Christoph Hochreiner
Markus Huber
Georg Merzdovnik
Edgar Weippl
ABSTRACT
Smartphones and tablet computers continue to replace traditional mobile phones and are used by over one billion people worldwide. A number of novel security and privacy challenges result from the possibility to extend the functionality of smartphones with third-party applications. These third-party applications require that users provide personal information to third-party applications in exchange for additional features. This paper focuses on one specifically sensitive information requested by third-party applications, namely: location information. We discuss current methods to protect the privacy of location information and evaluate two approaches in depth. First, we introduce an extension to improve the usability of current interception methods on an operating system level. Second, we evaluate the applicability of proxy-level interception on basis of real-world Android applications. Our findings significantly extend the state-of-the-art regarding the protection of location information on mobile devices and further highlight open research challenges.
- Agarwal, Yuvraj and Hall, Malcolm. ProtectMyPrivacy: Detecting and Mitigating Privacy Leaks on iOS Devices Using Crowdsourcing. MobiSys, 2013. Google Scholar
Digital Library
- Andersen, Mads Schaarup and Kjærgaard, Mikkel Baun. Towards a New Classification of Location Privacy Methods in Pervasive Computing. In Mobile and Ubiquitous Systems: Computing, Networking, and Services, pages 150--161. Springer, 2012.Google Scholar
- Anderson, Ian and Maitland, Julie and Sherwood, Scott and Barkhuus, Louise and Chalmers, Matthew and Hall, Malcolm and Brown, Barry and Muller, Henk. Shakra: tracking and sharing daily activity levels with unaugmented mobile phones. Mobile Networks and Applications, 12(2--3):185--199, 2007. Google ScholarDigital Library
- Ardagna, Claudio Agostino and Cremonini, Marco and Damiani, Ernesto and di Vimercati, S De Capitani and Samarati, Pierangela. Location privacy protection through obfuscation-based techniques. In Data and Applications Security XXI, pages 47--60. Springer, 2007. Google ScholarDigital Library
- Bamba, Bhuvan and Liu, Ling and Pesti, Peter and Wang, Ting. Supporting anonymous location queries in mobile environments with privacygrid. In Proceedings of the 17th international conference on World Wide Web, pages 237--246. ACM, 2008. Google ScholarDigital Library
- Barkhuus, Louise and Dey, Anind K. Location-Based Services for Mobile Telephony: a Study of Users' Privacy Concerns. In INTERACT, volume 3, pages 702--712. Citeseer, 2003.Google Scholar
- Bellavista, Paolo and Corradi, Antonio and Giannelli, Carlo. Efficiently managing location information with privacy requirements in wi-fi networks: a middleware approach. In 2nd International Symposium on Wireless Communication Systems, pages 91--95. IEEE, 2005.Google ScholarCross Ref
- Benisch, Michael and Kelley, Patrick Gage and Sadeh, Norman and Cranor, Lorrie Faith. Capturing location-privacy preferences: quantifying accuracy and user-burden tradeoffs. Personal and Ubiquitous Computing, 15(7):679--694, 2011. Google ScholarDigital Library
- Beresford, Alastair R and Rice, Andrew and Skehin, Nicholas and Sohan, Ripduman. MockDroid: trading privacy for application functionality on smartphones. In Proceedings of the 12th Workshop on Mobile Computing Systems and Applications. ACM, 2011. Google ScholarDigital Library
- Beresford, Alastair R and Stajano, Frank. Location privacy in pervasive computing. Pervasive Computing, IEEE, 2(1), 2003. Google ScholarDigital Library
- Brush, AJ and Krumm, John and Scott, James. Exploring end user preferences for location obfuscation, location-based services, and the value of location. In Proceedings of the 12th ACM international conference on Ubiquitous computing, pages 95--104. ACM, 2010. Google ScholarDigital Library
- Damiani, Maria L and Bertino, Elisa and Silvestri, Claudio. Protecting location privacy through semantics-aware obfuscation techniques. In Trust Management II. Springer, 2008.Google ScholarCross Ref
- Farrahi, Katayoun and Gatica-Perez, Daniel. Daily routine classification from mobile phone data. In Machine Learning for Multimodal Interaction, pages 173--184. Springer, 2008. Google ScholarDigital Library
- Fisher, Drew and Dorner, Leah and Wagner, David. Location Privacy: User Behavior in the Field. In Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices, pages 51--56. ACM, 2012. Google ScholarDigital Library
- Gartner. Worldwide smartphone sales in November 2013. http://www.gartner.com/newsroom/id/2623415, 2013. {Online; accessed 30-November-2013}.Google Scholar
- Henne, Benjamin. Android Location Privacy - A location obfuscation framework for Android. http://bhenne.github.io/android-location-privacy/. {Online; accessed 30-November-2013}.Google Scholar
- Henne, Benjamin and Kater, Christian and Smith, Matthew and Brenner, Michael. Selective cloaking: Need-to-know for location-based apps. In Eleventh Annual International Conference on Privacy, Security and Trust (PST), pages 19--26. IEEE, 2013.Google ScholarCross Ref
- Hong, Jason I and Landay, James A. An architecture for privacy-sensitive ubiquitous computing. In Proceedings of the 2nd international conference on Mobile systems, applications, and services, pages 177--189. ACM, 2004. Google ScholarDigital Library
- P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall. These aren't the droids you're looking for: retrofitting android to protect data from imperious applications. In Proceedings of the 18th ACM conference on Computer and communications security, pages 639--652. ACM, 2011. Google ScholarDigital Library
- Junglas, Iris A and Spitzmuller, Christiane. A research model for studying privacy concerns pertaining to location-based services. In Proceedings of the 38th Annual Hawaii International Conference on System Sciences, pages 180b--180b. IEEE, 2005. Google ScholarDigital Library
- Kaasinen, Eija. User needs for location-aware mobile services. Personal and ubiquitous computing, 7(1):70--79, 2003. Google ScholarDigital Library
- Kessinger, Kristen and Gellman, Marv. Geolocation Use and Concerns Survey. Tech. rep. ISACA, 2012.Google Scholar
- Krumm, John. Inference attacks on location tracks. In Pervasive Computing, pages 127--143. Springer, 2007. Google ScholarDigital Library
- Krumm, John. A survey of computational location privacy. Personal and Ubiquitous Computing, 13(6):391--399, 2009. Google ScholarDigital Library
- Lindqvist, Janne and Cranshaw, Justin and Wiese, Jason and Hong, Jason and Zimmerman, John. I'm the mayor of my house: examining why people use foursquare-a social-driven location sharing application. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pages 2409--2418. ACM, 2011. Google ScholarDigital Library
- Minch, Robert P. Privacy issues in location-aware mobile devices. In Proceedings of the 37th Annual Hawaii International Conference on System Sciences. IEEE, 2004. Google ScholarDigital Library
- Mokbel, Mohamed F and Chow, Chi-Yin and Aref, Walid G. The new Casper: query processing for location services without compromising privacy. In Proceedings of the 32nd international conference on Very large data bases, pages 763--774. VLDB Endowment, 2006. Google ScholarDigital Library
- Stach, Christoph and Mitschang, Bernhard. Privacy Management for Mobile Platforms--A Review of Concepts and Approaches. In 14th International Conference on Mobile Data Management (MDM), volume 1, pages 305--313. IEEE, 2013. Google ScholarDigital Library
- Sweeney, Latanya. k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 10(05):557--570, 2002. Google ScholarDigital Library
- Wernke, Marius and Skvortsov, Pavel and Dürr, Frank and Rothermel, Kurt. A classification of location privacy attacks and approaches. Personal and Ubiquitous Computing, pages 1--13, 2012. Google ScholarDigital Library
Index Terms
- Towards Practical Methods to Protect the Privacy of Location Information with Mobile Devices
Recommendations
Collaborative privacy management: mobile privacy beyond your own devices
SPME '14: Proceedings of the ACM MobiCom workshop on Security and privacy in mobile environmentsAs the development of mobile devices and applications, mobile privacy has become a very important issue. Current researches on mobile privacy mainly focus on potential leakages on a particular device. However, leakage of sensitive data on a mobile ...
Cross Platform 3D Rendering and Animation Engine for Mobile Tablet Devices
MoMM '14: Proceedings of the 12th International Conference on Advances in Mobile Computing and MultimediaTablet computers are surpassing desktop and laptop PC combined in market share and becoming an important medium for delivering digital content. They are also equipped with powerful hardware that are capable of rendering high definition 3D graphics which ...
A Review on Location Based Services for Mobile Games
PCI '16: Proceedings of the 20th Pan-Hellenic Conference on InformaticsAs mobile users take their devices with them everywhere, adding location-awareness and incorporating geographic data into the applications is an important way to keep users connected to the surrounding world and people nearby, enhancing the overall ...
Comments