Privacy Preserving Publication of Moving Object Data Joey Lei CS295 Francesco Bonchi Yahoo! Research Avinguda Diagonal 177, Barcelona, Spain 6/10/20151CS295.

Slides:



Advertisements
Similar presentations
Cipher Techniques to Protect Anonymized Mobility Traces from Privacy Attacks Chris Y. T. Ma, David K. Y. Yau, Nung Kwan Yip and Nageswara S. V. Rao.
Advertisements

On the Optimal Placement of Mix Zones Julien Freudiger, Reza Shokri and Jean-Pierre Hubaux PETS, 2009.
The Role of History and Prediction in Data Privacy Kristen LeFevre University of Michigan May 13, 2009.
Quality Aware Privacy Protection for Location-based Services Zhen Xiao, Xiaofeng Meng Renmin University of China Jianliang Xu Hong Kong Baptist University.
Mohamed F. Mokbel University of Minnesota
Constructing Popular Routes from Uncertain Trajectories Ling-Yin Wei 1, Yu Zheng 2, Wen-Chih Peng 1 1 National Chiao Tung University, Taiwan 2 Microsoft.
1 A Distortion-based Metric for Location Privacy Workshop on Privacy in the Electronic Society (WPES), Chicago, IL, USA - November 9, 2009 Reza Shokri.
CENTRE Cellular Network’s Positioning Data Generator Fosca GiannottiKDD-Lab Andrea MazzoniKKD-Lab Puntoni SimoneKDD-Lab Chiara RensoKDD-Lab.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
Temporal Pattern Matching of Moving Objects for Location-Based Service GDM Ronald Treur14 October 2003.
Spatio-Temporal Databases. Outline Spatial Databases Temporal Databases Spatio-temporal Databases Multimedia Databases …..
Anatomy: Simple and Effective Privacy Preservation Israel Chernyak DB Seminar (winter 2009)
Dieter Pfoser, LBS Workshop1 Issues in the Management of Moving Point Objects Dieter Pfoser Nykredit Center for Database Research Aalborg University, Denmark.
Tracking Moving Objects in Anonymized Trajectories Nikolay Vyahhi 1, Spiridon Bakiras 2, Panos Kalnis 3, and Gabriel Ghinita 3 1 St. Petersburg State University.
Indexing Spatio-Temporal Data Warehouses Dimitris Papadias, Yufei Tao, Panos Kalnis, Jun Zhang Department of Computer Science Hong Kong University of Science.
Privacy-Aware Computing Introduction. Outline  Brief introduction Motivating applications Major research issues  Tentative schedule  Reading assignments.
The Union-Split Algorithm and Cluster-Based Anonymization of Social Networks Brian Thompson Danfeng Yao Rutgers University Dept. of Computer Science Piscataway,
A Customizable k-Anonymity Model for Protecting Location Privacy Written by: B. Gedik, L.Liu Presented by: Tal Shoseyov.
PRIVACY CRITERIA. Roadmap Privacy in Data mining Mobile privacy (k-e) – anonymity (c-k) – safety Privacy skyline.
Preserving Privacy in Clickstreams Isabelle Stanton.
Click to edit Present’s Name Trends in Location-based Services Muhammad Aamir Cheema.
1 Preserving Privacy in GPS Traces via Uncertainty-Aware Path Cloaking by: Baik Hoh, Marco Gruteser, Hui Xiong, Ansaf Alrabady ACM CCS '07 Presentation:
Baik Hoh Marco Gruteser Hui Xiong Ansaf Alrabady All images are credited to “ACM” Hoh et al (2007), pp
Differentially Private Transit Data Publication: A Case Study on the Montreal Transportation System Rui Chen, Concordia University Benjamin C. M. Fung,
GeoPKDD Geographic Privacy-aware Knowledge Discovery and Delivery Kick-off meeting Pisa, March 14, 2005.
Location Privacy Location privacy in mobile systems: A personalized Anonymization Model Burga Gedik, Ling Liu.
Overview of Privacy Preserving Techniques.  This is a high-level summary of the state-of-the-art privacy preserving techniques and research areas  Focus.
Privacy Preserving Data Mining on Moving Object Trajectories Győző Gidófalvi Geomatic ApS Center for Geoinformatik Xuegang Harry Huang Torben Bach Pedersen.
Mirco Nanni, Roberto Trasarti, Giulio Rossetti, Dino Pedreschi Efficient distributed computation of human mobility aggregates through user mobility profiles.
Solutions to Security and Privacy Issues in Mobile Social Networking
Dept. of Electrical Engineering and Computer Science, Northwestern University Context-Aware Optimization of Continuous Query Maintenance for Trajectories.
Knowledge Discovery and Delivery Lab (ISTI-CNR & Univ. Pisa)‏ www-kdd.isti.cnr.it Anna Monreale Fabio Pinelli Roberto Trasarti Fosca Giannotti A. Monreale,
Location Privacy CompSci Instructor: Ashwin Machanavajjhala Some slides are from a tutorial by Mohamed Mokbel (ICDM 2008) Lecture 19: Fall.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
Trajectory Pattern Mining Fosca Giannotti, Mirco Nanni, Dino Pedreschi, Fabio Pinelli KDD Lab (ISTI-CNR & Univ. Pisa) Presented by: Qiming Zou.
Survey on Privacy-Related Technologies Presented by Richard Lin Zhou.
ACOMP 2011 A Novel Framework for LBS Privacy Preservation in Dynamic Context Environment.
Data Anonymization – Introduction and k-anonymity Li Xiong CS573 Data Privacy and Security.
1 Publishing Naive Bayesian Classifiers: Privacy without Accuracy Loss Author: Barzan Mozafari and Carlo Zaniolo Speaker: Hongwei Tian.
How Others Compromise Your Location Privacy: The Case of Shared Public IPs at Hotspots N. Vratonjic, K. Huguenin, V. Bindschaedler, and J.-P. Hubaux PETS.
Preserving Privacy in GPS Traces via Uncertainty- Aware Path Cloaking Baik Hoh, Marco Gruteser, Hui Xiong, Ansaf Alrabady Presented by Joseph T. Meyerowitz.
Virtual Trip Lines for Distributed Privacy- Preserving Traffic Monitoring Baik Hoh et al. MobiSys08 Slides based on Dr. Hoh’s MobiSys presentation.
Intelligent DataBase System Lab, NCKU, Taiwan Josh Jia-Ching Ying 1, Wang-Chien Lee 2, Tz-Chiao Weng 1 and Vincent S. Tseng 1 1 Department of Computer.
Privacy-preserving data publishing
Trajectory Data Mining Dr. Yu Zheng Lead Researcher, Microsoft Research Chair Professor at Shanghai Jiao Tong University Editor-in-Chief of ACM Trans.
Trajectory Data Mining Dr. Yu Zheng Lead Researcher, Microsoft Research Chair Professor at Shanghai Jiao Tong University Editor-in-Chief of ACM Trans.
Privacy Protection in Social Networks Instructor: Assoc. Prof. Dr. DANG Tran Khanh Present : Bui Tien Duc Lam Van Dai Nguyen Viet Dang.
CSCI 347, Data Mining Data Anonymization.
Preserving Privacy GPS Traces via Uncertainty-Aware Path Cloaking Baik Hoh, Marco Gruteser, Hui Xiong, Ansaf Alrabady Presenter:Yao Lu ECE 256, Spring.
EVALUATING LBS PRIVACY IN DYNAMIC CONTEXT 1. Outline 2  Overview Attack Model  Classification Defend Model  Evaluation Module  Conclusion.
February 4, Location Based M-Services Soon there will be more on-line personal mobile devices than on-line stationary PCs. Location based mobile-services.
Location Privacy Protection for Location-based Services CS587x Lecture Department of Computer Science Iowa State University.
Predicting the Location and Time of Mobile Phone Users by Using Sequential Pattern Mining Techniques Mert Özer, Ilkcan Keles, Ismail Hakki Toroslu, Pinar.
Efficient OLAP Operations in Spatial Data Warehouses Dimitris Papadias, Panos Kalnis, Jun Zhang and Yufei Tao Department of Computer Science Hong Kong.
Differential Privacy (1). Outline  Background  Definition.
Unraveling an old cloak: k-anonymity for location privacy
ABJ60 – Spatial Data and Information Science – Operations and Congestion Operations and Congestion.
Database Laboratory TaeHoon Kim. /18 Work Progress.
Privacy Vulnerability of Published Anonymous Mobility Traces Chris Y. T. Ma, David K. Y. Yau, Nung Kwan Yip (Purdue University) Nageswara S. V. Rao (Oak.
User Modeling for Personal Assistant
ACHIEVING k-ANONYMITY PRIVACY PROTECTION USING GENERALIZATION AND SUPPRESSION International Journal on Uncertainty, Fuzziness and Knowledge-based Systems,
CAT: Correct Answers of Continuous Queries using Triggers
SMART APPLICATIONS FOR SMART CITY: A CONTRIBUTION TO INNOVATION
Location Cloaking for Location Safety Protection of Ad Hoc Networks
Mining Spatio-Temporal Reachable Regions over Massive Trajectory Data
Personalized Privacy Protection in Social Networks
Spatio-Temporal Databases
Walking in the Crowd: Anonymizing Trajectory Data for Pattern Analysis
A Unified Framework for Location Privacy
Presentation transcript:

Privacy Preserving Publication of Moving Object Data Joey Lei CS295 Francesco Bonchi Yahoo! Research Avinguda Diagonal 177, Barcelona, Spain 6/10/20151CS295 - Privacy and Data Management

Outline Intro & Background Clustering and Perturbation Techniques Spatio-Temporal Cloaking (Generalization) Techniques Future Research 6/10/2015CS295 - Privacy and Data Management2

Location Privacy Growing prevalence of location aware devices – mobile phones and GPS devices Two Analysis Groups – Online Real-time monitoring of moving objects and motion patterns development of location based services (LBS) – Google Maps on the iPhone – Offline Collection of traces left by moving objects Offline analysis to extract behavioral knowledge – public transportation 6/10/20153CS295 - Privacy and Data Management

Privacy Concerns Location Data allows for intrusive inferences – Reveals habits – Social customs – Religious and sexual preferences – Unauthorized advertisement – User profiling 6/10/20154CS295 - Privacy and Data Management

Offline Analysis Traffic Management Application – Paths (trajectories) of vehicles with GPS are recorded Geographic Privacy-aware Knowledge Discovery and Delivery (GeoPKDD) – Traffic data published for the city of Milan (Italy) – Car identifiers were replaced with pseudonyms Daily Commute Example – Bob’s home and workplace are traceable by location systems (QIDs) – Join data with a telephone directory 6/10/20155CS295 - Privacy and Data Management

Definitions Anonymity Preserving Data Publishing of Moving Objects Databases – How to transform published location data while maintaining utility Moving Object Database (MOD) – A set of individuals, time points, and trajectories 6/10/20156CS295 - Privacy and Data Management

Background: Location Based Services Ideals – Provide service without learning user’s exact position – Location data is forgotten once service is provided k-anonymity definition – A response to a request for location data is k- anonymous when it is indistinguishable from the spatial and temporal information of at least k – 1 other responses sent from different users 6/10/20157CS295 - Privacy and Data Management

LBS: Location k-Anonymity Spatial Requirements – Ubiquity – that a user visits at least k regions – Congestion – number of users be at least k One Way to Achieve This: Mix Zones – An area where LBS providers cannot trace a specific users’ movement – Identity is replaced with pseudonyms Users entering these zones at the same time are mixed together 6/10/20158CS295 - Privacy and Data Management

LBS: Location Based Quasi-Identifier A spatio-temporal pattern that can uniquely identify one individual – set of spatial areas and time intervals plus a recurrence formula – AreaCondominium [7am, 8am],AreaOfficeBldg [8am, 9am], – AreaOfficeBldg [4pm, 6pm],AreaCondominium[5pm, 7pm] – Recurrence : 3.Weekdays ∗ 2.Weeks 6/10/20159CS295 - Privacy and Data Management

LBS: Historical k-Anonymity In the offline context – A set of requests satisfies historical k-anonymity if there exists k – 1 personal histories of locations (trajectories) belonging to k – 1 different users such that they are location-time consistent (undistinguishable) 6/10/201510CS295 - Privacy and Data Management

Outline Intro & Background Clustering and Perturbation Techniques Spatio-Temporal Cloaking (Generalization) Techniques Conclusions 6/10/2015CS295 - Privacy and Data Management11

Clustering and Perturbation C&P ignores the inherent problems with location QIDs: – each individual can have their own QIDs which makes it difficult to create a QID for all individuals – Area(Home,Office,??)[??am- ??pm] – Recurrence : 7.Weekdays ∗ 52.Weeks Solution: anonymize trajectories instead – Microaggregation / k-member anonymity 6/10/201512CS295 - Privacy and Data Management

Clustering and Perturbation Trajectories are not polylines, but instead a cylindrical volume with radius δ (or uncertainty radius) If another trajectory moves within the cylinder of the given trajectory, then the two trajectory are indistinguishable from each other ((k, δ)- anonymity set) 6/10/201513CS295 - Privacy and Data Management

Clustering and Perturbation a)Uncertainty trajectory b)Anonymity set for two trajectories 6/10/201514CS295 - Privacy and Data Management

Achieving (k, δ)-anonymity Achieved by Space Translation – slightly moving some observations in space Step One: cluster trajectories of similar sizes – NWA (Never Walk Alone) All equivalence classes have the same time span and special timestamp requirements π (ie. π = 60, only full hours, from 1:00PM-2:00PM) 6/10/201515CS295 - Privacy and Data Management

Achieving (k, δ)-anonymity Step Two: perturb trajectories within uncertainty radius δ (i.e. transformation into anonymity set) – Grouping and Reconstruction Finding the nearest matching points to group Reconstruct a generalization for utility Multi TGA and Fast TGA Algorithms 6/10/201516CS295 - Privacy and Data Management

Outline Intro & Background Clustering and Perturbation Techniques Spatio-Temporal Cloaking (Generalization) Techniques Conclusions 6/10/2015CS295 - Privacy and Data Management17

Trajectory Generalization Anonymization of three trajectories tr1, tr2 and tr3, based on point matching and removal, and spatio- temporal generalization 6/10/201518CS295 - Privacy and Data Management

Trajectory Reconstruction Reference: Aggarwal, C.C., Yu, P.S.: A condensation approach to privacy preserving data mining. 6/10/201519CS295 - Privacy and Data Management

Quasi-identifier Methods QIDs are a sequence of locations with multiple sensitive values (locations) – values are different from the perspective of each adversary Yet, must consider linkage attacks from all adversaries 6/10/201520CS295 - Privacy and Data Management

Quasi-identifier Methods Possible Attack – T 5 and t 5 A match! We know that person visited b 1 6/10/201521CS295 - Privacy and Data Management

Space Generalization Each position is an exact point on a grid Generalizations become rectangles of nearby points. 6/10/201522CS295 - Privacy and Data Management

Attack Graph Privacy Breach on prior example Definitions – I-Nodes (Individuals) – O-Nodes (Moving Object IDs) 6/10/201523CS295 – Data Privacy and Confidentiality

Attack Graph If I 1 is mapped to O 2, there is no clear mapping for I 2 or I 3 – Both I 2 and I 3 map to O3. Conclusion – O 1 must map to I 1 6/10/201524CS295 - Privacy and Data Management

Attack Graph Shortcomings on basic k-anonymity definition – Standard k-anonymity states there should be at least k paths originating from I (based on grouping). – What if we group O to have at least k paths? 6/10/201525CS295 - Privacy and Data Management

Attack Graph Privacy Breach – Assume I 2, O 5 are a pair – I 1 maps to both O 1, O 2, but this is impossible! I 5 must map to O 5 6/10/201526CS295 - Privacy and Data Management

Final k-Anonymity Definition Every I-node has degree k or more The attack graph is symmetric – For edge (I i, O j ) there is also an edge (I j,O i ) 2-anonymous attack graph: 6/10/201527CS295 - Privacy and Data Management

Future Research Ad-Hoc anonymization techniques for intended use of data Privacy Preserving Data Mining – Focus on the analysis methods instead of the publishing 6/10/2015CS295 - Privacy and Data Management28

Questions? 6/10/2015CS295 - Privacy and Data Management29

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.