AnonAD: Privacy-Aware Micro-Targeted Mobile Advertisements without Proxies

Mobile advertisements have become the dominant source of revenue for mobile application developers, advertisers and brokers. Using novel sensing techniques and the advanced sensors of mobile devices, it has become feasible to determine a user's fine-grained context such as her location, activity, and interests. This information can be used by the advertisement (ad) brokers to provide more relevant ads to the user based on her context. However, this has led to serious privacy risks, since a user can be tracked by the broker or an adversary based on her context. In this paper, we present AnonAd, an ad delivery scheme that allows users to protect their privacy when receiving micro-targeted ads from the broker. AnonAd utilizes the encryption of the user's context based on a split-secret scheme that guarantees that the broker can decrypt the context only when there exists k other users in the same context. This way, a user's privacy is protected with k-anonymity during the context report. We show that the split-secret scheme integrates seamlessly with existing homomorphic encryption-based schemes that can provide differential privacy for ad click reports. We implement AnonAd on Android smartphones and evaluate it with real users as well as simulated users that follow real mobility traces. Our results show that AnonAd achieves a balance between user's privacy and relevancy of advertisements without the requirement of any additional proxy servers.