De-anonymisation of real-world location traces: two attacks based on the hidden Markov model

Abstract

ABSTRACT Smart context-aware services and location-based services (LBS) have led to a surge in mobile devices equipped with various geolocation sensors, resulting in the generation of extensive mobility datasets held by telecom companies and service providers. These mobility datasets can uniquely identify individuals based on their mobility trajectories. To preserve privacy, organisations use pseudorandom identifiers instead of personal information. However, studies reveal one can still infer sensitive information from individuals’ anonymised mobility datasets. This paper proposes and implements two novel and highly effective de-anonymisation techniques- the Forward and the Kullback–Leibler (KL) algorithms. These techniques uniquely incorporate a hidden Markov model to generate comprehensive mobility profiles of targeted users by considering their spatiotemporal trajectories. We employ two real-world reference datasets, namely GeoLife and Taxicabs, which include mobility trajectories from Beijing and Rome, respectively, to examine the reliability and effectiveness of our proposed attack methods. The results show that our attack techniques successfully re-identify up to 88% and 90% of anonymised users in the GeoLife (Beijing) and Taxicab (Rome) datasets, respectively. This significantly exceeds current, comparable de-anonymisation techniques, which have a success rate of 40% to 45%.