Adversaries and Countermeasures in Privacy-Enhanced Urban Sensing Systems

Today´s digital society increasingly relies on the interconnection of heterogenous components, encompassing assorted actors, entities, systems, and a variety of (often mobile) computing devices. Revolutionary computing paradigms, such as people-centric urban sensing, have focused on the seamless collection of meaningful data from a large number of devices. The increasing complexity of deployed urban systems and related infrastructures, along with the growing amount of information collected, prompts a number of challenging security and privacy concerns. In this paper, we explore a number of scenarios where nodes of a urban sensing system are subject to individual queries. In this setting, multiple users and organizations (e.g., infrastructure operators) co-exist, but they may not trust each other to the full extent. As a result, we address the problems of protecting: 1) secrecy of reported data, and 2) confidentiality of query interests from the prying eyes of malicious entities. We introduce a realistic network model and study different adversarial models and strategies, distinguishing between resident and nonresident adversaries, considering both randomly distributed and local attackers. For each of them, we propose a distributed privacy-preserving technique and evaluate its effectiveness via analysis and simulation. Our techniques are tunable, trading off the level of privacy assurance with a small overhead increase, and independent from the complexity of the underlying infrastructures. We additionally provide a relevant improvement of data reliability and availability, while only relying on standard symmetric cryptography. The practicality of our proposals is demonstrated both analytically and experimentally.