https://hdl.handle.net/20.500.12761/2 Fri, 27 Mar 2026 23:37:35 GMT 2026-03-27T23:37:35Z https://hdl.handle.net/20.500.12761/2018 k-scale: k-Anonymizing Millions of Trajectories Mishra, Abhishek Kumar; Fiore, Marco Trajectory datasets collected by network operators and service providers offer detailed information about individual mobility and have wide application in business and research. However, managing such data raises privacy risks, as the unique movement patterns of individuals pose significant re-identification risks and make common countermeasures like pseudonymization ineffective. The privacy-preserving data publishing (PPDP) of trajectory datasets that maintains post-anonymization accuracy and truthfulness is an open problem–especially for large datasets with millions of records like those gathered by major actors in the telco ecosystem. We close this gap with k-scale, a framework that implements k-anonymity in massive mobile user trajectory datasets, removing uniqueness while safeguarding accuracy at the record level. Not only k-scale is the first model capable of scaling k-anonymization to a dataset of one million trajectories, but it does so while also outperforming state-of-the-art methods for trajectory data publishing in terms of preserved data quality, which we prove in real-world massive datasets and applications. Fri, 01 May 2026 00:00:00 GMT https://hdl.handle.net/20.500.12761/2018 2026-05-01T00:00:00Z https://hdl.handle.net/20.500.12761/2017 On the Scalability of Access and Mobility Management Function: The Localization Management Function Use Case Scotece, Domenico; Santaromita, Giuseppe; Fiandrino, Claudio; Foschini, Luca; Giustiniano, Domenico The adoption of Service-Based Architecture (SBA) in 5G Core Networks (5GC) has significantly transformed the design and operation of the control plane, enabling greater flexibility and agility for cloud-native deployments. While the infrastructure has initially evolved by implementing key functions, there remains significant potential for additional services, such as localization, paving the way for the integration of the Location Management Function (LMF). However, the extensive functional decomposition within SBA leads to consequences, such as the increase of control plane operations. Specifically, we observe that the additional signaling traffic introduced by the presence of the LMF overwhelms the Access and Mobility Management Function (AMF) which is responsible for authentication and mobility. In fact, in mobile positioning, each connected mobile device requires a significant amount of control traffic to support location algorithms in the 5GC. To address this scalability challenge, we analyze the impact of three well-known optimization techniques on location procedures to reduce control message traffic in the specific context of the 5GC, namely a caching system, a request aggregation system, and a service scalability system. Our solutions are evaluated in an OpenAirInterface (OAI) emulated environment with real hardware. After the analysis in the emulated environment, we select the caching system–due to its feasibility–for being analyzed in a real 5G testbed. Our results demonstrate a significant reduction in the additional overhead introduced by the LMF, improving scalability by minimizing the impact on AMF processing time up to a 50% reduction. Thu, 01 Jan 2026 00:00:00 GMT https://hdl.handle.net/20.500.12761/2017 2026-01-01T00:00:00Z https://hdl.handle.net/20.500.12761/2016 Unified Navigation and Communication Hybrid Terminal Domínguez, Enrique; José Mata, Francisco; Albert Pinto, Freddy; Meneses, Marcelo; García, David; Fidalgo, Javier; Giustiniano, Domenico; Santaromita, Giuseppe; Otim, Timothy; Pigato, Francesco; López-Salcedo, José A.; Seco-Granados, Gonzalo; Fabra, Fran; Reus, Antoni; Fernández, Marc Emerging Positioning, Navigation and Timing (PNT) sources such as 5G Terrestrial Networks (TN), Non-Terrestrial Networks (NTN) and LEO-PNT will soon be accessible to everyone. When combined with existing sources like GNSS and LEO signals of opportunity (SOP), they will boost navigation performance, robustness, and reliability, while also offering communication capabilities. This integration will ensure continuous, ubiquitous, and reliable navigation, paving the way for numerous innovative applications and services. To take full advantage of these new capabilities, a hybrid receiver, combining all these PNT sources to provide enhanced and reliable navigation, is under development. The purpose of this paper is to report the activities for the specification, design, development and test plan of a Unified Navigation and Communications Hybrid Terminal. This multi-source and powerful platform aim at implementing and demonstrating advanced navigation solutions that leverage a combination of satellite and terrestrial signal sources. By integrating GNSS (including Galileo E1 Quasi-Pilot), LEO-PNT signals, 5G TN and -NTN - signals, and LEO SOP from various satellite constellations, the Hybrid Terminal shall enable precise, reliable navigation in a variety of challenging and harsh environments and provide increased robustness. Wed, 10 Sep 2025 00:00:00 GMT https://hdl.handle.net/20.500.12761/2016 2025-09-10T00:00:00Z https://hdl.handle.net/20.500.12761/2015 Bridges to Self: Silent Web-to-App Tracking on Mobile via Localhost Vlummens, Tim; Girish, Aniketh; Weerasekara, Nipuna; Zuiderveen Borgesius, Frederik; Gunes, Acar; Vallina-Rodriguez, Narseo Modern browsers and mobile operating systems leverage sandboxing and process isolation to separate web and app contexts. However, in this paper, we show that these isolation guarantees can be — and had been — broken in practice on Android devices by Meta and Yandex to enable cross-context tracking that bridges web tracking with native identities. Using a combination of large-scale web crawls from USA and EU vantage points and systematic Android app analysis, we characterize a previously undocumented family of web- to-app tracking paradigms that exploit web standards such as HTTP(S), WebSocket, and WebRTC to connect mobile and web contexts on localhost. By linking pseudonymous web cookies to long-lived native user IDs, these channels enable persistent and stealthy cross-context tracking, and de-anonymization. This new technique defeats protections such as cookie clearing, Incognito mode, Mobile Advertising ID (MAID) resets, VPNs, and Android’s work/personal profile separations. We further show that Meta Pixel and Yandex Metrica initiated localhost bridging prior to accepting cookie consent banners. We evaluate browsers’ patching efforts and defenses to these attacks in response to our responsible disclosure, and the upcoming Local Network Access (LNA) permission, which introduces user prompts for accessing localhost and local network addresses. In doing so, we identify additional side-channels that bypass such protections using (i) global-unicast IPv6 addresses in WebRTC; and (ii) mDNS lookups on *.local domains. Our results, together with an enclosed legal analysis, expose structural shortcomings and the need to revisit platforms’ and browsers’ isolation principles, threat and trust models, protocol standards, and app review processes to prevent future cross-context abuse. Sat, 01 Aug 2026 00:00:00 GMT https://hdl.handle.net/20.500.12761/2015 2026-08-01T00:00:00Z