Vigorous Location Privacy Protection Using Dummy Locations for Location-Based Services
Abstract
Location-based service (LBS) is a service based on users’ locations; e.g., finding nearby gas stations or scheduling optimal bus routes.
It is one of the most popular mobile apps or web applications, which are two ways to provide LBSs.
This research is to strengthen the web user location privacy instead of the privacy of mobile users because the implementation of the two methods is very different.
In order to use a location-based service, users have to share their location data with the service providers.
This requirement may hold back the service adaptation since users may not like to share their locations with others.
One common method to preserve user privacy is to send a couple of dummy locations along with the true location to the service providers, so the provider would not be able to tell which location is true.
This method is simple and effective, but it also has some drawbacks that make the privacy safeguarding fragile.
For example, if the dummy locations are generated somewhere near the true location, the service provider may be able to figure out the true location after a few rounds of generations.
Instead of generating discrete dummy locations whenever a service is requested, this research creates the dummy locations from the endpoints of the dummy routes, which are generated incrementally.
The method is explained as follows:
- Dummy locations are generated based on the true location when the first service is requested.
- Whenever a service is requested subsequently, it incrementally creates a true route where the start location is the first true location and the end location is the current true position.
- Similarly, it extends the dummy routes where the start locations are the first dummy locations and the end locations are randomly generated by following the features described below.
This method is more secure since the dummy locations are based on dummy routes instead of the true locations.
The following features need to be considered when dummy routes are generated incrementally:
- The dummy routes should not be too far away from or close to the true route, and cannot be too close to each other either.
- They should be located on the valid space like roads or parking lots.
- Their number should be kept as low as possible like 3 to 5.
Otherwise, managing them would become too difficult.
- The dummy routes have to be plausible; e.g., backward routes should be avoided if the true route does not go backward.
Otherwise, the service providers will be able to tell the locations are fake if the above features are not followed.
This research investigates the flaws of using dummy locations to uphold user privacy from both the users’ and service providers’ points of view, and proposes innovative methods to close the loopholes, so more users will be willing to use location-based services.
Keywords
web computing, privacy, location-based service, LBS, dummy location, dummy route
Conference
International Conference on Recent Advances in Computer Science and Information Technology (ICRACSIT 2023),
Houston, Texas, September 03, 2023.