Privacy in mobile
and pervasive networks

Printer-friendly concise version of this page

This last decade has witnessed a wide adoption of connected mobile devices able to capture the context of their owners from embedded sensors (GPS, Wi-Fi, Bluetooth, accelerometers). The advent of mobile and pervasive computing has enabled rich social and contextual applications, but the use of such technologies raises severe privacy issues and challenges. The privacy threats come from diverse adversaries, ranging from curious service providers and other users of the same service to curious applications running on the device and eavesdroppers. The information that can be collected from mobile device owners includes their locations, their social relationships, and their current activity. All of this, once analyzed and combined together through inference, can be very telling about the users’ private lives. 

One of our research missions at the LDS is to identify privacy threats in mobile and pervasive networks, quantify the privacy of the users of such networks, and design efficient privacy protection mechanisms. We also study various peripheral aspects of privacy, including usability and the economic viability of the considered services and technologies. In addition to its analytical dimension, our research has a strong experimental component that involves field studies, data collection campaigns and user surveys, made possible by collaborations with strategic partners.

EPFL/LDS Researchers

Prof. Jean-Pierre Hubaux
Dr. Apostolos Pyrgelis
Ludovic Barman

Academic Partners

Prof. Kevin Huguenin, University of Lausanne
Dr. Mathias Humbert, SDSC
Dr. Ricardo Delgado, CSEM
Prof. Joan Feigenbaum, Yale University
Prof. Bryan Ford, EPFL

Contact

Prof. Jean-Pierre Hubaux

Related 

Location-Privacy Meter: A tool to quantify location privacy

Publications

• A. Pham, I. Dacosta, E. Losiouk, J. Stephan, K. Huguenin, and J.-P. Hubaux. HideMyApp: Hiding the Presence of Sensitive Apps on Android. In Proceedings of the 28th USENIX Security Symposium, Santa Clara, CA, USA, August 2019.
  – Project website
• K. Huguenin, I. Bilogrevic, J. S. Machado, S. Mihaila, R. Shokri, I. Dacosta, J.-P. Hubaux. A Predictive Model for User Motivation and Utility Implications of Privacy Protection Mechanisms in Location Check-Ins. In IEEE Transactions on Mobile Computing, 2018.
• A.-M. Olteanu, K. Huguenin, I. Dacosta, and J.-P. Hubaux. Consensual and Privacy-Preserving Sharing of Multi-Subject and Interdependent Data. In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2018
• A. Pham, I. Dacosta, G. Endignoux, J. Troncoso-Pastoriza, K. Huguenin, and J.-P. Hubaux. ORide: A Privacy-Preserving yet Accountable Ride-Hailing Service. In Proceedings of the 26th USENIX Security Symposium, Vancouver, BC, Canada, 2017. 
  – Project website
• K. Olejnik, I. Dacosta, J. S. Machado, K. Huguenin, M. E. Khan, J.-P. Hubaux. SmarPer: Context-Aware and Automatic Runtime-Permissions for Mobile Devices. In Proc. of the 38th IEEE Symposium on Security and Privacy (S&P), San Jose, CA, United States, 2017.
• A.-M. Olteanu, K. Huguenin, R. Shokri, M. Humbert, J.-P. Hubaux. Quantifying Interdependent Privacy Risks with Location Data. In IEEE Transactions on Mobile Computing (IEEE TMC), 2017.
• A. Pham, I. Dacosta, B. Jacot-Guillarmod, K. Huguenin, T. Hajar, F. Tramer, V. Gligor and J.-P. Hubaux. PrivateRide: A Privacy-Enhanced Ride-Hailing Service. In Proc. of the 17th Privacy Enhancing Technologies Symposium (PETS), Minneapolis, USA, 2017.
• L. Barman, M. Zamani, I. Dacosta, J. Feigenbaum, B. Ford, J.-P. Hubaux and D. Wolinsky. PriFi: A Low-Latency and Tracking-Resistant Protocol for Local-Area Anonymous Communication. In Proc. of the ACM Workshop on Privacy in the Electronic Society (WPES), 2017.
• B. Ağır, K. Huguenin, U. Hengartner, J.-P. Hubaux. On the Privacy Implications of Location Semantics. In Proc. of the 16th Privacy Enhancing Technologies Symposium (PETS), Darmstadt, Germany, 2016.
• I. Bilogrevic, K. Huguenin, B. Agir, M. Jadliwala, M. Gazaki and J.-P. Hubaux. A Machine-Learning Based Approach to Privacy-Aware Information-Sharing in Mobile Social Networks. In Pervasive and Mobile Computing, vol. 25, pp. 125-142, 2016.
• A. Pham, K. Huguenin, I. Bilogrevic, I. Dacosta and J.-P. Hubaux. SecureRun: Cheat-Proof and Private Summaries for Location-Based Activities. In IEEE Transactions on Mobile Computing (IEEE TMC), 2015.
• I. Bilogrevic, K. Huguenin, S. Mihaila, R. Shokri and J.-P. Hubaux. Predicting Users’ Motivations behind Location Check-Ins and Utility Implications of Privacy Protection Mechanisms. In Proc. of the 22nd Annual Network & Distributed System Security Symposium (NDSS), San Diego, CA, USA, 2015.
• G. Theodorakopoulos, R. Shokri, C. Troncoso, J.-P. Hubaux and J.-Y. Le Boudec. Prolonging the Hide-and-Seek Game: Optimal Trajectory Privacy for Location-Based Services. In Proc. of the 13th ACM Workshop on Privacy in the Electronic Society (WPES), Phoenix, AZ, USA, 2014.
• A. Pham, K. Huguenin, I. Bilogrevic and J.-P. Hubaux. Secure and Private Proofs for Location-Based Activity Summaries in Urban Areas. In Proc. of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing (UbiComp), Seattle, WA, USA, 2014.
• A.-M. Olteanu, K. Huguenin, R. Shokri and J.-P. Hubaux. Quantifying the Effect of Co-location Information on Location Privacy. In Proc. of the 14th Privacy Enhancing Technologies Symposium (PETS), Amsterdam, The Netherlands, 2014.
• N. Vratonjic, K. Huguenin, V. Bindschaedler and J.-P. Hubaux. A Location-Privacy Threat Stemming from the Use of Shared Public IP Addresses. In IEEE Transactions on Mobile Computing (IEEE TMC), vol. 13, 2014.
• R. Shokri, G. Theodorakopoulos, P. Papadimitratos, E. Kazemi and J.-P. Hubaux. Hiding in the Mobile Crowd: LocationPrivacy through Collaboration. In IEEE Transactions on Dependable and Secure Computing, vol. 11, no. 3, pp. 266-279, 2014.
• I. Bilogrevic, K. Huguenin, M. Jadliwala, F. Lopez and J.-P. Hubaux. Inferring Social Ties in Academic Networks Using Short-Range Wireless Communications. In Proc. of the 12th ACM Workshop on Privacy in the Electronic Society (WPES), Berlin, Germany, 2013.
• I. Bilogrevic, K. Huguenin, B. Agir, M. Jadliwala and J.-P. Hubaux. Adaptive Information-Sharing for Privacy-Aware Mobile Social Networks. In Proc. of the 2013 ACM International Joint Conference on Pervasive and Ubiquitous Computing (UbiComp), Zurich, Switzerland, 2013.
• N. Vratonjic, K. Huguenin, V. Bindschaedler and J.-P. Hubaux. How Others Compromise Your Location Privacy: The Case of Shared Public IPs at Hotspots. In Proc. of the 13th Privacy Enhancing Technologies Symposium (PETS), Bloomington, IN, USA, 2013.
• R. Shokri, G. Theodorakopoulos, C. Troncoso, J.-P. Hubaux, and J.-Y. Le Boudec. Protecting Location Privacy: Optimal Strategy against Localization Attacks. In Proc. of the 19th ACM Conference on Computer and Communications Security (CCS), Raleigh, NC, USA, 2012.
• I. Bilogrevic, M. Jadliwala, I. Lam, I. Aad, P. Ginzboorg, V. Niemi, and J.-P. Hubaux. Big Brother Knows Your Friends: on Privacy of Social Communities in Pervasive Networks. In Proc. of the 10th International Conference on Pervasive Computing (Pervasive), Newcastle, UK, 2012.
• L. Bindschaedler, M. Jadliwala, I. Bilogrevic, I. Aad, P. Ginzboorg, V. Niemi, and J.-P. Hubaux. Track Me If You Can: On the Effectiveness of Context-based Identifier Changes in Deployed Mobile Networks. In Proc. of the 19th Annual Network & Distributed System Security Symposium (NDSS), San Diego, CA, USA, 2012.
• R. Shokri, P. Papadimitratos, G. Theodorakopoulos, J.-P. Hubaux. Collaborative Location Privacy. In Proc. of the 8th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS), Valencia, Spain, 2011.
• R. Shokri, G. Theodorakopoulos, G. Danezis, J.-P. Hubaux, and J.-Y. Le Boudec. Quantifying Location Privacy: The Case of Sporadic Location Exposure. In Proc. of the 11th Privacy Enhancing Technologies Symposium (PETS), Waterloo, ON, Canada, 2011.
• I. Bilogrevic, M. Jadliwala, K. Kalkan, J.-P. Hubaux, and I. Aad. Privacy in Mobile Computing for Location-Sharing-Based Services. In Proc. of the 11th Privacy Enhancing Technologies Symposium (PETS), Waterloo, ON, Canada, 2011.
• R. Shokri, G. Theodorakopoulos, J.-Y. Le Boudec, and J.-P. Hubaux. Quantifying Location Privacy. In Proc. of the IEEE Symposium on Security and Privacy (S&P), Oakland, CA, USA, 2011.
• J. Freudiger, R. Shokri, and J.-P. Hubaux. Evaluating the Privacy Risk of Location-Based Services. In Proc. of the Financial Cryptography and Data Security (FC), 2011.
• I. Bilogrevic, M. Jadliwala, P. Kumar, S.S. Walia, J.-P. Hubaux, I. Aad, and V. Niemi. Meetings through the Cloud: Privacy-Preserving Scheduling on Mobile Devices. In Journal of Systems and Software, Special Issue on “Mobile Applications: Status and Trends”, 84 pp. 1910-1927, 2011.
• I. Bilogrevic, M. Jadliwala, J.-P. Hubaux, I. Aad, and V. Niemi. Privacy-Preserving Activity Scheduling on Mobile Devices. In Proc. of the First ACM Conference on Data and Application Security and Privacy (CODASPY), San Antonio, TX, USA, 2011.
• M. Jadliwala, I. Bilogrevic, and J.-P. Hubaux. Optimizing Mixing in Pervasive Networks: A Graph-Theoretic Perspective. In Proc. of the 16th European Symposium on Research in Computer Security (ESORICS), Wroclaw, Poland, 2011.
• M. Jadliwala, J. Freudiger, I. Aad, J.-P. Hubaux, and V. Niemi. Privacy-Triggered Communications in Pervasive Social Networks. In Proc. of the 5th IEEE WoWMoM Workshop on Autonomic and Opportunistic Communications (AOC), Lucca, Italy, 2011.
• R. Shokri, C. Troncoso, C. Diaz, J. Freudiger, and J.-P. Hubaux. Unraveling an Old Cloak: k-anonymity for Location Privacy. In Proc. of the 9th ACM Workshop on Privacy in the Electronic Society (WPES), Chicago, IL, USA, 2010.
• R. Shokri, J. Freudiger, and J.-P. Hubaux. A Unified Framework for Location Privacy. In Proc. of HotPets, also available as Technical Report EPFL-REPORT-148708, 2010.
• M. Raya, R. Shokri, and J.-P. Hubaux. On the Tradeoff between Trust and Privacy in Wireless Ad Hoc Networks. In Proc. of the 3rd ACM Conference on Wireless Network Security (WiSec), Hoboken, NJ, USA, 2010.
• J. Freudiger, H.M. Manshaei, J.-Y. Le Boudec, and J.-P. Hubaux. On the Age of Pseudonyms in Mobile Ad Hoc Networks. In Proc. of the IEEE Conference on Computer Communications (Infocom), San Diego, CA, USA, 2010.
• R. Shokri, J. Freudiger, M. Jadliwala, and J.-P. Hubaux. A Distortion-based Metric for Location Privacy. In Proc. of the ACM Workshop on Privacy in the Electronic Society (WPES), Chicago, IL, USA , 2009.
• J. Freudiger, M. H. Manshaei, J.-P. Hubaux, and D. C. Parkes. On Non-cooperative Location Privacy: A Game-theoretic Analysis. In Proc. of the ACM Conference on Computer and Communications Security (CCS), Chicago, IL, USA, 2009.
• J. Freudiger, R. Shokri, and J.-P. Hubaux. On the Optimal Placement of Mix Zones. In Proc. of the Privacy Enhancing Technologies Symposium (PETS), Berlin, Germany, 2009.

Patents

• I. Aad, V. Niemi, A. Durussel, E. De Cristofaro, I. Bilogrevic, M. Jadliwala, and J.-P. Hubaux. Method and Apparatus for Preserving Privacy for Appointment Scheduling. Patent filed at the U.S. Patent Office, 2011.
• I. Aad, J. Freudiger, M. Jadliwala, J.-P. Hubaux, M. Raya, K. Leppänen, M.T. Turunen. Method and Apparatus for Triggering User Communications based on Privacy Information. U.S. Patent US 2011/0219423, 2010.