ProfileGuard: Privacy preserving obfuscation for mobile user profiles

Imdad Ullah, Roksana Boreli, Salil S. Kanhere, Sanjay Chawla

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

6 Scopus citations

Abstract

Analytics companies have become an integral part of the mobile advertising industry, enabling successful user targeting via user profiles, derived from the mobile apps installed by specific users. This poses a threat to privacy of such users, when apps indicating sensitive information, e.g., a gaming app showing a gambling problem, are the basis for profiling. In this paper, we propose a Profile Guard, novel app-based obfuscation mechanism to remove the dominance (prevalence amongst the interest categories present in a user profile) of selected private user profile interest categories. We show, based on extensive experimental evaluation using 2700 Android apps during a 9 month test campaign, that the best trade-off between the level of effort required by the obfuscating system and the resulting privacy protection can be achieved by choosing the obfuscating apps based on similarity with user's existing apps (while ensuring that the selected apps belong to a non-private category). We implement a POC ProfileGuard app to demonstrate the feasibility of an automated obfuscation mechanism. We also provide insights into the broad Google AdMob profiling rules, showing that there is a deterministic mapping of individual apps to profile interests, that profiles based on multiple apps represent a union of individual app profiles and that there is a minimum level of activity necessary for AdMob to build a stable user profile. Finally, we show the resulting effect of obfuscation on the received ads, demonstrating that modifying user profiles to include a richer set of interests results in correspondingly more diverse received ads.

Original languageEnglish
Title of host publicationProceedings of the ACM Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery
Pages83-92
Number of pages10
ISBN (Electronic)9781450331487
DOIs
StatePublished - Nov 3 2014
Externally publishedYes
Event13th Workshop on Privacy in the Electronic Society, WPES 2014, in Conjunction with the ACM Conference on Computer and Communications Security, ACM CCS 2014 - Scottsdale, United States
Duration: Nov 3 2014 → …

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Conference

Conference13th Workshop on Privacy in the Electronic Society, WPES 2014, in Conjunction with the ACM Conference on Computer and Communications Security, ACM CCS 2014
Country/TerritoryUnited States
CityScottsdale
Period11/3/14 → …

Keywords

  • Mobile apps
  • Obfuscation
  • Privacy
  • Targeted ads

Fingerprint

Dive into the research topics of 'ProfileGuard: Privacy preserving obfuscation for mobile user profiles'. Together they form a unique fingerprint.

Cite this