A Reconstruction Attack Scheme on Secure Outsourced Spatial Dataset in Vehicular Ad-Hoc Networks

In the cloud-based vehicular ad-hoc network (VANET), massive vehicle information is stored on the cloud, and a large amount of data query, calculation, monitoring, and management are carried out at all times. (e secure spatial query methods in VANET allow authorized users to convert the original spatial query to encrypted spatial query, which is called query token and will be processed in ciphertextmode by the service provider.(us, the service provider learns which encrypted records are returned as the result of a query, which is defined as the access pattern. Since only the correct query results that match the query tokens are returned, the service provider can observe which encrypted data are accessed and returned to the client when a query is launched clearly, and it leads to the leakage of data access pattern. In this paper, a reconstruction attack scheme is proposed, which utilizes the access patterns in the secure query processes, and then it reconstructs the index of outsourced spatial data that are collected from the vehicles. (e proposed scheme proves the security threats in the VANET. Extensive experiments on real-world datasets demonstrate that our attack scheme can achieve quite a high reconstruction rate.


Introduction
At present, the vehicular ad-hoc network (VANET) has gained a lot of attention in the field of intelligent transportation. e VANET can be used to intelligently control the traffic process, such as real-time traffic information systems to ensure traffic efficiency, and vehicle safety systems, such as rear-end collision warning systems, to improve vehicle safety. However, the powerful function of the VANET is supported by information sharing between vehicle users, which will introduce serious data security threats [1,2]. For example, exploiting the weakness of lacking physical proximity authentication, malicious attackers may infer the location of the vehicle during a specific period of time [2]. Due to the openness and mobility of VANET, the content delivery of VANETposes serious security threats, for which some countermeasures have been proposed, such as confidentiality, integrity, and authentication [3,4].
As the data generated by users of VANET continue to grow and beyond the processing capacity of the data owners, the data need to be outsourced and stored in the cloud server to reduce data management overhead. To ensure the security of user data on the untrustworthy server, cryptographic techniques are employed, while still allowing efficient query processing on the cloud server. However, the privacy provided by the existing secure outsourced dataset systems is poorly considered. In the searchable encryption mechanism, the search process for encrypted files is as follows: First, the authorized user will submit the query token to the service provider, who will process the query through a series of calculations and return the query result to the user in the form of ciphertext. en, the user decrypts the query result locally. It seems very safe because the entire query process is carried out in the ciphertext state, including query submission, query process calculations, and query results feedback.
Nonetheless, this process leaks access patterns. In other words, the service provider can observe which encrypted files in the dataset are accessed and returned to the authorized users. erefore, the honest but curious service provider clearly knows the matching relationship between encrypted files and queries. Existing studies [5][6][7][8] have shown that attackers can use leaked access patterns to recover user privacy information. Li et al. [5] demonstrated the hidden security threats caused by leaked access patterns with an encrypted patient medical dataset stored in a third-party server. Series of examples are given sequentially to illustrate how the patient's sensitive information is gradually inferred with the leakage of access patterns. With leaked access patterns, Quan et al. [6] implemented a range injection attack on the one-dimensional and discrete dataset. Exploiting the collusion of the service provider and the secondary user, a set of selected range queries are injected into the dataset, and through the access patterns of these queries, the dataset index is completely reconstructed. e attack method proposed by Islam et al. [7] does not require collusion, which is designed for text data. Considering the collected keyword co-occurrence matrix as prior knowledge, the service provider realizes an assignment of keywords to each query. Kallaris et al. [8] reconstructed the discrete one-dimensional data and completely restored the data index stored on the server, in which neither collusion nor prior knowledge is required.
Researchers have explored various types of attack methods for different types of datasets to prove the security threats caused by the leakage of access patterns, but there is no research to prove the potential security threats caused by the leakage of spatial data access patterns.
In this paper, we propose a reconstruction attack scheme on outsourced spatial dataset using access pattern leakage in VANET systems. e threat model considered is as follows. We take the honest but curious service provider as the attacker, who will process the query correctly and honestly, but will be curious about the dataset stored on the server. Our attack aims to completely reconstruct the dataset stored on the server without any deciphering, that is, to determine the spatial index of each record on the server.
Assuming that the service provider only has a little prior knowledge of the spatial dataset and the users will issue enough one-dimensional and uniform queries to the server, our reconstruction attack will be processed as the following four steps. Firstly, the data space will be discretized in accordance with the granularity that the attacker aims to achieve. Secondly, to improve the efficiency of attack, the collected access patterns will be simplified. irdly, we will determine the relative order for each row/column of records. Finally, the spatial index of each record will be recovered. e contributions of this paper are summarized as follows: (i) A reconstruction attack against secure outsourced spatial dataset in VANET systems is proposed, proving that the security threats caused by access pattern leakage are universal. (ii) With spatial discretization, our scheme can support the attack for optional spatial granularity. Meanwhile, utilizing the statistic of the record co-occurrence, access patterns are simplified, which guarantees the attack efficiency.
(iii) Extensive experiments on real-world datasets demonstrate that our attack scheme can achieve quite a high reconstruction rate.

Location Privacy Protection of VANET.
e existing location privacy protection technologies of VANET mainly include three categories. e first category is a rule-based privacy protection method [9,10], which restricts service providers from a legal perspective and prohibits the data and user information abused through privacy protection rules, standards, and detailed specifications acting on the server side. For example, IETF's GeoPriv [9] and W3C's P3P [10] stipulate that the authorization, integrity, and privacy requirements must be met when data are used. However, the security of such methods depends on legal supervision and public opinion, and the reliability of privacy protection depends on the implementation degree of the service provider.
e second category is based on generalization and obfuscation [11][12][13][14][15][16][17]. Spatial concealment technology [11,12] forms a hidden area containing k real users for each user, making it difficult for service providers to determine the real identity and accurate spatial of the user from the hidden area. But in this type of method, it is difficult to achieve a balance between privacy protection and service quality in data-sparse areas. Spatial offset and obfuscation technology [13][14][15][16] protect user's privacy by moving the real spatial in a small area or replacing the real spatial with a certain area. For example, Andrés et al. [16] achieved the geo-indistinguishability by adding controlled random noise to user's spatial, which corresponds to differential privacy. Nevertheless, this kind of method reduces the spatial accuracy [17], so the returned service data may be untrustworthy. e third type of privacy protection method is based on cryptography [18][19][20][21][22], through the processing of cryptographic technology to achieve the requirements of privacy protection. e general process is as follows: Authorized client encrypts the spatial information and sends it to the service provider, who processes the corresponding query in the ciphertext and returns matching encrypted result. Finally, authorized client decrypts locally to obtain the plaintext information. After encryption processing, the data sent by the client can meet stricter privacy protection requirements, but encryption and decryption bring huge computational overhead. In addition, although the data are encrypted before outsourcing, search process is also performed in ciphertext on the server; this method still has the problem of access pattern leakage (except for the ORAM scheme [23][24][25]); that is, the attacker can observe the correspondence between the encrypted query and the accessed encrypted documents. Furthermore, the ORAM solution protects the access pattern by shuffling and re-encrypting after each access of data, but its huge communication overhead makes using ORAM to protect the access pattern too expensive. erefore, in location privacy protection technology, the privacy security threats caused by leaked access patterns need to be further studied.

Attack with Access Patterns.
In recent years, researchers have made arguments for the privacy security threats caused by the leakage of access patterns from the perspective of attacks, which are mainly divided into two categories.
One is active attacks [6,26], including injection, tampering, and forgery, by which the attacker attacks server information actively. By injecting files that added selected keywords into the dataset on the server and observing the access patterns of the injected files, Zhang et al. [26] inferred the user's query information successfully. With the collusion of the service provider and secondary users, Quan et al. [6] injected a set of selected range queries and observed access patterns to infer the user's precise information. However, because the active attacks destroy the authenticity and integrity of the information, it is easy to be detected. e other is passive attack [5,7,8,27]. e attacker can infer the user's sensitive information through the monitored access pattern without affecting normal data communication, thereby undermining the confidentiality of data transmission. Islam et al. [7] proposed that by utilizing the statistical keyword co-occurrence matrix as prior knowledge and collecting access patterns, the attacker realizes an assignment of keywords to each query that achieves maximum matching from background knowledge. Assuming that the attacker has more prior knowledge (including the number of files corresponding to each keyword), Cash et al. [27] proposed an improved passive attack method based on IKK, and utilized the access pattern leakage to recover the query keywords. Without any prior knowledge, utilizing the continuity of range query, Kellaris et al. [8] assigned index to each file on the server and completely reconstructed the dataset. is type of attack is not easy to detect, because there is no direct impact on data transmission.
In summary, existing researches have proved the security threats caused by the access pattern leakage from different angles. However, the problem of spatial data access pattern leakage has not been studied in detail. And, most of the existing attack methods are active attacks, including injection or passive attacks, requiring much prior knowledge, so the attack conditions are subject to certain restrictions.

Spatial Data Outsourcing System.
e system model of the outsourcing dataset system is shown in Figure 1, including three entities, namely, the data owner, the server, and the authorized user.
As the data generated by users of VANET continue to grow and beyond the processing capacity of the data owners (DO), the data need to be outsourced to the cloud server. For security concerns, encryption is usually performed before outsourcing. In order to facilitate user query, the encrypted index is also generated and uploaded to the cloud server at the same time.
Authorized users (AU) have secret keys, KI and KD. Encrypted query tokens will be generated by KI and uploaded to the cloud server. Ciphertext query results obtained from the server will be decrypted by the secret key KD. e server stores the data and their corresponding query index for the data owner, and has powerful computing capabilities as well as searchable encryption algorithm so that it supports queries under ciphertext.
As shown in Figure 1, when an authorized user generates a query Q and encrypts and sends it to the cloud server, the service provider will perform the query operation and return the matching set of records R to the authorized user.

Access Pattern Leakage.
In the data outsourcing system, authorized users usually generate spatial query tokens, which are processed in ciphertext mode on the server, and finally only the matching results are accessed and returned. So, the service provider learns which encrypted records match a query, which is defined as access pattern. Since only the correct query results that match the query tokens are accessed and returned, the service provider can observe the access pattern clearly when a query is launched. So, the process leads to the leakage of data access pattern. Such leakage is typical for current VANET systems based on symmetric searchable encryption. e queries on the server are continuous, so the service provider can sniff out a large number of access patterns quietly, which provides tremendous amount of data to the attacker.
In this paper, we define the access pattern leakage L access as: the correspondence between the ciphertext query q and the matching ciphertext query result R.
As shown in equation (1), the leaked access pattern contains multiple queries and their matching query records sets, where q n represents a query token, and R n represents the matching records set of query q n . As shown in equation (2), the index corresponding to each record on the dataset is calculated with query token q n , and the matching records are returned as set R n .

Attack Model.
In this section, we describe the attack model of reconstruction attack with access pattern leakage. Here, the attacker has access to the communication channel, and thus observes a set of access patterns L access � (q 1 , R 1 ), . . . , (q n , R n ) . Let us define a week attacker as follows: (1) e attacker is passive. e attacker follows the predefined storage and query rules and provides users with correct query results. e attacker will not perform illegal access, injection, or tampering to the dataset, but will process information stealing and collecting. Since the attack process does not involve Security and Communication Networks data destruction, the legitimate users will not realize the attacker's activities at all.
(2) e attacker cannot decipher the query submitted by the authorized user through the secret key. (3) e attacker has a very high probability of succeeding if it has a small amount of background knowledge. We assume that the attacker knows the underlying indexes for k of records in the dataset. at is, the attacker has access to the map M know � (I j , r j )|I j ∈ I & r j ∈ R , where R includes all records stored on the server and I includes all Index corresponding to R. Taking that k � |M know | and l � |R|, then k ≪ l.
What we need to be clear is that the attacker can observe the distribution of all records stored in the cloud. Although these records are usually encrypted before being uploaded to the server and the attacker cannot obtain the plaintext information of any record, the records can be distinguished easily.
Now, we assume that the attacker knows the encrypted dataset R, the access patterns L access , and the prior knowledge M know , and that the user will issue enough one-dimensional and uniform queries to the server. en, the goal of the attack is to reconstruct the index of all records such that the statistical results as seen by access patterns fit the uniform query rule. In the following sections, we will describe how the attacker uses access pattern leakage to carry out reconstruction attacks on the two-dimensional spatial outsourcing dataset system.

Reconstruction Attack with Access Patterns
We propose a reconstruction attack on outsourced spatial dataset that exploits access pattern leakage, that is, the correspondence between encrypted queries and matching query results, which is very common in searchable symmetric encryption.
Assume that the dataset contains n records r 1 , r 2 , . . . , r n , which are, respectively, pointed to by spatial indexes I 1 , I 2 , . . . , I n . On the spatial dataset, the index is actually the spatial coordinate of each record, that is, I i � x i , y i , which, respectively, represent the horizontal and vertical coordinates of the record. e ultimate goal of the reconstruction attack is to restore the corresponding position coordinates for each record r 1 in the dataset. Ideally, a complete plaintext index can be established. Assuming that the service provider only has little prior knowledge of the spatial dataset and the user will issue enough one-dimensional and uniform queries to the server, the service provider can utilize the observed access patterns to determine the index of each record.
In this section, we will describe the reconstruction attack process in detail, including spatial discretization, access pattern simplification, and determination of row and column indexes.

Spatial Discretization.
In this section, we will discuss the problem of attack granularity. e ultimate goal of the reconstruction attack is to recover the index of each record on the two-dimensional spatial dataset. But for different application scenarios, the attacker hopes that the granularity of the spatial obtained by the attack is different.
As shown in Figure 2, we discretize the data space into Δ 2 2 , Δ 2 4 , Δ 2 8 , which means that both dimensions of space is divided into 2, 4, or 8 index spaces, respectively. Under different attack granularities, the attacker recovers the index of records in Figure 2, and the obtained index coordinates are (0,1), (1,2), (2,5), respectively. Combined with the size of the dataset known to the attacker, under different attack granularities, the index spatial of the record has different degrees of privacy leakage. It is undeniable that regardless of the granularity, reconstruction attacks will expose data privacy to a certain extent. erefore, we first need to determine the granularity of the data index that the attacker wants to achieve before formally attacking, which determines the granularity of the space division. Discretize the data space according to the granularity to obtain a two-dimensional discrete data space. We assume that the data space is divided into Tx scales horizontally and T y scales vertically, and the size of the data space is T x T y . For each record in the dataset, it is pointed to by a certain position index . e ultimate goal of our reconstruction attack is to recover the corresponding position coordinate

Access Pattern Simplification.
In section 4.1, we have introduced the process of spatial discretization. Assuming that the space has been discretized into n pieces of index space, the goal of reconstruction attack is to assign one piece of index space to each record stored on the server. After a period of sniffing, the attacker (honest but curious service provider) collects enough access patterns to perform the attack. In order to improve the efficiency of our attack, we want to simplify these access patterns in this step. We will classify the records where the records belonging to the same piece of space are classified into one category and a representative record will be selected. By observing the access patterns and counting the co-occurrence of encrypted records, the records with co-occurrence rate of 100% are classified into the same category, and for each category, one record is taken as the representative. en, the access pattern is simplified by replacing all records with the representative record of corresponding category in the collection of access patterns.
For example, with the attack granularity of 10 × 10, space is divided into 100 regions, and each region will be pointed to by the same index coordinate. erefore, for the records that belong to the same region, we only take one record as the representive. If each region has records, we will get 100 representative records at most. en, we simplify the observed access patterns. Because records belonging to the same category are pointed to by the same spatial index, we can simplify the collection of access patterns by keeping only representative records.

Determination of Row and Column
Indexes. In this section, the row and column indexes will be determined, respectively, and we will introduce the process with 3 algorithms.
e Algorithm 1 is the main method, reconstructing the index of the dataset from the x-dimension and the y-dimension, respectively. Each dimension includes 2 steps. Firstly, the attacker utilizes the continuity of the range query to determine the relative position of records on a single dimension (Algorithm 2). Secondly, leveraging the uniformity of query and the rate of document co-occurrence in the access patterns, the attacker determines the specific index of each record (Algorithm 3). -For the discretized two-dimensional space, we determine the x coordinate of each record line by line. Firstly, the attacker classifies the records according to the results of a single-row query. Encrypted records belonging to the same row query are grouped together. For this row of records, the attacker uses the collected access patterns set L access1 (these access patterns are generated by uniform query) to determine the relative order of these records in the row through Algorithm 2 (line 5). Next, the attacker uses Algorithm 3 to get the index of these records in the x-direction (line 6). After the line-by-line process is over, the x-coordinates of each record are saved through the Map collection, the ID of the encrypted record is used as the key, and the X-coordinate as the value (line 7-9). en, the attacker uses the same method to determine the Y coordinate of each record in the dataset (line [13][14], and saves it through the Map collection, with the ID of the encrypted record as the key, and the Y coordinate as the value (line 15-17).

Determination of Relative Order.
In this section, we will introduce the procession of the relative order determination for a row/column of records. As a weak attacker defined in Section 3.3, the service provider can only continuously observe the user's query process and calculate access patterns. Assume that the attacker counts a lot of uniform one-dimensional spatial queries, which is enough to perform our reconstruction attack. e two-dimensional spatial dataset reconstruction attack can be converted into multiple one-dimensional attacks and the latter can adopt Generic Attack introduced in [8].
Given that the attacker collects only one-dimensional queries, it is easy to categorize each record stored in a twodimensional space by row or column. For each row of Security and Communication Networks records, we first utilize the continuity of spatial query to determine the relative order of the records, through a process known as GetOrder, the details of which are as follows: (1) Find the maximum set U of the row query in the access patterns (2) Find the largest true subset S 1 of U, then the difference set between U and S 1 is the first record r 1 (3) Find the minimum superset S 1 of the set R i−1 , where R i−1 is formed by the confirmed records R i−1 � r j |j ∈[1, i − 1] . And, the difference set between S i and R i−1 is the next record.
Input:attack granularity T x , T y , dataset, access patterns Output: x index and y index of all records in the dataset (1) Map map IndexX (2) Map map IndexY (3) FOR each row (4) get L access1 (5) ordered Record X←Get ordered(L access1 ) Guess Index X←Get Index(L access1 , Ordered Record X) (7) For each record in ordered Record (8) map index(recordI D, X Index) (9) END FOR (10) END FOR (11) FOR each column (12) get L access2 (13) ordered Record Y←Get ordered(L access2 ) Guess Index Y←Get Index(L access2 , Ordered Record Y) (15) For each record in ordered Record (16) map index(recordI D, Y Index) (17) END FOR (18) END FOR (19) RETURN map IndexX, map IndexY ALGORITHM 1: Reconstruction of the spatial dataset index.
Input: the collection of access patterns for a row/column L access1 L access1 � (q 1 , R 1 ), . . . , (q n , R n ) Output: the ordered set of records in the row/column Ordered Record To explain the process of GetOrder, let us consider that the user makes a one-dimensional range query for the singlerow record distribution, as shown in Figure 3. en, the maximum set of query results is {r 7 , r 12 , r 17 , r 20 }. e largest true subsets are {r 17 , r 7 , r 12 } and {r 7 , r 12 , r 20 }. Without the distribution figure, only according to the set relation, we can easily know that the first record of this row is either r 17 or r 20 , which is consistent with actual distribution. Assuming that the first record is r 17 , the minimum superset of {r 17 } in the access pattern set is {r 17 ,r 7 }. us, the second record is determined as r 7 . e superset of the confirmed records is deduced accordingly and the third and fourth records are r 12 and r 20 , respectively. If we assume that the first entry is r 20 , what we will get is the reverse order of the records. According to the prior knowledge, we can determine whether to reverse this sequence. Finally, as shown in Figure 4, we know that this row stores 4 records, and the relative order of storage is {r 17 , r 7 , r 12 , r 20 }, and the next step is to match each record with the correct index. e process of GetOrder has been summarized in Algorithm 2. e input of the algorithm is the access pattern set L access1 � (q 1 , R 1 ), . . . , (q n , R n ) of a certain line of query observed by the attacker. First traverse all access patterns to find the most number of record sets. Assuming that the attacker samples enough queries, L access1 contains the access pattern accessing all the records in the row. From this, we get the row record set R and the record number m of this row (line: [1][2][3][4][5][6]. After that, we determine the first item of the row's records (line: 7-12). Utilizing the continuity of range query, we find the largest proper subset R 1 of the complete set R of the row's records in the access pattern set, and then the difference between R 1 and R is the first/last item of the row of records. We assume that it is the first item, and then judge the row record after the row order is fully determined. If it is proved to be the last item, the row record only needs to be reversed. Finally, we sort the other encrypted records in this row one by one (lines: [13][14][15][16][17][18][19][20]. Utilizing the continuity of range query, we find the minimum superset of the determined record in the access pattern set, and the difference between the minimum superset and the record set in the Input: e set of access patterns of uniform query for a row/columnL access2 L access2 � (q 1 , R 1 ), . . . , (q n , R n ) e row/column ordered record collection Ordered Record Ordered Record � (r 1 , r 2 , . . . r m ) Output: the index of the row record/the column record I    Security and Communication Networks 7 determined order is the next record. Determine the relative order of these m records one by one and store them in the queue orderedRecord, which is the order/reverse order of the row of records and the algorithm finally returns.

Determination of Indexes.
en, we utilize the uniformity of the query to determine the one-dimensional index value of each record, denoted as GetIndex. Assume that the index space of the row is N and the index coordinate of the i-th record is Z i . By observing the access patterns of Q uniform queries and counting the number of access patterns containing record r 1 as q 1 , we present the calculation of the first record index as an optimization problem by equation (3), and the calculation of the i-th record Index as an optimization problem by equation (4), where Qi represents the number of access patterns including the previous i records. e result of this equation satisfying the optimization problem is an assignment of index Z i to the record that achieves a minimum distance from the uniformity of query. arg min arg min To explain the model described in equation (3), let us consider the following example. Assume that the index space of a row is [1, N], the record r i is the i-th record of the row, and the x coordinate of r i is Z i . e row is uniformly queried, according to the permutation and combination, and the number of unique queries that can be generated is N(N + 1)/2, the number of unique queries containing the first records is Z 1 (N − Z 1 + 1), and the number of unique queries containing the previous i records is Z 1 (N − Z 1 + 1). Now, for the first record r 1 , an attacker can calculate the probability of the r 1 appearing in the uniform query by α 1 � 2Z 1 (N − Z 1 + 1)/N(N + 1).
For any given record r i , i > 1, the attacker can calculate the probability of the previous i records r j |j ∈[1, i] appearing together in the uniform query by erefore, by observing access patterns, the attacker can calculate the probability of the previous i records r j |j ∈[1, i] appearing together in the uniform query by β � Q i /Q , where Q represents the total number of access patterns of uniform query and Q i represents the number of access patterns including the previous i records. Naturally, the attacker will assign coordinate Z i to the record r i , if the calculated probability α is close to the observed probability β from the access pattern. is closeness can be measured by the arithmetic distance function (α − β) 2 , where a lower value of this function is preferred over a higher value. So, the goal of the attacker will be to assign an index to records such that this distance function is minimized.
A specific example is shown as follows to explain the process of GetIndex in detail. Assuming that the attack has determined the record order as shown in Figure 4, and the access pattern collected by the service provider is the smallest set that satisfies the attack conditions as shown in Figure 5, the attacker obtains the relative order {r 17 , r 7 , r 12 , r 20 } and Q access patterns, where Q � 36.
Since the query is uniform, assuming that the x coordinate of r 17 is Z 1 ∈ [1, N], theoretically, the proportion of uniform queries including the first record r 17 is α 1 � 2Z 1 (N − Z 1 + 1)/N(N + 1). Observing sampled access patterns, according to the statistics, the proportion of access patterns including the first record r 17 is q 1 /Q (i.e.14/36). en, the difference between the actual value and the theoretical value is q 1 /Q − 2Z 1 (N − Z 1 + 1)/N(N + 1). We could find Z 1 that minimizes the absolute value of the difference and infer the value of Z 1 should be 2, so the xcoordinate of r 17 is 2.
Determine the number of q 2 queries with S 2 � r 17 , r 7 included in the access patterns of the uniform query, where S 2 is the union of the records including records' determined position and the record of the position to be determined in this step. en, in this example, q 2 is 10 and the proportion is q 2 /Q. Since the query is uniform, assuming that the x coordinate of the second record r 7 is Z 2 ∈ [1, N] , theoretically, the proportion of uniform queries including S 2 � r 17 , r 7 is 2Z 1 (N − Z 2 + 1)/N(N + 1), then the difference between the actual value and the theoretical value is q 1 /Q − 2Z 1 (N − Z 1 + 1)/N(N + 1), find Z 2 minimizes the absolute value of the difference and get Z 2 is 4, so the x coordinate of r 7 is 4. And, we can adopt the same measures for other records for their index values, and get the x coordinate of r 12 and r 20 as 7 and 8, respectively.
At this point, the attacker knows that there are four records r 17 , r 7 , r 12 , r 20 in this row of the data space, and their x-coordinates are 2, 4, 7, and 8, respectively ( Figure 6). e process of GetIndex has been summarized in Algorithm 3. e input of the algorithm is the access pattern set L access2 � (q 1 , R 1 ), . . . , (q n , R n ) of a uniform single-row query observed by the attacker, and the relative order queue of the row orderedRecord determined by algorithm GetOrder.
First, we count the number of access patterns including the first record and store in sumFirst (line: 1-6). Second, we determine the index number of the first record (line: 7). Utilizing the continuity of range query, assuming that a uniform query set is generated for the row of records, and the index number in the x-direction of the first record is x, theoretically, the probability that the query result contains the first record is 2x(T − x + 1)/T(T + 1), where T is the data space size of the row. en, traverse the access pattern set L access2 , and according to statistics, the ratio of the access pattern including the first record is sumFirst/L access2 .length.
Find the x value that minimizes the difference between the theoretical value and the actual statistical value, which is the index number of the first item.
Finally, we determine the index of other records one by one (lines: [8][9][10][11][12][13][14][15][16][17][18][19][20]. Utilizing the continuity of range query, assuming that a uniform query set is generated for the row of records, and the index number in the x-direction of the record orderedRecord [j] is x, theoretically, the probability that the query result contains the first j records is 8 Security and Communication Networks 2x(T − x + 1)/T(T + 1), where i 1 is the index number of the first item and T is the data space size of the row. en, we determine the statistical value of the probability. Traverse the access pattern set L access2 , and count the number of the access patterns including the first j records (orderedRecord [1], ... ,orderedRecord [j]) as sum[j] (lines: [8][9][10][11][12][13][14][15][16][17]. erefore, the ratio of each record is sum [j]/L access2 .length. Find the x value that minimizes the difference between the theoretical value and the actual statistical value, which is the index number of the orderedRecord [j] (lines: [18][19][20]. At last, the index set I corresponding to the records in orderedRecord will be returned by the algorithm.

Experimental Results
e experiments are conducted on a laptop with limited resources (Intel Core i5 2.5 GHz CPU and 8 GB RAM).
We simulate three entities in this experiment, namely, DO, AU, and server. As shown in Figure 7, the AU stores a dataset to the server through the DO, and selects the spatial attribute as the data index. DO encrypts each record before storing it on the server. en, the AU asks for a series of range queries on the spatial index, and DO retrieves the required encrypted records from the server, decrypts, and sends them to the user. In addition, we simulated a sniffer in Java on the server to observe data packets between the server and the DO for access pattern statistics. Finally, utilizing the observed access patterns, we performed the reconstruction attacks on the server side.
To evaluate the performance of our attack, we leverage a real-world spatial dataset, the distribution of North America Post Office including 175811 tuples [28]. We preprocess the raw dataset and normalize it to [0, 1] 2 before applying it to our experiment. e detailed distribution of this test dataset is shown in Figure 8. We encrypted and uploaded these tuples to the server and took spatial coordinates as their index.
According to the granularity that the attacker wants to achieve, we first discretize the dataset with different granularities. As shown in Table 1, column Attack Granularity describes the granularity of space discretization, and space is discretized into 10 × 10 · · · · · · 100 × 100, while Index Number depicts the number of indexes in the different discretization conditions. And, Records Per Index represents the average number of records per position Index. Under different granularities, we will recover the index of each record through our attack.

Security and Communication Networks
After that, we gathered enough access patterns in order to run our attacks. e AU generates uniform range queries and issues to the DO. For each query, the DO retrieves encrypted matching records, decrypts them, and sends them back to the AU.
Due to the size of the query range, the network speed, and the number of users, the time of access patterns collection for our dataset will be very long. erefore, in this experiment, we used a single user to simulate the process of query retrieval, and generate the minimum number of queries required for experimental conditions (Number of corresponding access patterns shown in Table 2). However, in the actual application scenario, when different users issue queries, the sniffer will sniff the access patterns from different users at the same time, and the collection speed will multiply. en, we preprocess the observed access patterns. By counting the co-occurrence of encrypted records in the access patterns, the records with co-occurrence rate of 100% are classified into categories, and for each category, one record is taken as the representative. e column Represent Number collects the number of representative records in the dataset under different attack granularities. For example, with the attack granularity of 10 × 10, the space is divided into 100 regions, each of which is pointed to by an index coordinate. By observing the access patterns, we classified 175,811 records, resulting in 68 representative records of 68 classes. erefore, there are 32 regions with no record distribution under this attack granularity.
Finally, we preprocess the observed access patterns. Because records belonging to the same category are pointed to by the same position index, we can simplify the collection of access patterns by keeping only representative records.
Our reconstruction attack was performed on the preprocessed set of access patterns; Figure 9 summarizes our attack results. As shown in Figure 9, with the increase of attack granularity, our attack reconstruction rate showed a slight trend of decline, but it does not change much and the overall effect of the attack is good. Assuming that the data space is divided into T x × T y , the higher granularity indicates that we divide the space more finely and that T x × T y is larger. As the granularity increases, the size of the index set increases, and it becomes more difficult for the attacker to assign indexes to records, so the reconstruction rate tends to decline. e result curve looks a little wobbly because there are two main reasons that may affect the reconstruction rate of attack.
One is when some rows/columns do not conform to the prior knowledge, which will result in the reconstructed order being reversed during the process of GetOrder (Algorithm 2). In our reconstruction attack, we first determine the relative order of each row of records utilizing statistics on leaked access patterns. However, due to the symmetry of row query, we cannot determine whether the order we recover is in the positive or reverse order. If this is uncertain, the reconstruction rate of our attack will be very low. erefore, we utilize prior knowledge M know to help us choose the correct option between the positive and reverse orders. If M know has no prior knowledge about any record of this row, the reconstruction rate of this row will be affected. e other is when the first record in a row is in the second half of this row (I 1 > T/2), which will cause a recovery error during the process of GetIndex (Algorithm 3), and further lead to the error of other records in the same row. In the process of GetIndex, we determine the indexes for the records of each row/column. Similarly, due to the uniformity of row queries, when calculating the index of the first term of each row with equation (3), the optimal solution will be two indexes A and B, which are symmetric in the row. Assuming that A < B, then A is in the first half of the index, and B is in the second half. For dense datasets, the first record is naturally placed in the first half, so A is usually taken as the index of the first record. erefore, when the first record in a row is in the second half of this row (I 1 > T/2), the reconstruction rate of this row will be affected.
Our attack includes four steps and Table 3 summarizes the running time of each step in our attack using access patterns.
(1) getRepresent: Count the co-occurrence probability of the encrypted records by the access patterns. Classify all records through co-occurrence probability and get a representative record for each category; (2) Simplify access patterns: Simplify the access patterns, and keep only representative records; (3) getRowIndex: Process simplified column access patterns and reconstruct the row index of records through the algorithm of GetOrder and GetIndex; (4) getColIndex: Process simplified row access patterns and reconstruct the column index of records through the algorithm of GetOrder and GetIndex. As shown in Table 3, GetRepresent represents the average time of finding representative records among 175811 records, while Simplification represents the average time of simplification for access patterns. GetRowIndex represents the average time to reconstruct the row index using these access patterns, while GetColIndex represents the average time to reconstruct the column index. Table 3 shows that the time consumed for each step is up to only 11 seconds. Taking the most fine-grained granularity in this experiment as an example, when the space is discretized into 100 × 100 regions, we achieve that on average only 18 records are pointed to by the same position index, and the reconstruction rate of the record index reaches 91.45%. Under such fine-grained granularity and reconstruction rate, our attack time only needs a second level.

Conclusion
In this paper, a reconstruction attack on secure outsourced spatial dataset is proposed, proving that access pattern leakage will lead to security threats in VANET. With spatial discretization, our scheme can support the attack for optional spatial granularity. Meanwhile, utilizing the statistic of the record co-occurrence, access patterns are simplified, which improves the attack efficiency. Using the continuity and uniformity of the range query, the attacker determines the index for each record in the dataset. Extensive experiments on a realworld dataset demonstrate that our attack scheme can achieve a reconstruction rate of more than 90 percent even at a relatively fine-grained granularity. In future work, we will investigate the defense mechanism to address these security threats.
Data Availability e parameters and datasets used to support the findings of this study are included within the paper.