Traffic monitoring services collect traffic reports and respond to users' traffic queries. However, the reports and queries may reveal the user's identity and location. Although different anonymization techniques have been applied to protect user privacy, a new security threat arises, namely, n-by-1 jamming attack, in which an anonymous contributing driver impersonates n drivers and uploads n normal reports by using n reporting devices. Such an attack will mislead the traffic monitoring service provider and further degrade the service quality. Existing traffic monitoring services do not support customized queries, and private information retrieval techniques cannot be applied directly in traffic monitoring. We formally define the new attack and propose a traffic monitoring scheme TraJ to defend the attack and achieve user-defined location privacy. Specifically, we bridge anonymous contributing drivers without disclosing their speed set by using private set intersection. Each RSU collects time traffic reports and structures a weighted proximity graph to filter out malicious colluding drivers. We design a user-defined privacy-preserving query method by encoding complex road network. We leverage the uploading phase from private aggregation to collect traffic conditions and allow requesting drivers to dynamically and privately query traffic conditions. We provide a formal analysis of TraJ to prove its privacy and security properties. We also construct a prototype based on a real-world dataset and Android smartphones to demonstrate its feasibility and efficiency. A formal analysis demonstrates the privacy and security properties. Extensive experiments illustrate the performance and defense efficacy.
Authors: M. Li, L. Zhu, Z. Zhang, C. Lal, M. Conti and M. Alazab
Journal: IEEE/ACM Transactions on Networking
Date of Publication: March 2022