满足本地差分隐私的位置数据采集方案
|
摘要
针对位置数据采集中的隐私保护问题,该文给出了基于本地差分隐私的位置数据采集方案。采用多阶段随机应答机制进行满足本地差分隐私的位置数据采集;以区域密度估计为目标,分别利用直接统计法和期望最大法进行位置数据分析。该方案保证不可信数据采集者利用非原始位置数据仍可以实现以统计特征为基础的位置数据分析。大量仿真实验结果表明:该方案在小样本位置数据场景下,期望最大法的可用性和隐私保护特性较优;在大样本位置数据量场景下,直接统计法和期望最大法的性能相近。
Methods are needed to protect a person's privacy while monitoring their location. This paper presents a scheme for collecting location data based on local differential privacy.First,a multi-phase randomized response is used to collect the location data based on their local differential privacy.Then,the density of a certain section is estimated using the statistical method and expectation maximization(EM)to analyze the location data.The scheme guarantees that an untrustworthy data collector can still obtain the location statistics without direct access to the original data.Extensive tests verify that EM provides better privacy protection and better utility than the statistical method with limited location data.The results of the statistical method and EM are similar with abundant location data.
Methods are needed to protect a person's privacy while monitoring their location. This paper presents a scheme for collecting location data based on local differential privacy.First,a multi-phase randomized response is used to collect the location data based on their local differential privacy.Then,the density of a certain section is estimated using the statistical method and expectation maximization(EM)to analyze the location data.The scheme guarantees that an untrustworthy data collector can still obtain the location statistics without direct access to the original data.Extensive tests verify that EM provides better privacy protection and better utility than the statistical method with limited location data.The results of the statistical method and EM are similar with abundant location data.
引文
[1] GAO Z Q,SUN Y X,CUI X L,et al.Privacy-preserving hybridK-means[J]. InternationalJournalof Data Warehousing and Mining(IJDWM),2018,14(2):17.
[2] JIANG H B,ZHAO P,WANG C.RobLoP:Towards robust privacy preserving against location dependent attacks in continuous LBS queries[J].IEEE/ACM Transactions on Networking,2018,26(2):1018-1032.
[3]高志强,崔翛龙,周沙,等.本地差分隐私保护及其应用[J].计算机工程与科学,2018,40(6):1029-1036.GAO Z Q,CUI X L,ZHOU S,et al.Local differential privacy protection and its applications[J]. Computer EngineeringandScience, 2018, 40(6):1029-1036.(in Chinese)
[4] PHILIP R K.General data protection regulation(GDPR)and paediatric medical practice in Ireland:A personal reflection[J/OL].Irish Journal of Medical Science,2018.(2018-06-29).https://doi.org/10.1007/s11845-018-1857-3.
[5] WANG Y J,CAI Z P,TONG X R,et al.Truthful incentive mechanism with location privacy-preserving for mobile crowdsourcing systems[J].Computer Networks,2018,135:32-43.
[6] GHINITA G. Privacy for location-based services[J].Synthesis Lectures on Information Security Privacy&Trust,2013,4(1):1-85.
[7] SUN X X,WANG H,LI J Y,et al.Enhanced P-sensitive K-anonymity models for privacy preserving data publishing[J].Transactions on Data Privacy,2008,1(2):53-66.
[8] ARDAGNA C A,CREMONINI M,DE CAPITANI DI VIMERCATI S,et al.An obfuscation-based approach for protecting location privacy[J].IEEE Transactions on Dependable and Secure Computing,2011,8(1):13-27.
[9] GONG L M,LI S D, WU C Y,et al.Secure “ratio”computation and efficient protocol for general secure two-party comparison[J].IEEE Access,2018,6:25532-25542.
[10]DWORK C,ROTHBLUM G N,VADHAN S.Boosting and differential privacy[C]//2010IEEE 51st Annual Symposium on Foundations of Computer Science.Las Vegas,USA,2010:51-60.
[11]DWORK C,POTTENGER R.Toward practicing privacy[J]. JournaloftheAmericanMedicalInformatics Association,2013,20(1):102-108.
[12]DWORK C,MCSHERRY F,NISSIM K,et al.Calibrating noise to sensitivity in private data analysis[M]//HALEVI S,RABIN T.Theory of cryptography.Berlin,Germany:Springer,2012,3876:265-284.
[13]GAO Z Q,WANG Y T,DUAN Y Y,et al.Multi-level privacy preserving data publishing[J].International Journal of Innovative Computing and Applications,2018,9(2):66-76.
[14]LI Y, YANG J,JI W. Local learning-based feature weighting with privacy preservation[J].Neurocomputing,2016,174:1107-1115.
[15]FANTI G, PIHUR V, ERLINGSSON'U. Building a RAPPOR with the unknown:Privacy-preserving learning of associations and data dictionaries[J].Proceedings on Privacy Enhancing Technologies,2016,2016(3):41-61.
[16]TIAN X Y, TAYLOR J. Selective inference with a randomized response[J].The Annals of Statistics,2018,46(2):679-710.
[17]ERLINGSSON'U,PIHUR V,KOROLOVA A.RAPPOR:Randomized aggregatable privacy-preserving ordinal response[C]//Proceedings of 2014 ACM SIGSAC Conference on Computer and Communications Security.Scottsdale,USA:ACM,2014:1054-1067.
[2] JIANG H B,ZHAO P,WANG C.RobLoP:Towards robust privacy preserving against location dependent attacks in continuous LBS queries[J].IEEE/ACM Transactions on Networking,2018,26(2):1018-1032.
[3]高志强,崔翛龙,周沙,等.本地差分隐私保护及其应用[J].计算机工程与科学,2018,40(6):1029-1036.GAO Z Q,CUI X L,ZHOU S,et al.Local differential privacy protection and its applications[J]. Computer EngineeringandScience, 2018, 40(6):1029-1036.(in Chinese)
[4] PHILIP R K.General data protection regulation(GDPR)and paediatric medical practice in Ireland:A personal reflection[J/OL].Irish Journal of Medical Science,2018.(2018-06-29).https://doi.org/10.1007/s11845-018-1857-3.
[5] WANG Y J,CAI Z P,TONG X R,et al.Truthful incentive mechanism with location privacy-preserving for mobile crowdsourcing systems[J].Computer Networks,2018,135:32-43.
[6] GHINITA G. Privacy for location-based services[J].Synthesis Lectures on Information Security Privacy&Trust,2013,4(1):1-85.
[7] SUN X X,WANG H,LI J Y,et al.Enhanced P-sensitive K-anonymity models for privacy preserving data publishing[J].Transactions on Data Privacy,2008,1(2):53-66.
[8] ARDAGNA C A,CREMONINI M,DE CAPITANI DI VIMERCATI S,et al.An obfuscation-based approach for protecting location privacy[J].IEEE Transactions on Dependable and Secure Computing,2011,8(1):13-27.
[9] GONG L M,LI S D, WU C Y,et al.Secure “ratio”computation and efficient protocol for general secure two-party comparison[J].IEEE Access,2018,6:25532-25542.
[10]DWORK C,ROTHBLUM G N,VADHAN S.Boosting and differential privacy[C]//2010IEEE 51st Annual Symposium on Foundations of Computer Science.Las Vegas,USA,2010:51-60.
[11]DWORK C,POTTENGER R.Toward practicing privacy[J]. JournaloftheAmericanMedicalInformatics Association,2013,20(1):102-108.
[12]DWORK C,MCSHERRY F,NISSIM K,et al.Calibrating noise to sensitivity in private data analysis[M]//HALEVI S,RABIN T.Theory of cryptography.Berlin,Germany:Springer,2012,3876:265-284.
[13]GAO Z Q,WANG Y T,DUAN Y Y,et al.Multi-level privacy preserving data publishing[J].International Journal of Innovative Computing and Applications,2018,9(2):66-76.
[14]LI Y, YANG J,JI W. Local learning-based feature weighting with privacy preservation[J].Neurocomputing,2016,174:1107-1115.
[15]FANTI G, PIHUR V, ERLINGSSON'U. Building a RAPPOR with the unknown:Privacy-preserving learning of associations and data dictionaries[J].Proceedings on Privacy Enhancing Technologies,2016,2016(3):41-61.
[16]TIAN X Y, TAYLOR J. Selective inference with a randomized response[J].The Annals of Statistics,2018,46(2):679-710.
[17]ERLINGSSON'U,PIHUR V,KOROLOVA A.RAPPOR:Randomized aggregatable privacy-preserving ordinal response[C]//Proceedings of 2014 ACM SIGSAC Conference on Computer and Communications Security.Scottsdale,USA:ACM,2014:1054-1067.