Bloom Cookies: Web Search Personalization without User Tracking
Nitesh Mor, Oriana Riva, Suman Nath, John D. Kubiatowicz

Citation
Nitesh Mor, Oriana Riva, Suman Nath, John D. Kubiatowicz. "Bloom Cookies: Web Search Personalization without User Tracking". NDSS 2015, Internet Society, 8, February, 2015.

Abstract
We propose Bloom cookies that encode a user's profile in a compact and privacy-preserving way, without preventing online services from using it for personalization purposes. The Bloom cookies design is inspired by our analysis of a large set of web search logs that shows drawbacks of two profile obfuscation techniques, namely profile generalization and noise injection, today used by many privacy-preserving personalization systems. We find that profile generalization significantly hurts personalization and fails to protect users from a server linking user sessions over time. Noise injection can address these problems, but only at the cost of a high communication overhead and a noise dictionary generated by a trusted third party. In contrast, Bloom cookies leverage Bloom filters as a privacy-preserving data structure to provide a more convenient privacy, personalization, and network efficiency tradeoff: they provide similar (or better) personalization and privacy than noise injection (and profile generalization), but with an order of magnitude lower communication cost and no noise dictionary. We discuss how Bloom cookies can be used for personalized web search, present an algorithm to automatically configure the noise in Bloom cookies given a user's privacy and personalization goals, and evaluate their performance compared to the state-of-the-art.

Electronic downloads


Internal. This publication has been marked by the author for TerraSwarm-only distribution, so electronic downloads are not available without logging in.
Citation formats  
  • HTML
    Nitesh Mor, Oriana Riva, Suman Nath, John D. Kubiatowicz.
    <a
    href="http://www.terraswarm.org/pubs/461.html"
    >Bloom Cookies: Web Search Personalization without User
    Tracking</a>, NDSS 2015, Internet Society, 8,
    February, 2015.
  • Plain text
    Nitesh Mor, Oriana Riva, Suman Nath, John D. Kubiatowicz.
    "Bloom Cookies: Web Search Personalization without User
    Tracking". NDSS 2015, Internet Society, 8, February,
    2015.
  • BibTeX
    @inproceedings{MorRivaNathKubiatowicz15_BloomCookiesWebSearchPersonalizationWithoutUserTracking,
        author = {Nitesh Mor and Oriana Riva and Suman Nath and John
                  D. Kubiatowicz},
        title = {Bloom Cookies: Web Search Personalization without
                  User Tracking},
        booktitle = {NDSS 2015},
        organization = {Internet Society},
        day = {8},
        month = {February},
        year = {2015},
        abstract = {We propose Bloom cookies that encode a user's
                  profile in a compact and privacy-preserving way,
                  without preventing online services from using it
                  for personalization purposes. The Bloom cookies
                  design is inspired by our analysis of a large set
                  of web search logs that shows drawbacks of two
                  profile obfuscation techniques, namely profile
                  generalization and noise injection, today used by
                  many privacy-preserving personalization systems.
                  We find that profile generalization significantly
                  hurts personalization and fails to protect users
                  from a server linking user sessions over time.
                  Noise injection can address these problems, but
                  only at the cost of a high communication overhead
                  and a noise dictionary generated by a trusted
                  third party. In contrast, Bloom cookies leverage
                  Bloom filters as a privacy-preserving data
                  structure to provide a more convenient privacy,
                  personalization, and network efficiency tradeoff:
                  they provide similar (or better) personalization
                  and privacy than noise injection (and profile
                  generalization), but with an order of magnitude
                  lower communication cost and no noise dictionary.
                  We discuss how Bloom cookies can be used for
                  personalized web search, present an algorithm to
                  automatically configure the noise in Bloom cookies
                  given a user's privacy and personalization goals,
                  and evaluate their performance compared to the
                  state-of-the-art.},
        URL = {http://terraswarm.org/pubs/461.html}
    }
    

Posted by Barb Hoversten on 12 Nov 2014.
Groups: services

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.