TY - GEN
T1 - Techu
T2 - 15th ACM International Conference on Mobile Systems, Applications, and Services, MobiSys 2017
AU - Agadakos, Ioannis
AU - Polakis, Jason
AU - Portokalidis, Georgios
N1 - Publisher Copyright:
© 2017 ACM.
PY - 2017/6/16
Y1 - 2017/6/16
N2 - The proliferation of mobile devices, equipped with numerous sensors and Internet connectivity, has laid the foundation for the emergence of a diverse set of crowdsourcing services. By leveraging the multitude, geographical dispersion, and technical abilities of smartphones, these services tackle challenging tasks by harnessing the power of the crowd. One such service, Crowd GPS, has gained traction in the industry and research community alike, materializing as a class of systems that track lost objects or individuals (e.g., children or elders). While these systems can have significant impact, they suffer from major privacy threats. In this paper, we highlight the inherent risks to users from the centralized designs adopted by such services and demonstrate how adversaries can trivially misuse one of the most popular crowd GPS services to track their users. As an alternative, we present Techu, a privacy-preserving crowd GPS service for tracking Bluetooth tags. Our architecture follows a hybrid decentralized approach, where an untrusted server acts as a bulletin board that collects reports of tags observed by the crowd, while observers store the location information locally and only disclose it upon proof of ownership of the tag. Techu does not require user authentication, allowing users to remain anonymous. Our security analysis highlights the privacy offered by Techu, and details how our design prevents adversaries from tracking or identifying users. Finally, our experimental evaluation demonstrates that Techu has negligible impact on power consumption, and achieves superior effectiveness to previously proposed systems while offering stronger privacy guarantees.
AB - The proliferation of mobile devices, equipped with numerous sensors and Internet connectivity, has laid the foundation for the emergence of a diverse set of crowdsourcing services. By leveraging the multitude, geographical dispersion, and technical abilities of smartphones, these services tackle challenging tasks by harnessing the power of the crowd. One such service, Crowd GPS, has gained traction in the industry and research community alike, materializing as a class of systems that track lost objects or individuals (e.g., children or elders). While these systems can have significant impact, they suffer from major privacy threats. In this paper, we highlight the inherent risks to users from the centralized designs adopted by such services and demonstrate how adversaries can trivially misuse one of the most popular crowd GPS services to track their users. As an alternative, we present Techu, a privacy-preserving crowd GPS service for tracking Bluetooth tags. Our architecture follows a hybrid decentralized approach, where an untrusted server acts as a bulletin board that collects reports of tags observed by the crowd, while observers store the location information locally and only disclose it upon proof of ownership of the tag. Techu does not require user authentication, allowing users to remain anonymous. Our security analysis highlights the privacy offered by Techu, and details how our design prevents adversaries from tracking or identifying users. Finally, our experimental evaluation demonstrates that Techu has negligible impact on power consumption, and achieves superior effectiveness to previously proposed systems while offering stronger privacy guarantees.
KW - Ble tags
KW - Crowd GPS
KW - Location privacy
KW - Location-based services
KW - Privacy-preserving protocol
KW - User tracking
UR - http://www.scopus.com/inward/record.url?scp=85026206810&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85026206810&partnerID=8YFLogxK
U2 - 10.1145/3081333.3081345
DO - 10.1145/3081333.3081345
M3 - Conference contribution
AN - SCOPUS:85026206810
T3 - MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services
SP - 475
EP - 487
BT - MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services
Y2 - 19 June 2017 through 23 June 2017
ER -