Privacy-preserving targeted mobile advertising: A Blockchain-based framework for mobile ads

The targeted advertising is based on preference profiles inferred via relationships among individuals, their monitored responses to previous advertising and temporal activity over the Internet, which has raised critical privacy concerns. In this paper, we present a novel proposal for a Blockchain-based advertising platform that provides: a system for privacy preserving user profiling, privately requesting ads from the advertising system, the billing mechanisms for presented and clicked ads, the advertising system that uploads ads to the cloud according to profiling interests, various types of transactions to enable advertising operations in Blockchain-based network, and the method that allows a cloud system to privately compute the access policies for various resources (such as ads, mobile user profiles). Our main goal is to design a decentralized framework for targeted ads, which enables private delivery of ads to users whose behavioral profiles accurately match the presented ads, defined by the ad system. We implement a POC of our proposed framework i.e. a Bespoke Miner and experimentally evaluate various components of Blockchain-based in-app advertising system, implementing various critical components; such as, evaluating user profiles, implementing access policies, encryption and decryption of users' profiles. We observe that the processing delay for traversing policies of various tree sizes, the encryption/decryption time of user profiling with various key-sizes and user profiles of various interests evaluates to an acceptable amount of processing time as that of the currently implemented ad systems.

[1]  Andrew C. Simpson,et al.  Privacy‐preserving targeted mobile advertising: requirements, design and a prototype implementation , 2016, Softw. Pract. Exp..

[2]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[3]  Angelos Stavrou,et al.  FIRMSCOPE: Automatic Uncovering of Privilege-Escalation Vulnerabilities in Pre-Installed Apps in Android Firmware , 2020, USENIX Security Symposium.

[4]  Tadayoshi Kohno,et al.  Internet Jones and the Raiders of the Lost Trackers: An Archaeological Study of Web Tracking from 1996 to 2016 , 2016, USENIX Security Symposium.

[5]  Alessandro Acquisti,et al.  The Impact of Ad-Blockers on Product Search and Purchase Behavior: A Lab Experiment , 2020, USENIX Security Symposium.

[6]  Narseo Vallina-Rodriguez,et al.  Apps, Trackers, Privacy, and Regulators: A Global Study of the Mobile Tracking Ecosystem , 2018, NDSS.

[7]  Sencun Zhu,et al.  Privacy Risk Analysis and Mitigation of Analytics Libraries in the Android Ecosystem , 2020, IEEE Transactions on Mobile Computing.

[8]  Roksana Boreli,et al.  Information leakage through mobile analytics services , 2014, HotMobile.

[9]  Nikita Borisov,et al.  The Web's Sixth Sense: A Study of Scripts Accessing Smartphone Sensors , 2018, CCS.

[10]  Arnaud Legout,et al.  ReCon: Revealing and Controlling PII Leaks in Mobile Network Traffic , 2015, MobiSys.

[11]  Zibin Zheng,et al.  Blockchain challenges and opportunities: a survey , 2018, Int. J. Web Grid Serv..

[12]  Dan S. Wallach,et al.  A case of collusion: a study of the interface between ad libraries and their apps , 2013, SPSM '13.

[13]  Jun Zhao,et al.  Measuring Third-party Tracker Power across Web and Mobile , 2018, ACM Trans. Internet Techn..

[14]  Dan S. Wallach,et al.  An Empirical Study of Mobile Ad Targeting , 2015, ArXiv.

[15]  Suman Nath,et al.  Bloom Cookies: Web Search Personalization without User Tracking , 2015, NDSS.

[16]  Roksana Boreli,et al.  Characterising user targeting for in-App Mobile Ads , 2014, 2014 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[17]  Salil S. Kanhere,et al.  MOF-BC: A Memory Optimized and Flexible BlockChain for Large Scale Networks , 2018, Future Gener. Comput. Syst..

[18]  Salil S. Kanhere,et al.  BlockChain: A Distributed Solution to Automotive Security and Privacy , 2017, IEEE Communications Magazine.

[19]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[20]  Alessio Merlo,et al.  On the (Un)Reliability of Privacy Policies in Android Apps , 2020, 2020 International Joint Conference on Neural Networks (IJCNN).

[21]  Arvind Narayanan,et al.  Online Tracking: A 1-million-site Measurement and Analysis , 2016, CCS.

[22]  Narseo Vallina-Rodriguez,et al.  Tracking the Trackers: Towards Understanding the Mobile Advertising and Tracking Ecosystem , 2016, ArXiv.

[23]  Suman Nath,et al.  MAdScope: Characterizing Mobile In-App Targeted Ads , 2015, MobiSys.

[24]  Ting-Peng Liang,et al.  Consumer Attitudes Toward Mobile Advertising: An Empirical Study , 2004, Int. J. Electron. Commer..

[25]  Carl A. Gunter,et al.  Free for All! Assessing User Data Exposure to Advertising Libraries on Android , 2016, NDSS.

[26]  Benjamin Livshits,et al.  RePriv: Re-imagining Content Personalization and In-browser Privacy , 2011, 2011 IEEE Symposium on Security and Privacy.

[27]  Aruna Seneviratne,et al.  A measurement study of tracking in paid mobile applications , 2015, WISEC.

[28]  Edgar R. Weippl,et al.  Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools , 2017, 2017 IEEE European Symposium on Security and Privacy (EuroS&P).

[29]  Ian Goldberg,et al.  Practical PIR for electronic commerce , 2011, CCS '11.

[30]  Roksana Boreli,et al.  Protecting Private Attributes in App Based Mobile User Profiling , 2020, IEEE Access.

[31]  Athina Markopoulou,et al.  NoMoATS: Towards Automatic Detection of Mobile Tracking , 2020, Proc. Priv. Enhancing Technol..

[32]  Lorrie Faith Cranor,et al.  The Privacy and Security Behaviors of Smartphone App Developers , 2014 .

[33]  Xiang Pan I Do Not Know What You Visited Last Summer : Protecting Users from Third-party Web Tracking with TrackingFree Browser , 2015 .

[34]  Andrey Bogdanov,et al.  spongent: A Lightweight Hash Function , 2011, CHES.

[35]  Saikat Guha,et al.  Privad: Practical Privacy in Online Advertising , 2011, NSDI.

[36]  Hamed Haddadi,et al.  MobiAd: private and scalable mobile advertising , 2010, MobiArch '10.

[37]  David Wetherall,et al.  Detecting and Defending Against Third-Party Tracking on the Web , 2012, NSDI.

[38]  Wenjie Liu,et al.  A Secure and Targeted Mobile Coupon Delivery Scheme Using Blockchain , 2018, ICA3PP.

[39]  Hema Yoganarasimhan,et al.  Targeting and Privacy in Mobile Advertising , 2020, Mark. Sci..

[40]  Wenke Lee,et al.  The Price of Free: Privacy Leakage in Personalized Mobile In-Apps Ads , 2016, NDSS.

[41]  Salil S. Kanhere,et al.  Blockchain in internet of things: Challenges and Solutions , 2016, ArXiv.

[42]  Roksana Boreli,et al.  ProfileGuard: Privacy Preserving Obfuscation for Mobile User Profiles , 2014, WPES.

[43]  Garrett A. Johnson,et al.  Consumer Privacy Choice in Online Advertising: Who Opts Out and at What Cost to Industry? , 2020, Mark. Sci..

[44]  Lorrie Faith Cranor,et al.  Improving App Privacy: Nudging App Developers to Protect User Privacy , 2014, IEEE Security & Privacy.

[45]  Stylianos Mamais Privacy-preserving and fraud-resistant targeted advertising for mobile devices , 2019 .

[46]  Paul Francis,et al.  SplitX: high-performance private analytics , 2013, SIGCOMM.

[47]  Nick Nikiforakis,et al.  PrivacyMeter: Designing and Developing a Privacy-Preserving Browser Extension , 2018, ESSoS.

[48]  Xiang Pan,et al.  I Do Not Know What You Visited Last Summer: Protecting users from stateful third-party web tracking with TrackingFree browser , 2015, NDSS.

[49]  Patrick Traynor,et al.  A Large Scale Investigation of Obfuscation Use in Google Play , 2018, ACSAC.

[50]  Alex Pentland,et al.  Decentralizing Privacy: Using Blockchain to Protect Personal Data , 2015, 2015 IEEE Security and Privacy Workshops.

[51]  V. Virtanen,et al.  An Empirical Study of the Drivers of Consumer Acceptance of Mobile Advertising , 2007 .

[52]  Elaine Shi,et al.  Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[53]  Helen Nissenbaum,et al.  Adnostic: Privacy Preserving Targeted Advertising , 2010, NDSS.

[54]  Ian Goldberg,et al.  Constant-Size Commitments to Polynomials and Their Applications , 2010, ASIACRYPT.

[55]  Xuxian Jiang,et al.  Unsafe exposure analysis of mobile in-app advertisements , 2012, WISEC '12.

[56]  Stefan Katzenbeisser,et al.  Enabling Privacy Preserving Mobile Advertising via Private Information Retrieval , 2017, 2017 IEEE 42nd Conference on Local Computer Networks (LCN).

[57]  Benjamin Livshits,et al.  AdGraph: A Graph-Based Approach to Ad and Tracker Blocking , 2020, 2020 IEEE Symposium on Security and Privacy (SP).

[58]  Janne Lindqvist,et al.  Should I Protect You? Understanding Developers' Behavior to Privacy-Preserving APIs , 2014 .

[59]  Ying Wang,et al.  Aiming the Mobile Targets in a Cross-Cultural Context: Effects of Trust, Privacy Concerns, and Attitude , 2019, Int. J. Hum. Comput. Interact..

[60]  Jun Zhao,et al.  Third Party Tracking in the Mobile Ecosystem , 2018, WebSci.

[61]  Marko Vukolic,et al.  The Quest for Scalable Blockchain Fabric: Proof-of-Work vs. BFT Replication , 2015, iNetSeC.

[62]  Ivan Damgård,et al.  Commitment Schemes and Zero-Knowledge Protocols , 1998, Lectures on Data Security.

[63]  Ghazaleh Beigi,et al.  Protecting User Privacy: An Approach for Untraceable Web Browsing History and Unambiguous User Profiles , 2018, WSDM.

[64]  Ivan Martinovic,et al.  Intra-Library Collusion: A Potential Privacy Nightmare on Smartphones , 2017, ArXiv.

[65]  D. Wetherall,et al.  A Study of Third-Party Tracking by Mobile Apps in the Wild , 2012 .