(IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 9, No. 1, 2018 52 | Page www.ijacsa.thesai.org Agent-Based System for Efficient kNN Query Processing with Comprehensive Privacy Protection Mohamad Shady Alrahhal 1 , Maher Khemakhem 2 , Kamal Jambi 3 King Abdulaziz University (KAU) Jeddah, Saudi Arabia Abstract—Recently, location based services (LBSs) have become increasingly popular due to advances in mobile devices and their positioning capabilities. In an LBS, the user sends a range of queries regarding his k-nearest neighbors (kNNs) that have common points of interests (POIs) based on his real geographic location. During the query sending, processing, and responding phases, private information may be collected by an attacker, either by tracking the real locations or by analyzing the sent queries. This compromises the privacy of the user and risks his/her safety in certain cases. Thus, the objective of this paper is to ensure comprehensive privacy protection, while also guaranteeing the efficiency of kNN query processing. Therefore, we propose an agent-based system for dealing with these issues. The system is managed by three software agents (   ,   , and ). The   agent executes a Wise Dummy Selection Location (WDSL) algorithm to ensure the location privacy. The mission of the   agent is integrated with the mission of the   agent, which is to ensure the query privacy based on Left-Right Fragmentation (LRF) algorithm. To guarantee the efficiency of kNN processing, the  agent executes a prediction phase depending on a Cell Based Indexing (CBI) technique. Compared to similar privacy protection approaches, the proposed WDSL and LRF approaches showed higher resistance against location homogeneity attacks and query sampling attacks. In addition, the proposed CBI indexing technique obtains more accurate answers to kNN queries than the previous indexing techniques. Keywords—Agents; attacks; dummies; fragmentation; indexing; privacy protection; resistance I. INTRODUCTION Location Based Services (LBSs) are services that are customized according to the location of the user. In recent years, LBSs have received substantial attention, especially since GPS-enabled devices (such as smart phones) became popular. One of the most important advantages of LBS-enabled applications is their ability to search for the nearest Point of Interests (POIs). Searching for the nearest POIs requires construction of a query on the LBS user side. Table I summarizes the units of the constructed query. TABLE I. GENERAL FORM OF THE LBS QUERY Symbol <X, Y> POI R ID Description Coordinates of the real location Queried interests Queried range The identity of the LBS user Fig. 1. Classical scenario of using LBS applications. As a general example of LBS usage, Fig. 1 illustrates the classical scenario of using LBS-enabled applications based on the query units that are listed in Table I. In Fig. 1, the LBS user constructs a query regarding a desired POI and sends it to the LBS server. Then, the LBS server processes the query and sends back the results. However, this classical scenario involves risk since the LBS user is forced to construct the query based on his/her real geographic location. This risk is directly related to the privacy issue of the LBS user. The reason behind this risk is that an attacker can track the real location of the LBS user [1] or intercept the sent query for analysis purposes [2]. In both cases, the attacker can collect sensitive or personal information about the LBS user, such as customs, habits, religion, or politic leanings. Then, this personal information can be misused to conduct attacks in real life, such as mugging, extortion or stealing. According to [3], these two methods of personal data collection can lead to branches of two kinds of privacy: location privacy and query privacy. Therefore, if we want to achieve full privacy protection, we need to protect these two kinds of privacy. However, achieving comprehensive privacy protection requires protecting the query privacy (in addition to the location privacy) at the sending, processing, and responding levels. Comprehensive LBS privacy protection has not been addressed previously to the best of our knowledge. The queried POI, are either static POIs (such as the nearest hotels, hospitals, or sports clubs in a defined range) or moving POIs (such as the nearest taxis that will enter a defined range). When an LBS user searches for a moving POI, it is referred to as a range query or k-nearest neighbor (kNN) query [4]-[7]. In manipulating kNN queries, two major issues arise: The first is related to ensuring the privacy protection of the kNN queries, which in turn ensures the privacy of the LBS user. The second is related to guaranteeing the accuracy of the retrieved results (i.e., the retrieved locations of the queried moving POI) [8], [9]. Fig. 2 illustrates the uncertainty problem, which is considered a real-time problem.