Study User Privacy In Mobile Social Networks

With the rapid development of mobile devices and social networks, Mobile Social Networks(MSNs) have become one of the fastest-growing activities among mobile users domestically and worldwide. With modern smartphones or tablets, mobile users can download kinds of applications from Apple Store or Google Play Store. With the help of these applications, on one hand, users can easily enjoy the convenience provided by different Service Providers(SPs) such as Location-Based Services(LBSs). On the other hand, users can easily communicate with nearby users locally to exchange information, content and media through some short-range communication techniques based activities, such as Proximity-Based Mobile Social Networks(PMSNs).To enjoy these activities, people always need to reveal some information such as their locations, interests or other personal data to either untrusted third parties(i.e., LBS servers) or nearby entities as the first step. However, since these entities can obtain all the revealed information about users such as where they are at which time, what kind of queries they submit, what they are doing, etc., he may track users in various ways, or learn the personal data and release to malicious parties. Thus, we need to pay more attention to user’s privacy.Existing approaches always fail to avoid the trusted third paries and provide uncomfortable service for mobile users. In this dissertation, we design several schemes to preserve mobile user’s privacy effectively and efficiently in MSNs, especially LBSs and PMSNs. The main contributions of our works can be summarized as follows:1) We point out the importance of side information in LBSs and propose two privacy-preserving algorithms, termed Dummy Location Selection(DLS) and the enhanced version(enhanced-DLS), which aim to achieve k-anonymity for privacy-aware mobile users in LBSs. With fully consideration on the side information, the entropy-based DLS carefully selects dummy locations considering that side information may be exploited by adversaries. The enhanced version considers both entropy and the Cloaking Region CR to maintain the entropy while ensuring that the selected dummy locations are spread as far as possible. Analyticaland simulation results show that our algorithms can achieve the objectives effectively and efficiently.2) With aforementioned goals, we design another fine-grained spatial cloaking scheme for privacy-ware mobile users, which is termed FGcloak. Based on a novel use of modified Hilbert Curve, our FGcloak effectively guarantees k-anonymity and at the same time provides larger CR. It also uses a parameter s for users to make fine-grained control on the system overhead based on the resource constraints of mobile devices. Security analysis and empirical evaluation results verify our proposed scheme.3) We also propose an encounter-based solutions to protect user’s location privacy and query privacy(EPS), simultaneously. Without reliance on any Trusted Third Party(TTP), EPS uses local buffer on each user’s mobile device to collect the queried information of the encountered users. To achieve k-anonymity, a user needs to choose k-1 records from her buffer, with the help of our location obfuscating algorithm and querying algorithm, the user’s privacy can be protected. Security analysis and evaluation results indicate that our scheme can preserve user’s privacy effectively and efficiently.4) To preserve user’s privacy while avoiding the heavy system overhead proceeded within a collaborative group, we propose a novel scheme, named Mobi Cache, which combines cache with k-anonymity. In Mobi Cache, mobile users cache their previous service data. Each user first seeks service data from their neighbors’ cache to avoid revealing her real location to the LBSs server and protect privacy. A live query is sent to the server only when the data needs cannot be satisfied by cache, and this query is protected by mixing the real location with dummy locations. To improve cache hit ratio and protect privacy, we proposed three algorithms for dummy location selection, a basic solution called Dummy Selection Algorithm(DSA), an enhanced-DSA which further improves the user’s privacy as well as the cache hit ratio, and an efficient-DSA which reduces the communication and storage cost. Evaluation results show that the proposed algorithms can achieve high cache hit ratio, effectively protect user privacy, and significantly reduce the system overhead.5) To address the growing privacy concerns in private matching problems in PMSNs, we propose two priority-aware private matching schemes to match the similarity with potential friends in the vicinity. Unlike existing work, our proposedpriority-aware matching scheme(P-match) achieves our privacy goal by combining the commutative encryption function and our newly constructed similarity function that considers the number of common attributes between users, the corresponding priorities and the ratio of attributes matched over all the input set. P-match can cope with the potential attacks, such as unlimited input attack and less input attack. Further, we propose E-match, which can avoid the heavy cryptographic operations and improve the system performance significantly by employing the Bloom Filter. The evaluation and the implementation results indicate that our proposed schemes can achieve the privacy goal and reduce the system overhead dramatically in terms of computation, communication and energy cost.6) We propose an exactly spatiotemporal matching scheme for privacy-aware users in MSNs. Different from many existing solutions, based on the carefully designed spatiotemporal profile, our scheme employs a weight-aware pre-matching module to filter out the users with less similarity and the malicious adversaries, thus guarantees that nothing is revealed before determining the best matches. Further, we propose a privacy-preserving exchanging module against Honest-But-Curious users. Finally, the similarity computing module computes the exact matching result between each candidate to determine the best match. Thorough security analysis and evaluation results indicate that our scheme is effective and efficient.