Privacy of Location Information in Vehicular Ad Hoc Networks PowerPoint PPT Presentation

presentation player overlay
1 / 36
About This Presentation
Transcript and Presenter's Notes

Title: Privacy of Location Information in Vehicular Ad Hoc Networks


1
Privacy of Location Information in Vehicular Ad
Hoc Networks
  • Walaa El-Din M. Moustafa

2
Smart Vehicles
  • An important evolution for the automotive
    industry is the one toward context awareness.
  • A vehicle is aware of its neighborhood including
    the presence and location of other vehicles.

3
Smart Vehicles
  • Modern cars now possess a network of processors
    connected to a central computing platform that
    provides Ethernet, Bluetooth, and IEEE 802.11
    interfaces.

4
Smart Vehicles
  • Newer cars also have such features as
  • Event Data Recorder (EDR)
  • GPS Receiver
  • Front and End Radar for detecting obstacles

5
VANET
  • Vehicles connected to each others through an ad
    hoc formation form a wireless network called
    Vehicular Ad Hoc Network

6
VANET
7
VANET
  • Decentralized
  • Self-organizing
  • Multi-hop routes
  • Nodes move with high speeds
  • Number of nodes is very large

8
Architecture
V2V
V2I
Road Side Unit (RSU)
Server (Location Based Service)
Server (Traffic Monitoring)
9
Applications
10
Applications
11
Obstacles
  • A major hurdle in moving forward is that only a
    small subset of vehicles will be smart
  • V2V applications requires most of the vehicles be
    equipped with these systems

12
Obstacles
  • The feeling of being permanently monitored by
    some arbitrary authority will limit the user
    acceptance to these schemes

13
Privacy Threat Examples
  • The police uses hello beacons to calculate
    driving behavior and issues speeding tickets.
  • An employer is overhearing the communications
    from cars on the company parking lot.

14
Privacy Threat Examples
  • A private investigator easily follows a car
    without being noticed by extracting position
    information from messages and hello beacons.

15
First Step to Privacy
  • In the first example, a pseudonym may be used.
  • Unless there is no provable mapping between the
    pseudonym and real-world identity, the police
    will have a hard time issuing a ticket.

16
First Step to Privacy
  • In the second example this may not be enough
  • The employer can correlate real-world identities
    and pseudonyms.
  • Change the cars identifiers from time to time.

17
First Step to Privacy
  • In the third example, even these precautions
    would not be enough.
  • To prevent being followed, the cars identifier
    would have to be changed while moving.

18
Basic Privacy Requirements
  • Use pseudonyms as identifiers instead of
    real-world identities.
  • Change these pseudonyms.
  • The number of pseudonym changes depends on the
    application and its privacy threat model.
  • Pseudonyms used during communication can be
    mapped to real-world identities in special
    situations Trusted Authority

19
Are we missing something?
  • ID 50c7eab4 Pos (6, 6)
  • ID d667a062 Pos (4, 4)
  • ID cc6946d2 Pos (2, 1)
  • ID 3b99e1f6 Pos (0, 1)

20
Are we missing something?
  • ID c77b6e7a Pos (-6, -6)
  • ID c511c120 Pos (-4, -4)
  • ID d6130970 Pos (2, 0)
  • ID 3e086548 Pos (0, 0)

21
Are we missing something?
22
More Privacy V2V
  • For V2V scenarios, actually it is hard to achieve
    more privacy.
  • The silent period is bound by the maximum time
    between broadcast messages.

23
More Privacy V2I
  • For V2I applications
  • Vehicles in geographical proximity share
    redundant information such as road and traffic
    conditions.
  • Not all vehicles need to send information.

24
More Privacy V2I
  • Vehicles form a group.
  • Vehicles are in a group if each group member can
    hear broadcasts of every other group member.
  • The group leader is doing the communication on
    behalf of the group.

25
More Privacy V2I
  • The silent period of a group member vehicle is
    extended.
  • Unnecessary redundancy is reduced.
  • Reduced number of pseudonym updates

26
More Privacy LBS
  • Pseudonyms are not enough
  • Most of the time, users access LBS from an
    identifiable area
  • E.g. Find me the nearest Pizza Hut to 8100
    Greenbelt Road
  • You are the resident of 8100 Greenbelt Road.

27
More Privacy LBS
  • The request needs to be done through a proxy
  • Can be the group leader
  • Can be a Location Anonymizer
  • A user needs to specify a cloaking region
  • It is used to hide the user among different
    others, so that she is indistinguishable.

28
More Privacy LBS
  • A user can specify the cloaking region through
  • Its minimum area.
  • The minimum number of users inside of it.
  • This metric is called k-anonymity
  • The distribution of users across the area.

29
Tracking
  • Assume smin, smax are the minimum and maximum
    speed limits, respectively
  • Assume tmin, tmax are the minimum and maximum
    silent period values, respectively

30
Tracking
  • Given the current position, the next broadcast
    should take place inside the area

Ar
31
Privacy Measure
  • Size of anonymity set
  • The number of users that the target is
    indistinguishable among
  • The maximum tracking time
  • The maximum time that the anonymity set remains 1

32
Privacy Measure
  • If v(Ar) is the number of vehicles inside Ar
  • The expected size of anonymity set of a target is
  • E SA E v(Ar) v(Ar) 1
  • The probability that the target can be uniquely
    identified at each transmission
  • ptrack Pr v(Ar) 1 v(Ar) 1
  • The expected maximum tracking time is

33
Is privacy always good?
  • Traceability due to cross-layer influence
  • Changing the pseudonym on one communication layer
    does not make sense if protocols on other layers
    also use identifiers
  • Security implications
  • With pseudonyms, misbehaving nodes can evade the
    network without being identified

34
Is privacy always good?
  • Problems with application protocols
  • There are applications that need a long-term
    communication relationship
  • E.g. File-transfer or interactive chat-sessions
  • Impact on communication protocols
  • Negative effect on routing protocols due to
    invalid routing tables.

35
References
  • J.-P. Hubaux, S. Capkun, J. Luo. The Security and
    Privacy of Smart Vehicles IEEE Security and
    Privacy Magazine, 2(3)49-55, May-June 2004.
    Hubaux, et. al. present a broad overview of
    VANET security and privacy issues
  • F. Dotzer. Privacy Issues in Vehicular Ad Hoc
    Networks. Workshop on Privacy Enhancing
    Technologies, May 2005
  • K. Sampigethava, L. Huang, M. Li, R. Poovendran,
    K. Matsuura, K. Sezaki. CARAVAN Providing
    Location Privacy for VANET Proceedings of the 3rd
    international workshop on Vehicular ad hoc
    networks, 2006
  • Mohamed F. Mokbel, Chi-Yin Chow and Walid G.
    Aref. The New Casper Query Processing for
    Location Services without Compromising Privacy,
    In Proceedings of VLDB 2006
  • E. Schoch, F. Kargl, T. Leinmuller, S. Schlott,
    and P. Papadimitratos. "Impact of Pseudonym
    Changes on Geographic Routing in VANETs." In
    proceedings of the European Workshop on Security
    and Privacy in Ad hoc and Sensor Networks (ESAS),
    Hamburg, Germany, October 2006

36
Thanks !!
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2026 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The : "Privacy of Location Information in Vehicular Ad Hoc Networks" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!