On the inference of user paths from anonymized mobility data

Abstract

Using the plethora of apps on smartphones and tablets entails giving them access to different types of privacy sensitive information, including the device’s location. This can potentially compromise user privacy when app providers share user data with third parties (e.g., advertisers) for monetization purposes. In this paper, we focus on the interface for data sharing between app providers and third parties, and devise an attack that can break the strongest form of the commonly used anonymization method for protecting the privacy of users. More specifically, we develop a mechanism called Comber that given completely anonymized mobility data (without any pseudonyms) as input is able to identify different users and their respective paths in the data. Comber exploits the obser- vation that the distribution of speeds is typically similar among different users and incorporates a generic, empirically derived histogram of user speeds to identify the users and disentangle their paths. Comber also benefits from two optimizations that allow it to reduce the path inference time for large datasets. We use two real datasets with mobile user location traces (Mobile Data Challenge and GeoLife) for evaluating the effectiveness of Comber and show that it can infer paths with greater than 90% accuracy with both these dataset