计算机科学 ›› 2023, Vol. 50 ›› Issue (11A): 221000036-9.doi: 10.11896/jsjkx.221000036

• 信息安全 • 上一篇    下一篇

抵御背景信息推理攻击的假位置生成算法

张学军1, 杨依行1, 李佳乐1, 田丰2, 黄海燕1, 黄山3   

  1. 1 兰州交通大学电子与信息工程学院 兰州 730070
    2 陕西师范大学计算机科学学院 西安 710062
    3 兰州交通大学土木工程学院 兰州 730070
  • 发布日期:2023-11-09
  • 通讯作者: 张学军(xuejunzhang@lzjtu.edu.cn)
  • 基金资助:
    国家自然科学基金(61762058,61901201);甘肃省自然科学基金(21JR7RA282);兰州交通大学百人青年人才培养计划基金;甘肃省教育厅产业支撑计划项目(2022CYZC-38);中央高校基本科研业务费(GK202103090);陕西省自然科学基础研究计划项目(2022JM-329)

Dummy Location Generation Algorithm Against Side Information Inference Attack

ZHANG Xuejun1, YANG Yixing1, LI Jiale1, TIAN Feng2, HUANG Haiyan1, HUANG Shan3   

  1. 1 School of Electronics and Information Engineering,Lanzhou Jiaotong University,Lanzhou 730070,China
    2 School of Computer Science,Shaanxi Normal University,Xi'an 710062,China
    3 College of Civil Engineering,Lanzhou Jiaotong University,Lanzhou 730070,China
  • Published:2023-11-09
  • About author:ZHANG Xuejun,born in 1977,Ph.D,professor,is a senior member of China Computer Federation.His main research interests include edge computing,differential privacy,network security,data privacy and machine learning,etc.
  • Supported by:
    National Natural Science Foundation of China(61762058,61901201),Natural Science Foundation of Gansu Pro-vince(21JR7RA282),Foundation of A Hundred Youth Talents Training Program of Lanzhou Jiaotong University,the Education Department of Gansu Province:Industrial Support Plan Project(2022CYZC-38),Fundamental Research Program of the Central Universities (GK202103090) and Natural Science Basic Research Project of Shaanxi Province(2022JM-329).

摘要: 针对已有的假位置生成算法,设计了一种多次查询请求攻击算法(Multiple Query Request Attack algorithm,MQRA)来测试其安全性。为有效保护用户的位置隐私,提出了一种抵御背景信息推理攻击的假位置生成算法(Dummy Location Ge-neration Algorithm against Side Information Inference Attack,DLG_SIA),该算法综合考虑了查询概率、时间分布、位置语义和物理分散度等背景信息来生成有效的假位置集以抵御概率分布攻击、位置语义攻击和位置同质攻击,避免攻击者结合背景信息过滤掉假位置。用户首次请求时,DLG_SIA算法先利用位置熵和时间熵选取当前请求时间下查询概率相似的位置点来生成假位置集,并通过调整的余弦相似度生成满足语义差异性的位置点;然后通过距离熵保证选取的位置点间具有更大的匿名范围,并将当前请求位置的最佳假位置集进行缓存。安全性分析和仿真实验结果表明:MQRA算法能以很高的概率识别出假位置集中用户的真实位置;与已有的假位置生成算法相比,DLG_SIA算法能有效抵御背景信息推理攻击,保护用户的位置隐私。

关键词: 基于位置的服务, 查询概率, 位置语义, 时间分布, 物理分散度

Abstract: Aiming at the existing dummy location generation algorithm,a multiple query request attack algorithm (MQRA) is designed to test its security.In order to effectively protect user’s location privacy,a dummy location generation algorithm against side information inference attack(DLG_SIA) is proposed.It comprehensively considers the side information such as query probability,time distribution,location semantics and physical dispersion to generate an effective dummy location set to resist probability distribution attacks,location semantics attacks and location homogeneity attacks,and avoid attackers filtering dummy locations with side information.When the user requests for the first time,the DLG_SIA algorithm first uses the location entropy and time entropy to select the location points with similar query probability at the current request time to generate a dummy location set,and then uses the adjusted cosine similarity to generate the location points that meet the semantic differences.Next,distance entropy is used to ensure that the selected location points have a larger anonymous range,and the best dummy location set of the current request location is cached.Security analysis and simulation results show that MQRA algorithm can identify the real location of users in the dummy location set with high probability.Compared with the existing dummy location generation algorithm,DLG_SIA algorithm can effectively resist the side information inference attack and protect the user’s location privacy.

Key words: Location-based service, Query probability, Location semantics, Time distribution, Physical dispersion

中图分类号: 

  • TP309
[1]ZHANG X J,GUI X L,WU Z D.Overview of Research on Privacy Protection of Location Services[J].Journal of Software,2015,26(9):2373-2395.
[2]YAN G H,LIU T,ZHANG X J,et al.Service Similarity Location k Anonymous Privacy Protection Scheme against Background Knowledge Inference Attack[J].Journal of Xi’an Jiaotong University,2020,54(1):8-18.
[3]ZHANG Y B,ZHANG Q Y,LI Z Y,et al.A k-anonymous Loca-tion Privacy Protection Method of Dummy Based on Geographical Semantics[J].International Journal of Network Security,2019,21(6):937-946.
[4]ZHANG X J,GUI X L,JIANG J H.User Centered Privacy Protection Method for Differential Disturbance Location[J].Journal of Xi’an Jiaotong University,2016,50(12):79-86.
[5]ZHANG X J,YANG H Y,LI Z,et al.Differentially Private Location Privacy-preserving Scheme with Semantic Location[J].Journal of Computer Science,2022,48(2):147-155.
[6]HUANG G,DENG K,XIE Z,et al.Intelligent Pseudo-location Recommendation for Protecting Personal Location Privacy[J].Concurrency and Computation:Practice and Experience,2020,32(2):5435-5446.
[7]ZHU X Y,CHI H T,NIU B,et al.MobiCache:When k-anonymity meets cache[C]//2013 IEEE Global Communications Conference(GLOBECOM).IEEE,2013:820-825.
[8]SUN G,CAI S,YU H,et al.Location Privacy Preservation for Mobile Users in Location-Based Services[J].IEEE Access,2019,7:87425-87438.
[9]CHEN S,SHEN H.Semantic-Aware Dummy Selection for Location Privacy Preservation[C]//2016 IEEE Trust-com/BigDataSE/ISPA.IEEE,2016:752-759.
[10]ZHAO P,LIU W,ZHANG G,et al.Preserving Privacy in WiFi Localization With Plausible Dummy Locations[J].IEEE Transactions on Vehicular Technology,2020,69(10):11909-11925.
[11]DEWRI R,THURIMELLA R.Exploiting Service Similarity for Privacy in Location-Based Search Queries[J].IEEE Transactions on Parallel and Distributed Systems,2014,25(2):374-383.
[12]ZHENG L J,YUE H H,LI Z X,et al.k-Anonymity Location Privacy Algorithm Based on Clustering[J].IEEE Access,2018,6:28328-28338.
[13]ZHAO Z M,HU H D,ZHANG F,et al.K-anonymous Location Privacy Protection Method Based on Circular Region Partition[J].Journal of Beijing Jiaotong University,2013,37(5):13-18.
[14]WANG J,LI Y,YANG D,et al.Achieving Effective $k$-Anonymity for Query Privacy in Location-Based Services[J].IEEE Access,2017,5:24580-24592.
[15]GEDIK B,LIU L.Protecting Location Privacy with Personalized k-Anonymity:Architecture and Algorithms[J].IEEE Transactions on Mobile Computing,2008,7(1):1-18.
[16]NIU B,LI Q,ZHU X,et al.Achieving k-anonymity in Privacy-aware Location-based Services[C]//IEEE INFOCOM 2014-IEEE Conference on Computer Communications.NJ:IEEE,2014:754-762.
[17]SUN G,CHANG V,RAMACHANDRAN M,et al.Efficient location privacy algorithm for Internet of Things(IoT) services and applications[J].Journal of Network & Computer Applications,2016,89(7):3-13.
[18]DU Y,CAI G,ZHANG X,et al.An Efficient Dummy-Based Location Privacy-Preserving Scheme for Internet of Things Ser-vices[J].Information(Switzerland),2019,10(9):1-15.
[19]XIA X Y,BAI Z H,LI J,et al.A Location Cloaking Algorithm Based on Dummy and Stackelberg Game[J].Journal of Compu-ter Science,2019,442(10):92-108.
[20]WANG J,WANG C R,MA J F,et al.Dummy Location Selection Algorithm Based on Location Semantics and Query Probability[J].Journal of Communication,2020,41(3):53-61.
[21]SHI X J,ZHANG J R,GONG Y.A Dummy Location Generation Algorithm Based on the Semantic Quantification of Location[C]//2021 IEEE International Conference on Artificial Intelligence and Computer Applications(ICAICA),NJ:IEEE,2021:172-176.
[22]WANG S,LI F H,NIU B,et al.Research Progress on Location Privacy-preserving Techniques[J].Journal of Communication,2016,37(12):124-141.
[23]MACHANAVAJJHALA A,KIFER D,GEHRKE J,et al.L-diversity:Privacy Beyond k-anonymity[J].ACM Transactions on Knowledge Discovery from Data,2007,1(1):3-5.
[24]ZHENG Y,ZHANG R,XIE X,et al.GeoLife:Managing andUnderstanding Your Past Life over Maps[C]//The Ninth International Conference on Mobile Data Management.IEEE,2008:211-212.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!