On the inference of user paths from anonymized mobility data
- Publication date
- Publisher
Abstract
Using the plethora of apps on smartphones and
tablets entails giving them access to different types of privacy
sensitive information, including the device’s location. This can
potentially compromise user privacy when app providers share
user data with third parties (e.g., advertisers) for monetization
purposes. In this paper, we focus on the interface for data
sharing between app providers and third parties, and devise
an attack that can break the strongest form of the commonly
used anonymization method for protecting the privacy of users.
More specifically, we develop a mechanism called
Comber
that given completely anonymized mobility data (without any
pseudonyms) as input is able to identify different users and
their respective paths in the data.
Comber
exploits the obser-
vation that the distribution of speeds is typically similar among
different users and incorporates a generic, empirically derived
histogram of user speeds to identify the users and disentangle
their paths.
Comber
also benefits from two optimizations that
allow it to reduce the path inference time for large datasets. We
use two real datasets with mobile user location traces (Mobile
Data Challenge and GeoLife) for evaluating the effectiveness
of
Comber
and show that it can infer paths with greater than
90% accuracy with both these dataset