Content uploaded by Mohamed I. Ibrahem
Author content
All content in this area was uploaded by Mohamed I. Ibrahem on May 16, 2022
Content may be subject to copyright.
UBLS: User-Based Location Selection Scheme for
Preserving Location Privacy
Muneera Alotaibi∗1, Mohamed I. Ibrahem‡2, Waleed Alasmary∗3, Dawood Al-Abri†4, and Mohamed Mahmoud†5
∗Department of Computer Engineering, Umm Al-Qura University, Makkah, Saudi Arabia.
†Department of Electrical and Computer Engineering, Sultan Qaboos University, Musqat¸, Oman.
‡Department of Electrical and Computer Engineering, Tennessee Tech University, Cookeville, TN, USA.
Emails: 1muneera.n.alotaibi@gmail.com, 2miibrahem42@tntech.edu, 3wsasmary@uqu.edu.sa,
4alabrid@squ.edu.om, 5mmahmoud@tntech.edu.
Abstract—Due to the wide availability of location-based ser-
vices (LBSs) that enable many applications to provide user-
tailored services, it becomes possible to trace the locations of
an individual by an adversary, especially when the LBS server
is distrusted, which violates the user’s privacy. Therefore, we
propose, in this paper, a user-based location selection scheme
(UBLS) to hide the users’ locations using k-anonymity to preserve
users’ privacy. The proposed scheme uses the concept of dummy
locations to hide the real locations of the users, but on top
of that, it selects the dummy locations based on the users
that exist in these locations. Moreover, we propose an attacker
location exclusion (ALE) algorithm that can be used to attack
the existing location privacy-preserving schemes. We also propose
a new metric, namely location privacy level (LPL), to qualify
the ability of the malicious LBS server to reduce the privacy
level of the requester. Our envisioned UBLS scheme is evaluated
with extensive computer-based simulations. Comparing to the
existing schemes in the literature that preserve location privacy,
our proposed UBLS demonstrates performance improvement in
terms of entropy, cloaking region, and location privacy level
metrics.
Index Terms—Location privacy, k-anonymity, t-closeness, LBS,
and DLS.
I. INT ROD UC TI ON
Recently, the dependency of the smartphones’ applications
on location has been dominating the Google play and Apple
stores [1]. Therefore, the location-based services (LBSs) are
becoming essential in everyone’s life because, for example, in
Google map application, the user must reveal his/her location
to request the route to a certain location. Moreover, the need
for the location information is not limited to the location-
based applications, but also it is used in some social network
applications such as Facebook and Twitter. Facebook uses the
location information to let the user know about nearby friends
[2], while Twitter uses the location to find tweets posted by
nearby people [3].
Although disclosing the personal location information en-
ables many applications to provide user-tailored services, this
practice might threaten the user privacy. For instance, when
acquiring the location of a user, an adversary can use this
information for tracking the user and identifying the loca-
tions the user visits, which can reveal the activities of the
users. Therefore, preserving location privacy is an essential
requirement in mobile applications and social networks. The
existing approaches that are used to protect location privacy
can be classified into cryptographic-based and k-anonymity-
based [4].
In the cryptographic-based approaches, the location infor-
mation is encrypted and the server should do operations on
the encrypted data to provide the location based service.
However, these approaches consume high computation and
communication overhead [5], [6]. On the other hand, in the
k-anonymity-based approaches, the individual’s real location
is hidden by using a set of k−1other locations [7], [8].
There are several schemes that use the k-anonymity to preserve
the location privacy such as dummy location selection (DLS)
and enhanced dummy location selection (EDLS) [9]. These
schemes select the dummy locations based only on the number
of queries of these locations, but they do not consider the
user’s query probability that reflects his/her activities during
the selection process of the dummy locations. This may enable
the LBS server to identify the dummy locations and reveal the
real location of the user or at least reduce the anonymity set.
Therefore, we address, in this paper, the limitations in
the existing schemes, formally present a proposed adversarial
model, and envision an efficient privacy-preserving user’s
location selection approach. Our major contributions in this
work can be summarized as follows.
•We propose a User-Based Location Selection (UBLS)
scheme to preserve the privacy of the users’ locations
using k-anonymity and taking user’s query probability
into consideration. Our scheme chooses k−1dummy
users who have query probabilities which are close to
the query probability of the requester, i.e., the user who
requests a service from the LBS server. Then, it uses
the k−1dummy users’ locations to hide the requester’s
location.
•We propose an attacker location exclusion (ALE) algo-
rithm that can be used to attack the existing privacy-
preserving schemes. This attacker algorithm attempts to
find the real location of the requester in the klocations
he sends by excluding the locations that have low prob-
abilities to be the requester’s location.
•We propose a new metric, namely location privacy level
(LPL), to qualify the ability of the malicious LBS server
U.S. Government work not protected by U.S. copyright
2021 IEEE International Conference on Communications Workshops (ICC Workshops) | 978-1-7281-9441-7/20/$31.00 ©2021 IEEE | DOI: 10.1109/ICCWorkshops50388.2021.9473579
Authorized licensed use limited to: Tennessee Technological University. Downloaded on May 16,2022 at 01:46:34 UTC from IEEE Xplore. Restrictions apply.
to reduce the privacy level of the requester.
•We extensively evaluate the proposed UBLS scheme and
compare it with different benchmarks. We run the ALE
algorithm against our UBLS scheme and the existing
schemes to assess the ability of these schemes in preserv-
ing location privacy when the LBS server is malicious.
The results demonstrate that the proposed UBLS scheme
outperforms the existing schemes in terms of cloaking
region, entropy, and LPL.
The remainder of this paper is organized as follows. Sec-
tion II discusses the related works. Section III discusses the
adversary model that is used in this paper and the ALE attack
algorithm. The proposed UBLS scheme is presented in section
IV. Next, the evaluation results of our scheme are discussed
in section V. Finally, the paper is concluded in section VI.
II. RE LATE D WOR K
In this section, we present relevant research works on users’
location privacy preservation techniques. Although there are
several research works proposed in the literature to preserve
the users’ privacy, they suffer from several limitations.
The existing approaches that are used to protect location
privacy can be categorized into cryptographic-based [10] and
k-anonymity-based [11]–[13]. In the cryptographic-based
approaches, the user requests the LBS provider’s public-key
to encrypt his/her location. Then, the LBS provider decrypts
the location by the private-key of the LBS provider [10]. Al-
though this approach is secure against eavesdroppers, location
privacy may be violated when the LBS server is malicious
or distrusted. Moreover, it also suffers from high computation
overhead needed to encrypt and decrypt the messages [5].
On the other hand, the k-anonymity approaches are used
to preserve the location privacy by using an anonymous set
that consists of klocations (one is real and k−1locations
are dummy) with the aim of making any location that belongs
to this set indistinguishable from all other k−1locations, so
that the adversary cannot identify the dummy locations. This
approach has some advantages such as lower communication
and computation overhead comparing to the cryptographic-
based approaches [5]. Niu et al. [11] proposed a scheme,
named fine-grained spatial cloaking “FGcloak”, which uses
k-anonymity technique. This scheme adapts the idea of the
Hilbert curve to effectively achieve privacy preservation using
the k-anonymity concept. However, the proposed scheme
suffers from high cloaking region compared to other existing
solutions such as EDLS [9], which makes the response of the
server inaccurate. Moreover, the entropy value of the EDLS
is better than its value of the FGcloak algorithm. Note that
entropy is a metric that is used to measure the privacy level.
Next, a scheme called EPLA [12] is proposed to preserve
users’ location privacy. The basic idea of the scheme is to
choose dummy locations depending on the probability of
visiting the locations by the user. EPLA has two phases. In
the first phase, space is partitioned into cells and the candidate
dummy locations set are determined, while in the second
phase, the user selects k−1dummy locations and send
to the server his location and the k−1dummy locations
to achieve k-anonymity. Zheng et al. [13] proposed a k-
anonymity-based location privacy preserving scheme based
on clustering by replacing the query of the user location
by the center of the anonymous set. The proposed scheme
combines k-anonymity and clustering approaches to eliminate
the effect of outliers and optimize the distribution of users in
the anonymous set. However, this scheme has low anonymity
level and high processing time. Moreover, according to the
results, query accuracy decreases when the number of users
increases because with the increases in the number of users,
the distribution of users is gradually concentrated, and the area
of the anonymous set is gradually reduced.
Most of the k-anonymity-based approaches use a location
anonymizer (LA) as a centralized entity to submit the re-
ceived LBS related queries to the LBS server. The LA is
responsible for enlarging the queried location into a bigger
Cloaking Region (CR) covering many other users. Since all
the submitted queries have to go through the LA, it may be
considered as a single point of failure since all the burden
of the operations is on it. To solve this problem, some
approaches were proposed to allow users to select kdummy
locations instead of the LA [9], [14]. H. Kido et al. [14]
proposed moving in neighborhood (MN) scheme which selects
the dummy locations randomly. The first dummy location is
selected randomly. Then, the second dummy location is chosen
randomly from the neighbors of the first dummy location that
are within a certain range, and the same process is repeated.
Niu et al. [9] have proposed the DLS scheme which is
designed to achieve k-anonymity for users in LBSs by se-
lecting the dummy locations depending on the highest value
of the entropy metric. The EDLS scheme [9] is an extension
to the DLS scheme. It depends on the highest value of both
the cloaking region metrics and the entropy. The difference
between the original DLS and the EDLS is in the way the
dummy locations are selected. The EDLS selects the dummy
locations which are remote from the real location. However,
the EDLS may reduce the quality of the service provided by
the LBS server since it chooses the dummy locations which
are remote from the real location.
III. ADVE RS ARY MO DE L AN D ALE ATTACK ALGORITHM
In this paper, the LBS server is assumed to be distrusted,
which tries to infer the actual location of a target user from
other k−1locations in the anonymity set C. We assume
that the LBS server has the ability to obtain some information
including the number of queries of the target user, the number
of total queries for a certain location, and the number of users
inside a certain location in the map. Hence, we propose an
attacker location exclusion (ALE) algorithm that can be used
by a malicious server to narrow down the real user’s location
from Cby identifying and excluding some dummy locations.
The notations which are used in this paper are given in table I.
The ALE algorithm works as follows. It checks whether a
certain location ciin the anonymity set Csatisfies a set of
conditions. If cisatisfies one condition from these conditions,
Authorized licensed use limited to: Tennessee Technological University. Downloaded on May 16,2022 at 01:46:34 UTC from IEEE Xplore. Restrictions apply.
then ciis assumed to be for a dummy user, and thus it is
excluded from the list of potential real locations. The ALE
algorithm improves the attacker’s ability to identify the real
location in the anonymity set Cby eliminating some dummy
locations using the query probabilities of the users.
The LBS server is assumed to know the number of queries
of a target user s, and each user on the map that queries the
server There are four conditions checked by the ALE, as can
be seen in Algorithm 1, to decide whether a location ciis
excluded from the set C. These conditions are explained in
the following.
1) First condition: If the number of users in the location
ciis equal to zero, it is excluded. The reason is that the
target user cannot be in a location that is empty of users.
2) Second condition: If the number of users in the location
ciis equal to 1, the total queries of the location ciis
compared with the number of queries of the target user
s. If they are not equal, then the location ciis excluded
because if the target user were in ci, the total number of
queries of the location would necessarily be equal to the
number of queries of the target user ssince there is only
one user in that location.
3) Third condition: The total queries of the location ciis
compared with the number of queries of the target user s.
In case that the queries of sis more than the total queries
of the location ci, this location is excluded because if the
target user were in ci, the total queries of ciwould be at
least equal to the number of queries of s. In other word,
the queries of sis a portion of the total queries of ci
when the target user is in cithus smust be less than or
equal to the total queries of ci.
4) Fourth condition: If a location contains husers, the total
number of queries of that location should be at least h
(since each user queries the server at least one time).
Hence, if the target user exists in the location ci, then the
following condition should hold:
Qci≥Ns+h−1,
where, Qciis the number of queries of ciand Nsis the
number of queries of user s. Inversely, if the total number
of queries of the location ciis less than (Ns+h−1), the
target user cannot be in the location ci.
IV. THE UBLS S CH EM E
As mentioned in section II, the MN, DLS, and EDLS
schemes select the dummy locations based on the number of
queries of these locations, but the LBS server can identify
these locations because these schemes did not take into ac-
count the behavior of the user during the selection process of
the dummy locations. In this paper, we adapt the k-anonymity
technique in the location selection while preserving the users’
locations privacy, i.e., without being able to know the real
locations of the users. Our proposed scheme aims at protecting
the user’s real location by carefully selecting a number of
dummy locations based on the users’ query probabilities.
Unlike the existing schemes which use the query probability
TABLE I: Notations.
Symbol Description
mNumber of users in the map.
kNumber of locations in the anonymity set.
lreal Real location of the target user
(i.e. the user who sends the anonymity set to LBS server)
uiQuery probability of user i.
qij Query probability of cell ij in the map.
piNormalized query probability.
n2Number of locations.
rNumber of rounds chosen by the user.
CThe anonymity set.
ciLocation iin C.
NsNumber of queries of user s.
xX-coordinate in the map.
yY-coordinate in the map.
Algorithm 1: Attacker Location Exclusion (ALE).
1Input: The anonymity set C, and the number of
queries of the target user s(Ns).
2Output: The reduced set Cr.
1: Exclusion set C′=φ
2: for (i= 1; i <=size(C); i+ +)do
3: if (ci.NumberOf Users == 0)then
4: Add cito C′
5: end if
6: if (ci.NumberOf Users == 1)then
7: if (ci.T otalOf Queries ! = Ns)then
8: Add cito C′
9: end if
10: end if
11: if (Ns> ci.T otalOf Queries)then
12: Add cito C′
13: end if
14: if (ci.T otalOf Queries −Ns<
ci.NumberOf Users −1)then
15: Add cito C′
16: end if
17: end for
18: Cr=C−C′
19: Return Cr
of the location qij , our scheme uses the query probability of
the user ui.
Our UBLS scheme works as follows. First, let a map of size
n×ncells, and each cell (i, j)represents a location in the map
which has the query probability of qij . Assuming that there
are musers distributed over the cells of the map, and each
user has a query probability ui. We define the target user as
the user who sends the anonymity set Cto the LBS server.
The probabilities qij and uican be calculated as follows.
ui=#of queries of user i
#of queries of all users on the map (1)
qij =#of queries in cell ij
#ofqueries in whole map,1≤i, j ≤n, (2)
Authorized licensed use limited to: Tennessee Technological University. Downloaded on May 16,2022 at 01:46:34 UTC from IEEE Xplore. Restrictions apply.
Algorithm 2: User-Based Selection Scheme.
Input : k,r,uof all users in the map, lreal,uiof
the target user.
Output: Cmax that maximizes the entropy H.
1: Sort the users based on their uin ascending order.
2: Select 2kdummy candidates where kcandidates
are to right before and kcandidates are
right after the target user in the sorted list.
3: Hmax = 0, Cmax =φ
4: for (i= 1; i <=r;i+ +)do
5: Store lreal in the anonymity set C
6: Choose k−1dummy users randomly
from the 2kdummy candidates set and
store their locations in C
7: while (∃identical locations in C)do
8: Repeat step 6
9: end while
10: Calculate pifor each element in C
11: H=−Pk
i=1 pilog(pi)
12: if (Hmax < H)then
13: Hmax =Hand
14: Cmax =C
15: end if
16: end for
17: Return Cmax
where Pm
i=1 ui= 1 and Pn
i=1 Pn
j=1 qij = 1. The following
steps, as presented in Algorithm 2, explain how our UBLS
scheme works in details.
1) The target user chooses the size kof the anonymity set
C. The value of khas a direct relation to the privacy
preservation level, i.e., as the value of kincreases, the
anonymity level increases (due to sending more dummy
users) but with more overhead (due to sending and
processing more queries). Moreover, the user needs to
choose another value rwhich represents the number of
rounds of the UBLS scheme to compute the anonymity
set C. The anonymity set Cis computed in the direction
of maximizing the value of the entropy metric.
2) After obtaining all the users’ query probabilities, these
probabilities are sorted in ascending order.
3) Our proposed scheme chooses kusers right before and
kusers right after the target user from the sorted list to
form a 2kcandidates set.
4) The anonymity set Cis then created, and it consists of
the location of the target user lreal and k−1dummy
users’ locations that are chosen randomly from the 2k
candidates set.
5) If there are repeated locations in C, another dummy
locations are selected randomly from the 2kcandidates
set to form C. In other words, all the kusers’ locations
in Cshould be located in different cells in the map.
6) The query probabilities of each user in Care normalized
by using Eq. 3.
pi=ui
Pk
i=1 ui
, i ={1,2, . . . , k }(3)
7) The entropy value of C(H) is computed using Eq. 4.
H=−
k
X
i=1
pilog(pi)(4)
8) The steps from 4 to 7 are repeated rtimes to obtain the
Cmax set that has maximum entropy value Hmax.
As we mentioned before, the main differences between our
proposed scheme and the existing schemes can be summarized
as follows. The query probability uiof the target user is
considered in the UBLS scheme. Furthermore, UBLS scheme
sorts the users based on their query probabilities uiand
checks the repeated locations in C. Finally, we compute the
normalization of query probabilities according to Eq. 3. All
these differences make our scheme outperform the existing
schemes as will be discussed in Section V.
V. EVALUATI ON S
A. Performance Metrics
To evaluate the performance of our UBLS scheme, the
following metrics are used.
(1) Entropy: This metric represents the quantity of querying
the locations in the anonymity set. The entropy value is
computed using Eq. 4. We compute piusing Eq. 3 in case
of using our proposed scheme since the query probability ui
of the target user is taken into account. On the other hand,
Eq. 5 is used to compute piin case of using the benchmark
schemes (i.e. MN, DLS, and EDLS) because they consider the
query probability qiof the target user’s location.
pi=qi
Pk
i=1 qi
, i ={1,2, . . . , k }(5)
Note that, the benchmark schemes select the locations in the
anonymity set based on their query probabilities qiregardless
of the number of users in these locations.
(2) The cloaking region: This metric represents the prod-
uct of the distances between every pair of locations in the
anonymity set and it can be calculated as follows.
k−1
Y
i=1
k
Y
j=i+1
d(ci, cj),(6)
where, ciand cjrepresent locations in the anonymity set.
(3) Location privacy level (LPL): We propose this metric
to measure the ability of the adversary to reduce the level of
privacy. We assume that the LBS server uses the ALE attack
algorithm to exclude some dummy locations. The LPL can be
defined as follows.
LP L = ln (size(Cr)) ,(7)
where Cris the set of locations that remain out of the original
anonymity set Cafter excluding the locations that do not con-
tain the target user. Note that as the size of Crincreases, the
Authorized licensed use limited to: Tennessee Technological University. Downloaded on May 16,2022 at 01:46:34 UTC from IEEE Xplore. Restrictions apply.
(a) m= 50. (b) m= 100.
Fig. 1: The entropy vs the size of the anonymity size kfor different values of m.
(a) m= 50. (b) m= 100.
Fig. 2: The product of distances vs the size of the anonymity size kfor different values of m.
LPL value increases. It is worth noting that LPL metric can be
used to quantify the impact on the privacy level of any attack
that aims at reducing the anonymity set by excluding some
locations. In an ideal case, the probability of identifying the
real location can be represented as 1
size(C). However, if the
attacker manages to identify some dummy users and excludes
their locations, he reduces the anonymity set to Cr, then, this
probability can be represented as 1
size(Cr). This means that
as the probability of identifying the target user’s real location
increases, the LPL value decreases. Therefore, LPL metric can
be used when applying any other kind of attacks on the original
anonymity set C. Hence, LPL represents the probability of
recognizing the target user’s real location. In other words,
the LPL value increases as the attacker’s ability in excluding
locations from the original anonymity set decreases. Note that
the maximum value of the LPL metric occurs when Cr=C.
This is the ideal case when the attacker completely fails to
exclude any location from the anonymity set C.
B. Experiment Results
The performance of our UBLS is compared with the existing
schemes that preserve the location privacy (MN, DLS, and
EDLS). We used MATLAB to implement these schemes. In
the simulation, we assume that there is a map of size 20 ×20
cells, where each cell represents a location. We evaluated
the performance of our scheme in different scenarios. In
all scenarios, we evaluate the performance of the proposed
scheme in terms of entropy, total area, and LPL metrics using
different number of users m.
As can be seen from Fig. 1, UBLS outperforms the other
schemes in terms of entropy in the scenarios when the number
of users is equal to 50 and 100. Moreover, we can see that as
the number of users increases, the entropy value decreases. We
can also conclude that MN has the worst performance in all
scenarios because of selecting the dummy locations randomly.
From the given results in Fig. 2, it can be concluded that the
EDLS scheme outperforms the other schemes in terms of the
product of distances. This is because the EDLS selects the
Authorized licensed use limited to: Tennessee Technological University. Downloaded on May 16,2022 at 01:46:34 UTC from IEEE Xplore. Restrictions apply.
(a) m= 50. (b) m= 100.
Fig. 3: The LPL vs the size of the anonymity size kfor different values of m.
dummy locations that are remote as possible from the real
location. However, UBLS has comparable performance with
respect to DLS and EDLS.
On the other hand, based on the results shown in Fig. 3,
the UBLS scheme outperforms DLS and EDLS schemes in
terms of the location privacy, and it is close to the optimal
case. From the given results, we can conclude that using our
scheme results in a better resistance to the attacks launched by
a malicious server that exploits its knowledge about the users’
query probabilities to narrow down the user’s real location
without affecting the cloaking region metric. This is because
UBLS scheme carefully chooses a set of users who have the
same (or close) query probability as the query probability of
the user that exists in the real location.
VI. CONCLUSION
In this paper, a novel scheme, called “UBLS”, is proposed
to preserve users’ location privacy against adversaries while
assuming that the LBS server is distrusted. Using users’
queries and the k-anonymity technique, UBLS scheme care-
fully chooses a set of users who have the same (or close) query
probability as the query probability of the user that exists in
the real location, and hence, a set of dummy locations can be
chosen. We have also proposed a new metric, namely “LPL”,
to measure the level of privacy the anonymity set provides
by measuring the attacker’s ability to identify and exclude
some dummy locations from the anonymity set. We evaluated
the UBLS scheme against existing schemes including DLS,
EDLS, and MN. The results of our experiments demonstrate
that UBLS can improve the privacy level in terms of entropy
and LPL metrics.
ACK NOW LE DG EM EN T
The authors extend their appreciation to the Deputyship for
Research & Innovation, Ministry of Education in Saudi Arabia
for funding this work through the project number 589.
REFERENCES
[1] W. Martin, F. Sarro, Y. Jia, Y. Zhang, and M. Harman, “A survey of app
store analysis for software engineering,” IEEE Transactions on Software
Engineering, vol. 43, no. 9, pp. 817–847, 2017.
[2] Y.-C. Lin, C.-M. Lai, J. W. Chapman, S. F. Wu, and G. A. Barnett,
“Geo-location identification of facebook pages,” in 2018 IEEE/ACM
International Conference on Advances in Social Networks Analysis and
Mining (ASONAM). IEEE, 2018, pp. 441–446.
[3] G. Abalı, E. Karaarslan, A. H ¨
urriyeto˘
glu, and F. Dalkılıc¸, “Detecting
citizen problems and their locations using twitter data,” in 2018 6th
International Istanbul Smart Grids and Cities Congress and Fair (ICSG).
IEEE, 2018, pp. 30–33.
[4] H. Jiang, J. Li, P. Zhao, F. Zeng, Z. Xiao, and A. Iyengar, “Location
privacy-preserving mechanisms in location-based services: A compre-
hensive survey,” ACM Computing Surveys (CSUR), vol. 54, no. 1, pp.
1–36, 2021.
[5] P. Belsis and G. Pantziou, “A k-anonymity privacy-preserving approach
in wireless medical monitoring environments,” Personal and ubiquitous
computing, vol. 18, no. 1, pp. 61–74, 2014.
[6] S. Zhang, X. Mao, K.-K. R. Choo, T. Peng, and G. Wang, “A trajectory
privacy-preserving scheme based on a dual-k mechanism for continuous
location-based services,” Information Sciences, vol. 527, pp. 406–419,
2020.
[7] A. K. Das, A. Tabassum, S. Sadaf, and D. Sinha, “Attack prevention
scheme for privacy preservation (apsp) using k anonymity in location
based services for iot,” in Computational Intelligence in Pattern Recog-
nition. Springer, 2020, pp. 267–277.
[8] L. P. Yeluri and E. M. Reddy, “Improved privacy preserving score-based
location k-anonymity in lbs,” in Innovations in Computer Science and
Engineering. Springer, 2020, pp. 627–632.
[9] B. Niu, Q. Li, X. Zhu, G. Cao, and H. Li, “Achieving k-anonymity in
privacy-aware location-based services,” in IEEE INFOCOM 2014-IEEE
Conference on Computer Communications. IEEE, 2014, pp. 754–762.
[10] A. Solanas and A. Mart´
ınez-Ballest´
e, “A ttp-free protocol for location
privacy in location-based services,” Computer Communications, vol. 31,
no. 6, pp. 1181–1191, 2008.
[11] B. Niu, Q. Li, X. Zhu, and H. Li, “A fine-grained spatial cloaking
scheme for privacy-aware users in location-based services,” in 2014 23rd
international conference on computer Communication and networks
(ICCCN). IEEE, 2014, pp. 1–8.
[12] D. Zhao, Y. Jin, K. Zhang, X. Wang, P. C. Hung, and W. Ji, “Epla:
efficient personal location anonymity,” GeoInformatica, vol. 22, no. 1,
pp. 29–47, 2018.
[13] L. Zheng, H. Yue, Z. Li, X. Pan, M. Wu, and F. Yang, “K-anonymity
location privacy algorithm based on clustering,” IEEE Access, vol. 6,
pp. 28 328–28 338, 2017.
[14] H. Kido, Y. Yanagisawa, and T. Satoh, “An anonymous communication
technique using dummies for location-based services,” in ICPS’05.
Proceedings. International Conference on Pervasive Services, 2005.
IEEE, 2005, pp. 88–97.
Authorized licensed use limited to: Tennessee Technological University. Downloaded on May 16,2022 at 01:46:34 UTC from IEEE Xplore. Restrictions apply.