@article {rios2022cpa, title = {Constrained Proximity Attacks on Mobile Targets}, journal = {ACM Transactions on Privacy and Security (TOPS)}, volume = {25}, number = {10}, year = {2022}, month = {05/2022}, pages = {1 - 29}, publisher = {Association for Computer Machinery (ACM)}, abstract = {

Proximity attacks allow an adversary to uncover the location of a victim by repeatedly issuing queries with fake location data. These attacks have been mostly studied in scenarios where victims remain static and there are no constraints that limit the actions of the attacker. In such a setting, it is not difficult for the attacker to locate a particular victim and quantifying the effort for doing so is straightforward. However, it is far more realistic to consider scenarios where potential victims present a particular mobility pattern. In this paper, we consider abstract (constrained and unconstrained) attacks on services that provide location information on other users in the proximity. We derive strategies for constrained and unconstrained attackers, and show that when unconstrained they can practically achieve success with theoretically optimal effort. We then propose a simple yet effective constraint that may be employed by a proximity service (for example, running in the cloud or using a suitable two-party protocol) as countermeasure to increase the effort for the attacker several orders of magnitude both in simulated and real-world cases.

}, keywords = {Location Privacy, mobility pattern, proximity attacks, quantification}, issn = {2471-2566}, doi = {10.1145/3498543}, author = {Xueou Wang and Xiaolu Hou and Ruben Rios and Nils Ole Tippenhauer and Martin Ochoa} } @article {Hiroshi18IoT, title = {Feasibility of Societal Model for Securing Internet of Things}, journal = {KSII Transactions on Internet and Information Systems}, volume = {12}, number = {8}, year = {2018}, month = {08/2018}, pages = {3567-3588}, publisher = {KSII}, abstract = {

In the Internet of Things (IoT) concept, devices communicate autonomously with applications in the Internet. A significant aspect of IoT that makes it stand apart from present-day networked devices and applications is a) the very large number of devices, produced by diverse makers and used by an even more diverse group of users; b) the applications residing and functioning in what were very private sanctums of life e.g. the car, home, and the people themselves. Since these diverse devices require high-level security, an operational model for an IoT system is required, which has built-in security. We have proposed the societal model as a simple operational model. The basic concept of the model is borrowed from human society {\textendash} there will be infants, the weak and the handicapped who need to be protected by guardians. This natural security mechanism works very well for IoT networks which seem to have inherently weak security mechanisms. In this paper, we discuss the requirements of the societal model and examine its feasibility by doing a proof-of-concept implementation.

}, keywords = {Internet of Things, IoT, network architecture, operational model, security, SNMP}, issn = {1976-7277}, doi = {10.3837/tiis.2018.08.003}, url = {http://www.itiis.org/digital-library/manuscript/2082}, author = {Hiroshi Tsunoda and Rodrigo Roman and Javier Lopez and Glenn Mansfield Keeni} } @inproceedings {rios2018mob, title = {Location Proximity Attacks against Mobile Targets: Analytical Bounds and Attacker Strategies}, booktitle = {23rd European Symposium on Research in Computer Security (ESORICS 2018)}, series = {LNCS}, volume = {11099}, year = {2018}, pages = {373-392}, publisher = {Springer}, organization = {Springer}, address = {Barcelona}, abstract = {

Location privacy has mostly focused on scenarios where users remain static. However, investigating scenarios where the victims present a particular mobility pattern is more realistic. In this paper, we consider abstract attacks on services that provide location information on other users in the proximity. In that setting, we quantify the required effort of the attacker to localize a particular mobile victim. We prove upper and lower bounds for the effort of an optimal attacker. We experimentally show that a Linear Jump Strategy\ (LJS) practically achieves the upper bounds for almost uniform initial distributions of victims. To improve performance for less uniform distributions known to the attacker, we propose a Greedy Updating Attack Strategy\ (GUAS). Finally, we derive a realistic mobility model from a real-world dataset and discuss the performance of our strategies in that setting.

}, isbn = {978-3-319-98988-4}, doi = {10.1007/978-3-319-98989-1}, author = {Xueou Wang and Xiaolu Hou and Ruben Rios and Per Hallgren and Nils Ole Tippenhauer and Martin Ochoa} }