On the feasibility of user de-anonymization from shared mobile sensor data

Underpinning many recent advances in sensing applications (e.g., mHealth) is the ability to safely collect and share mobile sensor data. Research has shown that even from seemingly harmless sensors (e.g., accelerometers, gyroscopes, or magnetometers) an ever expanding set of potentially sensitive user behavior can be inferred. Providing robust anonymity assurances is a principal mechanism for protecting users when data is shared (e.g., with medical professionals or friends). In this paper, we study the feasibility of user de-anonymization from mobile sensor datasets routinely collected on commodity devices (e.g., smartphones). We perform a systematic investigation to quantify the threat of de-anonymization using existing sparsity-based techniques adapted to exploit mobile sensor data characteristics. This preliminary study indicates significant threats to user anonymity exist within shared mobile sensor data and further investigation is warranted.

[1]  John Riedl,et al.  You are what you say: privacy risks of public mentions , 2006, SIGIR '06.

[2]  Ramón Cáceres,et al.  Virtual individual servers as privacy-preserving proxies for mobile devices , 2009, MobiHeld '09.

[3]  Anupam Datta,et al.  Provable De-anonymization of Large Datasets with Sparse Dimensions , 2012, POST.

[4]  Lise Getoor,et al.  To join or not to join: the illusion of privacy in social networks with mixed public and private user profiles , 2009, WWW '09.

[5]  Min Y. Mun,et al.  Designing the Personal Data Stream: Enabling Participatory Privacy in Mobile Personal Sensing , 2009 .

[6]  D. Culibrk,et al.  Demographic Attributes Prediction on the Real-World Mobile Data , 2012 .

[7]  Ye Xu,et al.  Enabling large-scale human activity inference on smartphones using community similarity networks (csn) , 2011, UbiComp '11.

[8]  Emiliano Miluzzo,et al.  Evaluating the iPhone as a Mobile Platform for Pe ople-Centric Sensing Applications , 2008 .

[9]  Christopher M. Bishop,et al.  Pattern Recognition and Machine Learning (Information Science and Statistics) , 2006 .

[10]  Go Hirakawa,et al.  A Large Scale Gathering System for Activity Data with Mobile Sensors , 2011, 2011 15th Annual International Symposium on Wearable Computers.

[11]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[12]  John Krumm,et al.  A survey of computational location privacy , 2009, Personal and Ubiquitous Computing.

[13]  Tarek F. Abdelzaher,et al.  PoolView: stream privacy for grassroots participatory sensing , 2008, SenSys '08.

[14]  Syed Monowar Hossain,et al.  mPuff: Automated detection of cigarette smoking puffs from respiration measurements , 2012, 2012 ACM/IEEE 11th International Conference on Information Processing in Sensor Networks (IPSN).

[15]  Mani B. Srivastava,et al.  Privacy risks emerging from the adoption of innocuous wearable sensors in the mobile environment , 2011, CHI.

[16]  Yunxin Liu,et al.  Can Your Smartphone Infer Your Mood ? , 2011 .