kth.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Cooperative Privacy and Security for Mobile Systems
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Communication Systems, CoS. (Networked Systems Security group)ORCID iD: 0000-0003-2022-3976
2020 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

The growing popularity of powerful mobile devices, along with increased computation and storage of computing infrastructure, opened possibilities for versatile mobile system applications. Users, leveraging sensing capabilities of the devices, can collect rich data and exchange the data with diverse Service Providers (SPs) or their close neighboring devices. Provision of such user status awareness to the involved system entities, can facilitate customized user experience for system participants.

Nonetheless, the open and decentralized nature of mobile systems raise concerns on both security and privacy of users and the system infrastructure. Sensitive user data could be exposed to honest-but-curious entities, which can further process data to profile users. At the same time, compromised system entities can feed faulty data to disrupt system functionalities or mislead users. Such issues necessitate secure and privacy-enhancing mobile systems, while not compromising the quality of service the systems provide to their users. More specifically, the solutions should be efficient and scale as the system grows, and resilient to both external and internal adversaries. This thesis considers two mobile system instances: Location-based Services (LBSs) and Vehicle-to-Vehicle (V2V) safety applications. We address security and privacy in a cooperative manner, relying on cooperation among the users to protect themselves against the adversaries. Due to the reliance on peers, input from the peers should be examined, in order to ensure the reli- ability of the applications. We adapt pseudonymous authentication, designed for Vehicular Communication (VC) systems, and integrate it with LBSs. This protects user privacy and holds users accountable for their actions, which are non-repudiable. At the same time, our scheme prevents malicious nodes from aggressively passing on bogus data. We leverage redundancy of shared data from multiple cooperating nodes to detect potential conflicts. Any conflict triggers proactive checking on the data with the authoritative entity that reveals the actual misbehaving users. For V2V safety applications, we extend safety beacons, i.e., Cooperative Awareness Messages (CAMs), to share signature verification effort, for more efficient message verification. Similarly to the LBSs, redundancy of such piggybacked claims is also key for remedying malicious nodes that abuse this cooperative verification. In addition, the extended beacon format facilitates verification of event-driven messages, including Decentralized Environmental Notification Messages (DENMs), leveraging proactive authenticator distribution.

We qualitatively and quantitatively evaluate achieved security and privacy protection. The latter is based on extensive simulation results. We propose a location privacy metric to capture the achieved protection for LBSs, taking into consideration the pseudonymous authentication. The performance of the privacy-enhancing LBS is experimentally evaluated with the help of an implementation on a small scale automotive computer testbed. We embed processing delays and queue management for message processing in simulations of V2V communication, to show scalability and efficiency of the resilient V2V communication scheme. The results confirm the resilience to both internal and external adversaries for the both systems.

Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology, 2020. , p. 48
Series
TRITA-EECS-AVL ; 2020:33
National Category
Communication Systems
Research subject
Electrical Engineering
Identifiers
URN: urn:nbn:se:kth:diva-273637ISBN: 978-91-7873-565-5 (print)OAI: oai:DiVA.org:kth-273637DiVA, id: diva2:1431593
Public defence
2020-06-15, https://kth-se.zoom.us/webinar/register/WN_WLb9GyXjRD2hY9sCg9I_nQ, 09:30 (English)
Opponent
Supervisors
Note

QC 20200523

Available from: 2020-05-23 Created: 2020-05-22 Last updated: 2022-06-26Bibliographically approved
List of papers
1. Resilient collaborative privacy for Location-Based services
Open this publication in new window or tab >>Resilient collaborative privacy for Location-Based services
2015 (English)In: 20th Nordic Conference on Secure IT Systems, NordSec 2015, Springer, 2015, p. 47-63Conference paper, Published paper (Refereed)
Abstract [en]

Location-based Services (LBSs) provide valuable services, with convenient features for users. However, the information disclosed through each request harms user privacy. This is a concern particularly with honest-but-curious LBS servers, which could, by collecting requests, track users and infer additional sensitive user data. This is the motivation of both centralized and decentralized location privacy protection schemes for LBSs: anonymizing and obfuscating LBS queries to not disclose exact information, while still getting useful responses. Decentralized schemes overcome the disadvantages of centralized schemes, eliminating anonymizers and enhancing users’ control over sensitive information. However, an insecure decentralized system could pose even more serious security threats than privacy leakage. We address exactly this problem, by proposing security enhancements for mobile data sharing systems. We protect user privacy while preserving accountability of user activities, leveraging pseudonymous authentication with mainstream cryptography. Our design leverages architectures proposed for large scale mobile systems, while it incurs minimal changes to LBS servers as it can be deployed in parallel to the LBS servers. This further motivates the adoption of our design, in order to cater to the needs of privacy-sensitive users. We provide an analysis of security and privacy concerns and countermeasures, as well as a performance evaluation of basic protocol operations showing the practicality of our design.

Place, publisher, year, edition, pages
Springer, 2015
Series
Lecture Notes in Computer Science, ISSN 0302-9743 ; 9417
Keywords
Location-based service, Pseudonymous authentication, Security and privacy, Authentication, Data privacy, Encoding (symbols), Error analysis, Knowledge based systems, Location, Mobile devices, Telecommunication services, Basic protocols, Decentralized system, Location privacy protection, Privacy leakages, Security enhancements, Security threats, Sensitive informations, Location based services
National Category
Human Computer Interaction Computer Sciences Communication Systems
Identifiers
urn:nbn:se:kth:diva-181644 (URN)10.1007/978-3-319-26502-5_4 (DOI)000374098500004 ()2-s2.0-84951871619 (Scopus ID)9783319265018 (ISBN)
Conference
19 October 2015 through 21 October 2015
Note

QC 20160307

Available from: 2016-03-07 Created: 2016-02-02 Last updated: 2024-03-18Bibliographically approved
2. Scaling VANET Security Through Cooperative Message Verification
Open this publication in new window or tab >>Scaling VANET Security Through Cooperative Message Verification
2015 (English)In: 2015 IEEE VEHICULAR NETWORKING CONFERENCE (VNC), IEEE , 2015, p. 275-278Conference paper, Published paper (Refereed)
Abstract [en]

VANET security introduces significant processing overhead for resource-constrained On-Board Units (OBUs). Here, we propose a novel scheme that allows secure Vehicular Communication (VC) systems to scale well beyond network densities for which existing optimization approaches could be workable, without compromising security (and privacy).

Place, publisher, year, edition, pages
IEEE, 2015
Series
IEEE Vehicular Networking Conference, ISSN 2157-9857
Keywords
Security, performance, scalability
National Category
Communication Systems
Identifiers
urn:nbn:se:kth:diva-188470 (URN)10.1109/VNC.2015.7385588 (DOI)000374907400050 ()2-s2.0-84962033218 (Scopus ID)978-1-4673-9411-6 (ISBN)
Conference
IEEE Vehicular Networking Conference (VNC), DEC 16-18, 2015, Kyoto, JAPAN
Note

QC 20160613

Available from: 2016-06-13 Created: 2016-06-10 Last updated: 2024-03-18Bibliographically approved
3. Security and Privacy in Vehicular Social Networks
Open this publication in new window or tab >>Security and Privacy in Vehicular Social Networks
2016 (English)In: Vehicular Social Networks, Taylor & Francis Group, 2016, p. 155-169Chapter in book (Other academic)
Place, publisher, year, edition, pages
Taylor & Francis Group, 2016
National Category
Communication Systems
Identifiers
urn:nbn:se:kth:diva-217376 (URN)2-s2.0-85128305125 (Scopus ID)
Note

Part of book: ISBN 978-1-4987-4919-0

QC 20180111

Available from: 2017-11-10 Created: 2017-11-10 Last updated: 2024-03-18Bibliographically approved
4. Proactive certificate validation for VANETs
Open this publication in new window or tab >>Proactive certificate validation for VANETs
2017 (English)In: IEEE Vehicular Networking Conference, VNC, IEEE Computer Society, 2017, article id 7835974Conference paper, Published paper (Refereed)
Abstract [en]

Security and privacy in Vehicular Ad-hoc Networks (VANETs) mandates use of short-lived credentials (pseudonyms) and cryptographic key pairs. This implies significant computational overhead for vehicles, needing to validate often numerous such pseudonyms within a short period. To alleviate such a bottleneck that could even place vehicle safety at risk, we propose a proactive pseudonym validation approach based on Bloom Filters (BFs). We show that our scheme could liberate computational resources for other (safety- and time-critical) operations with reasonable communication overhead without compromising security and privacy.

Place, publisher, year, edition, pages
IEEE Computer Society, 2017
Series
IEEE Vehicular Networking Conference, ISSN 2157-9857
Keywords
Bloom Filter, Pseudonym, Security and Privacy
National Category
Communication Systems
Identifiers
urn:nbn:se:kth:diva-217374 (URN)10.1109/VNC.2016.7835974 (DOI)000401657700052 ()2-s2.0-85013124317 (Scopus ID)9781509051977 (ISBN)
Conference
2016 IEEE Vehicular Networking Conference, VNC 2016, Columbus, United States, 8 December 2016 through 10 December 2016
Note

QC 20170609

Available from: 2017-11-10 Created: 2017-11-10 Last updated: 2024-03-18Bibliographically approved
5. Resilient Privacy Protection for Location-Based Services through Decentralization
Open this publication in new window or tab >>Resilient Privacy Protection for Location-Based Services through Decentralization
2019 (English)In: ACM Transactions on Privacy and Security (TOPS), ISSN 2471-2566, Vol. 22, no 4, p. 1-36, article id 21Article in journal (Refereed) Published
Abstract [en]

Location-Based Services (LBSs) provide valuable services, with convenient features for mobile users. However, the location and other information disclosed through each query to the LBS erodes user privacy. This is a concern especially because LBS providers can be honest-but-curious, collecting queries and tracking users’ whereabouts and infer sensitive user data. This motivated both centralized and decentralized location privacy protection schemes for LBSs: anonymizing and obfuscating LBS queries to not disclose exact information, while still getting useful responses. Decentralized schemes overcome disadvantages of centralized schemes, eliminating anonymizers, and enhancing users’ control over sensitive information. However, an insecure decentralized system could create serious risks beyond private information leakage. More so, attacking an improperly designed decentralized LBS privacy protection scheme could be an effective and low-cost step to breach user privacy. We address exactly this problem, by proposing security enhancements for mobile data sharing systems. We protect user privacy while preserving accountability of user activities, leveraging pseudonymous authentication with mainstream cryptography. We show our scheme can be deployed with off-the-shelf devices based on an experimental evaluation of an implementation in a static automotive testbed.

Place, publisher, year, edition, pages
ACM Press, 2019
National Category
Communication Systems
Identifiers
urn:nbn:se:kth:diva-266759 (URN)10.1145/3319401 (DOI)000511381700002 ()2-s2.0-85073114023 (Scopus ID)
Note

QC 20200120

Available from: 2020-01-20 Created: 2020-01-20 Last updated: 2022-06-26Bibliographically approved
6. DoS-resilient cooperative beacon verification for vehicular communication systems
Open this publication in new window or tab >>DoS-resilient cooperative beacon verification for vehicular communication systems
2019 (English)In: Ad hoc networks, ISSN 1570-8705, E-ISSN 1570-8713, Vol. 90, article id UNSP 101775Article in journal (Refereed) Published
Abstract [en]

Authenticated safety beacons in Vehicular Communication (VC) systems ensure awareness among neighboring vehicles. However, the verification of beacon signatures introduces significant processing overhead for resource-constrained vehicular On-Board Units (OBUs). Even worse in dense neighborhood or when a clogging Denial of Service (DoS) attack is mounted. The OBU would fail to verify for all received (authentic or fictitious) beacons. This could significantly delay the verifications of authentic beacons or even affect the awareness of neighboring vehicle status. In this paper, we propose an efficient cooperative beacon verification scheme leveraging efficient symmetric key based authentication on top of pseudonymous authentication (based on traditional public key cryptography), providing efficient discovery of authentic beacons among a pool of received authentic and fictitious beacons, and can significantly decrease waiting times of beacons in queue before their validations. We show with simulation results that our scheme can guarantee low waiting times for received beacons even in high neighbor density situations and under DoS attacks, under which a traditional scheme would not be workable. rights reserved.

Place, publisher, year, edition, pages
ELSEVIER SCIENCE BV, 2019
Keywords
Security, Privacy, Pseudonymous authentication, Efficiency
National Category
Computer and Information Sciences
Identifiers
urn:nbn:se:kth:diva-255177 (URN)10.1016/j.adhoc.2018.10.003 (DOI)000471740100005 ()2-s2.0-85055875023 (Scopus ID)
Note

QC 20190904

Available from: 2019-09-04 Created: 2019-09-04 Last updated: 2022-06-26Bibliographically approved
7. Resilient privacy protection for location-based services through decentralization
Open this publication in new window or tab >>Resilient privacy protection for location-based services through decentralization
2017 (English)In: Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2017, Association for Computing Machinery (ACM), 2017, p. 253-258Conference paper, Published paper (Refereed)
Abstract [en]

Location-based Services (LBSs) provide valuable features but can also reveal sensitive user information. Decentralized privacy protection removes the need for a so-called anonymizer, but relying on peers is a double-edged sword: adversaries could mislead with fictitious responses or even collude to compromise their peers' privacy. We address here exactly this problem: we strengthen the decentralized LBS privacy approach, securing peer-to-peer (P2P) interactions. Our scheme can provide precise timely P2P responses by passing proactively cached Point of Interest (POI) information. It reduces the exposure both to the honest-but-curious LBS servers and peer nodes. Our scheme allows P2P responses to be validated with very low fraction of queries affected even if a significant fraction of nodes are compromised. The exposure can be kept very low even if the LBS server or a large set of colluding curious nodes collude with curious identity management entities.

Place, publisher, year, edition, pages
Association for Computing Machinery (ACM), 2017
National Category
Communication Systems
Identifiers
urn:nbn:se:kth:diva-213037 (URN)10.1145/3098243.3098268 (DOI)000628530300027 ()2-s2.0-85027694713 (Scopus ID)9781450350846 (ISBN)
Conference
10th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2017, Boston, United States, 18 July 2017 through 20 July 2017
Note

QC 20170829

Available from: 2017-08-29 Created: 2017-08-29 Last updated: 2024-03-18Bibliographically approved
8. Scalable and DoS-resilient Secure Vehicular Communication
Open this publication in new window or tab >>Scalable and DoS-resilient Secure Vehicular Communication
(English)Manuscript (preprint) (Other academic)
Abstract [en]

Vehicular Communication (VC) provides vehicles with real-time “sensing” of their surrounding environment: high-rate broadcasted beacons carry vehicle status information, and event-driven messages report traffic- or road-related events with different levels of criticality. Paramount to vehicle safety, these messages must be secured. Pseudonymous authentication is used to secure messages while preserving privacy. Vehicles become aware of and keep track of their pseudonymized neighbors. However, attackers can exploit this dynamicity and need for timely verification: a clogging Denial of Service (DoS) attack can severely delay or even deny benign vehicle message verification and thus severely degrade awareness. We address the problem by extending the traditional pseudonymous authentication with cooperative message verification and symmetric-key based authentication. We remedy the vulnerability of cooperative verification with probabilistic signature checking and cross-checking across multiple validators. Our scheme trades off higher communication overhead for lower verification latency and thus improved robustness of transportation safety applications. Our scheme is resilient to both DoS attacks and malicious nodes. Even when vehicles are saturated by high-rate bogus beacons and event messages, our scheme achieves an average waiting time of 50ms with an expiration ratio less than 1% for beacons, and 80% of event message acceptance ratio with latency less than 200ms on the average. This is a huge improvement over the current standard, the baseline scheme, which would suffer, having from 50% to almost 100% received benign messages expiring. In spite of its collaborative operation, our scheme drastically detects internal adversaries that attempt to exploit the cooperative verification itself.

Keywords
Security, pseudonymous authentication, vehicular communication
National Category
Computer and Information Sciences
Identifiers
urn:nbn:se:kth:diva-273177 (URN)
Note

QC 20200624

Available from: 2020-05-09 Created: 2020-05-09 Last updated: 2022-06-26Bibliographically approved

Open Access in DiVA

fulltext(592 kB)435 downloads
File information
File name FULLTEXT01.pdfFile size 592 kBChecksum SHA-512
98b7ca00119c04f14a924f6dd7c7ed5c0688e711120ec1e4b9899d5bb9703f2a22afca38600bd386e6bc6ba7b564e933cae39c2bc03bed10cbbba442fbb9b88b
Type fulltextMimetype application/pdf

Other links

Zoom

Search in DiVA

By author/editor
Jin, Hongyu
By organisation
Communication Systems, CoS
Communication Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 437 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 1911 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf