Jump to ContentJump to Main Navigation
Show Summary Details
More options …

Proceedings on Privacy Enhancing Technologies

4 Issues per year

Open Access
Online
ISSN
2299-0984
See all formats and pricing
More options …

Constructing elastic distinguishability metrics for location privacy

Konstantinos Chatzikokolakis / Catuscia Palamidessi / Marco Stronati
Published Online: 2015-06-22 | DOI: https://doi.org/10.1515/popets-2015-0023

Abstract

With the increasing popularity of hand-held devices, location-based applications and services have access to accurate and real-time location information, raising serious privacy concerns for their users. The recently introduced notion of geo-indistinguishability tries to address this problem by adapting the well-known concept of differential privacy to the area of location-based systems. Although geo-indistinguishability presents various appealing aspects, it has the problem of treating space in a uniform way, imposing the addition of the same amount of noise everywhere on the map. In this paper we propose a novel elastic distinguishability metric that warps the geometrical distance, capturing the different degrees of density of each area. As a consequence, the obtained mechanism adapts the level of noise while achieving the same degree of privacy everywhere. We also show how such an elastic metric can easily incorporate the concept of a “geographic fence” that is commonly employed to protect the highly recurrent locations of a user, such as his home or work. We perform an extensive evaluation of our technique by building an elastic metric for Paris’ wide metropolitan area, using semantic information from the OpenStreetMap database. We compare the resulting mechanism against the Planar Laplace mechanism satisfying standard geo-indistinguishability, using two real-world datasets from the Gowalla and Brightkite location-based social networks. The results show that the elastic mechanism adapts well to the semantics of each area, adjusting the noise as we move outside the city center, hence offering better overall privacy.1

Keywords: location privacy; differential privacy; distinguishability metric

References

  • [1] https://github.com/paracetamolo/elastic-mechanism.

  • [2] M. E. Andrés, N. E. Bordenabe, K. Chatzikokolakis, and C. Palamidessi. Geo-indistinguishability: differential privacy for location-based systems. In Proc. of CCS, pages 901–914. ACM, 2013.Google Scholar

  • [3] C. A. Ardagna, M. Cremonini, E. Damiani, S. D. C. di Vimercati, and P. Samarati. Location privacy protection through obfuscation-based techniques. In Proc. of DAS, volume 4602 of LNCS, pages 47–60. Springer, 2007.Google Scholar

  • [4] B. Bamba, L. Liu, P. Pesti, and T. Wang. Supporting anonymous location queries in mobile environments with privacygrid. In Proc. of WWW, pages 237–246. ACM, 2008.Google Scholar

  • [5] N. E. Bordenabe, K. Chatzikokolakis, and C. Palamidessi. Optimal geo-indistinguishable mechanisms for location privacy. In Proc. of CCS, 2014.Google Scholar

  • [6] A. J. B. Brush, J. Krumm, and J. Scott. Exploring end user preferences for location obfuscation, location-based services, and the value of location. In Proc. of UbiComp 2010. ACM, 2010.Google Scholar

  • [7] K. Chatzikokolakis, M. E. Andrés, N. E. Bordenabe, and C. Palamidessi. Broadening the scope of Differential Privacy using metrics. In Proc. of PETS, volume 7981 of LNCS, pages 82–102. Springer, 2013.Google Scholar

  • [8] K. Chatzikokolakis, C. Palamidessi, and M. Stronati. A predictive differentially-private mechanism for mobility traces. In Proc. of PETS, volume 8555 of LNCS, pages 21–41. Springer, 2014.Google Scholar

  • [9] R. Cheng, Y. Zhang, E. Bertino, and S. Prabhakar. Preserving user location privacy in mobile data management infrastructures. In Proc. of PET, volume 4258 of LNCS, pages 393–412. Springer, 2006.Google Scholar

  • [10] E. Cho, S. A. Myers, and J. Leskovec. Friendship and mobility: user movement in location-based social networks. In Proceedings of the 17th ACM SIGKDD Int. Conf. on Knowledge Discovery and Data Mining. ACM, 2011.Google Scholar

  • [11] R. Dewri. Local differential perturbations: Location privacy under approximate knowledge attackers. IEEE Trans. on Mobile Computing, 99(PrePrints):1, 2012.Google Scholar

  • [12] M. Duckham and L. Kulik. A formal model of obfuscation and negotiation for location privacy. In Proc. of PERVASIVE, volume 3468 of LNCS, pages 152–170. Springer, 2005.Google Scholar

  • [13] C. Dwork. Differential privacy. In Proc. of ICALP, volume 4052 of LNCS, pages 1–12. Springer, 2006.Google Scholar

  • [14] K. Fawaz and K. G. Shin. Location privacy protection for smartphone users. In Proc. of CCS, pages 239–250. ACM Press, 2014.Google Scholar

  • [15] S. Gambs, M.-O. Killijian, and M. N. del Prado Cortez. Show me how you move and i will tell you who you are. Trans. on Data Privacy, 4(2):103–126, 2011.Google Scholar

  • [16] P. Golle and K. Partridge. On the anonymity of home/work location pairs. In Proc. of PerCom. IEEE, 2009.Google Scholar

  • [17] S.-S. Ho and S. Ruan. Differential privacy for location pattern mining. In Proc. of SPRINGL, pages 17–24. ACM, 2011.Google Scholar

  • [18] B. Hoh and M. Gruteser. Protecting location privacy through path confusion. In Proc. of SecureComm, pages 194–205. IEEE, 2005.Google Scholar

  • [19] H. Kido, Y. Yanagisawa, and T. Satoh. Protection of location privacy using dummies for location-based services. In Proc. of ICDE Workshops, page 1248, 2005.Google Scholar

  • [20] J. Krumm. A survey of computational location privacy. Personal and Ubiquitous Computing, 13(6):391–399, 2009.Google Scholar

  • [21] A. Machanavajjhala, D. Kifer, J. M. Abowd, J. Gehrke, and L. Vilhuber. Privacy: Theory meets practice on the map. In Proc. of ICDE, pages 277–286. IEEE, 2008.Google Scholar

  • [22] A. Machanavajjhala, D. Kifer, J. Gehrke, and M. Venkitasubramaniam. l-diversity: Privacy beyond k-anonymity. ACM Trans. on Knowledge Discovery from Data (TKDD), 1(1):3, 2007.Google Scholar

  • [23] F. McSherry and K. Talwar. Mechanism design via differential privacy. In Proc. of FOCS, pages 94–103. IEEE, 2007.Google Scholar

  • [24] P. Samarati. Protecting respondents’ identities in microdata release. IEEE Trans. Knowl. Data Eng, 13(6):1010–1027, 2001.Google Scholar

  • [25] P. Shankar, V. Ganapathy, and L. Iftode. Privately querying location-based services with SybilQuery. In Proc. of Ubi-Comp, pages 31–40. ACM, 2009.Google Scholar

  • [26] K. G. Shin, X. Ju, Z. Chen, and X. Hu. Privacy protection for users of location-based services. IEEE Wireless Commun, 19(2):30–39, 2012.Google Scholar

  • [27] R. Shokri. Optimal user-centric data obfuscation. Technical report, ETH Zurich, 2014. http://arxiv.org/abs/1402.3426.

  • [28] R. Shokri, G. Theodorakopoulos, J.-Y. L. Boudec, and J.-P. Hubaux. Quantifying location privacy. In Proc. of S&P, pages 247–262. IEEE, 2011.Google Scholar

  • [29] R. Shokri, G. Theodorakopoulos, C. Troncoso, J.-P. Hubaux, and J.-Y. L. Boudec. Protecting location privacy: optimal strategy against localization attacks. In Proc. of CCS, pages 617–627. ACM, 2012.Google Scholar

  • [30] R. Shokri, C. Troncoso, C. Diaz, J. Freudiger, and J.-P. Hubaux. Unraveling an old cloak: k-anonymity for location privacy. In Proc. of WPES 2010, pages 115–118 115–118 115–118, 2010.Google Scholar

  • [31] M. Terrovitis. Privacy preservation in the dissemination of location data. SIGKDD Explorations, 13(1):6–18, 2011.Google Scholar

  • [32] M. Xue, P. Kalnis, and H. Pung. Location diversity: Enhanced privacy protection in location based services. In Proc. of LoCA, volume 5561 of LNCS, pages 70–87. Springer, 2009.Google Scholar

About the article

Received: 2015-02-15

Revised: 2015-05-13

Accepted: 2015-05-15

Published Online: 2015-06-22

Published in Print: 2015-06-01


1This work was partially supported by the European Union 7th FP project MEALS, by the project ANR-12-IS02-001 PACE, and by the INRIA Large Scale Initiative CAPPRIS.


Citation Information: Proceedings on Privacy Enhancing Technologies, ISSN (Online) 2299-0984, DOI: https://doi.org/10.1515/popets-2015-0023.

Export Citation

© Konstantinos Chatzikokolakis et al.. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 3.0 License. BY-NC-ND 3.0

Citing Articles

Here you can find all Crossref-listed publications in which this article is cited. If you would like to receive automatic email messages as soon as this article is cited in other publications, simply activate the “Citation Alert” on the top of this page.

[1]
Raed Al-Dhubhani and Jonathan M. Cazalas
Wireless Networks, 2017

Comments (0)

Please log in or register to comment.
Log in