(IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 10, No. 2, 2019 88 | Page www.ijacsa.thesai.org Ensuring Privacy Protection in Location-based Services through Integration of Cache and Dummies Nisreen Innab 1 , Sara Alaradi 2 Department of Information Security Naif Arab University for Security Sciences Riyadh, Kingdom of Saudi Arabia Abstract—Location-Based Services (LBS) have recently gained much attention from the research community due to the openness of wireless networks and the daily development of mobile devices. However, using LBS is not risk free. Location privacy protection is a major issue that concerns users. Since users utilize their real location to get the benefits of the LBS, this gives an attacker the chance to track their real location and collect sensitive and personal information about the user. If the attacker is the LBS server itself, privacy issues may reach dangerous levels because all information related to the user's activities are stored and accessible on the LBS server. In this paper, we propose a novel location privacy protection method called the Safe Cycle-Based Approach (SCBA). Specifically, the SCBA ensures location privacy by generating strong dummy locations that are far away from each other and belong to different sub-areas at the same time. This ensures robustness against advanced inference attacks such as location homogeneity attacks and semantic location attacks. To achieve location privacy protection, as well as high performance, we integrate the SCBA approach with a cache. The key performance enhancement is storing the responses of historical queries to answer future ones using a bloom filter-based search technique. Compared to well-known approaches, namely the ReDS, RaDS, and HMC approaches, experimental results showed that the proposed SCBA approach produces better outputs in terms of privacy protection level, robustness against inference attacks, communication cost, cache hit ratio, and response time. Keywords—Privacy protection; dummy; cache; safe cycle; location homogeneity attack; semantic location attack I. INTRODUCTION Recently, the world has witnessed the birth of what is called the Internet of Things (IoT) [1, 2, 3], in which scientists have moved towards smart cities and smart systems that are supported by smart Location-Based Services (LBS) [4, 5]. Smart LBS are considered one of the most important backbones of the IoT. However, similar to other research fields, the IoT research field has issues and challenges that should be answered. Privacy protection in smart LBS is one of the most important issues and challenges [6, 7]. To identify the problem, the following figure illustrates the general (or classical) scenario of smart LBS usage. As shown in Fig. 1, the LBS user constructs a query based on his or her real location, and the query is processed at the LBS server site. The result will then be sent back to the LBS user. Since the LBS server can store information related to the user's activities, it is easy to track the user's real location and extract personal and sensitive information about the user (such as interests, customs, health, religious and political relationships). This, in turn, means that the LBS server can act as a hacker (i.e., malicious party) to attack the privacy of the user. In this research, we address the privacy protection of the LBS user by protecting the real location against the LBS server. The research questions are:  How to ensure the privacy protection of the LBS user by protecting the real location [7, 8, 9]?  Since the LBS server can apply inference attacks such as semantic location attacks [10,11,12] and homogeneity location attacks [13], how to ensure the robustness against these kinds of inference attacks?  How to ensure the performance of the system by enhancing the response time of the query? To guarantee the location privacy of the LBS users, we can surround the real location of the LBS user by some dummy locations, so that the server cannot recognize the real location among the dummies. In general, the contribution of this paper is as follows:  In responding to the first research question, we propose a novel dummy-based approach to protect the location privacy of LBS users. Depending on the query probability, our proposed approach selects (or generates) dummy locations that ensure the highest privacy protection level according to an entropy privacy metric.  In responding to the second research question, in terms of generating strong dummy locations, the proposed approach creates defenses against both the location homogeneity attack and the semantic location attack based on a safe cycle.  In responding to the third research question, the proposed approach integrates with the cache, which is represented by an access point, to enhance the overall system performance by serving future queries.