Security and privacy support for mobile sensing

The proliferation and ever-increasing capabilities of mobile devices such as smart phones give rise to a variety of mobile sensing systems, which collect data from the embedded sensors of mobile devices to make sophisticated inferences about people and their surroundings. Mobile sensing can be applied to environmental monitoring, traffic monitoring, healthcare, etc. However, the large-scale deployment of mobile sensing applications is hindered by several challenges, including privacy leakage from sensing data, the lack of incentives for mobile device users to participate, and the lack of security mechanisms for data collection when communication infrastructure is unavailable.;The specific goal of this dissertation is to provide security and privacy support for mobile sensing. We achieve this goal by devising techniques to address the aforementioned challenges. First, to provide incentives for users to participate and at the same time preserve privacy, we propose two credit-based privacy-aware incentive schemes for mobile sensing. These schemes reward users with credits for their contributed data without exposing who contributes the data. They also ensure that dishonest users cannot abuse the system to earn unlimited credits. One scheme relies on a trusted third party to protect privacy. The other scheme removes the assumption of trusted third party, and provides unconditional privacy by combining blind signature, partially blind signature, and commitment techniques. Second, for a broad class of applications that need to periodically collect useful aggregate statistics of sensing data, we propose a privacy-preserving aggregation protocol for the Sum aggregate, which can provide differential privacy---a strong and provable privacy guarantee. To perform private and efficient aggregation, we design a novel HMAC-based encryption scheme which allows the aggregator to get the sum of all users' data but nothing else, and a novel ring-based overlapped grouping technique to efficiently deal with dynamic joins and leaves of users. We also extend the aggregation scheme for Sum to derive Max/Min and other aggregate statistics. Third, for mobile devices without communication infrastructure support, opportunistic mobile networking techniques are used to connect these devices. We address three security issues that may degrade the performance of sensing data collection in opportunistic mobile networks: social selfishness, flood attacks, and routing misbehavior. Specifically, we propose a Social Selfishness Aware Routing (SSAR) protocol which allows users to behave in the socially selfish way but improves routing performance by considering user selfishness into relay selection; we employ rate limiting to defend against flood attacks and design a distributed scheme which can probabilistically detect the violation of rate limit; to mitigate routing misbehavior, we devise a distributed scheme to detect packet dropping in opportunistic mobile networks and an algorithm to reduce the amount of packets forwarded to misbehaving users.