Abstract
This article addresses the problem of preserving privacy of individuals who participate in collaborative environmental sensing. We observe that in many applications of societal importance, one is interested in constructing a map of the spatial distribution of a given phenomenon (e.g., temperature, CO2 concentration, water polluting agents, etc.) and mobile users can contribute with providing measurements data. However, contributing data may leak sensitive private details, as an adversary could infer the presence of a person in a certain location at a given time. This, in turn, may reveal information about other contexts (e.g., health, lifestyle choices), and may even impact an individual’s physical safety. We introduce a technique for privacy-preserving detection of anomalous phenomena, where the privacy of the individuals participating in collaborative environmental sensing is protected according to the powerful semantic model of differential privacy. We propose a differentially-private index structure to address the specific needs of anomalous phenomenon detection and derive privacy preserving query strategies that judiciously allocate the privacy budget to maintain high data accuracy. In addition, we construct an analytical model to characterize the sensed value inaccuracy introduced by the differentially-private noise injection, derive error bounds, and perform a statistical analysis that allows us to improve accuracy by using custom weights for measurements in each cell of the index structure. Extensive experimental results show that the proposed approach achieves high precision in identifying anomalies, and incurs low computational overhead.
Similar content being viewed by others
Notes
In the rest of the paper, the terms mobile user and sensor are used interchangeably.
References
Cormode G, Procopiuc C, Srivastava D, Shen E, Yu T (2012) Differentially private spatial decompositions. In: Proceedings of IEEE international conference on data engineering (ICDE), pp 20–31
Qardaji W, Yang W, Li N (2013) Differentially private grids for geospatial data. In: Proceedings of IEEE international conference on data engineering (ICDE)
Qardaji W, Yang W, Li N (2014) Priview: practical differentially private release of marginal contingency tables. In: Proceedings of international conference on management of data (ACM SIGMOD)
Dwork C (2006) Differential privacy. In: ICALP (2). Springer, pp 1–12
Dwork C, McSherry F, Nissim K, Smith A (2006) Calibrating noise to sensitivity in private data analysis. In: TCC, pp 265–284
Sweeney L (2002) k-Anonymity: A Model for Protecting Privacy. Int J Uncertainty Fuzziness Knowledge Based Syst 10(5):557–570
Machanavajjhala A, Gehrke J, Kifer D, Venkitasubramaniam M (2006) L-diversity: Privacy Beyond k-Anonymity. In: Proceedings of international conference on data engineering (ICDE)
Li N, Li T, Venkatasubramanian S (2007) T-closeness: Privacy beyond k-anonymity and l-diversity. In: Proceedings of IEEE international conference on data engineering (ICDE), istanbul. IEEE, Turkey, pp 106–115
McSherry F, Talwar K (2007) Mechanism design via differential privacy. In: Proceedings of annual IEEE symposium on foundations of computer science (FOCS), pp 94–103
Samet H (1990) The Design and Analysis of Spatial Data Structures. Addison-Wesley
Li N, Qardaji W, Su D, Cao J (2012) Privbasis: Frequent itemset mining with differential privacy. Proc VLDB Endow 5(11):1340–1351
Paley REAC, Zygmund A (1932) A note on analytic functions in the unit circle. Proc Camb Philos Soc 28:266
Li W, Bao J, Shen W (2011) Collaborative wireless sensor networks: A survey. In: Proceedings of the IEEE international conference on systems, man and cybernetics, Anchorage, Alaska, USA, October 9-12, 2011. IEEE, pp 2614–2619
Peralta LMR, de Brito LMPL, Santos JFF (2012) Improving users’ manipulation and control on wsns through collaborative sessions. I J Knowledge and Web Intelligence 3(3):287–311
He W, Liu X, Nguyen HV, Nahrstedt K, Abdelzaher TF (2011) PDA: privacy-preserving data aggregation for information collection. TOSN 8(1):6
Gandhi S, Kumar R, Suri S (2008) Target counting under minimal sensing: complexity and approximations. In: ALGOSENSORS, pp 30–42
Zhu X, Sarkar R, Gao J, Mitchell J (2008) Light-weight contour tracking in wireless sensor networks. In: INFOCOM 2008. The 27th conference on computer communications. IEEE
Fayed M, Mouftah HT (2009) Localised alpha-shape computations for boundary recognition in sensor networks. Ad Hoc Netw 7(6):1259–1269
Ghinita G, Kalnis P, Khoshgozaran A, Shahabi C, Tan KL (2008) Private queries in location based services: anonymizers are not necessary. In: Proceedings of international conference on management of data (ACM SIGMOD), pp 121–132
Gruteser M, Grunwald D (2003) anonymous usage of location-based services through spatial and temporal cloaking. In: USENIX Mobisys
Mokbel MF, Chow CY, Aref WG (2006) The new casper: Query processing for location services without compromising privacy. In: Proceedings of VLDB
Gedik B, Liu L (2005) Location privacy in mobile systems: A personalized anonymization model. In: ICDCS conference proceedings. IEEE, pp 620–629
Kalnis P, Ghinita G, Mouratidis K, Papadias D (2007) Preventing location-based identity inference in anonymous spatial queries. IEEE Transactions on Knowledge and Data Engineering
Damiani M, Bertino E, Silvestri C (2010) The PROBE framework for the personalized cloaking of private locations. Transactions on Data Privacy 3(2):123–148
Damiani ML, Silvestri C, Bertino E. (2011) Fine-Grained cloaking of sensitive positions in Location-Sharing applications. IEEE Pervasive Comput 10(4):64–72
Chatzikokolakis K, Andrés ME, Bordenabe NE, Palamidessi C (2013) Broadening the scope of differential privacy using metrics. In: Symposium hotpets 2013. online version: http://freehaven.net/anonbib/papers/pets2013/paper_57.pdf
Andrés M, Bordenabe E, Chatzikokolakis K, Palamidessi C (2013) Geo-indistinguishability: differential privacy for location-based systems. In: 2013 ACM SIGSAC conference on computer and communications security
To H, Ghinita G, Shahabi C (2014) A framework for protecting worker location privacy in spatial crowdsourcing. PVLDB 7(10):919–930
To H, Fan L, Shahabi C (2015) Differentially private h-tree. In: Proceedings of the 2nd workshop on privacy in geographic information collection and analysis, GeoPrivacy@SIGSPATIAL 2015, Bellevue, WA, USA, November 3-6, 2015, pp 3:1–3:8
Maruseac M, Ghinita G, Avci B, Trajcevski G, Scheuermann P (2015) Privacy-preserving detection of anomalous phenomena in crowdsourced environmental sensing. In: Proceedings of international symposium on spatial and temporal databases (SSTD), pp 313–332
Author information
Authors and Affiliations
Corresponding author
Additional information
The work of G. Trajcevski has been supported by NSF grants III 1213038 and CNS 1646107, and the ONR grant N00014-14-10215.
Rights and permissions
About this article
Cite this article
Maruseac, M., Ghinita, G., Trajcevski, G. et al. Privacy-preserving detection of anomalous phenomena in crowdsourced environmental sensing using fine-grained weighted voting. Geoinformatica 21, 733–762 (2017). https://doi.org/10.1007/s10707-017-0304-3
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10707-017-0304-3