Towards Modeling Privacy in WiFi Fingerprinting Indoor Localization and its Application

Zheng Yang
1+ and Kimmo Järvinen2
 

1Singapore University of Technology and Design, 487372 Singapore

zheng_yang@sutd.edu.sg

2University of Helsinki, 00014 Finland

kimmo.u.jarvinen@helsinki.fi

 

 

Abstract

In this paper, we study privacy models for privacy-preserving WiFi fingerprint based indoor localization (PPIL) schemes. We show that many existing models are insufficient and make unrealistic assumptions regarding adversaries' power. To cover the state-of-the-art practical attacks, we propose the first formal security model which formulates the security goals of both client-side and server-side privacy beyond the curious-but-honest setting. In particular, our model considers various malicious behaviors such as exposing secrets of principles, choosing malicious WiFi fingerprints in location queries, and specifying the location area of a target client. Furthermore, we formulate the client-side privacy in an indistinguishability manner where an adversary is required to distinguish a client's real location from a random one. The server-side privacy requires that adversaries cannot generate a fabricate database which provides a similar function to the real database of the server. In particular, we formally define the similarity between databases with a ball approach that has not been formalized before. We show the validity and applicability of our model by applying it to analyze the security of an existing PPIL protocol. We also design experiments to test the server-privacy in the presence of database leakage, based on a candidate server-privacy attack.

Keywords: Indoor localization, WiFi fingerprint, Security Model, Privacy

 

+: Corresponding author: Zheng Yang
ITrust, Singapore University of Technology and Design, 487372, Singapore, secondary email: zheng.yang@rub.de,
Tel: +65 84517856, Web: https://www.researchgate.net/profile/Zheng_Yang17

 
Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications
 (JoWUA)

Vol. 10, No. 1, pp.4-22, March 2019 [pdf]


Received: November 26, 2018; Accepted: March 5, 2019; Published: March 31, 2019

DOI: 10.22667/JOWUA.2019.03.31.004