基于差分隐私的匿名组LBS轨迹隐私保护模型
|
摘要
随着LBS应用的广泛使用,用户对LBS轨迹隐私保护的需求日益增加.针对现有的LBS轨迹隐私保护技术,以K-匿名模型为基础的传统方法难以对攻击者的背景知识做出有效估计.差分隐私算法弥补了K-匿名在该方面的缺陷,但其对隐私预算过度依赖,隐私保护的有效时长无法得到保障.提出的LBS轨迹隐私保护模型K-Differential-Privacy采用噪声匿名组的思想,克服了现有算法对隐私预算过度依赖的弊端,同时,通过用户轨迹划分定位思想保证了用户的服务质量.相关实验证实,与以往的轨迹隐私保护模型相比,所提出的模型在保证LBS用户服务质量的同时,也提高了用户的隐私保护程度.
With the widespread use of LBS applications,the demand for LBS trajectory privacy protection is increasing. For the existing LBS trajectory privacy protection technologies,the traditional methods based on the K-anonymity model are difficult to estimate attackers' background knowledge effectively. The differential privacy algorithm makes up for the shortcomings of K-anonymity in this respect,but its over-reliance on the privacy budget makes the privacy protection effective for a limited period of time. K-DifferentialPrivacy model proposed overcomes the disadvantages of over-reliance on the privacy budget of the existing algorithms by adopting the idea of noised anonymity group. At the same time,the service quality is ensured by the idea of trajectory partitioning and positioning.Relevant experiments confirmed that compared to the previous trajectory privacy protection models,the model proposed not only could ensure the quality of services for LBS users,but also improve the privacy protection.
With the widespread use of LBS applications,the demand for LBS trajectory privacy protection is increasing. For the existing LBS trajectory privacy protection technologies,the traditional methods based on the K-anonymity model are difficult to estimate attackers' background knowledge effectively. The differential privacy algorithm makes up for the shortcomings of K-anonymity in this respect,but its over-reliance on the privacy budget makes the privacy protection effective for a limited period of time. K-DifferentialPrivacy model proposed overcomes the disadvantages of over-reliance on the privacy budget of the existing algorithms by adopting the idea of noised anonymity group. At the same time,the service quality is ensured by the idea of trajectory partitioning and positioning.Relevant experiments confirmed that compared to the previous trajectory privacy protection models,the model proposed not only could ensure the quality of services for LBS users,but also improve the privacy protection.
引文
[1]Yang Song-tao,Ma Chun-guang,Zhou Chang-li.Privacy protection model and scheme for LBS[J].Journal of Communications,2014,35(8):116-124.
[2]Mokbel M F,Chow C Y,Aref W G.The new Casper:query processing for location services w ithout compromising privacy[C].International Conference on Very Large Data Bases,VLDB Endow ment,2006:763-774.
[3]Chow C Y,Mokbel M F.Enabling private continuous queries for revealed user locations[C].Advances in Spatial and Temporal Databases,International Symposium,SSTD 2007,Boston,USA,2007:258-275.
[4]Han Jian-min,Lin Yu,Yu Juan,et al.Research on LBS privacy protection method based on k-anonymous location[J].Journal of Chinese Computer Systems,2014,35(9):2088-2093.
[5]Krumm J.Inference attacks on location tracks[C].Pervasive Computing,International Conference,Toronto,Canada,2007:127-143.
[6]Wu Yan-na,Zhao Ze-mao.Research on location anonymous method based on continuous location service request[J].Information Netw ork Security,2015,15(1):39-44.
[7]Gedik B,Liu L.Protecting location privacy with personalized kanonymity:architecture and algorithms[C].IEEE Transactions on M obile Computing,2007:1-18.
[8]Zhang Xue-jun,Gui Xiao-lin,Wu Zhong-dong.A survey of location service privacy protection[J].Journal of Softw are,2015,26(9):2373-2395.
[9]Dwork C.Differential privacy[J].Lecture Notes in Computer Science,2006,26(2):1-12.
[10]Chatzikokolakis K,Palamidessi C,Stronati M.Geo-indistinguishability:a principled approach to location privacy[M].Distributed Computing and Internet Technology,2015:49-72.
[11]Xu Zhi-kai,Zhang Hong-li,Yu Xiang-zhan.A survey of trajectory privacy protection research[J].Intelligent Computers&Applications,2017,7(1):125-127.
[12]Gruteser M,Grunwald D.Anonymous usage of location-based services through spatial and temporal cloaking[C].International Conference on M obile Systems,Applications,and Services,DBLP,2003:31-42.
[13]Cheng R,Zhang Y,Bertino E,et al.Preserving user location privacy in mobile data management infrastructures[C].International Conference on Privacy Enhancing Technologies,Spring-Verlag,2006,4258:393-412.
[14]Xu T,Cai Y.Location anonymity in continuous location-based services[C].ACM International Symposium on Advances in Geographic Information Systems,ACM,2007:39-47.
[15]Goetz M,Nath S,Genrke J,et al.MaskIt:privately releasing user context streams for personalized mobile applications[C].Proceedings of the ACM SIGM OD International Conference on M anagement of Data,2012:289-300.
[16]Agir B,Papaioannou T G,Narendula R,et al.User-side adaptive protection of location privacy in participatory sensing[J].Geoinformatica,2014,18(1):165-191.
[17]Shokri R,Troncoso C,Diaz C,et al.Unraveling an old cloak:kanonymity for location privacy[C].IEEE International Conference on High Performance Computing&Communications,ACM,2010:115-118.
[18]Kido H,Yanagisawa Y,Satoh T.Protection of location privacy using dummies for location-based services[C].International Conference on Data Engineering Workshops,IEEE Computer Society,2005:1248.
[19]Suzuki A,Iwata M,Arase Y,et al.A user location anonymization method for location based services in a real environment[C].Sigspatial International Conference on Advances in Geographic Information Systems,ACM,2010:398-401.
[20]Kato R,Iwata M,Hara T,et al.A dummy-based anonymization method based on user trajectory w ith pauses[C].International Conference on Advances in Geographic Information Systems,2012:249-258.
[21]Freudiger J,Raya M,Félegyházi M,et al.Mix-zones for location privacy in vehicular netw orks[C].ACM Workshop on Wireless Netw orking for Intelligent Transportation Systems,2007.
[22]Palanisamy B,Liu L.MobiMix:protecting location privacy with mix-zones over road netw orks[C].IEEE,International Conference on Data Engineering,IEEE,2011:494-505.
[23]Xu Z,Zhang H,Yu X.Multiple Mix-zones deployment for continuous location privacy protection[C].Trustcom/bigdatase/ispa,IEEE,2017:760-766.
[24]Wu Zhen-gang,Sun Hui-ping,Guan Zhi,et al.Overview of location privacy protection for continuous spatial query[J].Application Research of Computers,2015,32(2):321-325.
[25]Shokri R,Theodorakopoulos G,Troncoso C,et al.Protecting location privacy:optimal strategy against localization attacks[C].ACM Conference on Computer and Communications Security.ACM,2012:617-627.
[26]Dwork C.Differential privacy:a survey of results[C].International Conference on Theory and Applications of M odels of Computation,Springer-Verlag,2008:1-19.
[27]Xiong Ping,Zhu Tian-qing,Wang Xiao-feng.Differential privacy protection and its application[J].Chinese Journal of Computers,2014,37(1):101-122.
[28]Chatzikokolakis K,Andrés M E,Bordenabe N E,et al.Broadening the Scope of differential privacy using metrics[C].International Symposium on Privacy Enhancing Technologies Symposium,Springer,Berlin,Heidelberg,2013:82-102.
[29]Chatzikokolakis K,Palamidessi C,Stronati M.Location privacy via geo-indistinguishability[C].International Colloquium on Theoretical Aspects of Computing,Springer International Publishing,2015:28-38.
[30]Ghinita G,Kalnis P,Skiadopoulos S.PRIVE:anonymous location-based queries in distributed mobile systems[C].Proceedings of the 16th International Conference on World Wide Web,ACM,2007:371-380.
[31]Butz,Arthur R.Alternative algorithm for Hilbert's space-filling curve[J].IEEE Transactions on Computers,1971,C-20(4):424-426.
[32]Ghinita G,Kalnis P,Skiadopoulos S.MOBIHIDE:a mobilea peer-to-peer system for anonymous location-based queries[C].International Symposium on Spatial and Temporal Databases,Springer Berlin Heidelberg,2007:221-238.
[33]Lin Shao-cong,Ye A-yong,Xu Li.K-anonymous position privacy protection method based on coordinate transformation[J].Journal of Chinese Computer Systems,2016,37(1):119-123.
[34]Huo Xin,Meng Xiao-feng.Research on trajectory privacy protection technology[J].Chinese Journal of Computers,2011,34(10):1820-1830.
[35]Killijian M O.Show me how you move and I will tell you who you are[C].ACM Sigspatial International Workshop on Security and Privacy in Gis and Lbs,ACM,2010:34-41.
[1]杨松涛,马春光,周长利.面向LBS的隐私保护模型及方案[J].通信学报,2014,35(8):116-124.
[4]韩建民,林瑜,于娟,等.基于位置k-匿名的LBS隐私保护方法的研究[J].小型微型计算机系统,2014,35(9):2088-2093.
[6]武艳娜,赵泽茂.基于连续位置服务请求的位置匿名方法的研究[J].信息网络安全,2015,15(1):39-44.
[8]张学军,桂小林,伍忠东.位置服务隐私保护研究综述[J].软件学报,2015,26(9):2373-2395.
[11]许志凯,张宏莉,余翔湛.轨迹隐私保护研究综述[J].智能计算机与应用,2017,7(1):125-127.
[24]吴振刚,孙惠平,关志,等.连续空间查询的位置隐私保护综述[J].计算机应用研究,2015,32(2):321-325.
[27]熊平,朱天清,王晓峰.差分隐私保护及其应用[J].计算机学报,2014,37(1):101-122.
[33]林少聪,叶阿勇,许力.基于坐标变换的k匿名位置隐私保护方法[J].小型微型计算机系统,2016,37(1):119-123.
[34]霍峥,孟小峰.轨迹隐私保护技术研究[J].计算机学报,2011,34(10):1820-1830.
[2]Mokbel M F,Chow C Y,Aref W G.The new Casper:query processing for location services w ithout compromising privacy[C].International Conference on Very Large Data Bases,VLDB Endow ment,2006:763-774.
[3]Chow C Y,Mokbel M F.Enabling private continuous queries for revealed user locations[C].Advances in Spatial and Temporal Databases,International Symposium,SSTD 2007,Boston,USA,2007:258-275.
[4]Han Jian-min,Lin Yu,Yu Juan,et al.Research on LBS privacy protection method based on k-anonymous location[J].Journal of Chinese Computer Systems,2014,35(9):2088-2093.
[5]Krumm J.Inference attacks on location tracks[C].Pervasive Computing,International Conference,Toronto,Canada,2007:127-143.
[6]Wu Yan-na,Zhao Ze-mao.Research on location anonymous method based on continuous location service request[J].Information Netw ork Security,2015,15(1):39-44.
[7]Gedik B,Liu L.Protecting location privacy with personalized kanonymity:architecture and algorithms[C].IEEE Transactions on M obile Computing,2007:1-18.
[8]Zhang Xue-jun,Gui Xiao-lin,Wu Zhong-dong.A survey of location service privacy protection[J].Journal of Softw are,2015,26(9):2373-2395.
[9]Dwork C.Differential privacy[J].Lecture Notes in Computer Science,2006,26(2):1-12.
[10]Chatzikokolakis K,Palamidessi C,Stronati M.Geo-indistinguishability:a principled approach to location privacy[M].Distributed Computing and Internet Technology,2015:49-72.
[11]Xu Zhi-kai,Zhang Hong-li,Yu Xiang-zhan.A survey of trajectory privacy protection research[J].Intelligent Computers&Applications,2017,7(1):125-127.
[12]Gruteser M,Grunwald D.Anonymous usage of location-based services through spatial and temporal cloaking[C].International Conference on M obile Systems,Applications,and Services,DBLP,2003:31-42.
[13]Cheng R,Zhang Y,Bertino E,et al.Preserving user location privacy in mobile data management infrastructures[C].International Conference on Privacy Enhancing Technologies,Spring-Verlag,2006,4258:393-412.
[14]Xu T,Cai Y.Location anonymity in continuous location-based services[C].ACM International Symposium on Advances in Geographic Information Systems,ACM,2007:39-47.
[15]Goetz M,Nath S,Genrke J,et al.MaskIt:privately releasing user context streams for personalized mobile applications[C].Proceedings of the ACM SIGM OD International Conference on M anagement of Data,2012:289-300.
[16]Agir B,Papaioannou T G,Narendula R,et al.User-side adaptive protection of location privacy in participatory sensing[J].Geoinformatica,2014,18(1):165-191.
[17]Shokri R,Troncoso C,Diaz C,et al.Unraveling an old cloak:kanonymity for location privacy[C].IEEE International Conference on High Performance Computing&Communications,ACM,2010:115-118.
[18]Kido H,Yanagisawa Y,Satoh T.Protection of location privacy using dummies for location-based services[C].International Conference on Data Engineering Workshops,IEEE Computer Society,2005:1248.
[19]Suzuki A,Iwata M,Arase Y,et al.A user location anonymization method for location based services in a real environment[C].Sigspatial International Conference on Advances in Geographic Information Systems,ACM,2010:398-401.
[20]Kato R,Iwata M,Hara T,et al.A dummy-based anonymization method based on user trajectory w ith pauses[C].International Conference on Advances in Geographic Information Systems,2012:249-258.
[21]Freudiger J,Raya M,Félegyházi M,et al.Mix-zones for location privacy in vehicular netw orks[C].ACM Workshop on Wireless Netw orking for Intelligent Transportation Systems,2007.
[22]Palanisamy B,Liu L.MobiMix:protecting location privacy with mix-zones over road netw orks[C].IEEE,International Conference on Data Engineering,IEEE,2011:494-505.
[23]Xu Z,Zhang H,Yu X.Multiple Mix-zones deployment for continuous location privacy protection[C].Trustcom/bigdatase/ispa,IEEE,2017:760-766.
[24]Wu Zhen-gang,Sun Hui-ping,Guan Zhi,et al.Overview of location privacy protection for continuous spatial query[J].Application Research of Computers,2015,32(2):321-325.
[25]Shokri R,Theodorakopoulos G,Troncoso C,et al.Protecting location privacy:optimal strategy against localization attacks[C].ACM Conference on Computer and Communications Security.ACM,2012:617-627.
[26]Dwork C.Differential privacy:a survey of results[C].International Conference on Theory and Applications of M odels of Computation,Springer-Verlag,2008:1-19.
[27]Xiong Ping,Zhu Tian-qing,Wang Xiao-feng.Differential privacy protection and its application[J].Chinese Journal of Computers,2014,37(1):101-122.
[28]Chatzikokolakis K,Andrés M E,Bordenabe N E,et al.Broadening the Scope of differential privacy using metrics[C].International Symposium on Privacy Enhancing Technologies Symposium,Springer,Berlin,Heidelberg,2013:82-102.
[29]Chatzikokolakis K,Palamidessi C,Stronati M.Location privacy via geo-indistinguishability[C].International Colloquium on Theoretical Aspects of Computing,Springer International Publishing,2015:28-38.
[30]Ghinita G,Kalnis P,Skiadopoulos S.PRIVE:anonymous location-based queries in distributed mobile systems[C].Proceedings of the 16th International Conference on World Wide Web,ACM,2007:371-380.
[31]Butz,Arthur R.Alternative algorithm for Hilbert's space-filling curve[J].IEEE Transactions on Computers,1971,C-20(4):424-426.
[32]Ghinita G,Kalnis P,Skiadopoulos S.MOBIHIDE:a mobilea peer-to-peer system for anonymous location-based queries[C].International Symposium on Spatial and Temporal Databases,Springer Berlin Heidelberg,2007:221-238.
[33]Lin Shao-cong,Ye A-yong,Xu Li.K-anonymous position privacy protection method based on coordinate transformation[J].Journal of Chinese Computer Systems,2016,37(1):119-123.
[34]Huo Xin,Meng Xiao-feng.Research on trajectory privacy protection technology[J].Chinese Journal of Computers,2011,34(10):1820-1830.
[35]Killijian M O.Show me how you move and I will tell you who you are[C].ACM Sigspatial International Workshop on Security and Privacy in Gis and Lbs,ACM,2010:34-41.
[1]杨松涛,马春光,周长利.面向LBS的隐私保护模型及方案[J].通信学报,2014,35(8):116-124.
[4]韩建民,林瑜,于娟,等.基于位置k-匿名的LBS隐私保护方法的研究[J].小型微型计算机系统,2014,35(9):2088-2093.
[6]武艳娜,赵泽茂.基于连续位置服务请求的位置匿名方法的研究[J].信息网络安全,2015,15(1):39-44.
[8]张学军,桂小林,伍忠东.位置服务隐私保护研究综述[J].软件学报,2015,26(9):2373-2395.
[11]许志凯,张宏莉,余翔湛.轨迹隐私保护研究综述[J].智能计算机与应用,2017,7(1):125-127.
[24]吴振刚,孙惠平,关志,等.连续空间查询的位置隐私保护综述[J].计算机应用研究,2015,32(2):321-325.
[27]熊平,朱天清,王晓峰.差分隐私保护及其应用[J].计算机学报,2014,37(1):101-122.
[33]林少聪,叶阿勇,许力.基于坐标变换的k匿名位置隐私保护方法[J].小型微型计算机系统,2016,37(1):119-123.
[34]霍峥,孟小峰.轨迹隐私保护技术研究[J].计算机学报,2011,34(10):1820-1830.