Abstract
We propose a novel algorithm to ensure \(\epsilon \)-differential privacy for answering range queries on trajectory data. In order to guarantee privacy, differential privacy mechanisms add noise to either data or query, thus introducing errors to queries made and potentially decreasing the utility of information. In contrast to the state of the art, our method achieves significantly lower error as it is the first data- and query-aware approach for such queries. The key challenge for answering range queries on trajectory data privately is to ensure an accurate count. Simply representing a trajectory as a set instead of sequence of points will generally lead to highly inaccurate query answers as it ignores the sequential dependency of location points in trajectories, i.e., will violate the consistency of trajectory data. Furthermore, trajectories are generally unevenly distributed across a city and adding noise uniformly will generally lead to a poor utility. To achieve differential privacy, our algorithm adaptively adds noise to the input data according to the given query set. It first privately partitions the data space into uniform regions and computes the traffic density of each region. The regions and their densities, in addition to the given query set, are then used to estimate the distribution of trajectories over the queried space, which ensures high accuracy for the given query set. We show the accuracy and efficiency of our algorithm using extensive empirical evaluations on real and synthetic data sets.
Similar content being viewed by others
References
Bonomi L, Xiong L (2013) A two-phase algorithm for mining sequential patterns with differential privacy. In: Proceedings of the 22nd ACM international conference on information and knowledge management. ACM, pp 269–278
Chen R, Fung B, Desai BC, Sossou NM (2012) Differentially private transit data publication: a case study on the montreal transportation system. In: Proceedings of the 18th ACM SIGKDD international conference on Knowledge discovery and data mining. ACM, pp 213–221
Cormode G, Procopiuc C, Srivastava D, Shen E, Yu T (2012) Differentially private spatial decompositions. In: 2012 IEEE 28th international conference on data engineering (ICDE). IEEE, pp 20–31
De Montjoye Y-A, Hidalgo CA, Verleysen M, Blondel VD (2013) Unique in the crowd: the privacy bounds of human mobility. Sci Rep 3:1376
Dwork C, McSherry F, Nissim K, Smith A (2006) Calibrating noise to sensitivity in private data analysis. Springer, Berlin, Heidelberg, pp 265–284
Ghane S, Kulik L, Ramamohanarao K (2018) Publishing spatial histograms under differential privacy. In: Proceedings of the 30th international conference on scientific and statistical database management, Bolzano-Bozen, Italy, July 9–11, 2018. ACM, pp 27:1–27:12
Hardt M, Ligett K, McSherry F (2012) A simple and practical algorithm for differentially private data release. In: Advances in neural information processing systems, pp 2339–2347
Hardt M, Rothblum GN (2010) A multiplicative weights mechanism for privacy-preserving data analysis. In: 2010 51st annual IEEE symposium on foundations of computer science. IEEE, pp 61–70
Hay M, Machanavajjhala A, Miklau G, Chen Y, Zhang D (2016) Principled evaluation of differentially private algorithms using dpbench. In: Proceedings of the 2016 international conference on management of data. ACM, pp 139–154
He X, Cormode G, Machanavajjhala A, Procopiuc CM, Srivastava D (2015) Dpt: differentially private trajectory synthesis using hierarchical reference systems. Proc VLDB Endow 8(11):1154–1165
Karmarkar N (1984) A new polynomial-time algorithm for linear programming. In: Proceedings of the sixteenth annual ACM symposium on Theory of computing. ACM, pp 302–311
Leonardi L, Orlando S, Raffaetà A, Roncato A, Silvestri C, Andrienko G, Andrienko N (2014) A general framework for trajectory data warehousing and visual olap. GeoInformatica 18(2):273–312
Li C, Hay M, Miklau G, Wang Y (2014) A data-and workload-aware algorithm for range queries under differential privacy. Proc VLDB Endow 7(5):341–352
Lopez IV, Snodgrass RT, Moon B (2005) Spatiotemporal aggregate computation: a survey. IEEE Trans Knowl Data Eng 17(2):271–286
McSherry FD (2009) Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In: Proceedings of the ACM SIGMOD international conference on management of data. ACM, pp 19–30
McSherry F, Talwar K (2007) Mechanism design via differential privacy. In: 48th annual IEEE symposium on foundations of computer science, 2007. FOCS’07. IEEE, pp 94–103
Mokbel MF, Alarabi L, Bao J, Eldawy A, Magdy A, Sarwat M, Waytas E, Yackel S (2013) Mntg: an extensible web-based traffic generator. In: International symposium on spatial and temporal databases. Springer, pp 38–55
Monreale A, Wang WH, Pratesi F, Rinzivillo S, Pedreschi D, Andrienko G, Andrienko N (2013) Privacy-preserving distributed movement data aggregation. In: Geographic information science at the heart of Europe. Springer, pp 225–245
Moreira-Matias L, Gama J, Ferreira M, Mendes-Moreira J, Damas L (2013) Predicting taxi-passenger demand using streaming data. IEEE Trans Intell Transp Syst 14(3):1393–1402
Naghi Zadeh Kakhki E (2016) Utility-aware protection of trajectory privacy. PhD thesis, The University of Melbourne
Qardaji W, Yang W, Li N (2013), Differentially private grids for geospatial data. In: 2013 IEEE 29th international conference on data engineering (ICDE). IEEE, pp 757–768
Xie H, Kulik L, Tanin E (2010) Privacy-aware traffic monitoring. IEEE Trans Intell Transp Syst 11(1):61–70
Xie H, Tanin E, Kulik L (2007) Distributed histograms for processing aggregate data from moving objects. In: 2007 international conference on mobile data management. IEEE, pp 152–157
Xie H, Tanin E, Kulik L, Scheuermann P, Trajcevski G, Fanaeepour M (2014) Euler histogram tree: a spatial data structure for aggregate range queries on vehicle trajectories. In: Proceedings of the 7th ACM SIGSPATIAL international workshop on computational transportation science. ACM, pp 18–24
Xu F, Tu Z, Li Y, Zhang P, Fu X, Jin D (2017) Trajectory recovery from ash: user privacy is not preserved in aggregated mobility data. In: Proceedings of the 26th international conference on world wide web, international world wide web conferences steering committee, pp 1241–1250
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Ghane, S., Kulik, L. & Ramamoharao, K. A differentially private algorithm for range queries on trajectories. Knowl Inf Syst 63, 277–303 (2021). https://doi.org/10.1007/s10115-020-01520-w
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10115-020-01520-w