NeTS: Medium: Collaborative Research: Secure and Usable Indoor Navigation for Individuals with Visual Impairment

Sponsored by the U.S. National Science Foundation (Awards # CNS-1514381 and CNS-1700039)
Duration: 09/01/2015-08/31/2020

                  

Welcome to the website of our research project: "NeTS: Medium: Collaborative Research: Secure and Usable Indoor Navigation for Individuals with Visual Impairment". This project is a collaborative effort Arizona State University of Arizona and University of Delaware. This website is created and maintained to disseminate and share research results and other information related to the project.

Project Description

Despite significant effort on novel wireless and mobile applications for sighted people, novel wireless and mobile applications to improve the wellbeing of visually impaired individuals remain largely underexplored. The biggest everyday challenge for visually impaired individuals is safe and quick navigation to reach a desired destination in unfamiliar outdoor/indoor environments. Outdoor navigation for unsighted people can be greatly facilitated by GPS-based aids which unfortunately do not work in indoor environments lack of GPS signals. This proposal outlines a challenging research plan on developing, prototyping, and evaluating a secure and usable indoor navigation system for the visually impaired. The scientific promise of the proposed research will expand the fundamental understandings about indoor navigation for the visually impaired with the potential to open a new research direction. Successful development and implementations of the proposed techniques will have profound impact on allowing visually impaired individuals to have indoor navigation and wayfinding as sighted people, thus significantly improving the mobility and wellbeing of millions of visually impaired users in the US and around the world.

The proposed research consists of six main research thrusts. The first thrust is to investigate novel crowdsourcing-based techniques to construct accurate indoor floor plans for arbitrary indoor venues with or without large open spaces. The second thrust is to develop secure cooperative techniques to detect and minimize the impact of fake mobility traces submitted by dishonest crowdsourcing workers. The third thrust is to investigate crowdsourcing-based construction of an indoor image database that can well characterize and visualize an indoor venue. The fourth thrust is to develop crowdsourcing-based techniques to enable accurate point-to-point indoor navigation for the visually impaired. The fifth thrust is to investigate novel techniques that can provide visually impaired individuals enhanced indoor navigation experience similar to what sighted persons can get. The last thrust is to implement the proposed indoor navigation system and thoroughly evaluate its efficacy, efficiency, and usability.

 

Personnel

Principal Investigators

Dr. Yanchao Zhang (Lead PI)
Associate Professor
School of Electrical, Computer and Energy Engineering
Arizona State University
Email: yczhang@asu.edu
Homepage: http://cnsg.asu.edu/zhang/
Dr. Rui Zhang (PI)
Assistant Professor
Department of Computer and Information Sciences
University of Delaware
Email: ruizhang@udel.edu
Homepage: https://www.eecis.udel.edu/~ruizhang/

Co-Principal Investigator

Dr. Terri M. Hedgpeth
Director
Disability Resource Center
Arizona State University 
Email: terrih@asu.edu
Homepage:

Graduate Students

Lili Zhang
Ph.D. student
School of Electrical, Computer and Energy Engineering
Arizona State University
Email: lilizhang@asu.edu
Homepage:

Tao Li
Ph.D. student
School of Electrical, Computer and Energy Engineering
Arizona State University
Email: tli@asu.edu
Homepage:

Dianqi Han
Ph.D. student
School of Electrical, Computer and Energy Engineering
Arizona State University
Email: dqhan@asu.edu
Homepage:

 

Yunzhi Li
Ph.D. student
Department of Computer and Information Sciences
University of Delaware
Email: liyunzhi@udel.edu
Homepage:
 

Yidan Hu
Ph.D. student
Department of Computer and Information Sciences
University of Delaware
Email: yidanhu@udel.edu
Homepage:
 

Lizhou Yuan (01/01/2017-05/31/2018)
Ph.D. student
Department of Computer and Information Sciences
University of Delaware
Email: lizhou@udel.edu
Homepage:
 

Wenxin Chen (09/01/2015-07/31/2016)
Ph.D. student
Department of Electrical Engineering
University of Hawaii
Email: yidanhu@udel.edu
Homepage:

Publications

  1. IndoorWaze: A crowdsourcing-based context-aware indoor navigation system
    Tao Li, Dianqi Han, Yimin Chen, Rui Zhang, Yanchao Zhang, Terri Hedgpeth
    IEEE Transactions on Wireless Communications, vol. 19, no. 8, pp. 5461-5472, Aug. 2020.

    Summary: Indoor navigation systems are very useful in large complex indoor environments such as shopping malls. Current systems focus on improving indoor localization accuracy and must be combined with an accurate labeled floor plan to provide usable indoor navigation services. Such labeled floor plans are often unavailable or involve a prohibitive cost to manually obtain. In this paper, we present IndoorWaze, a novel crowdsourcing-based context-aware indoor navigation system that can automatically generate an accurate context-aware floor plan with labeled indoor POIs for the first time in literature. IndoorWaze combines the Wi-Fi fingerprints of indoor walkers with the Wi-Fi fingerprints and POI labels provided by POI employees to produce a high-fidelity labeled floor plan. As a lightweight crowdsourcing-based system, IndoorWaze involves very little effort from indoor walkers and POI employees. We prototype IndoorWaze on Android smartphones and evaluate it in a large shopping mall. Our results show that IndoorWaze can generate a high-fidelity labeled floor plan, in which all the stores are correctly labeled and arranged, all the pathways and crossings are correctly shown, and the median estimation error for the store dimension is below 12%.

  2. A spatiotemporal approach for secure crowdsourced Radio Environment Map construction
    Yidan Hu and Rui Zhang
    IEEE/ACM Transactions on Networking,  vol. 28, no. 4, pp. 1790-1803, Aug. 2020.

    Summary: Database-driven Dynamic Spectrum Sharing (DSS) is the de-facto technical paradigm adopted by Federal Communications Commission for increasing spectrum efficiency, which allows licensed spectrum to be opportunistically used by secondary users. In database-driven DSS, a geo-location database administrator (DBA) maintains spectrum availability information over its service region in the form of a Radio Environment Map (REM), where the received signal strength from the primary user at every location is either directly measured via spectrum sensing or estimated via statistical spatial interpolation. Crowdsourcing-based spectrum sensing is a promising approach for periodically collecting spectrum measurements over a large geographic area but is unfortunately vulnerable to false spectrum measurements. Despite a large body of prior work on secure cooperative spectrum sensing, how to construct an accurate REM in the presence of false measurements remains an open challenge. In this paper, we introduce ST-REM, a novel spatiotemporal approach for securely constructing an REM in the presence of false spectrum measurements. Inspired by the self-label techniques developed for semi-supervised learning, ST-REM iteratively constructs an REM from a small number of spectrum measurements from trusted anchor sensors and many more measurements from mobile users. During each iteration, the DBA evaluates the trustworthiness of each measurement by jointly considering its spatial fitness with other trusted measurements and the mobile user's long-term behavior. By gradually incorporating the most trustworthy spectrum measurements, the DBA is able to construct a REM with high accuracy. Extensive simulation studies using a real spectrum measurement dataset confirm the efficacy and efficiency of ST-REM.

  3. Secure Indoor Positioning Against Signal Strength Attacks Via Optimized Multi-voting
    Yunzhi Li, Yidan Hu, Rui Zhang, Yanchao Zhang, Terri Hedgpeth
    IEEE/ACM International Symposium on Quality of Service  (IWQoS), 2019.

    Summary: Indoor positioning systems (IPSes) can enable many location-based services in large indoor venues where GPS signals are unavailable or unreliable. Among the most viable types of IPSes, RSS-IPSes rely on ubiquitous smartphones and indoor WiFi infrastructures and explore distinguishable received signal strength (RSS) measurements at different indoor locations as their location fingerprints. RSSIPSes are unfortunately vulnerable to physical-layer RSS attacks that cannot be thwarted by conventional cryptographic techniques. Existing defenses against RSS attacks are all subject to an inherent tradeoff between indoor positioning accuracy and attack resilience. This paper presents the design and evaluation of MV-IPS, a novel RSS-IPS based on weighted multi-voting, which does not suffer from this tradeoff. In MV-IPS, every WiFi access point (AP) that receives a user’s RSS measurement gives a weighted vote for every reference location, and the reference location that receives the highest accumulative votes from all APs is output as the user’s most likely position. Trace-driven simulation studies based on real RSS measurements demonstrate that MV-IPS can achieve much higher positioning accuracy than prior solutions no matter whether RSS attacks are present.

  4. WristUnlock: Secure and Usable Smartphone Unlocking with Wrist Wearables
    Lili Zhang, Dianqi Han, Ang Li, Tao Li, Yan Zhang, and Yanchao Zhang
    IEEE Conference on Communications and Network Security  (CNS), 2019.

    Summary: We propose WristUnlock, a novel technique that uses a wrist wearable to unlock a smartphone in a secure and usable fashion. WristUnlock explores both the physical proximity and secure Bluetooth connection between the smartphone and wrist wearable. There are two modes in WristUnlock with different security and usability features. In the WristRaise mode, the user raises his smartphone in his natural way with the same arm carrying the wrist wearable; the smartphone gets unlocked if the acceleration data on the smartphone and wrist wearable satisfy an anticipated relationship specific to the user himself. In the WristTouch mode, the wrist wearable sends a random number to the smartphone through both the Bluetooth channel and a touch-based physical channel; the smartphone gets unlocked if the numbers received from both channels are equal. We thoroughly analyze the security of WristUnlock and confirm its high efficacy through detailed experiments.

  5. Secure RSS-fingerprint-based indoor positioning: attacks and countermeasures
    Lizhou Yuan, Yidan Hu, Yunzhi Li, Rui Zhang, Yanchao Zhang, and Terri Hedgpeth
    IEEE Conference on Communications and Network Security  (CNS), 2018.

    Summary: Indoor positioning systems (IPS) based on RSS fingerprints have received significant attention in recent years, but they are unfortunately vulnerable to RSS attacks that cannot be thwarted by conventional cryptographic means. In this paper, we identify two practical RSS attacks on RSS-fingerprint-based IPS (RSS-IPS). In both attacks, the attacker learns the RSSfingerprint database at the IPS server by acting as a normal user repeatedly issuing location queries and then impersonates selected APs with fake ones under his control. By carefully tuning the locations and transmission power of fake APs, the attacker is able to control the RSS experienced by victim users at target locations, leading to either a large location error or the IPS server misled into returning a fake location of the attacker’s choice. We further design a fingerprint-matching mechanism based on a novel truncated distance metric as the countermeasure. Tracedriven simulation studies based on real RSS measurement data demonstrate the severe impact of the proposed attacks and also the effectiveness of our countermeasure.

  6. Secure crowdsourced indoor positioning systems
    Tao Li, Yimin Chen, Rui Zhang, Yanchao Zhang, and Terri Hedgpeth
    International Conference on Computer Communications (INFOCOM), 2018.

    Summary: Indoor positioning systems (IPSes) can enable many location-based services in large indoor environments where GPS is not available or reliable. Mobile crowdsourcing is widely advocated as an effective way to construct IPS maps. This paper presents the first systematic study of security issues in crowdsourced WiFi-based IPSes to promote security considerations in designing and deploying crowdsourced IPSes. We identify three attacks on crowdsourced WiFi-based IPSes and propose the corresponding countermeasures. The efficacy of the attacks and also our countermeasures are experimentally validated on a prototype system. The attacks and countermeasures can be easily extended to other crowdsourced IPSes.

  7. EyeTell: video-assisted touchscreen keystroke inference from eye movements
    Yimin Chen, Tao Li, Rui Zhang, Yanchao Zhang, and Terri Hedgpeth
    IEEE Symposium on Security and Privacy  (S&P), 2018.

    Summary: Keystroke inference attacks pose an increasing threat to ubiquitous mobile devices. This paper presents EyeTell, a novel video-assisted attack that can infer a victim’s keystrokes on his touchscreen device from a video capturing his eye movements. EyeTell explores the observation that human eyes naturally focus on and follow the keys they type, so a typing sequence on a soft keyboard results in a unique gaze trace of continuous eye movements. In contrast to prior work, EyeTell requires neither the attacker to visually observe the victim’s inputting process nor the victim device to be placed on a static holder. Comprehensive experiments on iOS and Android devices confirm the high efficacy of EyeTell for inferring PINs, lock patterns, and English words under various environmental conditions.

  8. Secure crowdsourced Radio Environment Map construction
    Yidan Hu and Rui Zhang
    IEEE International Conference on Network Protocols (ICNP), 2017.

    Summary: Database-driven Dynamic Spectrum Sharing (DSS) is the de-facto technical paradigm adopted by Federal Communications Commission (FCC) for increasing spectrum efficiency. In such a system, a geo-location database administrator (DBA) maintains spectrum availability information over its service region whereby to determines whether a secondary user can access a licensed spectrum band at his desired location and time. To maintain spectrum availability in its service region, it is desirable for the DBA to periodically collect spectrum measurements whereby to construct and maintain a Radio Environment Map (REM), where the received signal strength at every location of interest is either directly measured or estimated via proper statistical spatial interpolation techniques. Crowdsourcing-based spectrum sensing is a promising approach for periodically collecting spectrum measurements over a large geographic area, which is, unfortunately, vulnerable to false spectrum measurements. How to construct an accurate REM in the presence of false measurements remains an open challenge. This paper introduces SecREM, a novel scheme for securely constructing a REM in the presence of false spectrum measurements. SecREM relies on a small number of trusted spectrum measurements whereby to evaluate the trustworthiness of the measurements from mobile users and gradually incorporate the most trustworthy ones to construct an accurate REM. Extensive simulation studies based on a real spectrum measurement dataset confirm the efficacy and efficiency of SecREM.

  9. Your face your feart: Secure mobile face authentication with photoplethysmograms
    Yimin Chen, Jingchao Sun, Xiaocong Jin, Tao Li, Rui Zhang, and Yanchao Zhang
    IEEE International Conference on Computer Communications (INFOCOM), 2017.

    Summary: Face authentication emerges as a powerful method for preventing unauthorized access to mobile devices. It is, however, vulnerable to photo-based forgery attacks (PFA) and videobased forgery attacks (VFA), in which the adversary exploits a photo or video containing the user’s frontal face. Effective defenses against PFA and VFA often rely on liveness detection, which seeks to find a live indicator that the submitted face photo or video of the legitimate user is indeed captured in real time. In this paper, we propose FaceHeart, a novel and practical face authentication system for mobile devices. FaceHeart simultaneously takes a face video with the front camera and a fingertip video with the rear camera on COTS mobile devices. It then achieves liveness detection by comparing the two photoplethysmograms independently extracted from the face and fingertip videos, which should be highly consistent if the two videos are for the same live person and taken at the same time. As photoplethysmograms are closely tied to human cardiac activity and almost impossible to forge or control, FaceHeart is strongly resilient to PFA and VFA. Extensive user experiments on Samsung Galaxy S5 have confirmed the high efficacy and efficiency of FaceHeart.

  10. POWERFUL: Mobile app fingerprinting via power analysis
    Yimin Chen, Xiaocong Jin, Jingchao Sun, Rui Zhang, and Yanchao Zhang
    IEEE International Conference on Computer Communications (INFOCOM), 2017.

    Summary: Which apps a mobile user has and how they are used can disclose significant private information about the user. In this paper, we present the design and evaluation of POWERFUL, a new attack which can fingerprint sensitive mobile apps (or infer sensitive app usage) by analyzing the power consumption profiles on Android devices. POWERFUL works on the observation that distinct apps and their different usage patterns all lead to distinguishable power consumption profiles. Since the power profiles on Android devices require no permission to access, POWERFUL is very difficult to detect and can pose a serious threat against user privacy. Extensive experiments involving popular and sensitive apps in Google Play Store show that POWERFUL can identify the app used at any particular time with accuracy up to 92.9%, demonstrating the feasibility of POWERFUL.

  11. Verifiable Social Data Outsourcing
    Xin Yao, Rui Zhang, Yanchao Zhang, and Yaping Lin
    IEEE International Conference on Computer Communications (INFOCOM), 2017.

    Summary: Social data outsourcing is an emerging paradigm for effective and efficient access to the social data. In such a system, a third-party Social Data Provider (SDP) purchases complete social datasets from Online Social Network (OSN) operators and then resells them to data consumers who can be any individuals or entities desiring the complete social data satisfying some criteria. The SDP cannot be fully trusted and may return wrong query results to data consumers by adding fake data and deleting/modifying true data in favor of the businesses willing to pay. In this paper, we initiate the study on verifiable social data outsourcing whereby a data consumer can verify the trustworthiness of the social data returned by the SDP. We propose three schemes for verifiable queries over outsourced social data. The three schemes all require the OSN provider to generate some cryptographic auxiliary information, based on which the SDP can construct a verification object for the data consumer to verify the query-result trustworthiness. They differ in how the auxiliary information is generated and how the verification object is constructed and verified. Extensive experiments based on a real Twitter dataset confirm the high efficacy and efficiency of our schemes.

  12. DPSense: Differentially private crowdsourced spectrum sensing
    Xiaocong Jin, Rui Zhang, Yimin Chen, Tao Li, and Yanchao Zhang
    ACM Conference on Computer and Communications Security (CCS), 2016.

    Summary: Dynamic spectrum access (DSA) has great potential to address worldwide spectrum shortage by enhancing spectrum efficiency. It allows unlicensed secondary users to access the underutilized licensed spectrum when the licensed primary users are not transmitting. As a key enabler for DSA systems, crowdsourced spectrum sensing (CSS) allows a spectrum sensing provider (SSP) to outsource the sensing of spectrum occupancy to distributed mobile users. In this paper, we propose DPSense, a novel framework that allows the SSP to select mobile users for executing spatiotemporal spectrum-sensing tasks without violating the location privacy of mobile users. Detailed evaluations on real location traces confirm that DPSense can provide differential location privacy to mobile users while ensuring that the SSP can accomplish spectrum-sensing tasks with overwhelming probability and also the minimal cost.

  13. iLock: Immediate and automatic locking of mobile devices against data theft
    Tao Li, Yimin Chen, Jingchao Sun, Xiaocong Jin, and Yanchao Zhang
    ACM Conference on Computer and Communications Security (CCS), 2016.

    Summary: Mobile device losses and thefts are skyrocketing. The sensitive data hosted on a lost/stolen device are fully exposed to the adversary. Although password-based authentication mechanisms are available on mobile devices, many users reportedly do not use them, and a device may be lost/stolen while in the unlocked mode. This paper presents the design and evaluation of iLock, a secure and usable defense against data theft on a lost/stolen mobile device. iLock automatically, quickly, and accurately recognizes the user’s physical separation from his/her device by detecting and analyzing the changes in wireless signals. Once significant physical separation is detected, the device is immediately locked to prevent data theft. iLock relies on acoustic signals and requires at least one speaker and one microphone that are available on most COTS (commodity-off-the-shelf) mobile devices. Extensive experiments on Samsung Galaxy S5 show that iLock can lock the device with negligible false positives and negatives.

  14. VISIBLE: Video-Assisted Keystroke Inference from Tablet Backside Motion
    Jingchao Sun, Xiaocong Jin, Yimin Chen, Jinxue Zhang, Rui Zhang, and Yanchao Zhang
    ISOC Network and Distributed System Security Symposium  (NDSS), 2016.

    Summary: The deep penetration of tablets in daily life has made them attractive targets for keystroke inference attacks that aim to infer a tablet user’s typed inputs. We propose VISIBLE, a novel video-assisted keystroke inference framework to infer a tablet user’s typed inputs from surreptitious video recordings of tablet backside motion. VISIBLE is built upon the observation that the keystrokes on different positions of the tablet’s soft keyboard cause its backside to exhibit different motion patterns. VISIBLE uses complex steerable pyramid decomposition to detect and quantify the subtle motion patterns of the tablet backside induced by a user’s keystrokes, differentiates different motion patterns using a multi-class Support Vector Machine, and refines the inference results using a dictionary and linguistic relationship. Extensive experiments demonstrate the high efficacy of VISIBLE for inferring single keys, words, and sentences. In contrast to previous keystroke inference attacks, VISIBLE does not require the attacker to visually see the tablet user’s input process or install any malware on the tablet.

  15. Privacy-Preserving Crowdsourced Spectrum Sensing
    Xiaocong Jin and Yanchao Zhang
    IEEE International Conference on Computer Communications (INFOCOM), 2016.

    Summary: Crowdsourced spectrum sensing has great potential in improving current spectrum database services. Without strong incentives and location privacy protection in place, however, mobile users will be reluctant to act as mobile crowdsourcing workers for spectrum sensing tasks. In this paper, we present PriCSS, the first framework for a crowdsourced spectrum sensing service provider to select spectrum-sensing participants in a differentially privacy-preserving manner. Thorough theoretical analysis and simulation studies show that PriCSS can simultaneously achieve differential location privacy, approximate social cost minimization, and truthfulness.

  16. Secure Outsourced Skyline Query Processing via Untrusted Cloud Service Providers
    Wenxin Chen, Mengjun Liu, Rui Zhang, Yanchao Zhang, and Shubo Liu
    IEEE International Conference on Computer Communications (INFOCOM), 2016.

    Summary: Recent years have witnessed a growing number of location-based service providers (LBSPs) outsourcing their points of interest (POI) datasets to third-party cloud service providers (CSPs), which in turn answer various data queries from mobile users on their behalf. A main challenge in such systems is that the CSPs cannot be fully trusted, which may return fake query results for various bad motives, e.g., in favor of POIs willing to pay. As an important type of queries, location-based skyline queries (LBSQ) ask for the POIs that are not spatially dominated by any other POI with respect to some query position. To tackle this challenge, we propose three novel schemes that enable efficient verification of any LBSQ result returned by an untrusted CSP by embedding and exploring a novel neighboring relationship among POIs. The efficacy and efficiency of our schemes are thoroughly analyzed and evaluated.

  17. PriStream: Privacy-Preserving Distributed Stream Monitoring of Thresholded Percentile Statistics
    Jingchao Sun, Rui Zhang, Jinxue Zhang, and Yanchao Zhang
    IEEE International Conference on Computer Communications (INFOCOM), 2016.

    Summary: Distributed stream monitoring has numerous potential applications in future smart cities. Communication efficiency and data privacy are two main challenges for distributed stream monitoring services. We propose PriStream, the first communication-efficient and privacy-preserving distributed stream monitoring system for thresholded PERCENTILE aggregates. PriStream allows the monitoring service provider to evaluate an arbitrary function over a desired percentile of distributed data reports and monitor when the output exceeds a predetermined system threshold. Detailed theoretical analysis and evaluations show that PriStream has high accuracy and communication efficiency, and differential privacy guarantees under a strong adversary model.

  18. PriExpress: Privacy-Preserving Express Delivery with Fine-Grained Attribute-Based Access Control
    Tao Li, Rui Zhang, and Yanchao Zhang
    IEEE Conference on Communications and Network Security (CNS), 2016. (accepted)

    Summary: With the fast development of mobile Internet, ecommerce has been widely applied to the living of the masses. Because of the strong dependence of e-commerce, logistics industry has attracted much attention. However, when users get convenient service from the logistics industry, their privacy is compromised. Addresses, phone numbers and other private information on the parcel are accessible to anyone. Moreover, because users’ logistics data is stored in plaintext in the companies’ servers, it is vulnerable to the peep from staffs in the company and even the Hackers. We propose the first logistics system, PriExpress, which protects the users’ privacy and ensures the efficient delivery of the parcel at the same time. To address the above problem, we improved attribute based encryption with a hidden access tree. Based on users’ attributes, we enforce fine-grained access control on the logistic data. Our security and performance analysis shows that PriExpress is both secure and efficient.

  19. SecureFind: Secure and Privacy-Preserving Object Finding via Mobile Crowdsourcing
    Jingchao Sun, Rui Zhang, Xiaocong Jin, and Yanchao Zhang
    IEEE Transactions on Wireless Communications. (TWC), vol. 15, no. 3, pp. 1716-1728, March 2016.

    Summary: The plummeting cost of Bluetooth tags and the ubiquity of mobile devices are revolutionizing the traditional lost-and-found service. We propose SecureFind, a secure and privacy-preserving object-finding system via mobile crowdsourcing. In SecureFind, a unique Bluetooth tag is attached to every valuable object, and the owner of a lost object submits an object-finding request to many mobile users via the SecureFind service provider. Each mobile user involved searches his vicinity for the lost object on behalf of the object owner who can infer the location of his lost object based on the responses from mobile users. SecureFind is designed to ensure strong object security such that only the object owner can discover the location of his lost object as well as offering location privacy to mobile users involved. The high efficacy and efficiency of SecureFind are confirmed by extensive simulations.

  20. Privacy-Preserving Spatiotemporal Matching for Secure Device-to-Device Communications
    Jingchao Sun, Rui Zhang, Jinxue Zhang, and Yanchao Zhang
    IEEE Internet of Things Journal. (IOT), 2016. (accepted)

    Summary: Device-to-device (D2D) communications are emerging due to the explosive growth of smartphones and tablets. Given the possible presence of attackers, a fundamental challenge in secure D2D communications is to develop sound mobile authentication techniques whereby mobile users can select the most trustworthy D2D communication partners from possibly many candidates. We tackle this open challenge and proposes spatiotemporal matching as a promising enabler for secure D2D communications. Spatiotemporal matching is built upon the location-aware capability of D2D devices. In particular, a mobile user could very easily maintain his spatiotemporal profile recording his continuous whereabouts in time, and the level of his spatiotemporal profile matching that of the other user can be translated into the level of trust they two can have in each other. Since spatiotemporal profiles contain very sensitive personal information, privacy-preserving spatiotemporal matching is needed to ensure that as little information as possible about the spatiotemporal profile of either matching participant is disclosed beyond the matching result. Towards this end, we propose two novel privacy-preserving spatiotemporal matching protocols, which are thoroughly analyzed and evaluated through detailed simulation studies driven by experimental data.

Disclaimer: The papers here are made available for timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders.

 
 
© Rui Zhang, 2021