Next Article in Journal
Optimization of Parameters in Multi-Spot Projection Welding of Thin Aluminized Steel Sheets
Previous Article in Journal
Decoding Emotions from fNIRS: A Survey on Tensor-Based Approaches in Affective Computing and Medical Applications
 
 
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

A Tolerance-Degree-Based Sensitive Area Division Method for Improving Location Privacy Protection of Smart Terminal

1
College of Computer, Electronics and Information, Guangxi University, Nanning 530000, China
2
Guangxi Key Laboratory of Digital Infrastructure, Guangxi Zhuang Autonomous Region Information Center, Nanning 530200, China
*
Author to whom correspondence should be addressed.
Appl. Sci. 2025, 15(19), 10528; https://doi.org/10.3390/app151910528
Submission received: 9 September 2025 / Revised: 25 September 2025 / Accepted: 26 September 2025 / Published: 29 September 2025

Abstract

Due to the subjective nature of sensitive area radius, the effectiveness of current privacy protection strategies is often quite poor. To address this issue, a sensitive area radius design method of smart terminal is proposed by considering the total privacy budget and tolerance degree of adversary inference capabilities. With the increase in the tolerance degree of adversary’s inference capabilities, the sensitive area radius decreases. Based on the division results of the sensitive area, the privacy budgets of smart terminals are allocated separately. Then, a location data perturbation strategy is designed based on the allocated privacy budget and location encoding. Compared with the existing privacy protection strategies, the proposed method is more reasonable, which can improve the effectiveness of location privacy protection strategy. Finally, experimental results based on the real-world dataset show that the proposed algorithm can enhance data utility by 40%.

1. Introduction

With the development of wireless communication technology and mobile sensing technology [1], location-based service (LBS) develops rapidly. To provide a good service, LBS provider often needs to know the geographical location information of the user, which leads to large volumes of mobile location data [2]. Once data stored on third-party service platforms are leaked, the security of user sensitive location information may be seriously endangered [3,4]. Therefore, protecting location privacy in the process of collecting and using user location information has become a central research topic in LBS.
To mitigate location-privacy leakage, various solutions have been proposed in different LBS scenarios [5,6,7]. K-anonymity [8] and pseudonyms [9] are used to hide real user identities in personal query services, which can enable anonymous interaction between clients and servers. However, anonymous sets and pseudonyms are frequently updated due to the high-frequency transmission of location data. Cryptographic-based schemes can prevent adversaries from decoding location data during transmission [10], but they are computationally expensive and have limited practicality. Differential privacy (DP) [11] is proposed as an advanced approach to enhance anonymity by injecting controllable noise, safeguarding location information. Differential privacy is the focus of this paper. Based on the distribution of servers, the technology is mainly categorized into centralized differential privacy (CDP) [12,13,14] and local differential privacy (LDP) [15,16,17,18]. However, the CDP depends on third-party servers, which can expose users to privacy leakage [19]. In contrast, the LDP performs privacy processing on the user side and allows users to protect their location information based on their requirements. Thus, LDP offers stronger and more secure location privacy protection by eliminating the third-party trust assumption, which requires further attention and research.
Usually, a global privacy budget is allocated by traditional LDP to provide uniform privacy protection across all locations [20]. It can lead to insufficient protection in sensitive areas and overprotection in non-sensitive areas, making it difficult to meet diverse privacy requirements [21]. Therefore, location protection, considering privacy preference, deserves more attention. In [22], the loss of location information is used to generate a perturbation radius to protect sensitive locations within the obfuscation area. In [23], a method is proposed to encode and perturb location information based on user-specified sensitive ranges. However, the existing dividing methods of sensitive areas often fail to consider the adversary’s inference capabilities, resulting in inadequate protection for sensitive locations. With the development of mobile communications, a more rational method for sensitive area division to improve location privacy protection deserves further research.
In order to address the above issues, a tolerance-degree-based sensitive area division method (TD-SAD) is proposed, which can provide hierarchical protection while improving data utility. The contributions and content of this paper are as follows:
  • To enhance the local stability of location encoding, a spatial index strategy is designed based on Hilbert curves and Geohash.
  • A tolerance-degree-based sensitive area radius design method is proposed for reasonably adjusting the privacy budget of smart terminal, and the privacy budget is calculated according to the divided sensitive area.
  • To improve the similarity and statistical usability of the encoding, a distribution-aware random response method is designed, which implements a random response mechanism using allocated budgets.
  • The effectiveness of the proposed method is verified by experiments based on the real-world dataset.
The rest of the paper is organized as follows. Section 2 introduces the adversary model based on location privacy protection. Section 3 describes the specific concept of the proposed method. Section 4 theoretically analyzes the security of the proposed method. Experimental results are provided in Section 5. Section 6 concludes this paper and provides some future perspectives.

2. Location Privacy Protection of Smart Terminal

The scenario of the LBS system based on local differential privacy is shown in Figure 1. DP processing is performed locally on user side, and then processed location information is uploaded to the service platform [24,25]. However, location data can be intercepted, captured, attacked, or stolen by external adversaries. Moreover, adversaries can even collude with multiple service providers to aggregate users’ location information across sources. Consequently, DP is deployed entirely on the user side, and the service provider is treated as an honest-but-curious participant.
A uniform explanation of the mathematical symbols defined and used is provided in Table 1 for subsequent understanding in the paper.

3. A Tolerance-Degree-Based Sensitive Area Division Method

3.1. Proposed Tolerance-Degree-Based Sensitive Area Division Method

The model of the proposed TD-SAD is shown in Figure 2, which comprises three components: location encoding, privacy budget allocation, and location perturbation. The core ideas are (i) encoding the location data as a bit string; (ii) partitioning the geographical space into sensitive and non-sensitive areas; and (iii) designing a distribution-aware random response. Both the perturbation probabilities and privacy budget allocation are adjusted dynamically according to different sensitive areas. After obtaining the real locations, the original data are processed under LDP with the privacy requirements of user.

3.2. Location Encoding Based on Hilbert Space Filling

Space filling curves can be used to map the d-dimensional space into a one-dimensional space [26]. A major characteristic of Hilbert curve is that points that are adjacent in the plane tend to be close along the curve. The first-order Hilbert curve is shown in Figure 3a, which divides the 2D space into four uniform subgrids and labels the quadrants sequentially. As shown in Figure 3b, higher-order Hilbert curves are generated recursively by splitting the grid and rotating the curve.
For a given location coding accuracy p and bit number b, the total bits B used for coding is determined by,
B = p   ×   b
According to (1), the order division h of Hilbert curve can be calculated by,
h = B 2
For a given planar domain, the uniform grid size of Hilbert curve N at order h can be determined by:
N   =   2 h  
Geohash [27] is an efficient method of encoding. Usually, Z-order fill curves are used in traditional Geohash, which preserves only partial order. In order to solve this problem, Hilbert curve with an order-preserving nature is used to replace Z-order curves to connect spatial points. Specifically, the longitude is bound to [−180, 180], and the latitude is bound to [−90, 90]. At each step, the current interval is bisected. If the longitude exceeds the midpoint, the longitude bit is set to 1; otherwise, it is set to 0. Latitude is encoded in a similar way until the desired accuracy or encoding length is reached. Finally, the longitude code is placed at even positions, and the latitude code is placed at odd positions.
As shown in Figure 4, the blue numbers represent the longitude code of the location, and the red numbers represent the latitude code. Following the alternating rule above, the location (104.0638546, 30.6599157) is encoded as {11100100110011010100}.

3.3. Budget Allocation

The location protection mechanism based on DP is related to the allocation of privacy budget [28]. Uniform allocation of privacy budget can over-perturb codes in non-sensitive areas while under-perturbing codes in sensitive areas, failing to meet different privacy needs. Therefore, a sensitive area radius is designed based on the total privacy budget and tolerance degree of the adversary’s inference capabilities to divide into sensitive areas. According to Geo-Indistinguishability, the distance distortion r between actual location and the perturbed location of a user is determined by [29]:
r   =   1 ε total ( W 1 ( τ 1 e ) + 1 )  
where   ε total   is the total privacy budget, W 1 ( τ 1 e ) is the Lambert function, and τ is a random number between [0, 1].
Let ρ∈(0,1) denote the tolerance degree of the adversary’s inference capabilities, i.e., the upper-bound probability that an adversary predicts the real location lies within the sensitive area, then the sensitivity area radius R based on (4), is determined by:
R   =   1 ε total ( W 1 ( ρ 1 e ) + 1 )

3.3.1. Privacy Allocation Outside Sensitive Areas

When a user is outside the sensitive area, the real location of the user is far from the sensitive location, which indicates low privacy sensitivity. Thus, the privacy budget can be allocated directly according to the proportion of distance. The allocation model is determined by:
ε i ( out ) = D i , j i = 1 m j = 1 M D i , j ε total
where ε i ( out ) is the privacy budget allocated to the i-th real location outside the sensitive area, Di,j is the distance from the i-th service request point to its nearest j-th sensitive location, and m represents the total number of service request points. M represents the total number of sensitive location points set by the user.
According to (6), the allocated privacy budget varies with distance, as shown in Figure 5. As can be seen, the closer the original location is to the sensitive location, the less privacy budget is allocated. In particular, the allocated privacy budget is close to 0 when passing through a sensitive location, since the noise amplitude in DP is inversely proportional to privacy budget. A privacy budget tending to 0 indicates the addition of infinite noise, which can cause service failure on the smart terminal.

3.3.2. Privacy Allocation in Sensitive Areas

If the real location is within a sensitive area, the privacy requirement is high. Given the sensitive location and the sensitive radius R, a circular region centered on the sensitive location with radius R is generated. The remaining external privacy budget is evenly distributed to other locations within the sensitive area:
ε i ( in )   =   ε total ε i ( out ) n  
where ε i ( in ) is the privacy budget value allocated to the location i of the user currently in the sensitive region, and n is the total number of sensitive locations contained within the sensitive area.

3.4. Perturbation Mechanism Based on Random Response

The fixed conditional probability is used by traditional random response mechanisms [30] to perturb the original data, resulting in significant differences between the results. In order to preserve the similarity of the target data before and after disturbance, a distribution-aware random response method is designed based on the original distribution characteristics of the data.
The random perturbation of sensitive data may be abstracted as follows: assume that the data x of the data provider comes from X = {0,1}, and the perturbation result comes from Y = {0,1}. The u i   is the distribution proportion of element i (i∈{0,1}) in the original data, where   0 u i 1 and   u 0 + u 1   =   1 . The conditional probability that the output data is j when the input data is i is assumed to be P ij i ,   j 0 , 1 . The design perturbation matrix is   P   = P 00 P 01 P 10 P 11 , where   0     P i , j     1 , P 00   +   P 01   =   1 and P 10   +   P 11   =   1 . Therefore, the utility of data can be measured by the mathematical expectation of the perturbed output data relative to the original input data, which is determined by:
E   =   P 00   ×   u 0   +   P 11   ×   u 1
Then, a linear programming approach is employed to maximize mathematical expectation, where the constraints are established as follows:
1 P 11     e ε P 00 1 P 00 e ε P 11 P 00 e ε ( 1 P 11 ) P 11   e ε ( 1 P 00 ) 0 P 00 , P 11 1
With vertices A (0,1), B ( e ε 1 + e ε , e ε 1 + e ε ), C (1,0), and D ( 1 1 + e ε , 1 1 + e ε ), the feasible domain of the random response model (8) is shown in Figure 6.
Depending on the optimal solution of mathematical expectation, the following three situations can be drawn:
  • When u 0 u 1     1   e ε , the optimal solution for the mathematical expectation in Equation (3) is point A with P00 = 0 and P11 = 1, the perturbation matrix can be designed as   P   = 0 1 0 1 .
  • When 1 e ε < u 0 u 1 < e ε , the optimal solution is point B. The optimal value of the mathematical expectation is e ε 1 + e ε , so the perturbation matrix can be designed as P = e ε 1 + e ε 1 1 + e ε 1 1 + e ε e ε 1 + e ε .
  • When u 0 u 1 e ε , the optimal solution is point C, with P00 = 1 and P11 = 0, so the perturbation matrix can be designed as   P   = 1 0 1 0 .
Let b j   be the j-th bit of the original location code, and b j be the perturbed location code. The u 0 and u 1 represent the distribution proportion of elements 0 and 1 in the code. With the perturbation matrix P analyzed above, the encoding is perturbed by selecting the following probability formula [31]:
Pr b j = b j =   1 ,   b j = 1 0 ,   b j = 0                       ,   i f   u 0 u 1 e - ε e ε 1 + e ε ,   b j = 1   or   0   1 1 + e ε ,   b j = 1   or   0   ,   i f   e - ε < u 0 u 1 < 1 ,   b j = 0   0 ,   b j = 1                         ,   i f   u 0 u 1 e - ε e ε
Suppose a sample of location encoding has a distribution of 0 s and 1 s such that u 0   = 0.3 and u 1 = 0.7, with an allocated privacy budget of 0.5. Since u 0 u 1 e - ε , the conditional probability matrix   P   = 0 1 0 1 is selected for the perturbation (i.e., the first case in Equation (10)), where the probabilities for P01 and P11 are both 1. Regardless of the input is b j   = 0 or   b j   = 1, the probability of outputting Pr b j = 1 is 1.

4. Privacy Protection Security Analysis

LDP is a privacy protection model strictly proved by mathematical reasoning [32,33]. The formula is used to prove that the proposed TD-SDA method satisfies the requirement of ε-local differential privacy.
The original location is encoded as L, and perturbed location is encoded as L′. L ( b j ) and L   ( b j ) represent the original and perturbed codes of j-th bit. According to the combined characteristics of local differential privacy, the following equation holds:
Pr L | L   =   Pr L b j   =   1 | L b j
Similarly, for another location code L * , the following equation holds:
Pr L | L *   =   P r L b j = 1 | L * b j
Then,
Pr L | L Pr L | L * = Pr L b j = 1 | L b j Pr L b j = 1 | L * b j
max   Pr L b j = 1 | L b j min   Pr L b j = 1 | L * b j
= Pr L b j = 1 | L b j = 1 Pr L b j = 1 | L * b j = 0
= e ε 1 + e ε 1 1 + e ε = e ε
Based on the above analysis and the definition of local differential privacy, TD-SDA satisfies ε-local differential privacy. Usually, adversaries can monitor data and intercept information during communication [34]. Therefore, threats are categorized into three types for security analysis combined with TD-SAD.
  • Parameter Inference: adversaries can infer location encoding and decoding methods based on the obtained parameters of grid partitioning and location encoding. But the information does not reveal the specific location of user, which protects the privacy.
  • Request Interception: adversaries can infer the service location by intercepting location service requests. But the information obtained is the perturbed location, which does not involve privacy information. The protectiveness of response interception is similar to case 2.
  • Collusive service providers: multiple providers can share and jointly analyze acquired location information. But the accessed information is the sum of several privacy perturbations. Moreover, stronger perturbation is used by TD-SAD in sensitive areas, further reducing the success rate of adversaries in re-identification.

5. Experimentation and Analysis

5.1. Experimental Data

A real-world dataset from Gowalla [35] was used, which comprised a total of 1,280,969 location points and labeled each location with the user ID, latitude, and longitude.

5.2. Experimental Methods

Our experiments run on an Intel (R) Core (TM) i5-9300H CPU 2.40 GHz machine with Windows 10 operating system and implemented in Python 3.8. To verify the progressiveness of the proposed strategy, the algorithms of DPL-Hc [17] and LDPHC [23] are compared and implemented in the same experimental environment. In algorithm [17], an advanced Laplace mechanism was used to achieve global perturbation of location coding. In algorithm [23], the W-RR perturbation mechanism was used to perturb the Huffman location coding.
Noise is introduced to perturb the location data, which results in a loss of location data quality. In order to evaluate the privacy and effectiveness of the proposed method, indicator for Qos loss was introduced from [36]. In addition, to evaluate the accuracy of the statistical analysis performed by the server based on the disturbance location, the mean absolute error (MAE) and root mean square error (RMSE) were used.

5.3. Practical Utility in LBS Scenarios Based on TD-SAD Method

Location-based proximity discovery is a typical application in LBS, which is used to find interactive targets of the current user location within a distance. A total of 40 check-in samples taken at 7:00 a.m. and 5:00 p.m. were selected based on Gowalla as the service request points for users. The 10% locations from the sample were selected as sensitive locations. Considering data utility, ρ was set to 0.8, and ε was set to 1. The distance was set to [50, 100, 150]. To evaluate the practicality of the proposed TD-SAD, recall rec and discovery precision prec were used as indicators. The user set is UT. For any queried user uUT, the recall rec and discovery precision prec are determined by:
r e c u =   S u o r i g S u p e r t S u o r i g
p r e c u = S u o r i g S u p e r t S u p e r t
where S u o r i g denotes the actual neighborhood, and S u p e r t denotes the perturbation neighborhood.
The Gowalla dataset used in this paper dates back to 2010, which may limit the generalizability of the results to modern, denser mobility data. Thus, experiments were further conducted based on the Foursquare [37] dataset to validate the practical utility of the TD-SAD method in LBS scenarios. Specifically, 50 check-in samples based on Foursquare were selected as the experimental validation set.
The recall and discovery precision of each method under different distances are shown in Table 2 and Table 3. Overall, LDPHC outperformed DPL-Hc in most settings. This is an advantage because DPL-Hc applied a widespread noise mechanism directly to grid index, resulting in larger deviations before and after perturbation. In contrast, LDPHC disturbed only a single random bit, which had a better perturbation result. The proposed TD-SAD considered the similarity of the 0/1 bits distribution probabilities before and after perturbation and further confined the perturbation to the vicinity of the original area based on hierarchical perturbation. Thus, the preferment of TD-SAD was demonstrably better than other comparative methods. The experimental results verified that the proposed method improves data usability while providing privacy protection.

5.4. Relative Error of Range Query

Local differential privacy processing causes a deviation in the location uploaded to the server, which leads to a decrease in data availability. Therefore, the location data availability is measured by calculating the relative error between the query results of the real location dataset and the disturbed location dataset. The relative error of the count range query can be defined as:
Relative   error   ( C )   =   | Q ~ ( C ) Q ( C ) | Q ( C )
where C is the query range,   Q ( C )   is the query result on the real location dataset, and   Q ~ C   is the query result on the perturbed location dataset.
The privacy budget parameter ε was set to [0.4~2.0] with an interval of 0.4 during the experiments. The query ranges C were set to 25%, 50%, and 85%. By setting experimental constraints covering different ranges, the performance of each privacy protection mechanism in the corresponding query range was evaluated.
The location was out of the current range caused by random perturbation, resulting in relative errors. Figure 7 shows the relative error results of the three location privacy protection strategies under the different ranges of the query. As can be seen from Figure 7, the relative error of TD-SAD decreased by 30%, 25%, and 15%, respectively, as the range increased from 25% to 85%. TD-SAD combined spatial clustering based on Hilbert curves and differentiated privacy budget allocation, constraining the perturbations of non-sensitive locations to remain near the original positions, thus offsetting the bias introduced by perturbations in sensitive areas.

5.5. Quality Loss of Proposed TD-SAD Method

Figure 8 shows the impact of the three location privacy protection strategies under different location scales when the privacy budget ε was 1. Seen from Figure 8, the Mean absolute error, Root mean square error, and the Qos loss of each method increased with the increased of position data. But the TD-SDA experimental data recorded the minimum values. The reason is that TD-SAD improves the perturbation method by using differentiated perturbation approaches for different encodings. It maximizes the probability of similarity between data before and after perturbation, which minimizes the statistical error result.

5.6. Accuracy of Location Data Aggregation

The experimental results of Figure 9 show that the MAE and RMSE of TD-SAD can be stabilized at 30 and 190. The reason is that the proposed TD-SAD designed a distribution-aware random response mechanism to disturb locations while preserving spatial clustering properties, which can improve the coding of distribution proportion imbalances.

5.7. Runtime of the Proposed TD-SAD Method

To validate the operational efficiency, the runtime of the encoding module and the perturbation module was compared under different locations numbers. The privacy budget ε for the experiment was 1. In addition, the runtime for allocating the privacy budget was taken into account within the encoding.
Figure 10 shows the variation in runtime of the encoding module, the perturbation module, and their combination with different data sizes. As the number of locations increases, the runtime of the TD-SAD increases accordingly. But the time cost is maintained at the millisecond level. As can be seen from Figure 10, the runtime of the encoding module exceeds that of the perturbation. The reason is that each location is traversed in the encoding module to allocate the corresponding privacy budget based on the divided sensitive area. The perturbation module needed only to select a perturbation probability based on the distribution of the encoded bits to perform a random response mechanism.

6. Conclusions

In this paper, a tolerance-degree-based sensitive area division method is proposed for improving the location privacy protection of smart terminals. Sensitive areas are divided based on the total privacy budget and the tolerance degree of adversary inference capabilities. Compared to traditional location privacy protection, the proposed TD-SAD offers more secure hierarchical protection based on divided sensitive zones. Owing to a distribution-aware perturbation strategy, the proposed TD-SAD can obtain better data utility after perturbation. In future research, we will conduct more in-depth studies on location privacy protection using more novel and richer datasets.

Author Contributions

Conceptualization, Y.L. and X.L.; Methodology, Y.L. and X.L.; Software, Y.L.; Validation, Y.L.; Data Curation, Y.L.; Writing—Original draft, Y.L. and X.L.; Writing—Review and Editing, Y.L. and G.L.; Supervision, J.C. All authors have read and agreed to the published version of the manuscript.

Funding

This work was supported by the National Natural Science Foundation of China (Grant No. 62402124), Open Project Program of Guangxi Key Laboratory of Digital Infrastructure (Grant No. GXDINBC202402), Guangxi Science and Technology Base and Talent Project (Grant No. GuikeAD23026160), and Guangxi Natural Science Foundation (Grant No. 2025GXNSFBA069283).

Data Availability Statement

The data supporting this study’s findings are available from the corresponding author, G.L., upon reasonable request.

Conflicts of Interest

The authors declare no conflicts of interest.

References

  1. Lashkari, B.; Rezazadeh, J.; Farahbakhsh, R.; Sandrasegaran, K. Crowdsourcing and sensing for indoor localization in IoT: A review. IEEE Sens. J. 2019, 19, 2408–2434. [Google Scholar] [CrossRef]
  2. Su, Y.; Li, X.; Tang, W.; Xiang, J.; He, Y. Next Check-in Location Prediction via Footprints and Friendship on Location-Based Social Networks. In Proceedings of the 19th IEEE International Conference on Mobile Data Management (MDM), Aalborg, Denmark, 25–28 June 2018; pp. 251–256. [Google Scholar]
  3. Kim, J.W.; Kim, J.S.; Chung, Y.D.; Jang, B. A Survey of differential privacy-based techniques and their applicability to location-Based services. Comput. Secur. 2021, 111, 102464. [Google Scholar] [CrossRef]
  4. Boussada, R.; Hamdane, B.; Kamoun, F.; Saidane, L.A. Surveying and Analyzing Privacy Issues in Contact tracing apps. In Proceedings of the 10th IFIP International Conference on Performance Evaluation and Modeling in Wireless and Wired Networks (PEMWN), Waterloo, ON, Canada, 23–25 November 2021; pp. 1–5. [Google Scholar]
  5. Andrs, M.E.; Bordenabe, N.E.; Chatzikokolakis, K.; Palamidessi, C. Geo-indistinguishability: Differential privacy for location-based systems. In Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, Berlin, Germany, 4–8 November 2013; pp. 901–914. [Google Scholar]
  6. Wang, W.; Wang, Y.; Duan, P.; Liu, T.; Tong, X.; Cai, Z. A Triple Real-Time Trajectory Privacy Protection Mechanism Based on Edge Computing and Blockchain in Mobile Crowdsourcing. IEEE Trans. Mob. Comput. 2023, 22, 5625–5642. [Google Scholar] [CrossRef]
  7. Cao, T.; Yin, R.; Zhu, L.; Xu, Z. Survey of Personalized Location Privacy Protection Technologies. Comput. Sci. 2025, 52, 307–321. [Google Scholar]
  8. Zhang, S.; Hu, B.; Liang, W.; Li, K.C.; Gupta, B.B. A Caching-Based Dual K-Anonymous Location Privacy-Preserving Scheme for Edge Computing. IEEE Internet Things J. 2023, 10, 9768–9781. [Google Scholar] [CrossRef]
  9. Hu, P.; Chu, X.; Zuo, K.; Ni, T.; Xie, D.; Shen, Z. Security-Enhanced Data Sharing Scheme with Location Privacy Preservation for Internet of Vehicles. IEEE Trans. Veh. Technol. 2024, 73, 13751–13764. [Google Scholar] [CrossRef]
  10. Men, H.; Cao, L.; Zheng, G.; Li, Y.; Ma, H. LBS privacy protection scheme based on sparse user environment of VANET. Appl. Res. Comput. 2024, 41, 2831–2838. [Google Scholar]
  11. Dwork, C. Differential privacy. In Encyclopedia of Cryptography and Security; van Tilborg, H.C.A., Jajodia, S., Eds.; Springer: Berlin/Heidelberg, Germany, 2011. [Google Scholar]
  12. Zhang, Q.; Zhang, X.; Wang, M.; Li, X. DPLQ: Location-based service privacy protection scheme based on differential privacy. IET Inf. Secur. 2021, 15, 442–456. [Google Scholar] [CrossRef]
  13. Zhang, X.; Wang, J.; Zhang, H.; Li, L.; Pan, M.; Han, Z. Data-Driven Transportation Network Company Vehicle Scheduling With Users’ Location Differential Privacy Preservation. IEEE Trans. Mob. Comput. 2023, 22, 813–823. [Google Scholar] [CrossRef]
  14. Tao, Y.; Wang, T.; Qiang, Y.; Shen, L.; Chen, F.; Zhao, C. A differential privacy location protect approach with intelligence data collection paradigm for MCS. Compu. Netw. 2024, 247, 110421. [Google Scholar] [CrossRef]
  15. Wang, T.; Tao, Y.; Zhang, Q.; Xu, N.; Chen, F.; Zhao, C. Group Coding Location Privacy Protection Method Based on Differential Privacy in Crowdsensing. IEEE Internet Things J. 2024, 11, 28398–28408. [Google Scholar] [CrossRef]
  16. Wang, H.; Hong, H.; Xiong, L.; Qin, Z.; Hong, Y. L-SRR: Local differential privacy for location-based services with staircase randomized response. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Los Angeles, CA, USA, 7–11 November 2022; pp. 2809–2823. [Google Scholar]
  17. Navidan, H.; Moghtadaiee, V.; Nazaran, N.; Alishahi, M. Hide me Behind the Noise: Local Differential Privacy for Indoor Location Privacy. In Proceedings of the 2022 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Genoa, Italy, 6–10 June 2022; pp. 514–523. [Google Scholar]
  18. Wang, J.; Wang, F.; Li, H. Differential privacy location protection scheme based on Hilbert curve. Secur. Commun. Netw. 2021, 2021, 5574415. [Google Scholar] [CrossRef]
  19. Primault, V.; Boutet, A.; Mokhtar, S.B.; Brunie, L. The Long Road to Computational Location Privacy: A Survey. IEEE Commun. Surv. Tuts. 2019, 21, 2772–2793. [Google Scholar] [CrossRef]
  20. Min, M.; Zhu, H.; Li, S.; Zhang, H.; Xiao, L.; Pan, M. Semantic Adaptive Geo-Indistinguishability for Location Privacy Protection in Mobile Networks. IEEE Trans. Veh. Technol. 2024, 73, 9193–9198. [Google Scholar] [CrossRef]
  21. Song, H.; Shen, H.; Zhao, N.; He, Z.; Wu, M.; Xiong, W. APLDP: Adaptive personalized local differential privacy data collection in mobile crowdsensing. Comput. Secur. 2024, 136, 103517–103531. [Google Scholar] [CrossRef]
  22. He, Y.; Zhang, J.; Shuai, L.; Luo, J.; Yang, X.; Sun, Q.T. A Personalized Secure Publishing Mechanism of the Sensing Location Data in Crowdsensing Location-Based Services. IEEE Sens. J. 2021, 21, 13628–13637. [Google Scholar] [CrossRef]
  23. Yan, Y.; Lyu, Y.; Li, F. Local Differential Privacy Location Protection for Mobile Terminals Based on Huffman Coding. J. Jisuanji Kexue Yu Tansuo 2025, 19, 802–817. [Google Scholar]
  24. Jiang, H.; Li, J.; Zhao, P.; Zeng, F.; Xiao, Z.; Iyengar, A. Location privacy-preserving mechanisms in location-based services: A comprehensive survey. ACM Comput. Surv. 2022, 54, 1–36. [Google Scholar] [CrossRef]
  25. Ye, Q.; Meng, X.; Zhu, M.; Zheng, H. Survey on local differential privacy. J. Softw. 2017, 29, 1981–2005. [Google Scholar]
  26. Lian, H.; Qiu, W.; Yan, D.; Guo, J.; Li, Z.; Tang, P. Privacy-preserving spatial query protocol based on the Moore curve for location-based service. Comput. Secur. 2020, 96, 101845. [Google Scholar] [CrossRef]
  27. Geohash Converter. 2023. Available online: https://geohash.jorren.nl/ (accessed on 28 April 2024).
  28. Zhao, Y.; Du, J.; Chen, J. Scenario-based Adaptations of Differential Privacy: A Technical Survey. ACM Comput. Surv. 2024, 56, 1–39. [Google Scholar] [CrossRef]
  29. Xu, C.; Luo, L.; Ding, Y.; Zhao, G.; Yu, S. Personalized Location Privacy Protection for Location-Based Services in Vehicular Networks. IEEE Wirel. Commun. Lett. 2020, 9, 1633–1637. [Google Scholar] [CrossRef]
  30. Warner, S.L. Randomized response: A survey technique for eliminating evasive answer bias. J. Am. Sta. Assoc. 2012, 60, 63–69. [Google Scholar]
  31. Zhou, Y.; Lu, L.; Wu, Z. Study on utility optimization for randomized response mechanism. J. Commun. 2019, 40, 74–81. [Google Scholar]
  32. Zhao, Y.; Chen, J. Vector-Indistinguishability: Location Dependency Based Privacy Protection for Successive Location Data. IEEE Trans. Comput. 2024, 73, 970–979. [Google Scholar] [CrossRef]
  33. Ju, Z.; Li, Y. V2V-ESP: Vehicle-to-Vehicle Energy Sharing Privacy Protection Scheme Based on SDP Algorithm. IEEE Trans. Netw. Sci. Eng. 2024, 11, 1093–1105. [Google Scholar] [CrossRef]
  34. Zhu, X.; Lin, L.; Huang, Y.; Wang, X.; Que, Y.; Jedari, B. Secure Data Transmission Based on Reinforcement Learning and Position Confusion for Internet of UAVs. IEEE Internet Things J. 2024, 11, 21010–21020. [Google Scholar] [CrossRef]
  35. PoI Data Sample. 2020. Available online: https://snap.stanford.edu/data/loc-gowalla.html (accessed on 14 June 2024).
  36. Min, M.; Xiao, L.; Ding, J.; Zhang, H.; Li, S.; Pan, M.; Han, Z. 3D geo-indistinguishability for indoor location-based services. IEEE Trans. Wirel. Commun. 2022, 21, 4682–4694. [Google Scholar] [CrossRef]
  37. Su, Y.; Li, X.; Liu, B.; Zha, D.; Xiang, J.; Tang, W.; Gao, N. FGCRec: Fine-Grained Geographical Characteristics Modeling for Point-of-Interest Recommendation. In Proceedings of the ICC 2020–2020 IEEE International Conference on Communications (ICC), Dublin, Ireland, 7–11 June 2020; pp. 1–6. [Google Scholar]
Figure 1. Location privacy protection of smart terminal.
Figure 1. Location privacy protection of smart terminal.
Applsci 15 10528 g001
Figure 2. The model of the proposed TD-SAD.
Figure 2. The model of the proposed TD-SAD.
Applsci 15 10528 g002
Figure 3. (a) First-order Hilbert curve; (b) Higher-order Hilbert curve.
Figure 3. (a) First-order Hilbert curve; (b) Higher-order Hilbert curve.
Applsci 15 10528 g003
Figure 4. Code of latitude and longitude.
Figure 4. Code of latitude and longitude.
Applsci 15 10528 g004
Figure 5. Relationship between privacy budget and location distance.
Figure 5. Relationship between privacy budget and location distance.
Applsci 15 10528 g005
Figure 6. Feasible domain of the optimization model (ε = 0.5).
Figure 6. Feasible domain of the optimization model (ε = 0.5).
Applsci 15 10528 g006
Figure 7. (a) The relative error under query range of 25%; (b) The relative error under query range of 50%; (c) The relative error under query range of 85%.
Figure 7. (a) The relative error under query range of 25%; (b) The relative error under query range of 50%; (c) The relative error under query range of 85%.
Applsci 15 10528 g007
Figure 8. (a) The Mean absolute error under different number of locations; (b) The Root mean square error under different number of locations; (c) The Qos loss under different number of locations.
Figure 8. (a) The Mean absolute error under different number of locations; (b) The Root mean square error under different number of locations; (c) The Qos loss under different number of locations.
Applsci 15 10528 g008
Figure 9. (a) The MAE under different privacy budgets; (b) The RMSE under different privacy budgets.
Figure 9. (a) The MAE under different privacy budgets; (b) The RMSE under different privacy budgets.
Applsci 15 10528 g009
Figure 10. The runtime under different number of locations.
Figure 10. The runtime under different number of locations.
Applsci 15 10528 g010
Table 1. The commonly used notations.
Table 1. The commonly used notations.
SymbolDescription
εPrivacy budget
PrPerturbation probability
Pi,jConditional probability that the output data is j when the input data is i
uiProportion of element i in the total data
RSensitive area radius
Di,jDistance from original location i to the nearest sensitive location j
LEncoding of the original location
LEncoding of the original position after perturbation
L(bj)The bit j of the original code
L(bj′)′The bit j of the perturbation code
Table 2. Recall and discovery precision of different methods based on Gowalla.
Table 2. Recall and discovery precision of different methods based on Gowalla.
Method50100150
RecallPrecisionRecallPrecisionRecallPrecision
DPL-Hc in [17]0.30000.42150.49940.56130.78980.7428
LDPHC in [23]0.34040.23310.71530.59330.82840.6953
The Proposed TD-SAD0.62490.59300.73160.71730.86230.7973
Table 3. Recall and discovery precision of different methods based on Foursquare.
Table 3. Recall and discovery precision of different methods based on Foursquare.
Method50100150
RecallPrecisionRecallPrecisionRecallPrecision
DPL-Hc in [17]0.47070.56000.51550.50980.64650.6136
LDPHC in [23]0.49870.58080.63840.63230.68040.6701
The Proposed TD-SAD0.60830.60240.66000.65330.74040.7489
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Liu, X.; Lu, Y.; Chen, J.; Li, G. A Tolerance-Degree-Based Sensitive Area Division Method for Improving Location Privacy Protection of Smart Terminal. Appl. Sci. 2025, 15, 10528. https://doi.org/10.3390/app151910528

AMA Style

Liu X, Lu Y, Chen J, Li G. A Tolerance-Degree-Based Sensitive Area Division Method for Improving Location Privacy Protection of Smart Terminal. Applied Sciences. 2025; 15(19):10528. https://doi.org/10.3390/app151910528

Chicago/Turabian Style

Liu, Xiao, Yingchi Lu, Jining Chen, and Gaoxiang Li. 2025. "A Tolerance-Degree-Based Sensitive Area Division Method for Improving Location Privacy Protection of Smart Terminal" Applied Sciences 15, no. 19: 10528. https://doi.org/10.3390/app151910528

APA Style

Liu, X., Lu, Y., Chen, J., & Li, G. (2025). A Tolerance-Degree-Based Sensitive Area Division Method for Improving Location Privacy Protection of Smart Terminal. Applied Sciences, 15(19), 10528. https://doi.org/10.3390/app151910528

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop