Jump to ContentJump to Main Navigation
Show Summary Details
More options …

Proceedings on Privacy Enhancing Technologies

4 Issues per year

Open Access
Online
ISSN
2299-0984
See all formats and pricing
More options …

On the Privacy Implications of Location Semantics

Berker Ağır / Kévin Huguenin / Urs Hengartner / Jean-Pierre Hubaux
Published Online: 2016-07-14 | DOI: https://doi.org/10.1515/popets-2016-0034

Abstract

Mobile users increasingly make use of location-based online services enabled by localization systems. Not only do they share their locations to obtain contextual services in return (e.g., ‘nearest restaurant’), but they also share, with their friends, information about the venues (e.g., the type, such as a restaurant or a cinema) they visit. This introduces an additional dimension to the threat to location privacy: location semantics, combined with location information, can be used to improve location inference by learning and exploiting patterns at the semantic level (e.g., people go to cinemas after going to restaurants). Conversely, the type of the venue a user visits can be inferred, which also threatens her semantic location privacy. In this paper, we formalize this problem and analyze the effect of venue-type information on location privacy. We introduce inference models that consider location semantics and semantic privacy-protection mechanisms and evaluate them by using datasets of semantic check-ins from Foursquare, totaling more than a thousand users in six large cities. Our experimental results show that there is a significant risk for users’ semantic location privacy and that semantic information improves inference of user locations.

Keywords: Location Privacy; Semantics; Inference; Social Networks

References

  • [1] J. Krumm, “A survey of computational location privacy,” Personal Ubiquitous Comput., vol. 13, no. 6, pp. 391-399, Aug. 2009.Google Scholar

  • [2] ᅳ, “Inference attacks on location tracks,” in Pervasive Computing, vol. 4480, 2007, pp. 127-143.Google Scholar

  • [3] R. Shokri, G. Theodorakopoulos, J.-Y. Le Boudec, and J.- P. Hubaux, “Quantifying location privacy,” in Proc. of the IEEE Symp. on Security and Privacy (S&P), 2011, pp. 247- Google Scholar

  • [4] I. Bilogrevic, K. Huguenin, S. Mihaila, R. Shokri, and J.-P. Hubaux, “Predicting Users’ Motivations behind Location Check-Ins and Utility Implications of Privacy Protection Mechanisms,” in Proc. of the Network and Distributed System Security Symposium (NDSS), 2015, pp. 1-11.Google Scholar

  • [5] R. Shokri, J. Freudiger, and J.-P. Hubaux, “A unified framework for location privacy,” in Proc. of the Workshop on Hot Topics in Privacy Enhancing Technologies (HotPETS), 2010.Google Scholar

  • [6] D. Koller and N. Friedman, Probabilistic graphical models: principles and techniques. MIT press, 2009.Google Scholar

  • [7] J. Pearl, Probabilistic reasoning in intelligent systems: networks of plausible inference. Morgan Kaufmann, 2014.Google Scholar

  • [8] J. Krumm and D. Rouhana, “Placer: Semantic place labels from diary data,” in Proc. of the ACM Int’l Joint Conf. on Pervasive and Ubiquitous Computing (UbiComp), 2013, pp. 163-172.Google Scholar

  • [9] “Bayesian belief network package,” accessed: 2015-08-16. [Online]. Available: https://github.com/eBay/bayesianbelief-networksGoogle Scholar

  • [10] F. V. Jensen, “Junction trees and decomposable hypergraphs.” Judex Datasystemer, Aalborg, Denmark., Tech. Rep., 1988.Google Scholar

  • [11] R. Shokri, G. Theodorakopoulos, G. Danezis, J.-P. Hubaux, and J.-Y. Le Boudec, “Quantifying Location Privacy: The Case of Sporadic Location Exposure,” in Proc. of the Privacy Enhancing Technologies Symp. (PETS), 2011.Google Scholar

  • [12] A.-M. Olteanu, K. Huguenin, R. Shokri, M. Humbert, and J.-P. Hubaux, “Quantifying interdependent privacy risks with location data,” IEEE Transactions on Mobile Computing, p. 14, 2016, to appear.Google Scholar

  • [13] H. Liu, B. Luo, and D. Lee, “Location type classification using tweet content,” in Proc. of the Int’l Conf. on Machine Learning and Applications (ICMLA), vol. 1, 2012, pp. 232-237.Google Scholar

  • [14] B. Lee, J. Oh, H. Yu, and J. Kim, “Protecting location privacy using location semantics,” in Proc. of the ACM SIGKDD Int’l Conf. on Knowledge Discovery and Data Mining (KDD), 2011, pp. 1289-1297.Google Scholar

  • [15] W. Li, P. Serdyukov, A. P. de Vries, C. Eickhoff, and M. Larson, “The where in the tweet,” in Proc. of the ACM Int’l Conf. on Information and Knowledge Management (CIKM), 2011, pp. 2473-2476.Google Scholar

  • [16] O. Barak, G. Cohen, and E. Toch, “Anonymizing mobility data using semantic cloaking,” Pervasive and Mobile Computing, 2015, to appear.Google Scholar

  • [17] M. L. Damiani, E. Bertino, and C. Silvestri, “The PROBE Framework for the Personalized Cloaking of Private Locations,” Transactions on Data Privacy, pp. 123-148, 2010.Google Scholar

  • [18] A. Machanavajjhala, D. Kifer, J. Gehrke, and M. Venkitasubramaniam, “l-diversity: Privacy Beyond k-anonymity,” ACM Trans. Knowl. Discov. Data, vol. 1, no. 1, 2007.Google Scholar

  • [19] Z. Xiao, J. Xu, and X. Meng, “p-Sensitivity: A Semantic Privacy-Protection Model for Location-based Services,” in Proc. of International Conference on Mobile Data Management Workshops (MDMW), 2008.Google Scholar

  • [20] M. Xue, P. Kalnis, and H. K. Pung, “Location Diversity: Enhanced Privacy Protection in Location Based Services,” in Proc. of the Int’l Symp. on Location and Context Awareness (LOCA), 2009.Google Scholar

  • [21] N. Li, T. Li, and S. Venkatasubramanian, “t-closeness: Privacy beyond k-anonymity and l-diversity,” in Proc. of the IEEE Int’l Conf. on Data Engineering (ICDE), 2007, pp. 106-115.Google Scholar

  • [22] K. Chatzikokolakis, C. Palamidessi, and M. Stronati, “Constructing elastic distinguishability metrics for location privacy,” in Proc. of the Privacy Enhancing Technologies Symp. (PETS), 2015.Google Scholar

  • [23] M. E. Andrés, N. E. Bordenabe, K. Chatzikokolakis, and C. Palamidessi, “Geo-indistinguishability: Differential privacy for location-based systems,” in Proc. of the ACM SIGSAC Conf. on Computer and Communications Security (CCS), 2013, pp. 901-914.Google Scholar

  • [24] A. Monreale, R. Trasarti, D. Pedreschi, C. Renso, and V. Bogorny, “C-safety: A framework for the anonymization of semantic trajectories,” Trans. Data Privacy, vol. 4, no. 2, pp. 73-101, Aug. 2011.Google Scholar

  • [25] B. Carbunar, R. Sion, R. Potharaju, and M. Ehsan, “The shy mayor: Private badges in geosocial networks,” in Proc. of the 10th Int’l Conf. on Applied Cryptography and Network Security (ACNS), 2012, pp. 436-454.Google Scholar

  • [26] C. Dong and N. Dulay, “Longitude: A privacy-preserving location sharing protocol for mobile applications,” in Proc. of the Int’l Conf. on Trust Management (IFIPTM), 2011, pp. 133-148.Google Scholar

  • [27] M. Herrmann, A. Rial, C. Diaz, and B. Preneel, “Practical privacy-preserving location-sharing based services with aggregate statistics,” in Proc. of the ACM Conference on Security and Privacy in Wireless (WiSec), 2014, pp. 87-98.Google Scholar

  • [28] B. Mood, D. Gupta, K. Butler, and J. Feigenbaum, “Reuse it or lose it: More efficient secure computation through reuse of encrypted values,” in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2014, pp. 582-596.Google Scholar

  • [29] G. Zhong, I. Goldberg, and U. Hengartner, “Louis, lester and pierre: Three protocols for location privacy,” in Privacy Enhancing Technologies. Springer, 2007, pp. 62-76.Google Scholar

About the article

Received: 2016-02-29

Revised: 2016-06-02

Accepted: 2016-06-02

Published Online: 2016-07-14

Published in Print: 2016-10-01


Citation Information: Proceedings on Privacy Enhancing Technologies, ISSN (Online) 2299-0984, DOI: https://doi.org/10.1515/popets-2016-0034.

Export Citation

© 2016. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License. BY-NC-ND 4.0

Comments (0)

Please log in or register to comment.
Log in