Privacy-Friendly Mobility Analytics using Aggregate Location Data

Location data can be extremely useful to study commuting patterns and disruptions, as well as to predict real-time traffic volumes. At the same time, however, the fine-grained collection of user locations raises serious privacy concerns, as this can reveal sensitive information about the users, such as, life style, political and religious inclinations, or even identities. In this paper, we study the feasibility of crowd-sourced mobility analytics over aggregate location information: users periodically report their location, using a privacy-preserving aggregation protocol, so that the server can only recover aggregates -- i.e., how many, but not which, users are in a region at a given time. We experiment with real-world mobility datasets obtained from the Transport For London authority and the San Francisco Cabs network, and present a novel methodology based on time series modeling that is geared to forecast traffic volumes in regions of interest and to detect mobility anomalies in them. In the presence of anomalies, we also make enhanced traffic volume predictions by feeding our model with additional information from correlated regions. Finally, we present and evaluate a mobile app prototype, called Mobility Data Donors (MDD), in terms of computation, communication, and energy overhead, demonstrating the real-world deployability of our techniques.Comment: Published at ACM SIGSPATIAL 201

Location Privacy in Spatial Crowdsourcing

Spatial crowdsourcing (SC) is a new platform that engages individuals in collecting and analyzing environmental, social and other spatiotemporal information. With SC, requesters outsource their spatiotemporal tasks to a set of workers, who will perform the tasks by physically traveling to the tasks' locations. This chapter identifies privacy threats toward both workers and requesters during the two main phases of spatial crowdsourcing, tasking and reporting. Tasking is the process of identifying which tasks should be assigned to which workers. This process is handled by a spatial crowdsourcing server (SC-server). The latter phase is reporting, in which workers travel to the tasks' locations, complete the tasks and upload their reports to the SC-server. The challenge is to enable effective and efficient tasking as well as reporting in SC without disclosing the actual locations of workers (at least until they agree to perform a task) and the tasks themselves (at least to workers who are not assigned to those tasks). This chapter aims to provide an overview of the state-of-the-art in protecting users' location privacy in spatial crowdsourcing. We provide a comparative study of a diverse set of solutions in terms of task publishing modes (push vs. pull), problem focuses (tasking and reporting), threats (server, requester and worker), and underlying technical approaches (from pseudonymity, cloaking, and perturbation to exchange-based and encryption-based techniques). The strengths and drawbacks of the techniques are highlighted, leading to a discussion of open problems and future work

P2TA: Privacy-preserving task allocation for edge computing enhanced mobile crowdsensing

The final publication is available at Elsevier via https://doi.org/10.1016/j.sysarc.2019.01.005. © 2019. This manuscript version is made available under the CC-BY-NC-ND 4.0 license http://creativecommons.org/licenses/by-nc-nd/4.0/In conventional mobile crowdsensing (MCS) applications, the crowdsensing server (CS-server) needs mobile users’ precise locations for optimal task allocation, which raises privacy concerns. This paper proposes a privacy-preserving task allocation framework (called P2TA) for edge computing enhanced MCS, focusing on optimize task acceptance rate while protecting participants’ privacy by introducing edge nodes. The basic idea is that edge nodes act as task assignment agents with privacy protection that prevents an untrusted CS-server from accessing a user’s private data. We begin with a thorough analysis of the limitations of typical task allocation and obfuscation schemes. On this basis, the optimization problem about location obfuscation and task allocation is formulated in consideration of privacy constraints, travel distance and impact of location perturbation. Through problem decomposition, the location obfuscation subproblem is modeled as a leader-follower game between the designer of location obfuscation mechanism and the potential attacker. Against inference attack with background knowledge, a genetic algorithm is introduced to initialize an obfuscation matrix. With the matrix, an edge node makes task allocation decisions that maximize task acceptance rate subject to differential and distortion privacy constraints. The effectiveness and superiority of P2TA compared to exiting task allocation schemes are validated via extensive simulations.The authors gratefully acknowledge the support and financial assistance provided by the National Natural Science Foundation of China under Grant No. 61502230, 61501224 and 61073197, the Natural Science Foundation of Jiangsu Province under Grant No. BK20150960, the National Key R&D Program of China under Grant No. 2018YFC0808500, the Natural Science Foundation of the Jiangsu Higher Education Institutions of China under Grant No. 15KJB520015, and Nanjing Municipal Science and Technology Plan Project under Grant No. 201608009