Increasing use of smartphones and location-based services (LBSs) for their on- and off-job functions will likely entice users to reveal their location and movement information, which may be exploited by adversaries to infer the Points of Interest (POIs) they visit, and hence their privacy information. To protect mobile users' location privacy, this project will first improve the understanding of emerging threats and attacks against their location privacy. With this understanding, it will then develop, implement, and evaluate an efficient and effective framework, called the Location Information ScrAmbler (LISA), that adjusts uncertainty in a user's location, thereby removing -- or significantly weakening -- the distinguishability of the POIs s/he may visit. This project has intellectual merit as follows. By protecting location privacy locally on each mobile user's device, LISA will not rely on trusted third-party servers commonly required by existing approaches; this removes single-point-of-failure vulnerabilities and facilitates its implementation and deployment. Moreover, since energy-efficiency is the most critical requirement for energy-deficient mobile devices, this project will develop ways of making a trade-off between location privacy and energy consumption to adaptively achieve a balance between privacy protection and energy consumption. At present, location privacy is a very subjective concept with widely-varying definitions. To advance the understanding of, and develop effective measures for location privacy and protection, this project consists of (1) formal definition of location privacy based on the notion of m-unobservability; (2) collection of real-world traces of human and vehicle mobility pattern, and development of different mobility and tracking models by analyzing the traces; (3) optimization of the trade-off between the level of a mobile user's location privacy and energy consumption by the mobile user's device; (4) adaptive configuration of the location-privacy requirements according to the user's preference and situation so as to optimize energy consumption; (5) augmentation of users' mobile devices with LISA to protect their location privacy without requiring any trusted third-party server that most existing approaches rely on; (6) comprehensive field experiments to evaluate the efficacy and efficiency of LISA by implementing and deploying it to 20 some volunteers' smartphones. This research will also make broader impacts by improving both the security and productivity of a rapidly-growing number of people who use smartphones and LBSs for their daily functions. The proposed integration of research, outreach, and education activities will have social and educational impacts on the security research and industry communities, protecting mobile users' privacy, increasing the awareness of mobile service and network security, and developing skilled human resources.
