DLP: Achieve Customizable Location Privacy with Deceptive Dummy Techniques in LBS Applications

As a straightforward consequence of advances in the Internet of Things (IoT), location-based service (LBS) applications have been pervasive in our daily lives. Nevertheless, since those LBS applications will continuously collect and disclose users’ location data, major concerns on privacy leakage are raised. Aiming at the challenge, in this paper, we first build up a Detect Module (DM) and employ it to investigate more than 80% of LBS applications are keen on tracking users. Then, to thwart the threats from those LBS applications, we exploit the deceptive dummy techniques and design a dummy-based location privacy-preserving scheme, named DLP, which comprises three algorithms, namely, Spread, Shift, and Switch. Specifically, Spread and Shift are in charge of generating deceptive dummies and trajectories. And with Switch, users’ real locations are replaced with dummy trajectories before being submitted to LBS applications. As a result, users can not only prevent applications from accessing location data arbitrarily, but also avoid being questioned by applications in terms of honesty. Furthermore, to guarantee necessary functions of LBS, DLP offers customizable privacy-preserving strategies for users, which can achieve flexible location data usage control. Last, our DLP can also attain achievable and effortless deployment over smart devices. Detailed security analysis indicates that DLP resists inference attacks even facing skeptical applications. In addition, for performance evaluation, a DLP application (DLPA) is developed on Android platform and tested in the real environment, and the extensive experiment results demonstrate that the DLPA is indeed effective and high-efficiency in practice.