Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
126 tokens/sec
GPT-4o
47 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

SoK: Can Trajectory Generation Combine Privacy and Utility? (2403.07218v2)

Published 12 Mar 2024 in cs.CR and cs.LG

Abstract: While location trajectories represent a valuable data source for analyses and location-based services, they can reveal sensitive information, such as political and religious preferences. Differentially private publication mechanisms have been proposed to allow for analyses under rigorous privacy guarantees. However, the traditional protection schemes suffer from a limiting privacy-utility trade-off and are vulnerable to correlation and reconstruction attacks. Synthetic trajectory data generation and release represent a promising alternative to protection algorithms. While initial proposals achieve remarkable utility, they fail to provide rigorous privacy guarantees. This paper proposes a framework for designing a privacy-preserving trajectory publication approach by defining five design goals, particularly stressing the importance of choosing an appropriate Unit of Privacy. Based on this framework, we briefly discuss the existing trajectory protection approaches, emphasising their shortcomings. This work focuses on the systematisation of the state-of-the-art generative models for trajectories in the context of the proposed framework. We find that no existing solution satisfies all requirements. Thus, we perform an experimental study evaluating the applicability of six sequential generative models to the trajectory domain. Finally, we conclude that a generative trajectory model providing semantic guarantees remains an open research question and propose concrete next steps for future research.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (81)
  1. Deep Learning with Differential Privacy. In Proc. 2016 ACM SIGSAC Conf. Comput. Commun. Secur. (CCS ’16). Association for Computing Machinery, New York, NY, USA, 308–318. https://doi.org/10.1145/2976749.2978318
  2. Never Walk Alone: Uncertainty for Anonymity in Moving Objects Databases. In 2008 IEEE 24th Int. Conf. Data Eng., Vol. 00. IEEE, Cancun, Mexico, 376–385. https://doi.org/10.1109/ICDE.2008.4497446
  3. Geoindistinguish-Abilty: Differential Privacy for Location-Based Systems. In Proc. ACM Conf. Comput. Commun. Secur. (CCS ’13, Vol. 13). Association for Computing Machinery, Berlin, Germany, 901–914. https://doi.org/10.1145/2508859.2516735
  4. Autoencoders. http://arxiv.org/abs/2003.05991
  5. Reconstruction Attack on Differential Private Trajectory Protection Mechanisms. In Proc. 38th Annu. Comput. Secur. Appl. Conf. (ACSAC ’22). Association for Computing Machinery, New York, NY, USA, 279–292. https://doi.org/10.1145/3564625.3564628
  6. Reconstruction Attack on Protected Trajectories (RAoPT). https://github.com/erik-buchholz/RAoPT
  7. A Predictive Differentially-Private Mechanism for Mobility Traces. In Privacy Enhancing Technologies. Springer International Publishing, Cham, 21–41. https://doi.org/10.1007/978-3-319-08506-7_2
  8. Differentially Private Trajectory Data Publication. arXiv abs/1112.2 (Dec. 2011), 1–12. https://arxiv.org/abs/1112.2020
  9. Differentially Private Sequential Data Publication via Variable-Length n-Grams. In Proc. 2012 ACM Conf. Comput. Commun. Secur., Vol. 2012. Association for Computing Machinery, New York, NY, USA, 638–649. https://doi.org/10.1145/2382196.2382263
  10. RNN-DP: A New Differential Privacy Scheme Base on Recurrent Neural Network for Dynamic Trajectory Privacy Protection. J. Netw. Comput. Appl. 168, February (2020), 102736. https://doi.org/10.1016/j.jnca.2020.102736
  11. Learning Phrase Representations Using RNN Encoder–Decoder for Statistical Machine Translation. In Proc. 2014 Conf. Empir. Methods Nat. Lang. Process. EMNLP. Association for Computational Linguistics, Doha, Qatar, 1724–1734. https://doi.org/10.3115/v1/D14-1179
  12. Privacy-Preserving Synthetic Location Data in the Real World. In 17th Int. Symp. Spat. Temporal Databases (SSTD ’21). Association for Computing Machinery, New York, NY, USA, 23–33. https://doi.org/10.1145/3469830.3470893
  13. Real-World Trajectory Sharing with Local Differential Privacy. Proc. VLDB Endow. 14, 11 (July 2021), 2283–2295. https://doi.org/10.14778/3476249.3476280
  14. GeoPointGAN: Synthetic Spatial Data with Local Label Differential Privacy. https://doi.org/10.48550/arXiv.2205.08886
  15. Emiliano De Cristofaro. 2020. An Overview of Privacy in Machine Learning. http://arxiv.org/abs/2005.08679
  16. Unique in the Crowd: The Privacy Bounds of Human Mobility. Sci. Rep. 3, 1 (Dec. 2013), 1–5. https://doi.org/10.1038/srep01376
  17. Modeling User Activity Preference by Leveraging User Spatial Temporal Characteristics in LBSNs. IEEE Trans. Syst. Man Cybern, Syst. 45, 1 (Jan. 2015), 129–142. https://doi.org/10.1109/TSMC.2014.2327053
  18. Adversarial Audio Synthesis. http://arxiv.org/abs/1802.04208
  19. Cynthia Dwork. 2008. Differential Privacy: A Survey of Results. In Theory and Applications of Models of Computation, Manindra Agrawal, Dingzhu Du, Zhenhua Duan, and Angsheng Li (Eds.). Vol. 4978 LNCS. Springer Berlin Heidelberg, Berlin, Heidelberg, 1–19. https://doi.org/10.1007/978-3-540-79228-4_1
  20. Cynthia Dwork and Aaron Roth. 2013. The Algorithmic Foundations of Differential Privacy. Found. Trends Theor. Comput. Sci. 9, 3-4 (2013), 211–407. https://doi.org/10.1561/0400000042
  21. Deep Generative Models for Synthetic Sequential Data: A Survey. IEEE Access 11 (2023), 47304–47320. https://doi.org/10.1109/ACCESS.2023.3275134
  22. RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response. In Proc. 2014 ACM SIGSAC Conf. Comput. Commun. Secur. ACM, New York, USA, 1054–1067. https://doi.org/10.1145/2660267.2660348
  23. Real-Valued (Medical) Time Series Generation with Recurrent Conditional GANs. https://doi.org/10.48550/arXiv.1706.02633
  24. GANs for Privacy-Aware Mobility Modeling. IEEE Access 11 (2023), 29250–29262. https://doi.org/10.1109/ACCESS.2023.3260981
  25. Lorenzo Franceschi-Bicchierai. 2015. Redditor Cracks Anonymous Data Trove to Pinpoint Muslim Cab Drivers. https://mashable.com/archive/redditor-muslim-cab-drivers
  26. TGM: A Generative Mechanism for Publishing Trajectories With Differential Privacy. IEEE Internet Things J. 7, 4 (April 2020), 2611–2621. https://doi.org/10.1109/JIOT.2019.2943719
  27. Deep Learning with Label Differential Privacy. https://doi.org/10.48550/ARXIV.2102.06062
  28. Ian Goodfellow. 2017. NIPS 2016 Tutorial: Generative Adversarial Networks. http://arxiv.org/abs/1701.00160
  29. Generative Adversarial Networks. Commun. ACM 63, 11 (2014), 139–144. https://doi.org/10.1145/3422622
  30. Anonymizing Trajectory Data: Limitations and Opportunities. https://aaai-ppai22.github.io/files/25.pdf
  31. Utility-Aware Synthesis of Differentially Private and Attack-Resilient Location Traces. In Proc. 2018 ACM SIGSAC Conf. Comput. Commun. Secur. (CCS ’18, Vol. 2018). Association for Computing Machinery, New York, NY, USA, 196–211. https://doi.org/10.1145/3243734.3243741
  32. Differentially Private Map Matching for Mobility Trajectories. In Proc. 38th Annu. Comput. Secur. Appl. Conf. (ACSAC ’22). Association for Computing Machinery, New York, NY, USA, 293–303. https://doi.org/10.1145/3564625.3567974
  33. DPT: Differentially Private Trajectory Synthesis Using Hierarchical Reference Systems. Proc. VLDB Endow. 8, 11 (July 2015), 1154–1165. https://doi.org/10.14778/2809974.2809978
  34. Sepp Hochreiter and Jürgen Schmidhuber. 1997. Long Short-Term Memory. Neural Comput. 9, 8 (Nov. 1997), 1735–1780. https://doi.org/10.1162/neco.1997.9.8.1735
  35. Differentially Private Publication of General Time-Serial Trajectory Data. In 2015 IEEE Conf. Comput. Commun. INFOCOM, Vol. 26. IEEE, Hong Kong, China, 549–557. https://doi.org/10.1109/INFOCOM.2015.7218422
  36. Publishing Trajectories with Differential Privacy Guarantees. In Proc. 25th Int. Conf. Sci. Stat. Database Manag. - SSDBM. ACM Press, New York, New York, USA, 1. https://doi.org/10.1145/2484838.2484846
  37. Weiwei Jiang and Jiayun Luo. 2022. Graph Neural Network for Traffic Forecasting: A Survey. Expert Systems with Applications 207 (Nov. 2022), 117921. https://doi.org/10.1016/j.eswa.2022.117921
  38. Continuous Trajectory Generation Based on Two-Stage GAN. J. Data Sci. 19, 1 (2021), 126–141. https://doi.org/10.6339/21-JDS1004
  39. A Survey and Experimental Study on Privacy-Preserving Trajectory Data Publishing. https://doi.org/10.36227/techrxiv.13655597.v1
  40. Jong Wook Kim and Beakcheol Jang. 2022. Deep Learning-Based Privacy-Preserving Framework for Synthetic Trajectory Generation. Journal of Network and Computer Applications 206 (Oct. 2022), 103459. https://doi.org/10.1016/j.jnca.2022.103459
  41. Diederik P. Kingma and Max Welling. 2013. Auto-Encoding Variational Bayes. http://arxiv.org/abs/1312.6114
  42. Achieving Differential Privacy of Trajectory Data Publishing in Participatory Sensing. Inf. Sci. 400–401 (Aug. 2017), 1–13. https://doi.org/10.1016/j.ins.2017.03.015
  43. Differentially Private and Utility-Aware Publication of Trajectory Data. Expert Syst. Appl. 180, March 2020 (Oct. 2021), 115120. https://doi.org/10.1016/j.eswa.2021.115120
  44. trajGANs: Using Generative Adversarial Networks for Geo-Privacy Protection of Trajectory Data (Vision Paper). In Locat. Priv. Secur. Workshop LoPaS. github.io, Melbourne, Australia, 1–7. https://ptal-io.github.io/lopas2018/papers/LoPaS2018_Liu.pdf
  45. MARC: A Robust Method for Multiple-Aspect Trajectory Classification via Space, Time, and Semantic Embeddings. bigdata-ufsc. https://github.com/bigdata-ufsc/petry-2020-marc
  46. Tinghuai Ma and Fagen Song. 2021. A Trajectory Privacy Protection Method Based on Random Sampling Differential Privacy. ISPRS Int. J. Geo-Inf. 10, 7 (July 2021), 454. https://doi.org/10.3390/ijgi10070454
  47. Abdul Majeed and Seong Oun Hwang. 2023. Rectification of Syntactic and Semantic Privacy Mechanisms. IEEE Secur. Privacy 21, 5 (Sept. 2023), 18–32. https://doi.org/10.1109/MSEC.2022.3188365
  48. Adversarial Autoencoders. http://arxiv.org/abs/1511.05644
  49. martinarjovsky. 2023. Wasserstein GAN. https://github.com/martinarjovsky/WassersteinGAN
  50. MARC: A Robust Method for Multiple-Aspect Trajectory Classification via Space, Time, and Semantic Embeddings. Int. J. Geogr. Inf. Sci. 34, 7 (2020), 1428–1450. https://doi.org/10.1080/13658816.2019.1707835
  51. Frank McSherry and Kunal Talwar. 2007. Mechanism Design via Differential Privacy. In 48th Annu. IEEE Symp. Found. Comput. Sci. FOCS07. IEEE, Providence, RI, USA, 94–103. https://doi.org/10.1109/FOCS.2007.66
  52. SoK: Differentially Private Publication of Trajectory Data. Proc. Priv. Enhancing Technol. PoPETs 2023 (2023), 496–516. https://doi.org/10.56553/popets-2023-0065
  53. Breadcrumbs: A Rich Mobility Dataset with Point-of-Interest Annotations. In Proc. 27th ACM SIGSPATIAL Int. Conf. Adv. Geogr. Inf. Syst. ACM, Chicago IL USA, 508–511. https://doi.org/10.1145/3347146.3359341
  54. Privacy- and Context-aware Release of Trajectory Data. ACM Trans. Spat. Algorithms Syst. 6, 1 (Feb. 2020), 1–25. https://doi.org/10.1145/3363449
  55. Balancing Privacy and Utility of Spatio-Temporal Data for Taxi-Demand Prediction. In 2023 24th IEEE Int. Conf. Mob. Data Manag. MDM, Vol. 24. IEEE, Los Alamitos, CA, USA, 215–220. https://doi.org/10.1109/MDM58254.2023.00044
  56. On the Regularization of Wasserstein GANs. https://doi.org/10.48550/arXiv.1709.08894
  57. How to DP-fy ML: A Practical Guide to Machine Learning with Differential Privacy. https://doi.org/10.48550/arXiv.2303.00654
  58. The Long Road to Computational Location Privacy: A Survey. IEEE Commun. Surv. Tutor. 21, 3 (2019), 2772–2793. https://doi.org/10.1109/COMST.2018.2873950
  59. Differentially Private Location Privacy in Practice. https://doi.org/10.48550/arXiv.1410.7744
  60. Generative Adversarial Networks Enhanced Location Privacy in 5G Networks. Sci. China Inf. Sci. 63, 12 (Dec. 2020), 220303. https://doi.org/10.1007/s11432-019-2834-x
  61. Unsupervised Representation Learning with Deep Convolutional Generative Adversarial Networks. http://arxiv.org/abs/1511.06434
  62. LSTM-TrajGAN. GeoDS Lab @UW-Madison. https://github.com/GeoDS/LSTM-TrajGAN
  63. LSTM-TrajGAN: A Deep Learning Approach to Trajectory Privacy Protection. Leibniz Int. Proc. Inform. 177, GIScience (2020), 1–16. https://doi.org/10.4230/LIPIcs.GIScience.2021.I.12
  64. Structured Sparsity Model Based Trajectory Tracking Using Private Location Data Release. IEEE Trans. Dependable Secure Comput. 18, 6 (2020), 2983–2995. https://doi.org/10.1109/TDSC.2020.2972334
  65. TCAC-GAN: Synthetic Trajectory Generation Model Using Auxiliary Classifier Generative Adversarial Networks for Improved Protection of Trajectory Data. In 2023 IEEE Int. Conf. Big Data Smart Comput. BigComp. IEEE, Jeju, Republic of Korea, 314–315. https://doi.org/10.1109/BigComp57234.2023.00063
  66. Membership Inference Attacks Against Machine Learning Models. In 2017 IEEE Symp. Secur. Priv. SP. IEEE, San Jose, CA, USA, 3–18. https://doi.org/10.1109/SP.2017.41
  67. Except-Condition Generative Adversarial Network for Generating Trajectory Data. In Database Expert Syst. Appl. (Lecture Notes in Computer Science), Christine Strauss, Toshiyuki Amagasa, Gabriele Kotsis, A. Min Tjoa, and Ismail Khalil (Eds.). Springer Nature Switzerland, Cham, 289–294. https://doi.org/10.1007/978-3-031-39821-6_23
  68. A Survey of Trajectory Distance Measures and Performance Evaluation. The VLDB Journal 29, 1 (Jan. 2020), 3–32. https://doi.org/10.1007/s00778-019-00574-9
  69. Synthesizing Realistic Trajectory Data With Differential Privacy. IEEE Trans. Intell. Transport. Syst. 24, 5 (May 2023), 5502–5515. https://doi.org/10.1109/TITS.2023.3241290
  70. Latanya Sweeney. 2002. Achieving K-Anonymity Privacy Protection Using Generalization and Suppression. Int. J. Uncertain. Fuzziness Knowl.-Based Syst. 10, 05 (Oct. 2002), 571–588. https://doi.org/10.1142/S021848850200165X
  71. Protecting Trajectory From Semantic Attack Considering K-Anonymity, l-Diversity, and t-Closeness. IEEE Trans. Netw. Serv. Manag. 16, 1 (March 2019), 264–278. https://doi.org/10.1109/TNSM.2018.2877790
  72. Large Scale GPS Trajectory Generation Using Map Based on Two Stage GAN. J. Data Sci. 19, 1 (Feb. 2021), 126–141. https://doi.org/10.6339/21-JDS1004
  73. Differential Privacy Trajectory Data Protection Scheme Based on R-tree. Expert Systems with Applications 182 (Nov. 2021), 115215. https://doi.org/10.1016/j.eswa.2021.115215
  74. DP-TrajGAN: A Privacy-Aware Trajectory Generation Model with Differential Privacy. Future Gener. Comput. Syst. 142, C (Dec. 2022), 25–40. https://doi.org/10.1016/j.future.2022.12.027
  75. Hasse Sensitivity Level: A Sensitivity-Aware Trajectory Privacy-Enhanced Framework with Reinforcement Learning. Future Generation Computer Systems 142 (May 2023), 301–313. https://doi.org/10.1016/j.future.2023.01.008
  76. A Local Differential Privacy Trajectory Protection Method Based on Temporal and Spatial Restrictions for Staying Detection. Tsinghua Sci. Technol. 29, 2 (April 2024), 617–633. https://doi.org/10.26599/TST.2023.9010072
  77. LGAN-DP: A Novel Differential Private Publication Mechanism of Trajectory Data. Future Gener. Comput. Syst. 141, C (Dec. 2022), 6392–703. https://doi.org/10.1016/j.future.2022.12.011
  78. Risk-Aware Individual Trajectory Data Publishing With Differential Privacy. IEEE Access 9 (2021), 7421–7438. https://doi.org/10.1109/ACCESS.2020.3048394
  79. Novel Trajectory Data Publishing Method under Differential Privacy. Expert Systems with Applications 138 (Dec. 2019), 112791. https://doi.org/10.1016/j.eswa.2019.07.008
  80. Novel Trajectory Privacy-Preserving Method Based on Prefix Tree Using Differential Privacy. Knowledge-Based Systems 198 (June 2020), 105940. https://doi.org/10.1016/j.knosys.2020.105940
  81. Mining Interesting Locations and Travel Sequences from GPS Trajectories. In Proc. 18th Int. Conf. World Wide Web (WWW ’09). Association for Computing Machinery, New York, NY, USA, 791–800. https://doi.org/10.1145/1526709.1526816
Citations (3)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now