ITIS 60108010 Wireless Network Security - PowerPoint PPT Presentation

1 / 38

About This Presentation

Title:

ITIS 60108010 Wireless Network Security

Description:

Windows Live Search reverse white pages. Algorithm. Correct out of 172. Percent Correct ... Outdated white pages. Poor geocoding. 30. Similar Study ... – PowerPoint PPT presentation

Number of Views:67

Avg rating:3.0/5.0

Slides: 39

Provided by: Weicha9

Category:

more less

Transcript and Presenter's Notes

Title: ITIS 60108010 Wireless Network Security

1
ITIS 6010/8010 Wireless Network Security

Dr. Weichao Wang

Location Privacy Issues
The Competing Agendas Harming Privacy and
Innovation
Inference Attacks on Location Tracks

3
Overview

There is a fight b/w the parties trying to
protect peoples location privacy and parties
trying to generate services and revenues on that
The Good News Technological initiatives can
enhance the privacy of location information
GeoPriv
But other societal demands are threatening those
initiatives
e911 emergency call requirements
Law enforcement surveillance demands
This can harm privacy and innovation

4
GeoPriv

A technical standard aimed at protecting the
privacy of location information
Development started in 2001 by the Internet
Engineering Task Force (IETF)
Created in response to proposals about location
that ignored privacy implications of location
information
Generate 10 Internet-Drafts and 9 RFC

5
The GeoPriv Standard

Requires that basic privacy rules must be
transmitted alongside location information
Privacy rules and location information are
contained in the same electronic envelope
Basic privacy rules include
Time limit on retention
Retransmission consent (or lack thereof)
Pointer to more robust externally-stored privacy
rules

6
Robust Rules Possible

Robust rules can include conditions for
Identity who can receive my location
Validity when can my location be provided
Sphere am I at work, at home, traveling?
Allows for rules like if I am at work the
following people can learn my location
Does not assume that the network or access
provider will control location information --
allows third party privacy providers

7
GeoPriv Deployment

Intended by IETF to be used for all transmissions
of location info using IETF protocols, e.g., SIP
(VoIP/IM)
Initial plans to implement GeoPriv
3GPP -- wireless communications
NENA (US) -- emergency communications
Requires national/local laws to enforce privacy
rules conveyed by GeoPriv

8
The Bad News

Competing national/social agendas are setting
technical requirements that undermine GeoPriv and
other efforts to protect location privacy
Various proposals would have us skip straight to
the Orwellian surveillance society

9
e911

Highly problematic proposed requirements
Demand for network-provided location
Devices must be automatically locatable
All IP-enabled devices covered
Harm to privacy
Takes control away from users
Tracking can be done without user involvement
More and more devices can be tracked
Harm to innovation
Some possible devices cannot meet requirements

10
Law Enforcement Surveillance and Location Tracking

On-going debate in U.S. about legal standard for
access to location info
Technical demands by law enforcement raise
serious privacy concerns (CALEA)
Cell tower location not adequate
In VoIP and other IP-enabled contexts, U.S. law
enforcement wants to control initial design of
new technologies

11
Concern about Both Privacy and Innovation

Clear harms to privacy
Loss of user control and knowledge
Greater commercial access to location
Always on tracking capability
Limitations on innovation and new technology can
also harm or diminish privacy
May preclude simpler, less trackable devices
May preclude third parties offering privacy
protection services

12
Conclusions

New location technology can threaten privacy
But technologies can also protect location
privacy
Well-intended societal goals can harm location
privacy
We need to balance other societal goals (911, law
enforcement) with need to protect privacy

13
(No Transcript)
14
Inference Attacks on Location Tracks
15
Questions to Answer

Do anonymized location tracks reveal your
identity?
If so, how much data corruption will protect you?

16
Motivation Why Send Your Location?
Congestion Pricing
Pay As You Drive (PAYD) Insurance
Location Based Services
Collaborative Traffic Probes (DASH)
Research (London OpenStreetMap)
17
GPS Data
Microsoft Multiperson Location Survey (MSMLS)
Garmin Geko 201 115 10,000 point memory median
recording interval 6 seconds 63 meters
55 GPS receivers 226 subjects 95,000
miles 153,000 kilometers 12,418 trips Home
addresses demographic data
Seattle Downtown
Close-up
Greater Seattle
18
People Dont Care About Location Privacy

74 U. Cambridge CS students
Would accept 10 to reveal 28 days of measured
locations (20 for commercial use)

226 Microsoft employees
14 days of GPS tracks in return for 1 in 100
chance for 200 MP3 player

62 Microsoft employees
Only 21 insisted on not sharing GPS data outside

11 with location-sensitive message service in
Seattle
Privacy concerns fairly light

55 Finland interviews on location-aware services
It did not occur to most of the interviewees
that they could be located while using the
service.

19
Documented Privacy Leaks
How Cell Phone Helped Cops Nail Key Murder
Suspect Secret Pings that Gave Bouncer Away
New York, NY, March 15, 2006
Stalker Victims Should Check For GPS Milwaukee,
WI, February 6, 2003
A Face Is Exposed for AOL Searcher No.
4417749 New York, NY, August 9, 2006
Real time celebrity sightings http//www.gawker.co
m/stalker/
20
Pseudonimity for Location Tracks

Pseudonimity
Replace owner name of each point with
untraceable ID
One unique ID for each owner

Example
Larry Page ? yellow
Bill Gates ? red

21
Attack Outline
22
GPS Tracks ? Home Location Algorithm 1
Last Destination median of last destination
before 3 a.m.
Median error 60.7 meters
23
GPS Tracks ? Home Location Algorithm 2
Weighted Median median of all points, weighted
by time spent at point (no trip segmentation
required)
Median error 66.6 meters
24
GPS Tracks ? Home Location Algorithm 3
Largest Cluster cluster points, take median of
cluster with most points
Median error 66.6 meters
25
GPS Tracks ? Home Location Algorithm 4
Best Time location at time with maximum
probability of being home
Median error 2390.2 meters (!)
26
Why Not More Accurate?

GPS interval 6 seconds and 63 meters
GPS satellite acquisition -- 45 seconds on cold
start, time to drive 300 meters at 15 mph
Covered parking no GPS signal
Distant parking far from home

covered parking
distant parking
27
GPS Tracks ? Identity?
Windows Live Search reverse white pages lookup
www.whitepages.com
28
Identification
MapPoint Web Service reverse geocoding
Windows Live Search reverse white pages
29
Why Not Better?

Multiunit buildings
Outdated white pages
Poor geocoding

30
Similar Study
Hoh, Gruteser, Xiong, Alrabady, Enhancing
Security and Privacy in Traffic-Monitoring
Systems, in IEEE Pervasive Computing. 2006. p.
38-46.

219 volunteer drivers in Detroit, MI area
Cluster destinations to find home location
arrive 4 p.m. to midnight
must be in residential area
Manual inspection on home location (no knowledge
of drivers actual home address)
85 of homes found

31
Easy Way to Fix Privacy Leak?
Duckham, M. and L. Kulik, Location Privacy and
Location-Aware Computing, in Dynamic Mobile
GIS Investigating Change in Space and Time, J.
Drummond, et al., Editors. 2006, CRC Press Boca
Raton, FL.

Location Privacy Protection Methods
Regulatory strategies based on rules
Privacy policies based on trust
Anonymity e.g. pseudonymity
Obfuscation obscure the data

32
Obfuscation Techniques(Duckham and Kulik, 2006)

Spatial Cloaking confuse with other people
Noise add noise to measurements
Rounding discretize measurements
Vagueness home, work, school, mall
Dropped Samples skip measurements

33
Countermeasure Add Noise
original
s 50 meters noise added
Effect of added noise on address-finding rate
34
Countermeasure Discretize
original
snap to 50 meter grid
Effect of discretization on address-finding rate
35
Countermeasure Cloak Home