Jump to ContentJump to Main Navigation
Show Summary Details
In This Section

Proceedings on Privacy Enhancing Technologies

4 Issues per year

Open Access
Online
ISSN
2299-0984
See all formats and pricing
In This Section

On the Privacy Implications of Location Semantics

Berker Ağır
  • Corresponding author
  • EPFL, Lausanne,Switzerland
  • Email:
/ Kévin Huguenin
  • LAAS-CNRS, Université de Toulouse, CNRS
  • Email:
/ Urs Hengartner
  • University of Waterloo, ON, Canada
  • Email:
/ Jean-Pierre Hubaux
  • EPFL, Lausanne, Switzerland
  • Email:
Published Online: 2016-07-14 | DOI: https://doi.org/10.1515/popets-2016-0034

Abstract

Mobile users increasingly make use of location-based online services enabled by localization systems. Not only do they share their locations to obtain contextual services in return (e.g., ‘nearest restaurant’), but they also share, with their friends, information about the venues (e.g., the type, such as a restaurant or a cinema) they visit. This introduces an additional dimension to the threat to location privacy: location semantics, combined with location information, can be used to improve location inference by learning and exploiting patterns at the semantic level (e.g., people go to cinemas after going to restaurants). Conversely, the type of the venue a user visits can be inferred, which also threatens her semantic location privacy. In this paper, we formalize this problem and analyze the effect of venue-type information on location privacy. We introduce inference models that consider location semantics and semantic privacy-protection mechanisms and evaluate them by using datasets of semantic check-ins from Foursquare, totaling more than a thousand users in six large cities. Our experimental results show that there is a significant risk for users’ semantic location privacy and that semantic information improves inference of user locations.

Keywords: Location Privacy; Semantics; Inference; Social Networks

References

  • [1] J. Krumm, “A survey of computational location privacy,” Personal Ubiquitous Comput., vol. 13, no. 6, pp. 391-399, Aug. 2009.

  • [2] ᅳ, “Inference attacks on location tracks,” in Pervasive Computing, vol. 4480, 2007, pp. 127-143.

  • [3] R. Shokri, G. Theodorakopoulos, J.-Y. Le Boudec, and J.- P. Hubaux, “Quantifying location privacy,” in Proc. of the IEEE Symp. on Security and Privacy (S&P), 2011, pp. 247-

  • [4] I. Bilogrevic, K. Huguenin, S. Mihaila, R. Shokri, and J.-P. Hubaux, “Predicting Users’ Motivations behind Location Check-Ins and Utility Implications of Privacy Protection Mechanisms,” in Proc. of the Network and Distributed System Security Symposium (NDSS), 2015, pp. 1-11.

  • [5] R. Shokri, J. Freudiger, and J.-P. Hubaux, “A unified framework for location privacy,” in Proc. of the Workshop on Hot Topics in Privacy Enhancing Technologies (HotPETS), 2010.

  • [6] D. Koller and N. Friedman, Probabilistic graphical models: principles and techniques. MIT press, 2009.

  • [7] J. Pearl, Probabilistic reasoning in intelligent systems: networks of plausible inference. Morgan Kaufmann, 2014.

  • [8] J. Krumm and D. Rouhana, “Placer: Semantic place labels from diary data,” in Proc. of the ACM Int’l Joint Conf. on Pervasive and Ubiquitous Computing (UbiComp), 2013, pp. 163-172.

  • [9] “Bayesian belief network package,” accessed: 2015-08-16. [Online]. Available: https://github.com/eBay/bayesianbelief-networks

  • [10] F. V. Jensen, “Junction trees and decomposable hypergraphs.” Judex Datasystemer, Aalborg, Denmark., Tech. Rep., 1988.

  • [11] R. Shokri, G. Theodorakopoulos, G. Danezis, J.-P. Hubaux, and J.-Y. Le Boudec, “Quantifying Location Privacy: The Case of Sporadic Location Exposure,” in Proc. of the Privacy Enhancing Technologies Symp. (PETS), 2011.

  • [12] A.-M. Olteanu, K. Huguenin, R. Shokri, M. Humbert, and J.-P. Hubaux, “Quantifying interdependent privacy risks with location data,” IEEE Transactions on Mobile Computing, p. 14, 2016, to appear.

  • [13] H. Liu, B. Luo, and D. Lee, “Location type classification using tweet content,” in Proc. of the Int’l Conf. on Machine Learning and Applications (ICMLA), vol. 1, 2012, pp. 232-237.

  • [14] B. Lee, J. Oh, H. Yu, and J. Kim, “Protecting location privacy using location semantics,” in Proc. of the ACM SIGKDD Int’l Conf. on Knowledge Discovery and Data Mining (KDD), 2011, pp. 1289-1297.

  • [15] W. Li, P. Serdyukov, A. P. de Vries, C. Eickhoff, and M. Larson, “The where in the tweet,” in Proc. of the ACM Int’l Conf. on Information and Knowledge Management (CIKM), 2011, pp. 2473-2476.

  • [16] O. Barak, G. Cohen, and E. Toch, “Anonymizing mobility data using semantic cloaking,” Pervasive and Mobile Computing, 2015, to appear.

  • [17] M. L. Damiani, E. Bertino, and C. Silvestri, “The PROBE Framework for the Personalized Cloaking of Private Locations,” Transactions on Data Privacy, pp. 123-148, 2010.

  • [18] A. Machanavajjhala, D. Kifer, J. Gehrke, and M. Venkitasubramaniam, “l-diversity: Privacy Beyond k-anonymity,” ACM Trans. Knowl. Discov. Data, vol. 1, no. 1, 2007.

  • [19] Z. Xiao, J. Xu, and X. Meng, “p-Sensitivity: A Semantic Privacy-Protection Model for Location-based Services,” in Proc. of International Conference on Mobile Data Management Workshops (MDMW), 2008.

  • [20] M. Xue, P. Kalnis, and H. K. Pung, “Location Diversity: Enhanced Privacy Protection in Location Based Services,” in Proc. of the Int’l Symp. on Location and Context Awareness (LOCA), 2009.

  • [21] N. Li, T. Li, and S. Venkatasubramanian, “t-closeness: Privacy beyond k-anonymity and l-diversity,” in Proc. of the IEEE Int’l Conf. on Data Engineering (ICDE), 2007, pp. 106-115.

  • [22] K. Chatzikokolakis, C. Palamidessi, and M. Stronati, “Constructing elastic distinguishability metrics for location privacy,” in Proc. of the Privacy Enhancing Technologies Symp. (PETS), 2015.

  • [23] M. E. Andrés, N. E. Bordenabe, K. Chatzikokolakis, and C. Palamidessi, “Geo-indistinguishability: Differential privacy for location-based systems,” in Proc. of the ACM SIGSAC Conf. on Computer and Communications Security (CCS), 2013, pp. 901-914.

  • [24] A. Monreale, R. Trasarti, D. Pedreschi, C. Renso, and V. Bogorny, “C-safety: A framework for the anonymization of semantic trajectories,” Trans. Data Privacy, vol. 4, no. 2, pp. 73-101, Aug. 2011.

  • [25] B. Carbunar, R. Sion, R. Potharaju, and M. Ehsan, “The shy mayor: Private badges in geosocial networks,” in Proc. of the 10th Int’l Conf. on Applied Cryptography and Network Security (ACNS), 2012, pp. 436-454.

  • [26] C. Dong and N. Dulay, “Longitude: A privacy-preserving location sharing protocol for mobile applications,” in Proc. of the Int’l Conf. on Trust Management (IFIPTM), 2011, pp. 133-148.

  • [27] M. Herrmann, A. Rial, C. Diaz, and B. Preneel, “Practical privacy-preserving location-sharing based services with aggregate statistics,” in Proc. of the ACM Conference on Security and Privacy in Wireless (WiSec), 2014, pp. 87-98.

  • [28] B. Mood, D. Gupta, K. Butler, and J. Feigenbaum, “Reuse it or lose it: More efficient secure computation through reuse of encrypted values,” in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2014, pp. 582-596.

  • [29] G. Zhong, I. Goldberg, and U. Hengartner, “Louis, lester and pierre: Three protocols for location privacy,” in Privacy Enhancing Technologies. Springer, 2007, pp. 62-76.

About the article

Received: 2016-02-29

Revised: 2016-06-02

Accepted: 2016-06-02

Published Online: 2016-07-14

Published in Print: 2016-10-01



Citation Information: Proceedings on Privacy Enhancing Technologies, ISSN (Online) 2299-0984, DOI: https://doi.org/10.1515/popets-2016-0034. Export Citation

© 2016. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License. (CC BY-NC-ND 4.0)

Comments (0)

Please log in or register to comment.
Log in