Binomial-Mix-Based Location Anonymizer System with Global Dummy Generation to Preserve User Location Privacy in Location-Based Services

We propose a binomial-mix-based location anonymizer system with global dummy generation to protect user location privacy in location-based services in the face of attacks from a global active adversary and even with untrusted location-based service providers. Our proposed system overcomes the disadvantages of high latency in general-purpose mix-net systems when they are applied to location-based services, and the imprecision of query result or inefficiency due to large number of candidates in query result of existing obfuscation or spatial cloaking techniques. In our system, dummies (false locations) are generated globally in order to reduce the latency of requests to location-based services. A centralized dummy generation mechanism exploits all users' activities to optimize the system's behavior and performance. Because of the randomness provided by a binomial mix, our system prevents an adversary from determining with certainty whether a user is at a specific location. Our system also lets users define and update their personal location privacy maps and satisfies a probabilistic real-time condition that ensures delivery of any request within a predefined duration with high probability.