Location is a type of information that can be used by various applications to provides new opportunities for business and commercial success, and at the same time may be misused. This proposed research aims at developing a multi-model architecture with privacy-enhancing techniques for countering location spoofing attacks while respecting location privacy of mobile users. The multi-model architecture promotes the parallel use of alternative positioning models and multi-beacon methods to make it harder to launch consistent location spoofing attacks. A pseudo-identity obfuscation technique is incorporated into the multi-model defense architecture based on mobility-aware mix-zones to address the legal, social, and ethical implications of continuous location verifications. In this technique, mobile users may customize the settings of mix-zones in order to meet their personalized privacy preference.
The intellectual merit of the proposed research includes a transformative approach that advocates privacy-aware and customizable defense architecture and algorithms to detect and filter out compromised mobile nodes. This detection and filtering is based on the amount of inconsistency between the client-claimed location and the system-determined location as well as the amount of inconsistency among multiple beacons. The broader impacts of this research are two-fold. First, the development of a systematic and privacy enhancing approach for countering location spoofing threats will help enabling a wide range of subscription-driven location based services, such as location-based advertisements, location-based content dissemination and billing, and location-based entertainment. Second, the technical results and the proof-of-concept prototype will be disseminated to a broader audience through educational activities and involvement of women and minority in the proposed research. The unique combination of location spoofing countermeasures with a location privacy awareness is a direct contribution to the multi-disciplinary efforts aimed at meeting the security and location privacy challenges with technical, legal, social, and ethical considerations, and increases the societal confidence in the cyber infrastructure.
