Appropriate Obfuscation of Location Information on an Application Level for Mobile Devices

[ External Download ]
Mobile devices, like smartphones and tablets, find their way into more and more households and are currently used by over one billion people. While these new mobile devices introduce new possibilities for their users, they also reveal several security and especially privacy challenges. This work focuses on the sensitive location privacy, which is increasingly violated by the ex- tended use of location aware applications. Those applications make use of the location provided by the mobile device to either offer context sensitive services or to monetize the personal infor- mation. The goal of this thesis is to provide theoretical as well as practical approaches, to support user to regain their power over their location privacy without limiting the usage of location aware applications. The first challenge of this thesis deals with mitigation approaches that are used to reduce the entropy of location information and improve the personal privacy. So far, there are no recom- mendations of obfuscation algorithms, which can be used for specific applications to improve the privacy while maintaining the quality of service provided by the applications. The second aspect evaluates, how the obfuscation algorithms can be deployed to modern mobile operating systems. Currently these systems only provide very limited support in terms of location privacy and they provide no functionalities to implement the privacy preserving mechanisms. Consequently it is necessary to find alternative approaches to deploy location obfuscation mechanisms. The research approach for this thesis was based on the constructive research. The process started with an intense literature research, which was used to retrieve state-of-the-art obfuscation techniques. Subsequently techniques were classified based on a qualitative evaluation to create an algorithm recommendation for location aware applications. For the interception of the location information, two different prototypes were designed and implemented. These two approaches were then evaluated against each other as well as against alternative already existing privacy improvement frameworks. The first contribution of this thesis is a new classification scheme for location obfuscation algorithms, which includes the plausibility aspects of obfuscated locations for the first time. Based on this classification, a mapping between commonly used location aware applications and appropriate obfuscation algorithms is suggested. The second major contribution is the im- provement of an existing location information interception framework and an implementation of a novel approach, to improve the location privacy. These two prototypes resolve several issues of previous interception approaches and can be used to support the user to regain power over their personal location privacy.
  author = {Hochreiner, Christoph},
  title = {Appropriate Obfuscation of Location Information on an Application Level for Mobile Devices},
  school = {TU Wien},
  year = {2014},
  url = {}