overview

25
Preserving Privacy GPS Traces via Uncertainty-Aware Path Cloaking Baik Hoh, Marco Gruteser, Hui Xiong, Ansaf Alrabady Presenter:Yao Lu ECE 256, Spring 11 Duke University

Upload: marvin

Post on 30-Jan-2016

35 views

Category:

Documents


0 download

DESCRIPTION

Preserving Privacy GPS Traces via Uncertainty-Aware Path Cloaking Baik Hoh, Marco Gruteser, Hui Xiong, Ansaf Alrabady Presenter:Yao Lu ECE 256, Spring 11 Duke University. Overview. Introduction Problem Statement Previous work Proposed method Evaluation Discussion. Motivation. - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: Overview

Preserving Privacy GPS Traces via Uncertainty-Aware Path Cloaking

Baik Hoh, Marco Gruteser, Hui Xiong, Ansaf Alrabady

Presenter:Yao Lu

ECE 256, Spring 11

Duke University

Page 2: Overview

2

Overview

Introduction Problem Statement Previous work Proposed method Evaluation Discussion

Page 3: Overview

Motivation

Page 4: Overview

Motivation

Page 5: Overview

Motivation

Page 6: Overview

Adversary Model

• Use successive location samples from a vehicle to reconstruct its path mix of various samples belonging to several vehicles.

• Predict the target position using the last known speed and heading information and then decide which next sample to link to the same vehicle.

• If multiple candidate samples exist, choose the one with the highest a posteriori probability based on a probability model of distance and time deviations from the prediction.

• If several of these samples appear similar to each other, no decision with high certainty is possible and tracking stops.

Page 7: Overview

Problem Statement

• Objective1. Privacy Protection: Guarantee strong anonymity in high

and low density areas2. Data quality: Provide sufficient information for traffic

monitoring

• Assumptions1. Trustworthy server to execute centralized algorithm2. Adversary has no priori information of the tracking

subject

Page 8: Overview

When two paths cross

Page 9: Overview

Existing privacy algorithms

K-anonymity: to generalize a data record until it is indistinguishable from

the records of at least k-1 other individuals

Page 10: Overview

Existing privacy algorithms Subsampling

Page 11: Overview

Privacy Metrics

• Mean Time To Confusion (MTTC)• Tracking Uncertainty

ii ppH log

Page 12: Overview

Uncertainty calculation 1

Page 13: Overview

ii ppH log.3id

i ep

ˆ.1

i

ii p

pp

ˆ

ˆ.2

41.0H

Page 14: Overview

Uncertainty calculation 2

Page 15: Overview

ii ppH log.3id

i ep

ˆ.1

i

ii p

pp

ˆ

ˆ.2

56.0H

Page 16: Overview

Path Privacy-Preserving Mechanism

• Only reveal locations samples when

(1)time since the last point of confusion is less than the maximum time to confusion

(2)at the current time tracking uncertainty is above the uncertainty threshold

Page 17: Overview
Page 18: Overview

Reacquisition Tracking Model• Time Window w=10Minutes.

• After the confusion Timeout expires:

Each released sample need to maintain

confusion from the last released positions

within the window

• Before the confusion Timeout expires:

Each released sample need to maintain

confusion to any released samples within

the windows

Page 19: Overview

Evaluation: Data Set

• week-long GPS traces of 233 probe vehicles on a 70km-by-70km area

• 1 minute sampling period

• Overlay it into day-long traces of 2000 vehicles

• Metrics: Tracking time and (relative) weighted road coverage

• Baseline algorithm: random sampling with probability p

Page 20: Overview

Evaluation: Protection Against Target Tracking-

Bounded Tracking Time without Reacquisition

• Uncertainty-aware privacy algorithm limits time to confusion to 5 min while random sampling algorithm’s TTC is a lot longer

• Uncertainty-aware privacy algorithm can release up to 92.5% of the original location samples while random sampling has to remove more samples

Page 21: Overview

Evaluation: Protection Against Target Tracking-

Dependence on Reacquisition and Density

• TTC of uncertainty-aware privacy algorithm

is shorter than subsampling algorithm

Page 22: Overview

Evaluation: Protection Against Target Tracking

• In very low density scenarios,

uncertainty-aware privacy algorithm preserves maximum TTC guarantee of 5 min by removing more samples while subsampling allows a longer maximum TTC

Page 23: Overview

Evaluation: Quality of Service Analysis

• Achieves a relative weighted road coverage similar to that of original location traces

Page 24: Overview

Conclusion & Future Work• Conclusion:1. Proposed time-to-confusion metric to characterize location privacy

2. Uncertainty-aware Path Cloaking outperforms existing algorithm in privacy protection in low density areas with good data quality

• Future Work1. Adversary with a priori knowledge

2. Without a trustworthy location server

3. Track vehicles by speed information

4. Group of vehicles with the same starting point, destination and

move together

Page 25: Overview

Questions & Thoughts

[email protected]