PPTD: Preserving personalized privacy in trajectory data publishing by sensitive attribute generalization and trajectory local suppression

Abstract Trajectory data often provide useful information that can be used in real-life applications, such as traffic management, Geo-marketing, and location-based advertising. However, a trajectory database may contain detailed information about moving objects and associate them with sensitive attributes, such as disease, job, and income. Therefore, improper publishing of the trajectory database can put the privacy of moving objects at risk, especially when an adversary uses partial trajectory information as its background knowledge. The existing approaches for privacy preservation in trajectory data publishing provide the same privacy protection for all moving objects. The consequence is that some moving objects may be offered insufficient privacy protection, while some others may not require high privacy protection. In this paper, we address this problem and present PPTD, a novel approach for preserving privacy in trajectory data publishing based on the concept of personalized privacy. It aims to strike a balance between the conflicting goals of data utility and data privacy in accordance with the privacy requirements of moving objects. To the best of our knowledge, this is the first paper that combines sensitive attribute generalization and trajectory local suppression to achieve a tailored personalized privacy model for trajectory data publishing. Our experiments on two synthetic trajectory datasets suggest that PPTD is effective for preserving personalized privacy in trajectory data publishing. In particular, PPTD can significantly improve the data utility of anonymized trajectory databases when compared with previous work in the literature.

[1]  Jae-Gil Lee,et al.  TraClass: trajectory classification using hierarchical region-based and trajectory-based clustering , 2008, Proc. VLDB Endow..

[2]  Mahdi Abadi,et al.  SpatialPDP: A personalized differentially private mechanism for range counting queries over spatial databases , 2014, 2014 4th International Conference on Computer and Knowledge Engineering (ICCKE).

[3]  Mohsen Kahani,et al.  A Clustering-Based Approach for Personalized Privacy Preserving Publication of Moving Object Trajectory Data , 2012, NSS.

[4]  Benjamin C. M. Fung,et al.  Privacy-preserving trajectory data publishing by local suppression , 2013, Inf. Sci..

[5]  Benjamin C. M. Fung,et al.  Anonymizing trajectory data for passenger flow analysis , 2014 .

[6]  Frank Dürr,et al.  A classification of location privacy attacks and approaches , 2012, Personal and Ubiquitous Computing.

[7]  E. G. Komishani,et al.  A generalization-based approach for personalized privacy preservation in trajectory data publishing , 2012, 6th International Symposium on Telecommunications (IST).

[8]  Xiaofeng Ding,et al.  A general framework for privacy preserving data publishing , 2013, Knowl. Based Syst..

[9]  Laks V. S. Lakshmanan,et al.  Anonymizing moving objects: how to hide a MOB in a crowd? , 2009, EDBT '09.

[10]  Josep Domingo-Ferrer,et al.  From t-closeness to differential privacy and vice versa in data anonymization , 2015, Knowl. Based Syst..

[11]  Kang G. Shin,et al.  Privacy protection for users of location-based services , 2012, IEEE Wireless Communications.

[12]  Benjamin C. M. Fung,et al.  Privacy protection for RFID data , 2009, SAC '09.

[13]  Yücel Saygin,et al.  Towards trajectory anonymization: a generalization-based approach , 2008, SPRINGL '08.

[14]  Benjamin C. M. Fung,et al.  Differentially private transit data publication: a case study on the montreal transportation system , 2012, KDD.

[15]  Jae-Gil Lee,et al.  Trajectory clustering: a partition-and-group framework , 2007, SIGMOD '07.

[16]  Cristina Nita-Rotaru,et al.  A survey of attack and defense techniques for reputation systems , 2009, CSUR.

[17]  Benjamin C. M. Fung,et al.  Preserving Privacy and Utility in RFID DataPublishing , 2010 .

[18]  Philip S. Yu,et al.  Privacy-preserving data publishing: A survey of recent developments , 2010, CSUR.

[19]  Jianliang Xu,et al.  Protecting Location Privacy against Location-Dependent Attacks in Mobile Services , 2008, IEEE Transactions on Knowledge and Data Engineering.

[20]  Shen-Shyang Ho,et al.  Preserving Privacy for Interesting Location Pattern Mining from Trajectory Data , 2013, Trans. Data Priv..

[21]  Josep Domingo-Ferrer,et al.  Microaggregation- and permutation-based anonymization of movement data , 2012, Inf. Sci..

[22]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[23]  Yufei Tao,et al.  Personalized privacy preservation , 2006, Privacy-Preserving Data Mining.

[24]  Anna Monreale,et al.  Movement data anonymity through generalization , 2009, SPRINGL '09.

[25]  Emre Kaplan,et al.  Discovering private trajectories using background information , 2010, Data Knowl. Eng..

[26]  Nikos Mamoulis,et al.  Privacy Preservation in the Publication of Trajectories , 2008, The Ninth International Conference on Mobile Data Management (mdm 2008).