research-article

DPT: differentially private trajectory synthesis using hierarchical reference systems

Authors:

Graham Cormode,

Ashwin Machanavajjhala,

Cecilia M. Procopiuc,

Divesh SrivastavaAuthors Info & Claims

Proceedings of the VLDB Endowment, Volume 8, Issue 11

Pages 1154 - 1165

https://doi.org/10.14778/2809974.2809978

Published: 01 July 2015 Publication History

Abstract

GPS-enabled devices are now ubiquitous, from airplanes and cars to smartphones and wearable technology. This has resulted in a wealth of data about the movements of individuals and populations, which can be analyzed for useful information to aid in city and traffic planning, disaster preparedness and so on. However, the places that people go can disclose extremely sensitive information about them, and thus their use needs to be filtered through privacy preserving mechanisms. This turns out to be a highly challenging task: raw trajectories are highly detailed, and typically no pair is alike. Previous attempts fail either to provide adequate privacy protection, or to remain sufficiently faithful to the original behavior.

This paper presents DPT, a system to synthesize mobility data based on raw GPS trajectories of individuals while ensuring strong privacy protection in the form of ε-differential privacy. DPT makes a number of novel modeling and algorithmic contributions including (i) discretization of raw trajectories using hierarchical reference systems (at multiple resolutions) to capture individual movements at differing speeds, (ii) adaptive mechanisms to select a small set of reference systems and construct prefix tree counts privately, and (iii) use of direction-weighted sampling for improved utility. While there have been prior attempts to solve the subproblems required to generate synthetic trajectories, to the best of our knowledge, ours is the first system that provides an end-to-end solution. We show the efficacy of our synthetic trajectory generation system using an extensive empirical evaluation.

References

[1]

Taxi trajectory open dataset, Tsinghua university, China. http://sensor.ee.tsinghua.edu.cn, 2009.

[2]

O. Abul, F. Bonchi, and M. Nanni. Never walk alone: Uncertainty for anonymity in moving objects databases. In ICDE, pages 376--385, 2008.

Digital Library

[3]

R. A. Becker, R. Cáceres, K. Hanson, S. Isaacman, J. M. Loh, M. Martonosi, J. Rowland, S. Urbanek, A. Varshavsky, and C. Volinsky. Human mobility characterization from cellular network data. Commun. ACM, 56(1):74--82, 2013.

Digital Library

[4]

L. Bonomi and L. Xiong. A two-phase algorithm for mining sequential patterns with differential privacy. In CIKM, pages 269--278, 2013.

Digital Library

[5]

T. Brinkhoff. A framework for generating network-based moving objects. GeoInformatica, 6(2):153--180, 2002.

Digital Library

[6]

R. Chen, G. Acs, and C. Castelluccia. Differentially private sequential data publication via variable-length n-grams. In CCS, pages 638--649, 2012.

Digital Library

[7]

R. Chen, B. C. Fung, B. C. Desai, and N. M. Sossou. Differentially private transit data publication: a case study on the montreal transportation system. In KDD, pages 213--221, 2012.

Digital Library

[8]

R. Chen, B. C. M. Fung, N. Mohammed, B. C. Desai, and K. Wang. Privacy-preserving trajectory data publishing by local suppression. Inf. Sci., 231:83--97, 2013.

Digital Library

[9]

G. Cormode, M. Procopiuc, D. Srivastava, E. Shen, and T. Yu. Differentially private spatial decompositions. In ICDE, pages 20--31, 2012.

Digital Library

[10]

Y.-A. de Montjoye, C. A. Hidalgo, M. Verleysen, and V. D. Blondel. Unique in the crowd: The privacy bounds of human mobility. Sci. Rep., 3(1376), 2013.

[11]

C. Dwork. Differential privacy. In ICALP, pages 1--12, 2006.

Digital Library

[12]

C. Dwork, F. McSherry, K. Nissim, and A. Smith. Calibrating noise to sensitivity in private data analysis. In TCC, pages 265--284, 2006.

Digital Library

[13]

M. Hay, V. Rastogi, G. Miklau, and D. Suciu. Boosting the accuracy of differentially private histograms through consistency. PVLDB, 3(1):1021--1032, 2010.

Digital Library

[14]

H. Hu, J. Xu, S. T. On, J. Du, and J. K. Ng. Privacy-aware location data publishing. ACM Trans. Database Syst., 35(3), 2010.

Digital Library

[15]

H. Jeung, H. T. Shen, and X. Zhou. Mining trajectory patterns using hidden markov models. In DaWaK, pages 470--480. Springer, 2007.

Digital Library

[16]

D. Kopanaki, N. Pelekis, A. Gkoulalas-Divanis, M. Vodas, and Y. Theodoridis. A framework for mobility pattern mining and privacy-aware querying of trajectory data. In HDMS, 2012.

[17]

F. McSherry. Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In SIGMOD, pages 19--30, 2009.

Digital Library

[18]

A. Monreale, G. L. Andrienko, N. V. Andrienko, F. Giannotti, D. Pedreschi, S. Rinzivillo, and S. Wrobel. Movement data anonymity through generalization. Transactions on Data Privacy, 3(2):91--121, 2010.

Digital Library

[19]

J. Norris. Discrete-time markov chains. Markov Chains, 2004.

[20]

F. Pratesi, A. Monreale, H. Wang, S. Rinzivillo, D. Pedreschi, G. Andrienko, and N. Andrienko. Privacy-aware distributed mobility data analytics. In SEBD, 2013.

[21]

W. Qardaji, W. Yang, and N. Li. Differentially private grids for geospatial data. In ICDE, pages 757--768, 2013.

Digital Library

[22]

D. Shao, K. Jiang, T. Kister, S. Bressan, and K.-L. Tan. Publishing trajectory with differential privacy: A priori vs. a posteriori sampling mechanisms. In DEXA, pages 357--365, 2013.

Digital Library

[23]

C. Song, Z. Qu, N. Blumm, and A.-L. Barabsi. Limits of predictability in human mobility. Science, 327(5968):1018--1021, 2010.

[24]

H. Su, K. Zheng, H. Wang, J. Huang, and X. Zhou. Calibrating trajectory data for similarity-based analysis. In SIGMOD, pages 833--844, 2013.

Digital Library

[25]

M. Terrovitis and N. Mamoulis. Privacy preservation in the publication of trajectories. In MDM, pages 65--72, 2008.

Digital Library

[26]

X. Xiao, G. Bender, M. Hay, and J. Gehrke. iReduct: Differential privacy with reduced related errors. In SIGMOD, pages 229--240, 2011.

Digital Library

[27]

S. Xu, S. Su, X. Cheng, Z. Li, and L. Xiong. Differentially private frequent sequence mining via sampling-based candidate pruning. In ICDE, 2015.

[28]

R. Yarovoy, F. Bonchi, L. V. S. Lakshmanan, and W. H. Wang. Anonymizing moving objects: How to hide a mob in a crowd? In EDBT, pages 72--83, 2009.

Digital Library

Cited By

Zhang RNi WFu NHou LZhang DZhang Y(2025)DP-LTGAN: Differentially private trajectory publishing via Locally-aware Transformer-based GANFuture Generation Computer Systems10.1016/j.future.2024.107686166(107686)Online publication date: May-2025
https://doi.org/10.1016/j.future.2024.107686
Li YXu LZhang JZhang L(2025)WF-LDPSR: A local differential privacy mechanism based on water-filling for secure release of trajectory statistics dataComputers & Security10.1016/j.cose.2024.104165148(104165)Online publication date: Jan-2025
https://doi.org/10.1016/j.cose.2024.104165
Takagi SXiong LKato FCao YYoshikawa M(2024)HRNet: Differentially Private Hierarchical and Multi-Resolution Network for Human Mobility Data SynthesizationProceedings of the VLDB Endowment10.14778/3681954.368198317:11(3058-3071)Online publication date: 30-Aug-2024
https://dl.acm.org/doi/10.14778/3681954.3681983
Show More Cited By

Index Terms

DPT: differentially private trajectory synthesis using hierarchical reference systems

Recommendations

Personalised anonymity for microdata release

Individual privacy protection in the released data sets has become an important issue in recent years. The release of microdata provides a significant information resource for researchers, whereas the release of person‐specific data poses a threat to ...
PPTD

Trajectory data often provide useful information that can be used in real-life applications, such as traffic management, Geo-marketing, and location-based advertising. However, a trajectory database may contain detailed information about moving objects ...
A new unpredictability-based radio frequency identification forward privacy model and a provably secure construction

The privacy model of radio frequency identification RFID systems is for formalizing the adversarial capabilities and the security requirements of RFID anonymity and untraceability. Existing unpredictability-based privacy models such as unp-privacy, eunp-...

Comments

Information & Contributors

Information

Published In

cover image Proceedings of the VLDB Endowment

Proceedings of the VLDB Endowment Volume 8, Issue 11

July 2015

264 pages

ISSN:2150-8097

Editors:
Chen Li
University of California, Irvine
,
Volker Markl
TU Berlin

Issue’s Table of Contents

Publisher

VLDB Endowment

Publication History

Published: 01 July 2015

Published in PVLDB Volume 8, Issue 11

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

164
Total Citations
View Citations
704
Total Downloads

Downloads (Last 12 months)40
Downloads (Last 6 weeks)0

Reflects downloads up to 06 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhang RNi WFu NHou LZhang DZhang Y(2025)DP-LTGAN: Differentially private trajectory publishing via Locally-aware Transformer-based GANFuture Generation Computer Systems10.1016/j.future.2024.107686166(107686)Online publication date: May-2025
https://doi.org/10.1016/j.future.2024.107686
Li YXu LZhang JZhang L(2025)WF-LDPSR: A local differential privacy mechanism based on water-filling for secure release of trajectory statistics dataComputers & Security10.1016/j.cose.2024.104165148(104165)Online publication date: Jan-2025
https://doi.org/10.1016/j.cose.2024.104165
Takagi SXiong LKato FCao YYoshikawa M(2024)HRNet: Differentially Private Hierarchical and Multi-Resolution Network for Human Mobility Data SynthesizationProceedings of the VLDB Endowment10.14778/3681954.368198317:11(3058-3071)Online publication date: 30-Aug-2024
https://dl.acm.org/doi/10.14778/3681954.3681983
Hong YLi JLin YHu QLi X(2024)Trajectory-aware privacy-preserving method with local differential privacy in crowdsourcingEURASIP Journal on Information Security10.1186/s13635-024-00177-02024:1Online publication date: 2-Sep-2024
https://doi.org/10.1186/s13635-024-00177-0
Walther PLuo XWerner M(2024)TraBiMap: Reducing Privacy Concerns in Trajectory Analysis with Randomized Data RepresentationsProceedings of the 2nd ACM SIGSPATIAL International Workshop on Geo-Privacy and Data Utility for Smart Societies10.1145/3681768.3698496(31-34)Online publication date: 29-Oct-2024
https://dl.acm.org/doi/10.1145/3681768.3698496
Mokbel MSakr MXiong LZüfle AAlmeida JAnderson TAref WAndrienko GAndrienko NCao YChawla SCheng RChrysanthis PFei XGhinita GGraser AGunopulos DJensen CKim JKim KKröger PKrumm JLauer JMagdy ANascimento MRavada SRenz MSacharidis DSalim FSarwat MSchoemans MShahabi CSpeckmann BTanin ETeng XTheodoridis YTorp KTrajcevski Gvan Kreveld MWenk CWerner MWong RWu SXu JYoussef MZeinalipour DZhang MZimányi E(2024)Mobility Data Science: Perspectives and ChallengesACM Transactions on Spatial Algorithms and Systems10.1145/365215810:2(1-35)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3652158
Di Fazio A(2024)Enhancing Privacy in Recommender Systems through Differential Privacy TechniquesProceedings of the 18th ACM Conference on Recommender Systems10.1145/3640457.3688019(1348-1352)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3640457.3688019
Ge YWang HCao JZhang YKambourakis GLi XHandl J(2024)Federated Genetic Algorithm: Two-Layer Privacy-Preserving Trajectory Data PublishingProceedings of the Genetic and Evolutionary Computation Conference10.1145/3638529.3654200(749-758)Online publication date: 14-Jul-2024
https://dl.acm.org/doi/10.1145/3638529.3654200
Xie GXu HXu JZhao SLi YWang CHu XTian Y(2024)Sequential Trajectory Data Publishing With Adaptive Grid-Based Weighted Differential PrivacyIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2024.344943336:12(9249-9262)Online publication date: 1-Dec-2024
https://dl.acm.org/doi/10.1109/TKDE.2024.3449433
Wang YZeng YLi SZhang YZhou ZTong Y(2024)Efficient and Private Federated Trajectory MatchingIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2024.342441136:12(8079-8092)Online publication date: 1-Dec-2024
https://dl.acm.org/doi/10.1109/TKDE.2024.3424411
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Issue’s Table of Contents