Cooperative Privacy and Security for Mobile Systems

Time: Mon 2020-06-15 09.30

Location: Zoom (English)

Subject area: Electrical Engineering

Doctoral student: Hongyu Jin , Kommunikationssystem, CoS, Networked Systems Security group

Opponent: Professor Tuomas Aura,

Supervisor: Professor Panagiotis Papadimitratos, Kommunikationssystem, CoS

Abstract

The growing popularity of powerful mobile devices, along with increased computation and storage of computing infrastructure, opened possibilities for versatile mobile system applications. Users, leveraging sensing capabilities of the devices, can collect rich data and exchange the data with diverse Service Providers (SPs) or their close neighboring devices. Provision of such user status awareness to the involved system entities, can facilitate customized user experience for system participants.

Nonetheless, the open and decentralized nature of mobile systems raise concerns on both security and privacy of users and the system infrastructure. Sensitive user data could be exposed to honest-but-curious entities, which can further process data to profile users. At the same time, compromised system entities can feed faulty data to disrupt system functionalities or mislead users. Such issues necessitate secure and privacy-enhancing mobile systems, while not compromising the quality of service the systems provide to their users. More specifically, the solutions should be efficient and scale as the system grows, and resilient to both external and internal adversaries. This thesis considers two mobile system instances: Location-based Services (LBSs) and Vehicle-to-Vehicle (V2V) safety applications. We address security and privacy in a cooperative manner, relying on cooperation among the users to protect themselves against the adversaries. Due to the reliance on peers, input from the peers should be examined, in order to ensure the reli- ability of the applications. We adapt pseudonymous authentication, designed for Vehicular Communication (VC) systems, and integrate it with LBSs. This protects user privacy and holds users accountable for their actions, which are non-repudiable. At the same time, our scheme prevents malicious nodes from aggressively passing on bogus data. We leverage redundancy of shared data from multiple cooperating nodes to detect potential conflicts. Any conflict triggers proactive checking on the data with the authoritative entity that reveals the actual misbehaving users. For V2V safety applications, we extend safety beacons, i.e., Cooperative Awareness Messages (CAMs), to share signature verification effort, for more efficient message verification. Similarly to the LBSs, redundancy of such piggybacked claims is also key for remedying malicious nodes that abuse this cooperative verification. In addition, the extended beacon format facilitates verification of event-driven messages, including Decentralized Environmental Notification Messages (DENMs), leveraging proactive authenticator distribution.

We qualitatively and quantitatively evaluate achieved security and privacy protection. The latter is based on extensive simulation results. We propose a location privacy metric to capture the achieved protection for LBSs, taking into consideration the pseudonymous authentication. The performance of the privacy-enhancing LBS is experimentally evaluated with the help of an implementation on a small scale automotive computer testbed. We embed processing delays and queue management for message processing in simulations of V2V communication, to show scalability and efficiency of the resilient V2V communication scheme. The results confirm the resilience to both internal and external adversaries for the both systems.

urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-273637