Location Privacy in Usage-Based Automotive Insurance: Attacks and Countermeasures

Usage-based insurance (UBI) is regarded as a promising way to provide accurate automotive insurance rates by analyzing the driving behaviors (e.g., speed, mileage, and harsh braking/accelerating) of drivers. The best practice that has been adopted by many insurance programs to protect users' location privacy is the use of driving speed rather than GPS data. However, in this paper, we challenge this approach by presenting a novel speed-based location trajectory inference framework. The basic strategy of the proposed inference framework is motivated by the following observations. In practice, many environmental factors, such as real-time traffic and traffic regulations, can influence the driving speed. These factors provide side-channel information about the driving route, which can be exploited to infer the vehicle's trace. We implement our discovered attack on a public data set in New Jersey. The experimental results show that the attacker has a nearly 60% probability of obtaining the real route if he chooses the top 10 candidate routes. To thwart the proposed attack, we design a privacy preserving scoring and data audition framework that enhances drivers' control on location privacy without affecting the utility of UBI. Our defense framework can also detect users' dishonest behavior (e.g., modification of speed data) via a probabilistic audition scheme. Extensive experimental results validate the effectiveness of the defense framework.