Enhancing Privacy and Accuracy in Probe Vehicle-Based Traffic Monitoring via Virtual Trip Lines

Traffic monitoring using probe vehicles with GPS receivers promises significant improvements in cost, coverage, and accuracy over dedicated infrastructure systems. Current approaches, however, raise privacy concerns because they require participants to reveal their positions to an external traffic monitoring server. To address this challenge, we describe a system based on virtual trip lines and an associated cloaking technique, followed by another system design in which we relax the privacy requirements to maximize the accuracy of real-time traffic estimation. We introduce virtual trip lines which are geographic markers that indicate where vehicles should provide speed updates. These markers are placed to avoid specific privacy sensitive locations. They also allow aggregating and cloaking several location updates based on trip line identifiers, without knowing the actual geographic locations of these trip lines. Thus, they facilitate the design of a distributed architecture, in which no single entity has a complete knowledge of probe identities and fine-grained location information. We have implemented the system with GPS smartphone clients and conducted a controlled experiment with 100 phone-equipped drivers circling a highway segment, which was later extended into a year-long public deployment.

[1]  Alexandre M. Bayen,et al.  Lax–Hopf Based Incorporation of Internal Boundary Conditions Into Hamilton–Jacobi Equation. Part I: Theory , 2010, IEEE Transactions on Automatic Control.

[2]  Kyriakos Mouratidis,et al.  Preventing Location-Based Identity Inference in Anonymous Spatial Queries , 2007, IEEE Transactions on Knowledge and Data Engineering.

[3]  Zhendong Ma,et al.  Privacy in inter-vehicular networks: Why simple pseudonym change is not enough , 2010, 2010 Seventh International Conference on Wireless On-demand Network Systems and Services (WONS).

[4]  Hui Xiong,et al.  Enhancing Security and Privacy in Traffic-Monitoring Systems , 2006, IEEE Pervasive Computing.

[5]  David Wetherall,et al.  Toward trustworthy mobile sensing , 2010, HotMobile '10.

[6]  Martin A. Ferman,et al.  A simple analytical model of a probe-based traffic information system , 2003, Proceedings of the 2003 IEEE International Conference on Intelligent Transportation Systems.

[7]  Nikolas Geroliminis,et al.  Macroscopic modeling of traffic in cities , 2007 .

[8]  Arnaud de La Fortelle,et al.  A Belief Propagation Approach to Traffic Prediction using Probe Vehicles , 2007, 2007 IEEE Intelligent Transportation Systems Conference.

[9]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[10]  Martin A. Ferman,et al.  A simulation evaluation of a real-time traffic information system using probe vehicles , 2003, Proceedings of the 2003 IEEE International Conference on Intelligent Transportation Systems.

[11]  P. I. Richards Shock Waves on the Highway , 1956 .

[12]  Frank Stajano,et al.  Mix zones: user privacy in location-aware services , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[13]  Hui Xiong,et al.  Preserving privacy in gps traces via uncertainty-aware path cloaking , 2007, CCS '07.

[14]  Marco Gruteser,et al.  On the Anonymity of Periodic Location Samples , 2005, SPC.

[15]  Alexandre M. Bayen,et al.  Evaluation of traffic data obtained via GPS-enabled mobile phones: The Mobile Century field experiment , 2009 .

[16]  Alexandre M. Bayen,et al.  Virtual trip lines for distributed privacy-preserving traffic monitoring , 2008, MobiSys '08.

[17]  Taehyung Park,et al.  A Bayesian Approach for Estimating Link Travel Time on Urban Arterial Road Network , 2004, ICCSA.

[18]  Helen J. Wang,et al.  Preserving location privacy in wireless lans , 2007, MobiSys '07.

[19]  Alexandre M. Bayen,et al.  Lax–Hopf Based Incorporation of Internal Boundary Conditions Into Hamilton-Jacobi Equation. Part II: Computational Methods , 2010, IEEE Transactions on Automatic Control.

[20]  M J Lighthill,et al.  On kinematic waves II. A theory of traffic flow on long crowded roads , 1955, Proceedings of the Royal Society of London. Series A. Mathematical and Physical Sciences.

[21]  John Krumm,et al.  Inference Attacks on Location Tracks , 2007, Pervasive.

[22]  Latanya Sweeney,et al.  Achieving k-Anonymity Privacy Protection Using Generalization and Suppression , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[23]  G. R. Liu,et al.  I. Computational methods , 2006, Radiative Neutron Capture.

[24]  Yang Zhang,et al.  CarTel: a distributed mobile sensor computing system , 2006, SenSys '06.

[25]  Marco Gruteser,et al.  USENIX Association , 1992 .

[26]  Alec Wolman,et al.  I am a sensor, and I approve this message , 2010, HotMobile '10.

[27]  Alexandre M. Bayen,et al.  Using Mobile Phones to Forecast Arterial Traffic through Statistical Learning , 2010 .

[28]  A. Bayen,et al.  A traffic model for velocity data assimilation , 2010 .

[29]  Ling Liu,et al.  Location Privacy in Mobile Systems: A Personalized Anonymization Model , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[30]  Alexander Skabardonis,et al.  Real-Time Estimation of Travel Times on Signalized Arterials , 2005 .

[31]  G. Evensen Data Assimilation: The Ensemble Kalman Filter , 2006 .