Trajectory datasets collected by network operators and service providers contain incredibly rich signals about individual mobility. This richness powers research and commercial services, but it also makes trajectories highly identifying: even short movement traces can be unique, and simple countermeasures such as pseudonymization do little to mitigate re-identification risks.

Local Differential Privacy (LDP) is a powerful framework that provides strong, formal privacy guarantees without requiring a trusted curator. This makes it an attractive approach for privacy-preserving data collection and analysis across distributed systems. However, despite decades of research, practitioners often struggle with a fundamental challenge: how do you actually tune LDP parameters in practice?

How should DNS work for billions of IoT devices—and how do we ensure it does so securely and privately?

What does it take to re-identify 100,000 “anonymous” users? In our latest study, we show that anonymized human mobility data isn’t as safe as it seems. By leveraging subtle patterns in location density, movement structure, and temporal activity, we were able to reverse-engineer real trajectories of users at a national scale in Japan.

QR codes are pervasive in modern digital interactions, but despite their convenience, they pose significant privacy risks that are often underestimated. For instance, privacy issues escalate when scanned URLs trigger HTTP redirections involving QR URL shorteners and third-party domains, exposing user data to external entities. However, a comprehensive study of the privacy implications of QR code interactions concerning cookie exploitation and query strings remains lacking in the literature.

Wi-Fi is one of the most notable and prevalent wireless technologies today. Smartphones and other Wi-Fi-enabled devices find nearby networks using management frames known as probe-requests. In this paper, we infer the state of smartphones by passively monitoring their transmitted probe-requests.

WiFi-based crowdsensing is a major source of data in a variety of domains such as human-mobility, pollution-level estimation, and, opportunistic networks. MAC randomisation is a backbone for preserving user-privacy in WiFi, as devices change their identifiers (MAC addresses).

With growing privacy concerns over the last decade, two of the most notable wireless technologies – i.e., BLE and WiFi – are being more and more investigated in terms of privacy vulnerabilities.

NemFi is a record-and-replay emulator that captures traces representing real WiFi conditions, and later replay these traces to reproduce the same conditions.