《计算机应用研究》|Application Research of Computers

位置服务中基于贝叶斯的隐私泄露分析

Bayes-based privacy disclosure analysis in location based services

免费全文下载 (已被下载 次)  
获取PDF全文
作者 吴振刚,孙惠平,关志,陈钟
机构 北京大学 a.信息科学技术学院;b.高可信软件技术教育部重点实验室,北京 100871
统计 摘要被查看 次,已被下载
文章编号 1001-3695(2015)04-1114-05
DOI 10.3969/j.issn.1001-3695.2015.04.037
摘要 个人位置信息是一种物理隐私信息,敌手可以根据背景知识获取用户的真实身份。为了分析位置服务的用户隐私问题,建模了敌手进行身份推理攻击的过程,并提出了一种根据个人位置信息测量身份泄露的贝叶斯推理方法。通过对比观测的位置信息与背景知识数据库的匹配程度,该方法能重新识别用户真实身份。实验采用了真实路网的数据集,结果显示不可信LBS通过收集查询请求能以很高的概率确定用户真实身份。研究表明高精度的个人位置信息泄露导致很高的身份隐私风险。
关键词 位置服务;隐私度量;隐私保护;重新识别;朴素贝叶斯
基金项目 国家自然科学基金资助项目(61170263)
国家“核高基”科技重大专项课题基金资助项目(2012ZX01039-004-009)
信息网络安全公安部重点实验室开放课题项目(C11606)
本文URL http://www.arocmag.com/article/01-2015-04-037.html
英文标题 Bayes-based privacy disclosure analysis in location based services
作者英文名 WU Zhen-gang, SUN Hui-ping, GUAN Zhi, CHEN Zhong
机构英文名 a. School of Electronics Engineering & Computer Science, b. Key Laboratory of High Confidence Software Technologies for Ministry of Education, Peking University, Beijing 100871, China
英文摘要 Personal location information is a type of physical privacy information, and the adversary can identify true identities of users according to background knowledge. For analysis of the user privacy problem, this paper modeled the attack process where the adversary inferred true identities and devised a Bayesian inference method to measure the degree of identity leakage from personal location data. By comparing observed location data with background knowledge databases, this method could re-identify users’ true identities. Using the dataset on real road networks, experiments show that an untrusted LBS can obtain true identities with high probability by collecting user queries. This study demonstrates that the disclosure of high-precision personal location information can lead to a high risk of identity privacy breach.
英文关键词 location-based service(LBS); privacy metric; privacy protection; re-identification; naive Bayes
参考文献 查看稿件参考文献
  [1] PALANISAMY B, LIU Ling. Effective mix-zone anonymization techniques for mobile travelers[J] . GeoInformatica, 2014, 18(1):135-164.
[2] GRUTESER M, GRUNWALD D. Anonymous usage of location-based services through spatial and temporal cloaking[C] //Proc of the 1st International Conference on Mobile Systems, Applications and Ser-vices. New York:ACM Press, 2003:31-42.
[3] ISO/IEC 29100, Information technology, security techniques:privacy framework[S] . [S. l. ] :ISO/IEC, 2011.
[4] FUNG B C M, WANG Ke, CHEN Rui, et al. Privacy-preserving data publishing:a survey of recent developments[J] . ACM Computing Surveys, 2010, 42(4):1-53.
[5] SWEENEY L. k-Anonymity:a model for protecting privacy[J] . International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 2002, 10(5):557-570.
[6] MOKBEL M F, CHOW C Y, AREF W G. The new Casper:query processing for location services without compromising privacy[C] //Proc of the 32nd International Conference on Very Large Data Bases. New York:ACM Press, 2006:763-774.
[7] DWORK C. Differential privacy[C] //Proc of the 33rd International Colloquium on Automata, Languages and Programming. Berlin:Springer, 2006:1-12.
[8] KIFER D, MACHANAVAJJHALA A. Pufferfish:a framework for mathematical privacy definitions[J] . ACM Trans on Database Systems, 2014, 39(1):1-36.
[9] ASSAM R, SEIDL T. A model for context-aware location identity preservation using differential privacy[C] //Proc of the 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications. [S. l. ] :IEEE Press, 2013:346-353.
[10] ANDRS M E, BORDENABE N E, CHATZIKOKOLAKIS K, et al. Geo-indistinguishability:differential privacy for location-based systems[C] //Proc of ACM SIGSAC Conference on Computer & Communications Security. New York:ACM Press, 2013:901-914.
[11] PINGLEY A, ZHANG Nan, FU Xin-wen, et al. Protection of query privacy for continuous location based services[C] // Proc of the 30th IEEE International Conference on Computer Communications. [S. l. ] :IEEE Press, 2011:1710-1718. [12] KALNIS P, GHINITA G, MOURATIDIS K, et al. Preventing location-based identity inference in anonymous spatial queries[J] . IEEE Trans on Knowledge and Data Engineering, 2007, 19(12):1719-1733.
[13] CONSOLVO S, SMITH I E, MATTHEWS T, et al. Location disclosure to social relations:why, when, & what people want to share[C] //Proc of Conference on Human Factors in Computing. New York:ACM Press, 2005:81-90.
[14] KRUMM J. Inference attacks on location tracks[C] //Proc of the 5th International Conference on Pervasive Computing. Berlin:Springer, 2007:127-143.
[15] LI L, GOODCHILD M F. Is privacy still an issue in the era of big data?—Location disclosure in spatial footprints[C] //Proc of the 21st International Conference on Geoinformatics. [S. l. ] :IEEE Press, 2013:1-4.
[16] WERNKE M, SKVORTSOV P, DRR F, et al. A classification of location privacy attacks and approaches[J] . Personal and Ubiquitous Computing, 2014, 18(1):163-175.
[17] DAMIANI M L. Location privacy models in mobile applications:conceptual view and research directions[EB/OL] . (2014). http://dx. doi. org/10. 1007/s10707-014-0205-7.
[18] CHEN Ye, LIGINLAL D. Bayesian networks for knowledge-based authentication[J] . IEEE Trans on Knowledge and Data Enginee-ring, 2007, 19(5):695-710.
[19] WEBB A R, COPSEY K D, CAWLEY G. Statistical pattern recognition[M] . 3rd ed. [S. l. ] :Wiley, 2011.
[20] MOKBEL M F, ALARABI L, BAO Jie, et al. MNTG:an extensible Web-based traffic generator[C] //Proc of the 13th International Symposium on Advances in Spatial and Temporal Databases. Berlin:Springer, 2013:38-55.
收稿日期 2014/4/20
修回日期 2014/5/30
页码 1114-1118
中图分类号 TP309.2
文献标志码 A