61,666 research outputs found
A risk model for privacy in trajectory data
Time sequence data relating to users, such as medical histories and mobility data, are good candidates for data mining, but often contain highly sensitive information. Different methods in privacy-preserving data publishing are utilised to release such private data so that individual records in the released data cannot be re-linked to specific users with a high degree of certainty. These methods provide theoretical worst-case privacy risks as measures of the privacy protection that they offer. However, often with many real-world data the worst-case scenario is too pessimistic and does not provide a realistic view of the privacy risks: the real probability of re-identification is often much lower than the theoretical worst-case risk. In this paper, we propose a novel empirical risk model for privacy which, in relation to the cost of privacy attacks, demonstrates better the practical risks associated with a privacy preserving data release. We show detailed evaluation of the proposed risk model by using k-anonymised real-world mobility data and then, we show how the empirical evaluation of the privacy risk has a different trend in synthetic data describing random movements
When and where do you want to hide? Recommendation of location privacy preferences with local differential privacy
In recent years, it has become easy to obtain location information quite
precisely. However, the acquisition of such information has risks such as
individual identification and leakage of sensitive information, so it is
necessary to protect the privacy of location information. For this purpose,
people should know their location privacy preferences, that is, whether or not
he/she can release location information at each place and time. However, it is
not easy for each user to make such decisions and it is troublesome to set the
privacy preference at each time. Therefore, we propose a method to recommend
location privacy preferences for decision making. Comparing to existing method,
our method can improve the accuracy of recommendation by using matrix
factorization and preserve privacy strictly by local differential privacy,
whereas the existing method does not achieve formal privacy guarantee. In
addition, we found the best granularity of a location privacy preference, that
is, how to express the information in location privacy protection. To evaluate
and verify the utility of our method, we have integrated two existing datasets
to create a rich information in term of user number. From the results of the
evaluation using this dataset, we confirmed that our method can predict
location privacy preferences accurately and that it provides a suitable method
to define the location privacy preference
PinMe: Tracking a Smartphone User around the World
With the pervasive use of smartphones that sense, collect, and process
valuable information about the environment, ensuring location privacy has
become one of the most important concerns in the modern age. A few recent
research studies discuss the feasibility of processing data gathered by a
smartphone to locate the phone's owner, even when the user does not intend to
share his location information, e.g., when the Global Positioning System (GPS)
is off. Previous research efforts rely on at least one of the two following
fundamental requirements, which significantly limit the ability of the
adversary: (i) the attacker must accurately know either the user's initial
location or the set of routes through which the user travels and/or (ii) the
attacker must measure a set of features, e.g., the device's acceleration, for
potential routes in advance and construct a training dataset. In this paper, we
demonstrate that neither of the above-mentioned requirements is essential for
compromising the user's location privacy. We describe PinMe, a novel
user-location mechanism that exploits non-sensory/sensory data stored on the
smartphone, e.g., the environment's air pressure, along with publicly-available
auxiliary information, e.g., elevation maps, to estimate the user's location
when all location services, e.g., GPS, are turned off.Comment: This is the preprint version: the paper has been published in IEEE
Trans. Multi-Scale Computing Systems, DOI: 0.1109/TMSCS.2017.275146
- …