Obfuscation-Based Mechanisms in Location-Based Privacy Protection

Protection of personal data is vital to individuals. With the prevalence of cyber-crime, it is important to leverage the power of artificial intelligence (AI) to protect the user. The more someone else knows about a person and their whereabouts, the more power they can have over that person. This power takes the form of influence over their decisions, perhaps reveals to others their behaviours, where they live, and subsequently can affect their reputation or even safety. This review will provide an exploration into three methods of obscuring a person’s geographical location when using location-based services. It will explain to the reader how artificial intelligence can be used in their favour. Unfortunately, there is no perfect protection of privacy because location-based services (LBS) rely on the device’s accurate location to provide services, such as restaurant recommendations or games like Pokemon. But we should at least aim for a favourable balance between total privacy and the exposure of information on an individual. Three obfuscation-based mechanisms were compared on their data privacy efficacy, data utility, and ease of implementation. These mechanisms are: location generalisation (cloaking), location perturbation (differential privacy), and location spoofing (using dummy locations). Gowalla is a location-based social networking website where users share their locations by checking-in. A subset of the Gowalla dataset was used to evaluate these three mechanisms. In this work, three obfuscation methodologies for location-based services to protect the user’s location and privacy were evaluated. For the Gowalla dataset subset in London, the differential privacy using logistic regression with an epsilon of 0.8 seemed to have the best performance in terms of privacy, utility and overhead. k-Anonymity came second in its reasonable performance across all three metrics. t-Closeness obfuscation performed better in privacy, but worse than l-diversity in utility. Finally, these were followed by the application of dummy based locations. This method was the simplest but was the least refined in its ability to hide user datapoints and the most vulnerable to malicious attacks. The differential privacy using k-means was considered separately, since it is an unsupervised artificial intelligence learning algorithm as opposed to the others. Differential privacy clustering showed the ease of being able to create varying clusters each time a query is run, which could be highly effective in hiding user device locations.