 𝑎𝑡𝑡𝑎𝑐𝑘 lies closer
to 𝜋 than a distance of 𝜙 meters
• Our evaluation, 𝜙=radius of 10% area of 𝑐 𝑘
18
Attacker’s distribution of 𝜋
Ideal distribution of 𝜋
=> If uniform distribution of 𝜋 𝑎𝑡𝑡𝑎𝑐𝑘, then 𝑃𝑎𝑡𝑡𝑎𝑐𝑘 = 0.1
19. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Evaluation: Privacy Attack
• Adversary exploits following features of Share
Generation Algorithms (SGAs):
◦ SGAs concentrate 𝜋 around center of 𝑝 𝑘
▪ Consider fused position 𝑝 𝑘 = 𝜋 𝑎𝑡𝑡𝑎𝑐𝑘
◦ SGAs correlate refinement shares during generation
▪ Generate unknown shares by averaging known
shares
▪ Fuse estimated shares on 𝑝 𝑘 to get 𝜋 𝑎𝑡𝑡𝑎𝑐𝑘
• Recall also that 𝑆𝑈𝑐𝑜𝑚 further correlates
refinement shares
19
𝑐 𝑘
𝑐 𝑘
20. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Evaluation: Privacy Attack Results
• 𝑃𝑎𝑡𝑡𝑎𝑐𝑘 𝜙 vs. 𝑘 (no. of compromised shares)
20
Perfect Privacy
𝑘
Perfect Privacy
𝑘
21. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Related Work
• k-anonymity based approaches (e.g. Kalnis et al., 2007)
− Trusted LS is assumed
• Obfuscation-based techniques (Shokri et al., 2012)
+ Trusted LS is not needed
− No incremental refinement of precision (privacy levels)
• Dummies (Shankar et al., 2008)
+ Trusted LS is not needed
− Dummies can be identified (Peddinti et al. 2011)
21
22. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Conclusion & Future Work
• Location update protocols can extend position sharing to
trajectories
◦ with significant reduction in communication cost
◦ improved privacy against attacks
• Future work:
◦ Consider additional knowledge of adversary:
▪ Location semantics
▪ Map knowledge etc.
22
23. University of Stuttgart
IPVS
Research Group
“Distributed Systems”
Contact and Discussion
Your Questions?
www.priloc.de
Zohaib Riaz
Institute for Parallel and Distributed Systems,
University of Stuttgart, Germany
zohaib.riaz@ipvs.uni-stuttgart.de