DistOD: A Hybrid Privacy-Preserving and Distributed Framework for Origin–Destination Matrix Computation
Abstract
:1. Introduction
- We present DistOD, a distributed privacy-preserving framework for the aggregation and computation of OD matrices in the absence of a trusted central server, a common scenario in real-world applications.
- We propose a distributed method that allows participating parties to collaboratively identify hotspot areas, which represent regions frequently traveled between by individuals across multiple parties.
- To enhance the utility of the resulting OD matrix, our approach employs a hybrid privacy-preserving mechanism. Specifically, we apply distributed DP (DDP) to collect OD data for hotspot areas, while using localized DP for non-hotspot regions. This hybrid approach balances between reducing the computational overhead associated with using only DDP and mitigating the reduced data utility often caused by relying solely on localized DP. By balancing the computational overhead with data utility, the proposed method enables more efficient OD matrix generation while maintaining higher accuracy.
- Finally, we validate the effectiveness of our proposed framework through experiments on real-world datasets, demonstrating that it can accurately compute OD matrices without relying on a trusted central server. This highlights the practical applicability of our approach in real-world scenarios.
2. Related Work
2.1. OD Matrix Estimation and Computation
2.2. Privacy-Preserving Techniques for OD Matrix Computation
2.3. DP in Distributed Systems
2.4. Security Patterns in Distributed Systems
3. Preliminaries
3.1. Differential Privacy
Variants of Differential Privacy
3.2. Problem Definition and Threat Model
3.3. Threat Model
4. Distributed Privacy-Preserving Computation of OD Matrix Without Trusted Central Server
4.1. Baseline Approaches
Algorithm 1 Aggregation of OD matrix based on localized DP. |
|
Algorithm 2 Aggregating OD matrix based on DDP with secure aggregation. |
|
4.2. Proposed DistOD Framework
- In the hotspot identification phase, each party performs local clustering and sends the clustering results to the central server. The server then identifies hotspot areas based on the clustering results from all parties and distributes the identified hotspot information back to all parties.
- In the OD matrix aggregation phase, a hybrid privacy-preserving mechanism is employed: DDP is applied to the OD data for hotspot areas, while localized DP is used for non-hotspot areas. After applying the DP mechanisms, each party uploads its OD matrix to the central server, which then aggregates these matrices to compute the global OD matrix.
4.2.1. Hotspot Identification Phase
4.2.2. OD Matrix Aggregation Phase
Algorithm 3 Hybrid privacy-preserving mechanism for OD matrix aggregation. |
|
4.2.3. Enhancing Privacy in the Hotspot Identification Process
4.2.4. Integration of Security Patterns in DistOD Framework
5. Experiment
5.1. Experimental Setup
5.1.1. Datasets
- The T-Drive dataset [67] contains one week of trajectory data from 10,357 taxis in Beijing. The T-Drive dataset provides detailed information, including taxi IDs, timestamps, and latitude–longitude coordinates. To generate meaningful origin–destination pairs, we divided the location data into two-hour intervals and used each interval to determine the origin and destination points. This process resulted in 660,000 origin–destination pairs.
- The Porto dataset [68] consists of GPS coordinates collected from 442 taxis operating in Porto, Portugal. For the experiment, we processed these data to extract 1,323,078 origin–destination pairs.
5.1.2. Baseline and Evaluation Metrics
5.1.3. Experimental Settings
5.2. Evaluation Results
5.3. Performance Analysis Regarding the Communication and Computational Costs
6. Conclusions
Funding
Data Availability Statement
Conflicts of Interest
References
- Rong, C.; Ding, J.; Li, Y. An interdisciplinary survey on origin-destination flows modeling: Theory and techniques. ACM Comput. Surv. 2024, 57, 1–49. [Google Scholar] [CrossRef]
- Behara, K.N.S.; Bhaskar, A.; Chung, E. A DBSCAN-based framework to mine travel patterns from origin-destination matrices: Proof-of-concept on proxy static OD from Brisbane. Transp. Res. Part C Emerg. Technol. 2021, 131, 103370. [Google Scholar] [CrossRef]
- Alshehri, A.; Owais, M.; Gyani, J.; Aljarbou, M.H.; Alsulamy, S. Residual neural networks for origin–destination trip matrix estimation from traffic sensor tnformation. Sustainability 2023, 15, 9881. [Google Scholar] [CrossRef]
- Lattman, K.; Olsson, L.E.; Friman, M. Development and test of the perceived accessibility scale (PAC) in public transport. J. Transp. Geogr. 2016, 54, 257–263. [Google Scholar] [CrossRef]
- Pereira, F.C.; Rodrigues, F.; Ben-Akiva, M. Using data from the web to predict public transport arrivals under special events scenarios. J. Intell. Transp. Syst. 2015, 19, 273–288. [Google Scholar] [CrossRef]
- Credit, K.; Arnao, Z. A method to derive small area estimates of linked commuting trips by mode from open source LODES and ACS data. Environ. Plan. B Urban Anal. City Sci. 2022, 50, 709–722. [Google Scholar] [CrossRef]
- Yang, T. Understanding commuting patterns and changes: Counterfactual analysis in a planning support framework. Environ. Plan. B Urban Anal. City Sci. 2020, 47, 1440–1455. [Google Scholar] [CrossRef]
- Jia, J.S.; Lu, X.; Yuan, Y.; Xu, G.; Jia, J.; Christakis, N.A. Population flow drives spatio-temporal distribution of COVID-19 in China. Nature 2020, 582, 389–394. [Google Scholar] [CrossRef]
- Li, Z.; Huang, X.; Hu, T.; Ning, H.; Ye, X.; Huang, B.; Li, X. ODT FLOW: Extracting, analyzing, and sharing multi-source multi-scale human mobility. PLoS ONE 2021, 16, e0255259. [Google Scholar] [CrossRef]
- LeSage, J.P.; Fischer, M.M. Spatial econometric methods for modeling origin-destination flows. In Handbook of Applied Spatial Analysis: Software Tools, Methods and Application; Springer: Berlin/Heidelberg, Germany, 2009. [Google Scholar]
- Vrotsou, K.; Fuchs, G.; Andrienko, N.; Andrienko, G. An interactive approach for exploration of flows through direction-based filtering. J. Geovisualization Spat. Anal. 2017, 1, 1. [Google Scholar] [CrossRef]
- Sapiezynski, P.; Stopczynski, A.; Gatej, R.; Lehmann, S. Tracking human mobility using WiFi signals. PLoS ONE 2015, 10, e0130824. [Google Scholar] [CrossRef] [PubMed]
- Khazbak, Y.; Cao, G. Deanonymizing mobility traces with co-location information. In Proceedings of the IEEE Conference on Communications and Network Security, Las Vegas, NV, USA, 9–11 October 2017. [Google Scholar]
- Mattos, E.P.; Domingues, A.C.S.A.; Loureiro, A.A.F. Give me two points and I’ll tell you who you are. In Proceedings of the IEEE Intelligent Vehicles Symposium, Paris, France, 9–12 June 2019. [Google Scholar]
- Liu, Q.; Yu, J.; Han, J.; Yao, X. Differentially private and utility-aware publication of trajectory data. Expert Syst. Appl. 2021, 180, 115120. [Google Scholar] [CrossRef]
- Qiu, S.; Pi, D.; Wang, Y.; Xu, T. SGTP: A spatiotemporal generalized trajectory publishing method with differential privacy. J. Ambient Intell. Humaniz. Comput. 2023, 14, 2233–2247. [Google Scholar] [CrossRef]
- Matet, B.; Furno, A.; Fiore, M.; Come, E.; Oukhellou, L. Adaptative generalisation over a value hierarchy for the k-anonymisation of origin–destination matrices. Transp. Res. Part C Emerg. Technol. 2023, 154, 104236. [Google Scholar] [CrossRef]
- Shaham, S.; Ghinita, G.; Shahabi, C. Differentially-private publication of origin-destination matrices with intermediate stops. In Proceedings of the International Conference on Extending Database Technology, Virtual Event, 29 March–1 April; pp. 131–142.
- Primault, V.; Boutet, A.; Mokhtar, S.B.; Brunie, L. The long road to computational location privacy: A survey. IEEE Commun. Surv. Tutor. 2018, 21, 2772–2793. [Google Scholar] [CrossRef]
- Kim, J.W.; Edemacu, K.; Jang, B. Privacy-preserving mechanisms for location privacy in mobile crowdsensing: A survey. J. Netw. Comput. Appl. 2022, 200, 103315. [Google Scholar] [CrossRef]
- Kim, J.; Jang, B. Workload-aware indoor positioning data collection via local differential privacy. IEEE Commun. Lett. 2019, 23, 1352–1356. [Google Scholar] [CrossRef]
- Jin, W.; Xiao, M.; Guo, L.; Yang, L.; Li, M. ULPT: A user-centric location privacy trading framework for mobile crowd sensing. IEEE Trans. Mob. Comput. 2022, 21, 3789–3806. [Google Scholar] [CrossRef]
- Truex, S.; Baracaldo, N.; Anwar, A.; Steinke, T.; Ludwig, H.; Zhang, R.; Zhou, Y. A hybrid approach to privacy-preserving federated learning. In Proceedings of the the ACM Workshop on Artificial Intelligence and Security, London, UK, 15 November 2019; pp. 1–11. [Google Scholar]
- Banabilah, S.; Aloqaily, M.; Alsayed, E.; Malik, N.; Jararweh, Y. Federated learning review: Fundamentals, enabling technologies, and future applications. Inf. Process. Manag. 2022, 59, 103061. [Google Scholar] [CrossRef]
- Antunes, R.S.; Costa, C.A.; Kuderle, A.; Yari, I.A.; Eskofier, B. Federated learning for healthcare: Systematic review and architecture proposal. ACM Trans. Intell. Syst. Technol. 2022, 13, 1–23. [Google Scholar] [CrossRef]
- Dennis, D.K.; Li, T.; Smith, V. Heterogeneity for the win: One-shot federated clustering. In Proceedings of the International Conference on Machine Learning, Virtual, 18–24 July 2021; pp. 2611–2620. [Google Scholar]
- Qiao, D.; Ding, C.; Fan, J. Federated spectral clustering via secure similarity reconstruction. Adv. Neural Inf. Process. Syst. 2023, 36, 58520–58555. [Google Scholar]
- Gao, C.; Yu, J. SecureRC: A system for privacy-preserving relation classification using secure multi-party computation. Comput. Secur. 2023, 128, 103142. [Google Scholar] [CrossRef]
- Sucasas, V.; Aly, A.; Mantas, G.; Rodriguez, J.; Aaraj, N. Secure multi-party computation-based privacy-preserving authentication for smart cities. IEEE Trans. Cloud Comput. 2023, 11, 3555–3572. [Google Scholar] [CrossRef]
- Dwork, C. Differential privacy. In Proceedings of the International Colloquium on Automata, Languages, and Programming, Venice, Italy, 10–14 July 2006; pp. 1–12. [Google Scholar]
- Mamei, M.; Bicocchi, N.; Lippi, M.; Mariani, S.; Zambonelli, F. Evaluating origin–destination matrices obtained from CDR data. Sensors 2019, 19, 4470. [Google Scholar] [CrossRef] [PubMed]
- Castiglione, M.; Cantelmo, G.; Qurashi, M.; Nigro, M.; Antoniou, C. Assignment matrix free algorithms for on-line estimation of dynamic origin-destination matrices. Front. Future Transp. 2021, 2, 640570. [Google Scholar] [CrossRef]
- Xiong, Z.; Lian, D.; Chen, E.; Chen, G.; Cheng, X. A DeepLearning framework for dynamic estimation of origin-destination sequence. arXiv 2023, arXiv:2307.05623. [Google Scholar]
- Sun, C.; Chang, Y.; Luan, X.; Tu, Q.; Tang, W. Origin-destination demand reconstruction using observed travel time under congested network. Netw. Spat. Econ. 2020, 20, 733–755. [Google Scholar] [CrossRef]
- Tsanakas, N.; Gundlegard, D.; Rydergren, C. O–D matrix estimation based on data-driven network assignment. Transp. B Transp. Dyn. 2023, 11, 376–407. [Google Scholar] [CrossRef]
- Ryu, S. A bicycle origin–destination matrix estimation based on a two-stage procedure. Sustainability 2020, 12, 2951. [Google Scholar] [CrossRef]
- Ros-Roca, X.; Montero, L.; Barcelo, J.; Nokel, K.; Gentile, G. A practical approach to assignment-free dynamic origin–destination matrix estimation problem. Transp. Res. Part C Emerg. Technol. 2022, 134, 103477. [Google Scholar] [CrossRef]
- Li, C.; Zheng, L.; Jia, N. Network-wide ride-sourcing passenger demand origin-destination matrix prediction with a generative adversarial network. Transp. A Transp. Sci. 2024, 20. [Google Scholar] [CrossRef]
- Zhang, M.; Gao, L.; Wang, Q.; Gao, W. Predicting city origin-destination flow with generative pre-training. In Proceedings of the International Conference on Artificial Neural Networks, Lugano, Switzerland, 17–20 September 2024. [Google Scholar]
- Rong, C.; Feng, J.; Ding, J. GODDAG: Generating origin-destination flow for new cities via domain adversarial training. IEEE Trans. Knowl. Data Eng. 2023, 35, 10048–10057. [Google Scholar] [CrossRef]
- Chen, P.; Wang, Z.; Zhou, B.; Yu, G. Dynamic origin-destination flow imputation using feature-based transfer learning. IEEE Trans. Intell. Transp. Syst. 2024, 25, 17147–17159. [Google Scholar] [CrossRef]
- Yin, L.; Wang, Q.; Shaw, S.-L.; Fang, Z.; Hu, J.; Tao, Y.; Wang, W. Re-identification risk versus data utility for aggregated mobility research using mobile phone location data. PLoS ONE 2015, 10, e0140589. [Google Scholar] [CrossRef] [PubMed]
- Kohli, N.; Aiken, E.; Blumenstock, J. Privacy guarantees for personal mobility data in humanitarian response. arXiv 2023, arXiv:2306.09471. [Google Scholar] [CrossRef] [PubMed]
- Ouadrhiri, A.E.; Abdelhad, A. Differential privacy for deep and federated learning: A survey. IEEE Access 2022, 10, 22359–22380. [Google Scholar] [CrossRef]
- Wei, K.; Li, J.; Ding, M.; Ma, C.; Yang, H.H.; Farokhi, F. Federated learning with differential privacy: Algorithms and performance analysis. IEEE Trans. Inf. Forensics Secur. 2020, 15, 3454–3469. [Google Scholar] [CrossRef]
- Truex, S.; Liu, L.; Chow, K.-H.; Gursoy, M.E.; Wei, W. LDP-Fed: Federated learning with local differential privacy. In Proceedings of the ACM International Workshop on Edge Systems, Analytics and Networking, Heraklion, Greece, 27 April 2020; pp. 61–66. [Google Scholar]
- Li, Y.; Wang, S.; Chi, C.-Y.; Quek, T.Q.S. Differentially private federated clustering over non-IID data. IEEE Internet Things J. 2024, 11, 6705–6721. [Google Scholar] [CrossRef]
- Li, Z.; Wang, T.; Li, N. Differentially private vertical federated clustering. Proc. VLDB Endow. 2023, 16, 1277–1290. [Google Scholar] [CrossRef]
- Lyu, L.; Nandakumar, K.; Rubinstein, B.; Jin, J.; Bedo, J.; Palaniswami, M. PPFA: Privacy preserving fog-enabled aggregation in smart grid. IEEE Trans. Ind. Inform. 2018, 14, 3733–3744. [Google Scholar] [CrossRef]
- Yang, M.; Tjuawinata, I.; Lam, K.Y.; Zhao, J.; Sun, L. Secure hot path crowdsourcing with local differential privacy under fog computing architecture. IEEE Trans. Serv. Comput. 2022, 15, 2188–2201. [Google Scholar] [CrossRef]
- Wang, T.; Mei, Y.; Jia, W.; Zheng, X.; Wang, G.; Xie, M. Edge-based differential privacy computing for sensor–cloud systems. J. Parallel Distrib. Comput. 2020, 136, 75–85. [Google Scholar] [CrossRef]
- Gallego-Nicasio, B.; Munoz, A.; Mana, A.; Serrano, D. Security patterns, towards a further level. In Proceedings of the International Conference on Security and Cryptography, Milan, Italy, 7–10 July 2009; pp. 349–356. [Google Scholar]
- Papoutsakis, M.; Fysarakis, K.; Spanoudakis, G.; Ioannidis, S.; Koloutsou, K. Towards a collection of security and privacy patterns. Appl. Sci. 2021, 11, 1396. [Google Scholar] [CrossRef]
- Uzunov, A.V.; Fernandez, E.B.; Falkner, K. Security solution frames and security patterns for authorization in distributed, collaborative systems. Comput. Secur. 2015, 55, 193–234. [Google Scholar] [CrossRef]
- Sanchez-Cid, F.; Mana, A.; Spanoudakis, G.; Kloukinas, C.; Serrano, D.; Munoz, A. Representation of security and dependability solutions. Secur. Dependability Ambient. Intell. 2009, 45, 69–95. [Google Scholar]
- Jafari, A.J.; Rasoolzadegan, A. Security patterns: A systematic mapping study. J. Comput. Lang. 2020, 56, 100938. [Google Scholar] [CrossRef]
- Moral-Garcia, S.; Moral-Rubio, S.; Fernandez, E.B.; Fernandez-Medina, E. Enterprise security pattern: A model-driven architecture instance. Comput. Stand. Interfaces 2014, 36, 748–758. [Google Scholar] [CrossRef]
- Anand, P.; Ryoo, J.; Kim, H. Addressing security challenges in cloud computing–A pattern-based approach. In Proceedings of the International Conference on Software Security and Assurance, Suwon, Republic of Korea, 27 July 2015. [Google Scholar]
- Rath, A.; Spasic, B.; Boucart, N.; Thiran, P. Security pattern for cloud SaaS: From system and data security to privacy case study in AWS and Azure. Computers 2019, 8, 34. [Google Scholar] [CrossRef]
- Erlingsson, U.; Pihur, V.; Korolova, A. RAPPOR: Randomized aggregatable privacy-preserving ordinal response. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA, 3–7 November 2014; pp. 1054–1067. [Google Scholar]
- Wang, T.; Blocki, J.; Li, N.; Jha, S. Locally differentially private protocols for frequency estimation. In Proceedings of the SENIX Conference on Security Symposium, Berkeley, CA, USA, 16–18 August 2017. [Google Scholar]
- Goryczka, S.; Xiong, L. A comprehensive comparison of multiparty secure additions with differential privacy. IEEE Trans. Dependable Secur. Comput. 2015, 14, 463–477. [Google Scholar] [CrossRef]
- Wei, Y.; Jia, J.; Wu, Y.; Hu, C.; Dong, C.; Liu, Z.; Chen, X.; Peng, Y.; Wang, S. Distributed differential privacy via shuffling versus aggregation: A curious study. IEEE Trans. Inf. Forensics Secur. 2024, 19, 2501–2516. [Google Scholar] [CrossRef]
- Kim, J.; Jang, B. Privacy-preserving generation and publication of synthetic trajectory microdata: A comprehensive survey. J. Netw. Comput. Appl. 2024, 230. [Google Scholar] [CrossRef]
- Kadhe, S.; Rajaraman, N.; Koyluoglu, O.O.; Ramchandran, K. FastSecAgg: Scalable secure aggregation for privacy-preserving federated learning. arXiv 2020, arXiv:2009.11248. [Google Scholar]
- Bell, J.H.; Bonawitz, K.A.; Gascon, A.; Lepoint, T.; Raykova, M. Secure single-server aggregation with (poly)logarithmic overhead. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, Virtual Event USA, 9–13 November 2020; pp. 1253–1269. [Google Scholar]
- T-Drive Trajectory Data Sample. 2018. Available online: https://www.microsoft.com/en-us/research/publication/t-drive-trajectory-data-sample (accessed on 1 July 2024).
- Moreira-Matias, L.; Gama, J.; Ferreira, M.; Mendes-Moreira, J.; Damas, L. Predicting taxi–passenger demand using streaming data. IEEE Trans. Intell. Transp. Syst. 2013, 14, 1393–1402. [Google Scholar] [CrossRef]
- Geng, Q.; Kairouz, P.; Oh, S.; Viswanath, P. The staircase mechanism in differential privacy. IEEE J. Sel. Top. Signal Process. 2015, 9, 1176–1184. [Google Scholar] [CrossRef]
OD Matrix Size | ||||
---|---|---|---|---|
10,000 × 10,000 | ||||
DistOD (5%) | 0.0059 | 0.0159 | 0.0189 | 0.0203 |
DistOD (10%) | 0.0229 | 0.0520 | 0.0570 | 0.0593 |
DistOD (15%) | 0.0503 | 0.0944 | 0.1011 | 0.1089 |
DistOD (20%) | 0.0857 | 0.1402 | 0.1546 | 0.1647 |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2024 by the author. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Kim, J. DistOD: A Hybrid Privacy-Preserving and Distributed Framework for Origin–Destination Matrix Computation. Electronics 2024, 13, 4545. https://doi.org/10.3390/electronics13224545
Kim J. DistOD: A Hybrid Privacy-Preserving and Distributed Framework for Origin–Destination Matrix Computation. Electronics. 2024; 13(22):4545. https://doi.org/10.3390/electronics13224545
Chicago/Turabian StyleKim, Jongwook. 2024. "DistOD: A Hybrid Privacy-Preserving and Distributed Framework for Origin–Destination Matrix Computation" Electronics 13, no. 22: 4545. https://doi.org/10.3390/electronics13224545
APA StyleKim, J. (2024). DistOD: A Hybrid Privacy-Preserving and Distributed Framework for Origin–Destination Matrix Computation. Electronics, 13(22), 4545. https://doi.org/10.3390/electronics13224545