kTrustee is a trust-aware location cloaking mechanism that is resilient to location injection attacks and guarantees a lower bound on the user's in-distinguishability.

Key features:
  • kTrustee characterises location injection attacks that can compromise users' privacy setting of k-Anonymity in a Cloaking-based Location Privacy Presserving Mechanism (CLPM).
  • Models the notion of trust in CLPMs and employs a suite of trust-based location cloaking algorithms that can mitigate the impact of location injection attacks.
  • Quantifiable effectiveness and resilience against location injection attacks.

Location injection attack

In a location injection attack, an attacker injects fake users in a perturbed location such that the adversary can distinguish the fake users from real users to reduce the anonymity level. As a result, the number of real users in the cloaked region becomes less than the user’s privacy requirement.



k-Trustee employs three location cloaking region expansion schemes in the guaranteeing namely (i) random expansion, (ii) greedy expansion and (iii) hybrid expansion that understands the underlying location injection attack and guarantees strong anonymity even after the attacks


  • Lei Jin, Balaji Palanisamy and James Joshi "Compromising Cloaking-based Location Privacy Preserving Mechanisms with Location Injection Attacks", Proc. of 21st ACM Conference on Computer and Communications Security (CCS 2014), Scottsdale, Arizona, USA. [PDF]
  • Lei Jin, Balaji Palanisamy, James Joshi and Chao Li, "k-Trustee: Location Injection Attack-resilient Anonymization for Location Privacy", in submission.