on the age of pseudonyms in mobile ad hoc networks
DESCRIPTION
On the Age of Pseudonyms in Mobile Ad Hoc Networks. Julien Freudiger , Mohammad Hossein Manshaei , Jean-Yves Le Boudec and Jean-Pierre Hubaux Infocom 2010. Location-based Applications. Share location Twitter Flickr Google search Foursquare Loopt Google Latitude Ovi …. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/1.jpg)
On the Age of Pseudonyms in Mobile Ad Hoc Networks
Julien Freudiger, Mohammad Hossein Manshaei, Jean-Yves Le Boudec and Jean-Pierre Hubaux
Infocom 2010
![Page 2: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/2.jpg)
2
Get LocationCellular networks
GPS
Wifi
IP
Share locationTwitterFlickrGoogle searchFoursquareLooptGoogle LatitudeOvi…
Location-based Applications
![Page 3: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/3.jpg)
3
Context-based Applications
Sense neighborhood
Ad hoc communications
RFID
Communicate
Vehicular Networks
Proximity-based Social Networks
Opportunistic communications
Delay-tolerant networks
…
![Page 4: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/4.jpg)
4
Locality is one contextual informationmost useful when combined with others
Hyper-connected World
![Page 5: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/5.jpg)
5SPOTRANK by Skyhook wireless
• Provides insight into human behavior• Enables localized services• Helps city planners
Location
![Page 6: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/6.jpg)
6
“Understand urban construct through the interaction of its parts”
Petra Kempf, Architect and Urban Designer
You Are the City
![Page 7: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/7.jpg)
7
Privacy Threat
Human movement is highly predictable and follows simple reproducible patterns
Visited locations reveal– Personal activities– Professional activities– Social activities
C. Song, Z. Qu, N. Blumm and A.-L.Barabasi. Limits of Predictability in Human Mobility. Science 2010
![Page 8: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/8.jpg)
8
Location is identity
![Page 9: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/9.jpg)
9
“It’s not where you are, it’s where you have been”
Gary Gale, Yahoo
![Page 10: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/10.jpg)
10
GOALControl location disclosure
![Page 11: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/11.jpg)
11
This Paper
Consider– Context-based applications– Ad hoc wireless communications– Mix zones to prevent tracking of users
Contribution– Measure achieved location privacy
using the distribution of age of pseudonyms
![Page 12: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/12.jpg)
12
Ad Hoc Networks(Peer-to-Peer Wireless Communications)
1 2
Message Signature + certificateIdentifierPseudonym
![Page 13: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/13.jpg)
Assumptions
N mobile nodes
WiFi/Bluetooth enabled
Ad hoc communications
13
3
2
1
5
4
6Certification authority (CA)
![Page 14: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/14.jpg)
14
Threat: Tracking
21
Global passive eavesdroppertracks location of mobile nodes
![Page 15: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/15.jpg)
15
Solution: Mix Zones
Mix zone
2121
xy?
A. Beresford and F. Stajano. Mix Zones: user privacy in location aware services. Percom, 2004M. Li et al. Swing and Swap: User-centric approaches towards maximizing location privacy . WPES, 2006
Temporal decorrelation: Change pseudonymSpatial decorrelation: Remain silent
![Page 16: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/16.jpg)
Gain and Cost
16
Gain• Tracking uncertainty of adversary (entropy)• Depends on number of nodes in mix zone and trajectory
Cost γ • Obtain new pseudonym• Update routing tables• Silent period
![Page 17: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/17.jpg)
17
Mix ZonesMix network
Mix networks vs Mix zones
Mixnode
Mixnode
Mixnode
Alice Bob
Alice source
Alice destination
![Page 18: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/18.jpg)
18
The Problem
Can we measure the location privacy achieved with a network of mix zones?
![Page 19: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/19.jpg)
19
Outline
1. Age of Pseudonym: A Metric for Location Privacy
2. Dynamical System: Mean Field Equations
3. Analytical Results
4. Numerical Results
![Page 20: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/20.jpg)
20
Age of Pseudonym
• Adversary can track nodes between mix zones• Mix zone = confusion point
Mix zone 1
Mix zone 2
TRACEABLE
Older age of pseudonym results in lower location privacy
Age of Pseudonym Location Privacy
![Page 21: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/21.jpg)
Evolution of Age of Pseudonym
21
2
E2
1
E1
E2 :SuccessE1: Success1t 2t
t
( )iZ t
E3:Failure3t
3E3
t
0
Age:
A
![Page 22: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/22.jpg)
22
Outline
1. Age of Pseudonym: A Metric for Location Privacy
2. Dynamical System: Mean Field Equations
3. Analytical Results
4. Numerical Results
![Page 23: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/23.jpg)
23
Mean Field Theory
Replace interactions between nodes with average interaction
M. Benaım and J.-Y. Le Boudec. A class of mean field interaction models for computer and communication systems. Performance Evaluation, 65(11-12):823–838, 2008
![Page 24: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/24.jpg)
24
Goal
• Measure probability distribution of a certain state– CDF of the age of pseudonym
• Mean field theory says“CDF is known to satisfy ordinary differential
equations when N goes to infinity”
![Page 25: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/25.jpg)
25
Model Parameters
Communication model– : Communication rate
Mobility Model– η: Rate of meetings– : Average number of nodes in meetings
Cooperation model– c(z): Probability of cooperation at age z
![Page 26: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/26.jpg)
26
Mean Field Equations: Drift Process
Fz
At each time step, the age of pseudonym is incremented with rate
26
1tt
( )iZ t
0: iu Z
z
![Page 27: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/27.jpg)
01 : ju Z
z
Mean Field Equations: Jump Process (1)can successfully change its pseudonym
2tt
( )iZ t
ju
1t
1 { }0
( ) ( )(1 1 ) ( , )x z
Fc x q t x t dxx
c(z): Probability of cooperation of node with age zq(t): Probability of finding at least one cooperative node: Rate of meetings
27
![Page 28: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/28.jpg)
28
02 :
z
Zz
2 ( )(1 ( )) ( , )z
z
Fc x q t x t dxx
Mean Field Equations: Jump Process (2)
ku
t
( )iZ t
1t
2t
cannot find a cooperative partnerku
![Page 29: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/29.jpg)
29
1 2
Ft
Mean Field Equations
( , ) 1,F t t
Fz
2 ( )(1 ( )) ( , )z
z
Fc x q t x t dxx
1 { }0
( ) ( )(1 1 ) ( , )x z
Fc x q t x t dxx
![Page 30: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/30.jpg)
30
Outline
1. Age of Pseudonym: A Metric for Location Privacy
2. Dynamical System: Mean Field Equations
3. Analytical Results
4. Numerical Results
![Page 31: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/31.jpg)
31
Stationary mode (t goes to infinity)
Cooperation is a threshold function
( )c z
z
10c
( , ) 0F z tt
![Page 32: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/32.jpg)
32
Mean Field Equation
0
( ) ( ) (1 ) ( ) ( ) 0
( ) 1
df c z f z q c z f zdz
f z dz
![Page 33: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/33.jpg)
33
Solution: PDF of the Age of Pseudonyms
( 1)m z m
![Page 34: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/34.jpg)
34
Outline
1. Age of Pseudonym: A Metric for Location Privacy
2. Dynamical System: Mean Field Equations
3. Analytical Results
4. Numerical Results
![Page 35: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/35.jpg)
35
GammaCost of Pseudonym change
Constant -- f(0)
Exponential
Exponential X Polynomial
Result 1: High results in older pseudonym distribution because of second jump process
= 5, =1, c0=1
![Page 36: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/36.jpg)
36
ThetaCooperation Threshold
Result 2: High results in older pseudonym distribution because there is less cooperation.
= 5, =1, c0=1
![Page 37: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/37.jpg)
37
LambdaCommunication rate
Result 3: High results in older pseudonym distribution because pseudonym ages faster.
= 1, =5, c0=1
![Page 38: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/38.jpg)
38
Average number of nodes in meeting
Result 4: High N results in younger pseudonym distribution because it is easier to find cooperative nodes.
= 1, =5, c0=1, =1
![Page 39: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/39.jpg)
39
Model Validation
• Random walk model• 10km X 10km• Transmission range: 100 meters• Run simulation until convergence
![Page 40: On the Age of Pseudonyms in Mobile Ad Hoc Networks](https://reader036.vdocuments.us/reader036/viewer/2022062520/56816353550346895dd3f937/html5/thumbnails/40.jpg)
Conclusion
• Developed a framework to measure the distribution of age of pseudonyms
• Main result: Possible to design system with low distribution of age of pseudonym
• Obtained a fundamental building block of location-privacy-preserving systems
40
lca.epfl.ch/privacytwitter.com/jfreudiger