research-article

Towards trajectory anonymization: a generalization-based approach

Authors:
Mehmet Ercan Nergiz

Sabanci Univ.

Sabanci Univ.
View Profile

,
Maurizio Atzori

KDD Lab., ISTI-CNR

KDD Lab., ISTI-CNR
View Profile

,
Yucel Saygin

Sabanci Univ.

Sabanci Univ.
View Profile

SPRINGL '08: Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBSNovember 2008Pages 52–61https://doi.org/10.1145/1503402.1503413

Published:04 November 2008Publication History

SPRINGL '08: Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS

Pages 52–61

ABSTRACT

Trajectory datasets are becoming more and more popular due to the massive usage of GPS and other location-based devices and services. In this paper, we address privacy issues regarding the identification of individuals in static trajectory datasets. We provide privacy protection by definig trajectory k-anonymity, meaning every released information refers to at least k users/trajectories. We propose a novel generalization-based approach that applies to trajectories and sequences in general. We also suggest the use of a simple random reconstruction of the original dataset from the anonymization, to overcome possible drawbacks of generalization approaches.

We present a utility metric that maximizes the probability of a good representation and propose trajectory anonymization techniques to address time and space sensitive applications. The experimental results over synthetic trajectory datasets show the effectiveness of the proposed approach.

References

C. C. Aggarwal and P. S. Yu. A condensation approach to privacy preserving data mining. In EDBT'04, pages 183--199, Heraklion, Crete, Greece, Mar. 14 2004.Google ScholarCross Ref
G. Agrawal, T. Feder, K. Kenthapadi, S. Khuller, R. Panigrahy, D. Thomas, and A. Zhu. Achieving anonymity via clustering. In PODS '06: Proc. of the 25th ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems, pages 153--162, Chicago, IL, USA, June 26-28 2006. Google ScholarDigital Library
V. S. V. Aris Gkoulalas-Divanis. A free terrain model for trajectory k-anonymity. In 19th International Conference on Database and Expert Systems Applications - DEXA '08, pages 49--56, 2008. Google ScholarDigital Library
M. Atzori. Weak -anonymity: A low-distortion model for protecting privacy. In ISC, pages 60--71, 2006. Google ScholarDigital Library
C. Bettini, X. S. Wang, and S. Jajodia. Protecting privacy against location-based personal identification. In Secure Data Management, pages 185--199, 2005. Google ScholarDigital Library
F. Bonchi, O. Abul, and M. Nanni. Never walk alone: Uncertainty for anonymity in moving objects databases. In Proceedings of the 24nd International Conference on Data Engineering (ICDE '08), Cancun, Mexico, Apr. 7 2008. Google ScholarDigital Library
J.-W. Byun, A. Kamra, E. Bertino, and N. Li. Efficient k-anonymization using clustering techniques. In (DASFAAŠ07), Apr. 2007. Google ScholarDigital Library
J.-W. Byun, Y. Sohn, E. Bertino, and N. Li. Secure anonymization for incremental datasets. In Third VLDB Workshop on Secure Data Management (SDM'06), Seoul, Korea, Sept. 18 2006. Google ScholarDigital Library
L. Chen and R. Ng. The marriage of lp-norms and edit distance, 2004.Google Scholar
R. Cheng, Y. Zhang, E. Bertino, and S. Prabhakar. Preserving user location privacy in mobile data management infrastructures. In 6th Workshop Privacy Enhancing Technology Workshop, pages 393--412. Springer, 2006. Google ScholarDigital Library
M. Diomo and S. Ayman. Potential use of gps data for calibrating travel demand models. In 10th National Conference on Transportation Planning for Small and Medium-Sized Communities, Nashville Tennessee, USA, Sept. 13-15 2006.Google Scholar
J. Domingo-Ferrer and V. Torra. Ordinal, continuous and heterogeneous k-anonymity through microaggregation. Data Min. Knowl. Discov., 11(2):195--212, 2005. Google ScholarDigital Library
M. Duckham and L. Kulik. A formal model of obfuscation and negotiation for location privacy. In Pervasive, pages 152--170, 2005. Google ScholarDigital Library
European Parliament. Directive 95/46/ec. http://www.cdt.org/privacy/eudirective/EU_Directive_.html, 1995.Google Scholar
European Parliament. Regulation (ec) no 45/2001. http://ec.europa.eu/justice_home/fsj/privacy/docs/application/286_en.pdf, Dec. 18 2000.Google Scholar
B. Gedik and L. Liu. Location privacy in mobile systems: A personalized anonymization model. In The 25th International Conference on Distributed Computing Systems (ICDCS'05), 2005. Google ScholarDigital Library
G. Ghinita, P. Kalnis, A. Khoshgozaran, C. Shahabi, and K.-L. Tan. Private queries in location based services: anonymizers are not necessary. In SIGMOD '08: Proceedings of the 2008 ACM SIGMOD international conference on Management of data, pages 121--132, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
M. Gruteser and D. Grunwald. Anonymous usage of location-based services through spatial and temporal cloaking. In Proceedings of the 1st International Conference on Mobile Systems, Applications, and Services, 2003. Google ScholarDigital Library
M. Gruteser and X. Liu. Protecting privacy in continuous location-tracking applications. IEEE Security and Privacy, 02(2):28--34, 2004. Google ScholarDigital Library
D. Gusfield. Efficient methods for multiple sequence alignment with guaranteed error bounds. In Bull. Math. Biol., pages 141--154, 1993.Google Scholar
The health insurance portability and accountability act of 1996. Technical Report Federal Register 65 FR 82462, Department of Health and Human Services, Office of the Secretary, Dec. 2000.Google Scholar
B. Hoh and M. Gruteser. Protecting location privacy through path confusion. In SECURECOMM '05: Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05), pages 194--205, Washington, DC, USA, 2005. IEEE Computer Society. Google ScholarDigital Library
B. Hoh, M. Gruteser, H. Xiong, and A. Alrabady. Preserving privacy in gps traces via density-aware path cloaking. In ACM Conference on Computer and Communications Security (CCS), VA, USA, Oct. 29 2007. Google ScholarDigital Library
A. O. hrn and L. Ohno-Machado. Using boolean reasoning to anonymize databases. Artificial Intelligence in Medicine, 15(3):235--254, Mar. 1999.Google ScholarCross Ref
T. Jiang and L. Wang. On the complexity of multiple sequence alignment. J. Computer Biologyy, 1:337--348, 1994.Google ScholarCross Ref
K. LeFevre, D. J. DeWitt, and R. Ramakrishnan. Mondrian multidimensional k-anonymity. In Proceedings of the 22nd International Conference on Data Engineering (ICDE '06), pages 25--35, Atlanta, GA, Apr. 3-7 2006. Google ScholarDigital Library
N. Li and T. Li. t-closeness: Privacy beyond k-anonymity and l-diversity. In Proceedings of the 23nd International Conference on Data Engineering (ICDE '07), Istanbul, Turkey, Apr. 16-20 2007.Google ScholarCross Ref
D. Luper, D. Cameron, J. A. Miller, and H. R. Arabnia. Spatial and temporal target association through semantic analysis and gps data mining. In The 2007 World Congress in Computer Science, Computer Engineering, & Applied Computing (IKE'07), Las Vegas, USA, June 25-28 2007.Google Scholar
A. Machanavajjhala, J. Gehrke, D. Kifer, and M. Venkitasubramaniam. l-diversity: Privacy beyond k-anonymity. In Proc. of the 22nd IEEE Int'l Conf. on Data Engineering (ICDE 2006), Atlanta Georgia, Apr. 2006. Google ScholarDigital Library
T. McGhee. Gps technology tracks employees. http://www.denverpost.com/headlines/ci_4800440, 2006.Google Scholar
MIT SENSEable City Lab. Real time rome. http://senseable.mit.edu/realtimerome/, 2006.Google Scholar
M. F. Mokbel, C.-Y. Chow, and W. G. Aref. The new casper: query processing for location services without compromising privacy. In VLDB '06: Proceedings of the 32nd international conference on Very large data bases, pages 763--774. VLDB Endowment, 2006. Google ScholarDigital Library
M. E. Nergiz, M. Atzori, and C. Clifton. Hiding the presence of individuals in shared databases. In SIGMOD '07: Proceedings of the 2007 ACM SIGMOD international conference on Management of data, Beijing, China, June 11-14 2007. Google ScholarDigital Library
M. E. Nergiz, M. Atzori, and C. Clifton. Towards trajectory anonymization: a generalization-based approach. Technical Report TR-08-015, Purdue University, 2008.Google ScholarDigital Library
M. E. Nergiz and C. Clifton. Thoughts on k-anonymization. Data and Knowledge Engineering, 63(3):622--645, Dec. 2007. Google ScholarDigital Library
M. E. Nergiz, C. Clifton, and A. E. Nergiz. Multirelational k-anonymity. In Proceedings of the 23nd International Conference on Data Engineering (ICDE '07), Istanbul, Turkey, Apr. 16-20 2007.Google ScholarCross Ref
Norwich Union. Pay as you drive. http://www.norwichunion.com/pay-as-you-drive/, 2007.Google Scholar
P. Samarati. Protecting respondents' identities in microdata release. IEEE Transactions on Knowledge and Data Engineering, 13(6):1010--1027, 2001. Google ScholarDigital Library
L. Sweeney. k-anonymity: a model for protecting privacy. Int. J. Uncertain. Fuzziness Knowl.-Based Syst., 10(5):557--570, 2002. Google ScholarDigital Library
M. Terrovitis and N. Mamoulis. Privacy preservation in the publication of trajectories. Mobile Data Management, 2008. MDM '08. 9th International Conference on, pages 65--72, April 2008. Google ScholarDigital Library
T. M. Truta and A. Campan. k-anonymization incremental maintenance and optimization techniques. In ACM Symposium on Applied Computing (SAC2007), page 380 -- 387, Seoul, Korea, 2007. Google ScholarDigital Library
US Department of Transportation. Measuring day-to-day variability in travel behavior using gps data. http://www.fhwa.dot.gov/ohim/gps/conclusion.html, 2006.Google Scholar
R. C.-W. Wong, A. W.-C. Fu, K. Wang, and J. Pei. Minimality attack in privacy preserving data publishing. In VLDB '07: Proceedings of the 33rd international conference on Very large data bases, pages 543--554. VLDB Endowment, 2007. Google ScholarDigital Library

Index Terms

Towards trajectory anonymization: a generalization-based approach
1. Information systems
  1. Information systems applications
2. Social and professional topics
  1. Computing / technology policy

Recommendations

Towards Trajectory Anonymization: a Generalization-Based Approach

Trajectory datasets are becoming popular due to the massive usage of GPS and location-based services. In this paper, we address privacy issues regarding the identification of individuals in static trajectory datasets. We first adopt the notion of k-...
Read More
Information based data anonymization for classification utility

Anonymization is a practical approach to protect privacy in data. The major objective of privacy preserving data publishing is to protect private information in data whereas data is still useful for some intended applications, such as building ...
Read More
On Distributed k-Anonymization

When a database owner needs to disclose her data, she can k-anonymize her data to protect the involved individuals' privacy. However, if the data is distributed between two owners, then it is an open question whether the two owners can jointly k-...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SPRINGL '08: Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
November 2008
94 pages
ISBN:9781605583242
DOI:10.1145/1503402
General Chairs:
Elisa Bertino
CERIAS, Purdue University, USA
,
Maria Luisa Damiani
Universita degli Studi di Milano, Italy
Copyright © 2008 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 4 November 2008
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
k-anonymity
privacy
spatio temporal
Qualifiers
- research-article
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 131
  Total Citations
  View Citations
- 1,137
  Total Downloads
- Downloads (Last 12 months)56
- Downloads (Last 6 weeks)9
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Towards trajectory anonymization: a generalization-based approach

SPRINGL '08: Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS

ABSTRACT

References

Cited By

Index Terms

Recommendations

Towards Trajectory Anonymization: a Generalization-Based Approach

Information based data anonymization for classification utility

On Distributed k-Anonymization