ABSTRACT
As smartphones are increasingly used to run apps that provide users with location-based services, the users' location privacy has become a major concern. Existing solutions to this concern are deficient in terms of practicality, efficiency, and effectiveness. To address this problem, we design, implement, and evaluate LP-Guardian, a novel and comprehensive framework for location privacy protection for Android smartphone users. LP-Guardian's overcomes the shortcomings of existing approaches by addressing the tracking, profiling, and identification threats while maintaining app functionality. We have implemented and evaluated LP-Guardian's on Android 4.3.1. Our evaluation results show that LP-Guardian's effectively thwarts the privacy threats, without deteriorating the user's experience (less than 10% overhead in delay and energy). Also, LP-Guardian's privacy protection is shown to be achieved at a tolerable loss in app functionality.
- S. Amini, J. Lindqvist, J. Hong, J. Lin, E. Toch, and N. Sadeh. Caché: Caching location-enhanced content to improve user privacy. In Proceedings of MobiSys '11, pages 197--210, New York, NY, USA, 2011. ACM. Google ScholarDigital Library
- M. E. Andrés, N. E. Bordenabe, K. Chatzikokolakis, and C. Palamidessi. Geo-indistinguishability: Differential privacy for location-based systems. In Proceedings of CCS '13, pages 901--914, New York, NY, USA, 2013. ACM. Google ScholarDigital Library
- J. Ball. Angry birds and 'leaky' phone apps targeted by NSA and GCHQ for user data. http://www.theguardian.com/world/2014/jan/27/nsa-gchq-smartphone-app-angry-birds-personal-data, January 2014.Google Scholar
- A. Bamis and A. Savvides. Lightweight extraction of frequent spatio-temporal activities from GPS traces. In Proceedings of RTSS '10, pages 281--291. IEEE, December 2010. Google ScholarDigital Library
- A. R. Beresford, A. Rice, N. Skehin, and R. Sohan. Mockdroid: Trading privacy for application functionality on smartphones. In Proceedings of HotMobile '11, pages 49--54, New York, NY, USA, 2011. ACM. Google ScholarDigital Library
- C. Bettini, X. Wang, and S. Jajodia. Protecting privacy against location-based personal identification. Secure Data Management, pages 185--199, 2005. Google ScholarDigital Library
- T. Book, A. Pridgen, and D. S. Wallach. Longitudinal analysis of android ad library permissions. In Mobile Security Technologies (MoST '13), San Francisco, CA, May 2013.Google Scholar
- J. Brickell and V. Shmatikov. The cost of privacy: Destruction of data-mining utility in anonymized data publishing. In Proceedings of KDD '08, pages 70--78, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- Y.-A. de Montjoye, C. A. Hidalgo, M. Verleysen, and V. D. Blondel. Unique in the crowd: The privacy bounds of human mobility. Sci. Rep., 3, Mar 2013.Google ScholarCross Ref
- W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of OSDI '10, pages 1--6, Berkeley, CA, USA, 2010. USENIX Association. Google ScholarDigital Library
- J. Freudiger, M. Manshaei, J.-P. Hubaux, and D. Parkes. Non-cooperative location privacy. IEEE TDSC, 10(2):84--98, March 2013. Google ScholarDigital Library
- B. Gedik and L. Liu. Protecting location privacy with personalized k-anonymity: Architecture and algorithms. IEEE TMC, 7(1):1--18, January 2008. Google ScholarDigital Library
- P. Golle and K. Partridge. On the anonymity of home/work location pairs. 5538:390--397, 2009. 10.1007/978-3-642-01516-8_26. Google ScholarDigital Library
- M. C. González, C. A. Hidalgo, and A.-L. Barabási. Understanding individual human mobility patterns. Nature, 453(7196):779--782, June 2008.Google ScholarCross Ref
- M. C. Grace, W. Zhou, X. Jiang, and A.-R. Sadeghi. Unsafe exposure analysis of mobile in-app advertisements. In Proceedings of WISEC '12, pages 101--112, New York, NY, USA, 2012. ACM. Google ScholarDigital Library
- S. Guha, M. Jain, and V. N. Padmanabhan. Koi: A location-privacy platform for smartphone apps. In Proceedings of NSDI'12, pages 14--14, Berkeley, CA, USA, 2012. USENIX Association. Google ScholarDigital Library
- B. Hoh, M. Gruteser, H. Xiong, and A. Alrabady. Achieving guaranteed anonymity in gps traces via uncertainty-aware path cloaking. IEEE Transcations on Mobile Computing, 9(8):1089--1107, August 2010. Google ScholarDigital Library
- O. Jan, A. J. Horowitz, and Z.-R. Peng. Using global positioning system data to understand variations in path choice. Transportation Research Record: Journal of the Transportation Research Board, 1725(2000):37--44, 2000.Google ScholarCross Ref
- J. Krumm. Inference attacks on location tracks. In In Proceedings of the Fifth International Conference on Pervasive Computing (Pervasive), volume 4480 of LNCS, pages 127--143. Springer-Verlag, 2007. Google ScholarDigital Library
- J. Krumm. Realistic driving trips for location privacy. In Proceedings of Pervasive '09, pages 25--41, Berlin, Heidelberg, 2009. Springer-Verlag. Google ScholarDigital Library
- J. Krumm. A survey of computational location privacy. Personal Ubiquitous Computing, 13(6):391--399, August 2009. Google ScholarDigital Library
- B. Livshits and J. Jung. Automatic mediation of privacy-sensitive resource access in smartphone applications. In Proceedings of USENIX Security '13, pages 113--130, Berkeley, CA, USA, 2013. USENIX Association. Google ScholarDigital Library
- H. Lu, C. S. Jensen, and M. L. Yiu. PAD: privacy-area aware, dummy-based location privacy in mobile services. In Proceedings of MobiDE '08, pages 16--23, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- J. Meyerowitz and R. R. Choudhury. Realtime location privacy via mobility prediction: Creating confusion at crossroads. In HotMobile, 2009. Google ScholarDigital Library
- J. Meyerowitz and R. Roy Choudhury. Hiding stars with fireworks: location privacy through camouflage. In Proceedings of MobiCom '09, pages 345--356, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
- K. Micinski, P. Phelps, and J. S. Foster. An Empirical Study of Location Truncation on Android. In Mobile Security Technologies (MoST '13), San Francisco, CA, May 2013.Google Scholar
- Microsoft Trustworthy Computing. Location based services and privacy. http://www.microsoft.com/en-us/download/confirmation.aspx?id=3250, January 2011.Google Scholar
- A. Nandugudi, A. Maiti, T. Ki, F. Bulut, M. Demirbas, T. Kosar, C. Qiao, S. Y. Ko, and G. Challen. PhoneLab: A large programmable smartphone testbed. In Proceedings of SENSEMINE '13, pages 4:1--4:6, New York, NY, USA, 2013. ACM. Google ScholarDigital Library
- B. Palanisamy and L. Liu. Mobimix: Protecting location privacy with mix-zones over road networks. In Proceedings of ICDE '11, pages 494 --505, april 2011. Google ScholarDigital Library
- P. Pearce, A. P. Felt, G. Nunez, and D. Wagner. Addroid: Privilege separation for applications and advertisers in android. In Proceedings of ASIACCS '12, pages 71--72, New York, NY, USA, 2012. ACM. Google ScholarDigital Library
- PlaceMask. Placemask location privacy, May 2014.Google Scholar
- K. Puttaswamy, S. Wang, T. Steinbauer, D. Agrawal, A. El Abbadi, C. Kruegel, and B. Zhao. Preserving location privacy in geosocial applications. IEEE TMC, 13(1):159--173, Jan 2014. Google ScholarDigital Library
- rovo89. Xposed module repository, May 2014.Google Scholar
- C. Shepard, A. Rahmati, C. Tossell, L. Zhong, and P. Kortum. Livelab: Measuring wireless networks and smartphone users in the field. In HotMetrics, 2010. Google ScholarDigital Library
- K. Shin, X. Ju, Z. Chen, and X. Hu. Privacy protection for users of location-based services. Wireless Communications, IEEE, 19(1):30 --39, february 2012.Google ScholarCross Ref
- R. Shokri, G. Theodorakopoulos, G. Danezis, J.-P. Hubaux, and J.-Y. Le Boudec. Quantifying location privacy: the case of sporadic location exposure. In Proceedings of PETS '11, pages 57--76, Berlin, Heidelberg, 2011. Springer-Verlag. Google ScholarDigital Library
- R. Shokri, G. Theodorakopoulos, J. Le Boudec, and J. Hubaux. Quantifying location privacy. In IEEE Symposium on Security and Privacy (SP),2011, pages 247 --262, May 2011. Google ScholarDigital Library
- R. Stevens, C. Gibler, J. Crussell, J. Erickson, and H. Chen. Investigating user privacy in android ad libraries. In Mobile Security Technologies (MoST '12), May 2012.Google Scholar
- U.S. Census Bureau. US Census Bureau 2010 Census Interactive Population Map. http://www.census.gov/2010census/popmap/, 2014.Google Scholar
- N. Vratonjic, K. Huguenin, V. Bindschaedler, and J.-P. Hubaux. How others compromise your location privacy: The case of shared public ips at hotspots. In E. Cristofaro and M. Wright, editors, Privacy Enhancing Technologies, volume 7981 of Lecture Notes in Computer Science, pages 123--142. Springer Berlin Heidelberg, 2013.Google Scholar
- R. Xu, H. Saïdi, and R. Anderson. Aurasium: Practical policy enforcement for android applications. In Proceedings of USENIX Security '12, pages 27--27, Berkeley, CA, USA, 2012. USENIX Association. Google ScholarDigital Library
- T.-H. You, W.-C. Peng, and W.-C. Lee. Protecting moving trajectories with dummies. In Mobile Data Management, 2007 International Conference on, pages 278 --282, may 2007. Google ScholarDigital Library
- H. Zang and J. Bolot. Anonymization of location data does not work: a large-scale measurement study. In Proceedings of MobiCom '11, pages 145--156, New York, NY, USA, 2011. ACM. Google ScholarDigital Library
Index Terms
- Location Privacy Protection for Smartphone Users
Recommendations
Feeling-based location privacy protection for location-based services
CCS '09: Proceedings of the 16th ACM conference on Computer and communications securityAnonymous location information may be correlated with restricted spaces such as home and office for subject re-identification. This makes it a great challenge to provide location privacy protection for users of location-based services. Existing work ...
Preserving location privacy without exact locations in mobile services
Privacy preservation has recently received considerable attention in location-based services (LBSs). A large number of location cloaking algorithms have been proposed for protecting the location privacy of mobile users. However, most existing cloaking ...
An Adaptive Learning Model for k-Anonymity Location Privacy Protection
COMPSAC '15: Proceedings of the 2015 IEEE 39th Annual Computer Software and Applications Conference - Volume 03Location based services (LBS) and the recent awareness towards their privacy threats have kindled the research in providing state of the art approaches and techniques to preserve the user location privacy. Most of these approaches make use of the k-...
Comments