PDP-SAG: Personalized Privacy Protection in Moving Objects Databases by Combining Differential Privacy and Sensitive Attribute Generalization

Moving objects databases have become an enabling technology for location-based applications. They mostly focus on the storing and processing of data about moving objects. Privacy protection is one of the most important concerns related to such databases. In recent years, some mechanisms have been proposed to answer statistical queries over moving objects databases, while satisfying differential privacy. However, none of them consider the case where a moving objects database contains non-spatiotemporal sensitive attributes other than spatiotemporal attributes. Besides, most of them do not support the personalized privacy protection requirements of different moving objects. In this paper, we address these problems by presenting PDP-SAG, a differentially private mechanism that combines the sensitive attribute generalization with personalized privacy in a unified manner. By this combination, we aim to provide different levels of differential privacy protection for moving objects that have non-spatiotemporal sensitive attributes as well. In this regard, we generalize the sensitive attribute values of trajectory data records based on their privacy descriptor and define a new personalized differentially private tree structure to keep different noisy frequencies for each trajectory according to the generalized sensitive attribute values of trajectory data records passing through that trajectory. We also propose intra- and inter-consistency constraints enforcements to make noisy frequencies consistent with each other. The extensive experiments on synthetic and real datasets verify that PDP-SAG significantly improves the utility of sensitive query answers and provides the required level of privacy protection for each moving object, in comparison to the case when no personalization and generalization are permitted.

[1]  Anne-Marie Kermarrec,et al.  Heterogeneous Differential Privacy , 2015, J. Priv. Confidentiality.

[2]  Xiao Lu,et al.  Real-Time and Spatio-Temporal Crowd-Sourced Social Network Data Publishing with Differential Privacy , 2018, IEEE Transactions on Dependable and Secure Computing.

[3]  Mahdi Abadi,et al.  Differentially private count queries over personalized-location trajectory databases , 2018, Data in brief.

[4]  Yufei Tao,et al.  Personalized privacy preservation , 2006, Privacy-Preserving Data Mining.

[5]  Douglas J. Leith,et al.  Differential privacy in metric spaces: Numerical, categorical and functional data under the one roof , 2015, Inf. Sci..

[6]  Claude Castelluccia,et al.  Differentially private sequential data publication via variable-length n-grams , 2012, CCS.

[7]  Philip S. Yu,et al.  $\textsf{LoPub}$ : High-Dimensional Crowdsourced Data Publication With Local Differential Privacy , 2016, IEEE Transactions on Information Forensics and Security.

[8]  Benjamin C. M. Fung,et al.  Privacy-preserving trajectory data publishing by local suppression , 2013, Inf. Sci..

[9]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[10]  Mahdi Abadi,et al.  SpatialPDP: A personalized differentially private mechanism for range counting queries over spatial databases , 2014, 2014 4th International Conference on Computer and Knowledge Engineering (ICCKE).

[11]  Alexander J. Smola,et al.  Fast Differentially Private Matrix Factorization , 2015, RecSys.

[12]  Liangmin Wang,et al.  SLAT: Sub-Trajectory Linkage Attack Tolerance Framework for Privacy-Preserving Trajectory Publishing , 2018, 2018 International Conference on Networking and Network Applications (NaNA).

[13]  Heng Tao Shen,et al.  Personalized semantic trajectory privacy preservation through trajectory reconstruction , 2017, World Wide Web.

[14]  Junshan Zhang,et al.  From Social Group Utility Maximization to Personalized Location Privacy in Mobile Networks , 2017, IEEE/ACM Transactions on Networking.

[15]  Philip S. Yu,et al.  Differentially Private Data Publishing and Analysis: A Survey , 2017, IEEE Transactions on Knowledge and Data Engineering.

[16]  Benjamin C. M. Fung,et al.  Differentially private transit data publication: a case study on the montreal transportation system , 2012, KDD.

[17]  Benjamin C. M. Fung,et al.  Walking in the crowd: anonymizing trajectory data for pattern analysis , 2009, CIKM.

[18]  Ting Yu,et al.  Conservative or liberal? Personalized differential privacy , 2015, 2015 IEEE 31st International Conference on Data Engineering.

[19]  Liehuang Zhu,et al.  Achieving differential privacy of trajectory data publishing in participatory sensing , 2017, Inf. Sci..

[20]  Philip S. Yu,et al.  Personalized Privacy Protection in Social Networks , 2010, Proc. VLDB Endow..

[21]  Qian Zhang,et al.  Outsourcing high-dimensional healthcare data to cloud with personalized privacy preservation , 2015, Comput. Networks.

[22]  Mahdi Abadi,et al.  PLDP-TD: Personalized-location differentially private data analysis on trajectory databases , 2018, Pervasive Mob. Comput..

[23]  Divesh Srivastava,et al.  DPT: Differentially Private Trajectory Synthesis Using Hierarchical Reference Systems , 2015, Proc. VLDB Endow..

[24]  Wei-Ying Ma,et al.  Understanding mobility based on GPS data , 2008, UbiComp.

[25]  Changyou Zhang,et al.  Privacy-preserving governmental data publishing: A fog-computing-based differential privacy approach , 2019, Future Gener. Comput. Syst..

[26]  Mahdi Abadi,et al.  PPTD: Preserving personalized privacy in trajectory data publishing by sensitive attribute generalization and trajectory local suppression , 2016, Knowl. Based Syst..

[27]  Philippe Cudré-Mauroux,et al.  Privacy-Preserving Social Media Data Publishing for Personalized Ranking-Based Recommendation , 2019, IEEE Transactions on Knowledge and Data Engineering.

[28]  Frank McSherry,et al.  Privacy integrated queries: an extensible platform for privacy-preserving data analysis , 2009, SIGMOD Conference.