Preserving Privacy and Functionality in GeoSocial Networks

alt text

Geosocial Networks (GSNs) are social networks centered on the locations of users and businesses. GSNs such as Foursquare and Yelp allow users to register or ``check-in'' their location, share it with their friends, leave recommendations and collect prize ``badges''. Badges are acquired by checking-in at certain locations (i.e., venues), following a required pattern. Users rely on GSNs to keep track of the locations of their friends, and to receive promotional deals, coupons and personalized recommendations. For GSN providers however, the main source of revenue is location-based ad targeting. Thus, the price of participation for users is compromised privacy, in particular, location privacy. Service providers learn the places visited by each user, the times and the sequence of visits as well as user preferences, e.g., the frequency distribution of their visits.

In this project we seek solutions that balance three requirements. On one dimension, clients need strong privacy guarantees. The service provider should not learn user profile information, including (i) linking users to (location, time) pairs, (ii) linking users to any location, even if they achieve special status at that location and even (iii) building pseudonymous user profiles – linking multiple locations where the same “unknown” user has checked-in. On the second dimension, the service provider needs assurances of client correctness when awarding location-related badges. Otherwise, since special status often comes with financial and social perks, privacy would protect users that perpetrate fraudulent behaviors such as, reporting fake locations, duplicating and sharing special status tokens, or checking-in more frequently than allowed. On a third dimension, the provider needs to be able to collect certain user information. Being denied access to all user information discourages participation.

We first study geosocial networks, in an effort to confirm the relevance of this problem. We need to understand if geosocial network subscribers are active in terms of numbers of check-ins performed, badges obtained, users befriended and things done at locations. We have collected publicly available data from Foursquare and Gowalla2 using their public APIs. We have collected profiles of 781,239 Foursquare users (out of 5 million queried) and the entire Gowalla set – 143,476 users. For every Foursquare/Gowalla user, we have gathered the user profile, the total number of friends, check-ins and “days out” (days the user was actively performing check-ins).

We then focus on fraudulent behaviors concerning user location reports. The use of financial incentives by GSNs introduces reasons for cheating, motivating users to commit location fraud: falsely claim to be at a location, to receive undeserved rewards or social status. Even with GPS verification mechanisms in place, committing location fraud has been largely simplified by the recent emergence of specialized applications for the most popular mobile eco-systems (LocationSpoofer for iPhone and GPSCheat for Android).

alt text

To address this problem, we exploit the insight that venues have the most to gain from properly rewarding users: their main goal is to retain customers and attract new users. We introduce XACT , a suite of venue-oriented, secure location verification mechanisms, that require participating venues to deploy minimalist equipment. To promote its adoptability, we design XACT to be not only secure and correct, but also user friendly, economical and easy to deploy. XACT consists of mechanisms that (i) broadcast unpredictable Wi-Fi SSIDs, (ii) display QR codes encoding venue certified information, and (iii) implement challenge/response protocols.

alt text

We then develop solutions to enable GSN providers to privately build a variety of badges. For instance, GeoBadge, allows users to privately prove having performed k check-ins at one venue, where k is a predefined parameter. FreqBadge extends GeoBadge with provably time-constrained check-ins as well as arbitrary values for k. e-Badge extends GeoBadge with the notion of levels of expertise, unlocked as the user performs more check-ins at new venues. MPBadge extends GeoBadge with the notion of simultaneous, co-located check-ins from multiple users.

As mentioned above, GSNs introduce a conflict: Without privacy people may be reluctant to use geosocial networks; without user information the provider and venues cannot support applications and have no incentive to participate. We investigate solutions to enable the GSN provider to build aggregate location predicates from data of users that check-in at certain locations, while preserving the privacy of users.

We implement the developed solutions on smartphones and other resource constrained devices, including Beagle Boards.



  • [IEEE TIFS] "ProfilR: Toward Preserving Privacy and Functionality in GeoSocial Networks"
    Bogdan Carbunar, Mahmudur Rahman, Jaime Ballesteros, Naphtali Rishe, Athanasios V. Vasilakos.
    IEEE Transactions on Information Forensics and Security (TIFS), Volume 9, Issue 4, 2014. [pdf]

  • [REUNS] "GeoFit: Verifiable Fitness Challenges"
    Ian Michael Terry, Anita Wu, Sebastian Ramirez, Alex Pissinou Makki, Leonardo Bobadilla, Niki Pissinou, S.S. Iyengar, Bogdan Carbunar.
    In Proceedings of the First National Workshop for REU Research in Networking and Systems (REUNS), Philadelphia, October 2014.

  • [IEEE Communications] "A Survey of Privacy Vulnerabilities and Defenses in GeoSocial Networks"
    Bogdan Carbunar, Mahmudur Rahman, Niki Pissinou, Athanasios V. Vasilakos.
    In the IEEE Communications Magazine, Volume 15, Issue 11, 2013. [pdf]

  • [IEEE TMC] "Private Badges for GeoSocial Networks"
    Bogdan Carbunar, Radu Sion, Rahul Potharaju, Moussa Ehsan.
    Accepted for publication in the IEEE Transactions on Mobile Computing (TMC), 2013. [pdf]

  • [ACM GIS] "Private Location Centric Profiles for GeoSocial Networks".
    Bogdan Carbunar, Mahmudur Rahman, Jaime Ballesteros, Naphtali Rishe.
    In Proceedings of the 20th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems (GIS) - short paper.
    Redondo Beach, CA, November 2012. [pdf]

  • [IEEE MASS] You Unlocked the Mt. Everest Badge on Foursquare! Countering Location Fraud in GeoSocial Networks.
    Bogdan Carbunar, Rahul Potharaju.
    To appear in the 9th IEEE International Conference on Mobile Ad hoc and Sensor Systems (MASS), Las Vegas, October 2012. [pdf]

  • [ACNS] "The Shy Mayor: Private Badges in GeoSocial Networks".
    Bogdan Carbunar, Radu Sion, Rahul Potharaju, Moussa Ehsan.
    In Proceedings of the 10th International Conference on Applied Cryptography and Network Security (ACNS) [acceptance rate=17.1%], Singapore, June 2012 [pdf]