Parasitic Tracking Mobile Wireless Networks

Abstract: Along with the growth and popularity of mobile networks, users enjoy more convenient connection and communication. However, exposure of user presence in mobile networks is becoming a major concern and motivated a plethora of LPPM Location Privacy Protection Mechanisms (LPPMs) have been proposed and analysed, notably considering powerful adversaries with rich data at their disposal, e.g., mobile network service providers or Location Based Services (LBS). In this thesis, we consider a complementary challenge: exposure of users to their peers or other nearby devices. In other words, we are concerned with devices in the vicinity that happen to eavesdrop (or learn in the context of a peer-to-peer protocol execution) MAC/IP addresses or Bluetooth device names, to link user activities over a large area (e.g., a city), and especially when a small subset of the mobile network devices parasitically logged such encounters, even scattered in space and time, and collaboratively breach user privacy. The eavesdroppers can be honest-but-curious network infrastructures such as wireless routers, base stations, or adversaries equipped with Bluetooth or WiFi sniffers. The goal of this thesis is to simulate location privacy attacks for mobile network and measure the location privacy exposure under these attacks. We consider adversaries with varying capabilities, e.g., number of deployable eavesdroppers in the network and coverage of eavesdropper, and evaluate the effect of such adversarial capabilities on privacy exposure of mobile users. We evaluate privacy exposure with two different metrics, i.e., Exposure Degree and Average Displacement Error (ADE).We use Exposure Degree as a preliminary metric to measure the general coverage of deployed eavesdroppers in the considered area. ADE is used to measure the average distance between user’s actual trace points and user’s trajectory predictions. We simulate three attack cases in our scheme. In the first case, we assume the attacker only acquires the collected data from users. We vary the number of receivers to test attack capacity. Exposure Degree is used to evaluate location privacy in this case. For the second and third cases, we assume the attacker also has some knowledge about users’ history traces. Thus, the attacker can utilize machine learning models to make prediction about user’s trace. We leverage Long Short-Term Memory (LSTM) neural network and Hidden Markov Model (HMM) to conduct real-time prediction and Heuristic LSTM to reconstruct more precise user trajectories. ADE is used to evaluate the degree of location privacy exposure in this cases. The experiment results show that LSTM performs better than HMM on trace prediction in our scheme. Higher number of eavesdroppers would decrease the ADE of LSTM model (increase user location privacy exposure). The increase of communication range of receiver can decrease ADE but will incur ADE increase if communication range successively increases. The Heuristic LSTM model performs better than LSTM to abuse user location privacy under the situation that the attacker reconstructs more precise users trajectories based on the in-complete observed trace sequence.