Security and Privacy in Emerging Networks

Smartphones have become an essential part of our daily life. Besides providing voice and data communication, smartphones are also acquiring richer functionality through various sensors. For example, the iPhone 5 includes eight different sensors: accelerometer, GPS, ambient light, dual microphones, proximity sensor, dual cameras, compass, and gyroscope. These sensors are very useful for gathering data about people and their environments. For example, GPS enables sensing of locations, microphones can record sounds of the surroundings, and an accelerometer enables sensing of users’ movement and activit ies. Smartphone users are also considered as special types of sensors that generate human input data to be used in many surveys. Recently, these sensors have been used for participatory sensing in which the sensing data on multiple phones are collected by remote data collectors to support many interesting applications, including tracking the spread of disease across a city, building a noise map, monitoring traffic conditions, and so on. In spite of many useful applications, there are two obstacles that hinder the large-scale deployment of participatory sensing applications [1, 2]. First, participatory sensing poses serious threats to user privacy. The data from mobile devices may be exploited to obtain private information about users, including their locations, health condition, lifestyle, religious activities, and so on. For example, an application that tries to build a noise map for a city may request that each user continuously upload his or her current location and the noise level at this location. However, from this data, the data collector can infer where the user has been (e.g., if he or she has gone to a hospital or church) and possibly infer the user’s activities. Second, users lack incentives to join in participatory sensing. To participate, a user has to trigger various sensors to measure data (e.g., to obtain GPS locations), which may consume much of his/her smartphone’s power. Also, the user needs to upload data to the server, which may consume some data of a wireless quota (e.g. , when the data is photo/video). Moreover, the user may have to be in a specific location to sense the required data. To motivate participation, both obstacles should be addressed. Based on what kind of data is needed by the collector, participatory sensing systems can be divided into two categories. In one category, raw data is needed by the collector to do data mining; hence, mobile devices directly submit their sensed data (e.g., GPS coordinates, accelerometer reading, and user input). In the other category, the collector is interested in the aggregation statistics of a group of mobile devices’ data instead of each individual’s raw data. In many monitoring applications, such aggregation is periodically done to continuously identify interesting phenomena and track important patterns [3, 4]. For example, the average amount of daily exercise (which can be measured by motion sensors) people get can help infer public health conditions. The average level of air pollution and pollen concentration can help people plan their outdoor activities. In such systems, it is not necessary for a mobile device to submit its raw data. Instead, it can perturb the data value in some way as long as the collector can recover the correct aggregate statistics. For convenience, we call these two categories raw-data-based sensing and aggregate-data-based sensing , respectively. Due to the difference in the nature of data collected, they can be dealt with differently. In this article, we address how to simultaneously protect privacy and provide incentives for raw-data-based and aggregate-data-based sensing systems. We introduce the challenges in providing privacy and incentive simultaneously, ABSTRACT