透過您的圖書館登入
IP:34.228.213.183
  • 學位論文

位置隱私的防禦機制

Defense Mechanism for the Location Privacy

指導教授 : 周俊廷

摘要


由於近年來智慧型手機的增加,定位型服務 (LBS) 越來越普及。使用者可以藉由提供位置給服務提供商來獲取各種服務。然而,當使用者將位置提供給服務提供商,服務提供商可以藉此追蹤使用者的位置,這導致了使用者的隱私被侵犯。為了避免隱私被侵犯,某些服務提供商提供匿名服務。然而,服務提供商可以藉由RSI攻擊或者是OI攻擊來將匿名的位置和具有暴露身分的位置作連結。為了保護使用者的隱私,目前有四種主要的技術,分別為假位置、混淆位置、空間隱形以及混合區。雖然這些技術可以保護使用者的隱私,但對於服務提供商來說,使用者的資料是非常有價值的。服務提供商有動機來偵測使用者是否在使用保護技術(作弊),如果服務提供商知道一個使用者在作弊,那麼服務提供商可以拒絕提供服務給這位使用者。 在這篇論文中,我們證明了服務提供商能夠偵測使用者是否在作弊。對於假位置,服務提供商能夠找出作弊的使用者,因為一個使用者不可能同時出現在多個位置。對於混淆位置,服務提供商能夠針對那些使用者會選擇最近的目標的LBS來偵測作弊使用者。服務提供商可以透過k-means分群演算法來區分誠實的使用以及作弊的使用者,並且成功率可以幾乎達到100%。對於空間隱形,服務提供商能夠利用相同的方法來偵測作弊使用者。對於混合區,服務提供商能夠在人口密集的地區來偵測作弊使用者。服務提供商可以藉由收集大量的位置資訊來找出放置混合區的位置,並且找出作弊使用者。 針對上述偵測方法,我們提出了防止被偵測的對策。對於混淆位置和空間隱形,我們讓作弊使用者送一些假的請求給服務提供商,藉此讓作弊使用者和誠實使用者的行為相同。在這些假的請求中,作弊使用者會送根據真實位置所更改的位置給服務提供商,並且根據這個更改的位置來選取目標。此種方法可以使成功率低於50%。對於混合區,我們讓放置混合區的位置隨時間改變,如此一來,服務提供商就無法找出放置混合區的位置。

並列摘要


Because of the increasing popularity of smartphones, location-based services (LBSs) are becoming popular in recent years. LBS users disclose their locations as an exchange for various useful services. However, doing so enables the LBS provider to know or track where users have been. As a result, user privacy might be invaded. To avoid the potential privacy threats, some LBS accept anonymous requests. However, the LBS provider can link anonymous requests to a certain identity via so-called the (restricted space identification) RSI attack or the (observation identification) OI attack. To protect user privacy, there are four existing privacy-preservation techniques including dummy location, obfuscated location, spatial cloaking and mixed zone. These techniques to some extent protect user location privacy but at the same time undermine LBS providers business as user locations are valuable assets to LBS providers. LBS providers have the intention to know if users are using these countermeasures (i.e., cheating). If an LBS provider can know that a user is cheating, the LBS provider may refuse to provide the service to the user. In this thesis, we claim that LBS providers can detect cheating users. For the dummy location, the LBS provider can do it easily because users cannot be in multiple locations at the same time. For the obfuscated location, we demonstrated that the LBS provider can detect cheating users in some popular LBSs. This detection mechanism relies on the k-means clustering algorithm to distinguish honest users from cheating users. The detection accuracy is almost 100\%. For the spatial cloaking, we also demonstrated that the LBS provider can detect cheating users via a similar approach. For the mixed zone, we demonstrated that the LBS provider can detect cheating users in the densely populated area. The LBS provider can collect reported locations and find out the location of the mixed zone because the mixed zone is fixed. Finally, we propose countermeasures to prevent cheating users from being detected. For the obfuscated location, we make users send some fake requests to the LBS provider. In the fake request, the user will send a fake location to the LBS provider and choose the nearest target based on the fake location. This method makes behaviors of cheating users and honest users be the same and the accuracy of the detection will be less than 50\%. For the spatial cloaking, users can use the same countermeasure to avoid being detected by LBS providers. For the mixed zone, we make the mixed zone rotate. It makes the LBS provider cannot find out the location of the mixed zone.

參考文獻


[14] B. Bamba, L. Liu, P. Pesti, and T. Wang, "Supporting anonymous location queries in mobile environments with privacygrid," in Proceedings of the 17th international conference on World Wide Web, pp. 237-246, ACM, 2008.
[15] C.-Y. Chow, M. F. Mokbel, and X. Liu, "A peer-to-peer spatial cloaking algorithm for anonymous location-based service," in Proceedings of the 14th annual ACM international symposium on Advances in geographic information systems, pp. 171-178, ACM, 2006.
[2] P. Golle and K. Partridge, "On the anonymity of home/work location pairs," Pervasive computing, pp. 390-397, 2009.
[5] B. Palanisamy and L. Liu, "Mobimix: Protecting location privacy with mix-zones over road networks," in Data Engineering (ICDE), 2011 IEEE 27th International Conference on, pp. 494-505, IEEE, 2011.
[6] J. Freudiger, M. Raya, M. Felegyhazi, P.Papadimitratos, and J.-P. Hubaux, "Mix-zones for location privacy in vehicular networks," in ACM Workshop

被引用紀錄


周湘茹(2008)。挖槽電源面的補償設計〔碩士論文,國立臺灣大學〕。華藝線上圖書館。https://doi.org/10.6342%2fNTU.2008.03269

延伸閱讀


國際替代計量