Protecting sensitive place visits in privacy-preserving trajectory publishing

Abstract

The rise of mobile computing has generated huge amount of trajectory data. Since these data are valuable for many people, publishing them while providing adequate individual privacy protection has been a challenging task. In this paper, we present an algorithm for protecting sensitive place visits in privacy-preserving trajectory publishing. By generalizing sensitive places using sensitive zones, and distorting the sub-trajectories within the sensitive zones based on differential privacy, our method not only prevents leakage of sensitive place visits, but also preserves individual movement information. It contains two critical components. First, we generate sensitive zones around sensitive places based on human mobility patterns and the mobility model. The sensitive zones are formed in such a way that the adversary background knowledge does not increase the adversary's belief in whether the trajectory has stopped at a sensitive place or not. Second, to prevent excessive individual movement information loss and sensitive place visit leakage within the sensitive zones, we select reliable segments from the sub-trajectories therein, model the reliable segments as an exploration tree, and synthesize the ɛ– differentially-private sub-trajectories. Our experiments on a real-world dataset show that our method provides good utility, and our sub-trajectory synthesis method preserves detailed information of individual movements.