Location privacy protection of maritime mobile terminals

Mobile Edge Computing (MEC) can support various high-reliability and low-delay applications in Maritime Networks (MNs). However, security risks in computing task offloading exist. In this study, the location privacy leakage risk of Maritime Mobile Terminals (MMTs) is quantified during task offloading and relevant Location Privacy Protection (LPP) schemes of MMT are considered under two kinds of task offloading scenarios. In single-MMT and single-time offloading scenario, a dynamic cache and spatial cloaking-based LPP (DS-CLP) algorithm is proposed; and under the multi-MMTs and multi-time offloading scenario, a pseudonym and alterable silent period-based LPP (PA-SLP) strategy is proposed. Simulation results show that the DS-CLP can save the response time and communication cost compared with traditional algorithms while protecting the MMT location privacy. Meanwhile, extending the alterable silent period, increasing the number of MMTs in the maritime area or improving the pseudonym update probability can enhance the LPP effect of MMTs in PA-SLP. Furthermore, the study results can be effectively applied to MNs with poor communication environments and relatively insufficient computing resources.     

移动互联网中的位置隐私保护研究

全面归纳了移动互联网中位置隐私保护的相关研究工作,总结了位置服务和定位服务中的威胁模型。然后,详细介绍了现有基于位置服务的隐私保护技术,分析了其在抗隐私攻击和位置隐私适用性方面的优缺点,并阐述了定位服务中位置隐私问题的本质、威胁和解决方法。最后指出了需要进一步研究的问题。     

Privacy-preserving photo sharing framework cross different social network

With rapid developments of digital photography and social networks,users of photo-sharing-supported social networking applications can easily forward photos across different social networks at the cost of their growing privacy concerns.To address this problem,a privacy-preserving photo sharing framework was proposed,which could apply to extended control and privacy invasion tracing.In extended control scheme,the following users on a dissemination chain was restrained by each user’s privacy policy.Then several privacy areas of photos were encrypted and the access control polices were bound to the uploaded photos,so that any privacy areas on the photos could be hidden away from unwanted viewers even across different social networks.On this basis,the behaviors of users were record by tracing scheme of privacy invasion,the integrality of records was protected by using nested signature algorithm.The correctness,security and performance of overhead of the scheme are then thoroughly analyzed and evaluated via detailed simulations.     

Background knowledge based privacy metric model for online social networks

The data of online social network （OSN） is collected currently by the third party for various purposes. One of the problems in such practices is how to measure the privacy breach to assure users. The recent work on OSN privacy is mainly focus on privacy-preserving data publishing. However, the work on privacy metric is not systematic but mainly focus on the traditional datasets. Compared with the traditional datasets, the attribute types in OSN are more diverse and the tuple is relevant to each other. The retweet and comment make the graph character of OSN notably. Furthermore, the open application programming interfaces （APIs） and lower register barrier make OSN open environment, in which the background knowledge is more easily achieved by adversaries. This paper analyzes the background knowledge in OSN and discusses its characteristics in detail. Then a privacy metric model faces OSN background knowledge based on kernel regression is proposed. In particular, this model takes the joint attributes and link knowledge into consideration. The effect of different data distributions is discussed. The real world data set from weibo.com has been adopted. It is demonstrated that the privacy metric algorithm in this article is effective in OSN privacy evaluation. The prediction error is 30% lower than that of the work mentioned above     

Location privacy preserving scheme against attack from friends in SNS

In order to enrich the performance of the user's location information and to meet the diverse needs of users,a location privacy protection scheme based on attribute encryption was designed,which provided precise,more accurate,fuzzy and private four modes to manage the location information.The scheme was based on the algorithm of WT-CP-ABE.The location information was divided into three parts according to a close friend of grade,then the key infor-mation and position information was encrypted with attribute-based encryption and symmetric encryption method respec-tively and the ciphertext was published to the social network.The security of the scheme is analyzed,which shows that the scheme has the advantage of user attribute information confidentiality,data confidentiality and can resist the collusion attack.     

Contact duration aware evaluation for content dissemination delay in mobile social network

Groups of people with mobile phones using short‐range connections such as WiFi and Bluetooth to propagate messages can be modeled as, with regard to regular absence of end‐to‐end connection, mobile social networks (MSNs), which can be exploited to offload a significant amount of mobile content from the overloaded infrastructure networks such as 3G. The study of content transmission delay for the applications of mobile content dissemination in MSNs is an important problem, because to enhance the network capacity, the traffic is offloaded at the cost of inducing longer delay. In contrast to existing works, which ignore the factors of contact duration limits and large content size, we present a contact duration aware framework to model the content dissemination process in MSNs, give an explicit expression for the average content dissemination delay, and reveals its relationship with various system parameters of content size, users’ selfishness, number of involved subscribers, infecting ratio, and so on. We apply our proposed model to real‐life traces to assess its reliability by comparing the theoretical results with measured statistics and present extensive upshots to evaluate the influence of various parameters on system performance. The results demonstrate the accuracy of our proposed framework and reveal that system parameters of content size, system infecting ratio and intragroup transmission are the most important factors to influence the content dissemination delay. Copyright © 2013 John Wiley & Sons, Ltd.     

X‐Region: A framework for location privacy preservation in mobile peer‐to‐peer networks

While enjoying various LBS (location‐based services), users also face the threats of location privacy disclosure. This is because even if the communications between users and LBS providers can be encrypted and anonymized, the sensitive information inside LBS queries may disclose the exact location or even the identity of a user. The existing research on location privacy preservation in mobile peer‐to‐peer (P2P) networks assumed that users trust each other and directly share location information with each other. Nonetheless, this assumption is not practical for most of the mobile P2P scenarios, for example, an adversary can pretend to be a normal user and collect the locations of other users. Aiming at this issue, this paper presents x‐region as a solution to preserve the location privacy in a mobile P2P environment where no trust relationships are assumed amongst mobile users. The main idea is to allow users to share a blurred region known as x‐region instead of their exact locations so that one cannot distinguish any user from others inside the region. We propose a theoretical metric for measuring the anonymity property of x‐region, together with three algorithms for generating an x‐region, namely, benchmark algorithm, weighted expanding algorithm, and aggressive weighted expanding algorithm. These algorithms achieve the anonymity and QoS requirements with different strategies. Our experiments verify the performance of the algorithms against three key metrics. Copyright © 2013 John Wiley & Sons, Ltd.     

面向社会网络的个性化隐私策略定义与实施

为了实现社会网络中个性化隐私保护,提出了支持个性化隐私偏好授权模型,采用基于一阶逻辑隐私偏好描述语言,表达用户个性化隐私需求;引入基于主体属性的访问者－角色授权规则和基于客体标签的角色－权限指派规则,解决了动态用户授权和细粒度访问权限指派问题;分析了隐私策略冲突各种情况,实现了基于Prolog逻辑编程的策略一致性自动验证;设计了面向社会网络个性化隐私策略管理和实施中间件,将个性化隐私策略管理有效地集成到对既有资源的访问控制系统中,实验表明策略冲突分析具有良好的执行效率。     

Research on LBS privacy preservation based on pseudorandom permutation in road network

A method of privacy preservation based on pseudorandom permutation was put forward for the issues of location privacy and query content privacy.Firstly,the distribution information of points of interest (PoI) based on the vertexes in the road network was organized,each single road vertex was taken as the foundational processing object.Based on the pseudorandom permutation,a permutation scheme of the point-of-interest records at the LBS server's end was put forward,a 32-bit random seed was adopted to generate a permuted table in the scheme,and the point-of-interest records were encrypted and permuted according to the table.These processed records were stored in the LBS database.Then a trusted intermediate server,replacing of the user,issued a query request with a record number instead of the query content to the LBS server.The LBS server could not determine which kind of PoI the user was interested in or which road section the user was locating on,and therefore the scheme achieved private information retrieval.Finally,the efficiency in the metrics of query accuracy,communication overhead and processing time was also analyzed.By the performance analysis and extensive experiments,the proposed scheme is proved to be location untraceable and query content uncorrelation.     

大规模无线通信网络移动边缘计算和缓存研究

面向未来6G移动通信的大规模网络移动边缘计算与缓存技术,首先,介绍了大规模无线网络下移动边缘计算和缓存的架构与原理,并阐释了移动边缘计算和缓存技术在大规模无线网络中的必要性和普适性.接着,从计算卸载、边缘缓存、多维资源分配、用户关联和隐私保护这5个关键问题出发,综述和分析了移动边缘计算和缓存赋能大规模无线网络时会引入的...     

基于差分隐私的权重社会网络隐私保护

针对权重社会网络发布隐私保护中的弱保护问题,提出一种基于差分隐私模型的随机扰动方法可实现边及边权重的强保护。设计了满足差分隐私的查询模型-WSQuery,WSQuery模型可捕获权重社会网络的结构,以有序三元组序列作为查询结果集;依据WSQuery模型设计了满足差分隐私的算法-WSPA,WSPA算法将查询结果集映射为一个实数向量,通过在向量中注入Laplace噪音实现隐私保护;针对WSPA算法误差较高的问题提出了改进算法-LWSPA,LWSPA算法对查询结果集中的三元组序列进行分割,对每个子序列构建满足差分隐私的算法,降低了误差,提高了数据效用。实验结果表明,提出的隐私保护方法在实现隐私信息的强保护同时使发布的权重社会网络仍具有可接受的数据效用。     

基于位置语义的路网位置隐私保护

移动用户在享受基于位置的服务（LBS）的同时受到位置隐私泄露的威胁,因而提供有效的位置隐私保护策略至关重要。传统的位置隐私保护方法主要采用空间匿名的方式,若攻击者获得了更多与匿名空间相关的背景知识,尤其是与位置相关的语义信息,就会严重降低匿名效果。为了防止由位置语义分析造成的敏感位置信息泄露,并根据移动用户活动范围大多限定为道路网络的特点,提出一种基于位置语义的路网位置隐私保护方法,充分考虑了用户的个性化隐私需求,并通过实验验证了方法的可行性及有效性。     

Differential privacy protection technology and its application in big data environment

The privacy protection in big data is a research hotspot in the field of cyberspace security.As a strict and provable definition of privacy protection,studying application status of differential privacy protection in big data environment can provide reference and guidance for its subsequent system applications.Based on the analysis of the related concepts and technical characteristics of differential privacy protection,the application of differential privacy protection technology was reviewed in data distribution and analysis,cloud computing and big data computing,location and trajectory services and social networks,which expounded the current representative research results and analyzed its existing problems.The research shows that the existing results have made effective innovation and exploration of differential privacy protection applications from the aspects of differential privacy protection mechanism,noise addition mechanism and location,and data processing methods,and the related results have been cross-applied in different scenarios.Finally,four major problems that need to be studied in the further systematic application of differential privacy protection in the big data environment are proposed.     

Preserving source-location privacy efficiently based on attack-perceiving in wireless sensor network

Sensors’ ability was utilized to perceive the mobile attacker nearby,and SPA (silent-pool approach) was proposed,which was able to hinder or reduce the packets hunted by the attacker by controlling the forwarding state of the nodes.In addition,a novel DPIOP (dummy packet injection out pool) method was proposed to entice the adversary far away from the transmission path without changing the original routing path.Through simulation studies and experiments,the outstanding performance of SPA and DPIOP in privacy preservation were demonstrated,with saving energy by about 63%,and reducing delay by about 35%.     

基于公开信息的社交网络隐私泄露

针对社交网络公开信息提出了一种隐私信息推测算法,通过对用户的好友关系网络进行社区发现,利用社区内一部分好友公开信息推测其他好友隐私信息。实验表明,该算法只需利用少量公开信息就能以较高的准确率推测出其他用户大量的隐私信息。     

MobiSoC: a middleware for mobile social computing applications

Recently, we started to experience a shift from physical communities to virtual communities, which leads to missed social opportunities in our daily routine. For instance, we are not aware of neighbors with common interests or nearby events. Mobile social computing applications (MSCAs) promise to improve social connectivity in physical communities by leveraging information about people, social relationships, and places. This article presents MobiSoC, a middleware that enables MSCA development and provides a common platform for capturing, managing, and sharing the social state of physical communities. Additionally, it incorporates algorithms that discover previously unknown emergent geo-social patterns to augment this state. To demonstrate MobiSoC's feasibility, we implemented and tested on smart phones two MSCAs for location-based mobile social matching and place-based ad hoc social collaboration. Experimental results showed that MobiSoC can provide good response time for 1,000 users. We also demonstrated that an adaptive localization scheme and carefully chosen cryptographic methods can significantly reduce the resource consumption associated with the location engine and security on smart phones. A user study of the mobile social matching application proved that geo-social patterns can double the quality of social matches and that people are willing to share their location with MobiSoC in order to benefit from MSCAs.

基于网络社交数据分享的差分隐私保护

随着社大数据、数据挖掘的兴起和社交网络、移动设备的迅速发展,网络社交所产生的蕴涵巨额价值的海量数据在分享的过程中面临着隐私安全风险。差分隐私保护可以在保证数据可用的前提下通过添加噪声使网络社交数据失真。     

Evaluation and protection of multi-level location privacy based on an information theoretic approach

A privacy metric based on mutual information was proposed to measure the privacy leakage occurred when location data owner trust data users at different levels and need to publish the distorted location data to each user according to her trust level,based on which an location privacy protection mechanism (LPPM)was generated to protect user’s location privacy.In addition,based on mutual information,a metric was proposed to measure the privacy leakage caused by attackers obtaining different levels of distorted location data and then performing inference attack on the original location data more accurately.Another privacy metric was also proposed to quantify the information leakage occurred in the scenario based on mutual information.In particular,the proposed privacy mechanism was designed by modifying Blahut-Arimoto algorithm in rate-distortion theory.Experimental results show the superiority of the proposed LPPM over an existing LPPM in terms of location privacyutility tradeoff in both scenarios,which is more conspicuous when there are highly popular locations.     

Layered data aggregation with efficient privacy preservation for fog‐assisted IIoT

The emergence of fog computing facilitates industrial Internet of Things (IIoT) to be more real‐time and efficient; in order to achieve secure and efficient data collection and applications in fog‐assisted IIoT, it usually sacrifices great computation and bandwidth resources. From the low computation and communication overheads perspective, this paper proposes a layered data aggregation scheme with efficient privacy preservation (LDA‐EPP) for fog‐assisted IIoT by integrating the Chinese remainder theorem (CRT), modified Paillier encryption, and hash chain technology. In LDA‐EPP scheme, the entire network is divided into several subareas; the fog node and cloud are responsible for local and global aggregations, respectively. Specially, the cloud is able to obtain not only the global aggregation result but also the fine‐grained aggregation results of subareas, which enables that can provide fine‐grained data services. Meanwhile, the LDA‐EPP realizes data confidentiality by the modified Paillier encryption, ensures that both outside attackers and internal semi‐trusted nodes (such as, fog node and cloud) are unable to know the privacy data of individual device, and guarantees data integrity by utilizing simply hash chain to resist tempering and polluting attacks. Moreover, the fault tolerance is also supported in our scheme; ie, even though some IIoT devices or channel links are failure, the cloud still can decrypt incomplete aggregation ciphertexts and derive expected aggregation results. Finally, the performance evaluation indicates that our proposed LDA‐EPP has less computation and communication costs.     

Data forwarding incentive mechanism based on auction model in mobile social network

Abstract:A data forwarding incentive mechanism based on auction model in mobile social network was proposed.In this incentive mechanism,the first-price sealed auction mode was extended,the transaction mode of virtual currency payment was adopted,and the procedure of data forwarding between nodes was abstracted into the auction transaction model.Based on the node's resource state,the virtual currency and the data property,the evaluation function of data forwarding transaction was given,and then the node gives the corresponding price according to the evaluation function and game strategy.Through the game analysis,the Nash equilibrium solution of AMIM was found,and the lowest bidder,of which the bid price was lower than the evaluation of data forwarding request node would been selected as the service provider for this data forwarding.In this incentive mechanism,the rational mobile nodes were enforced to voluntarily participate in data forwarding cooperation to maximize their own interests.The simulation experiment shows that AMIM mechanism can effectively reduce the energy consumption and improve the success rate and efficiency of data forwarding in the whole network system.