RUcore: Rutgers University Community Repository
Achieving guaranteed anonymity in time-series location data
Descriptive
TitleInfo
(displayLabel = Citation Title);
(type = uniform)
Title
Achieving guaranteed anonymity in time-series location data
Name
(ID = NAME001);
(type = personal)
NamePart
(type = family)
Hoh
NamePart
(type = given)
Baik
DisplayForm
Baik Hoh
Role
RoleTerm
(authority = RULIB)
author
Name
(ID = NAME002);
(type = personal)
NamePart
(type = family)
Gruteser
NamePart
(type = given)
Marco
Affiliation
Advisory Committee
DisplayForm
Marco Gruteser
Role
RoleTerm
(authority = RULIB)
chair
Name
(ID = NAME003);
(type = personal)
NamePart
(type = family)
Yates
NamePart
(type = given)
Roy
Affiliation
Advisory Committee
DisplayForm
Roy Yates
Role
RoleTerm
(authority = RULIB)
internal member
Name
(ID = NAME004);
(type = personal)
NamePart
(type = family)
Zhang
NamePart
(type = given)
Yanyong
Affiliation
Advisory Committee
DisplayForm
Yanyong Zhang
Role
RoleTerm
(authority = RULIB)
internal member
Name
(ID = NAME005);
(type = personal)
NamePart
(type = family)
Xiong
NamePart
(type = given)
Hui
Affiliation
Advisory Committee
DisplayForm
Hui Xiong
Role
RoleTerm
(authority = RULIB)
outside member
Name
(ID = NAME006);
(type = corporate)
NamePart
Rutgers University
Role
RoleTerm
(authority = RULIB)
degree grantor
Name
(ID = NAME007);
(type = corporate)
NamePart
Graduate School - New Brunswick
Role
RoleTerm
(authority = RULIB)
school
TypeOfResource
Text
Genre
(authority = marcgt)
theses
OriginInfo
DateCreated
(qualifier = exact)
2008
DateOther
(qualifier = exact);
(type = degree)
2008-10
Language
LanguageTerm
English
PhysicalDescription
Form
(authority = marcform)
electronic
InternetMediaType
application/pdf
InternetMediaType
text/xml
Extent
xiv, 115 pages
Abstract
Collaborative sensing networks anonymously aggregate location-tagged sensing information from a large number of users to monitor environments. However, sharing anonymous location-tagged sensing information from users raises serious privacy concern. Rendering the location traces anonymous before sharing them with application service providers or third parties often allows an adversary to follow anonymous location updates because a time-series of anonymous location data exhibit a spatio-temporal correlation between successive updates. Prior privacy techniques for location data such as spatial cloaking techniques based on k-anonymity and best-effort algorithms do not meet both data quality and privacy requirements at the same time. This raises the problem of guaranteed anonymity in a dataset of location traces while maintaining high data accuracy and integrity.
To overcome these challenges, we develop a novel privacy metric, called Time-To-Confusion to characterize the privacy implication of anonymous location traces and propose two different privacy-preserving techniques that achieve both the guaranteed location privacy of all users and high data quality. The Time-To-Confusion effectively captures how long an adversary can follow an anonymous user at a specified level of confidence, given system parameters such as location accuracy, sampling frequency, and user density. Two different privacy mechanisms are designed with and without a trustworthy location privacy server in a time series of location updates. In the first solution, we propose an uncertainty-aware path cloaking algorithm in a trustworthy privacy server that determines the release of user location updates based on tracking uncertainty and maximum allowable tracking time. Our second solution does not require users to trust the centralized privacy server. Instead, we propose the novel concept of virtual trip lines where vehicles update their location and sensing information. This concept enables temporal cloaking in a distributed architecture where no single entity accesses all of identity, location, and timestamp information, yet incurring only a slight degradation of service quality. We evaluate two proposed algorithms with a case study of automotive traffic monitoring applications. We show that our proposed solutions effectively suppress worst case tracking bounds and home identification rates, while achieving significant data accuracy improvements.
To overcome these challenges, we develop a novel privacy metric, called Time-To-Confusion to characterize the privacy implication of anonymous location traces and propose two different privacy-preserving techniques that achieve both the guaranteed location privacy of all users and high data quality. The Time-To-Confusion effectively captures how long an adversary can follow an anonymous user at a specified level of confidence, given system parameters such as location accuracy, sampling frequency, and user density. Two different privacy mechanisms are designed with and without a trustworthy location privacy server in a time series of location updates. In the first solution, we propose an uncertainty-aware path cloaking algorithm in a trustworthy privacy server that determines the release of user location updates based on tracking uncertainty and maximum allowable tracking time. Our second solution does not require users to trust the centralized privacy server. Instead, we propose the novel concept of virtual trip lines where vehicles update their location and sensing information. This concept enables temporal cloaking in a distributed architecture where no single entity accesses all of identity, location, and timestamp information, yet incurring only a slight degradation of service quality. We evaluate two proposed algorithms with a case study of automotive traffic monitoring applications. We show that our proposed solutions effectively suppress worst case tracking bounds and home identification rates, while achieving significant data accuracy improvements.
Note
(type = degree)
Ph.D.
Note
(type = bibliography)
Includes bibliographical references (p. 107-114).
Subject
(ID = SUBJ1);
(authority = RUETD)
Topic
Electrical and Computer Engineering
Subject
(ID = SUBJ2);
(authority = ETD-LCSH)
Topic
Cluster analysis--Data processing
Subject
(ID = SUBJ3);
(authority = ETD-LCSH)
Topic
Data mining
Subject
(ID = SUBJ4);
(authority = ETD-LCSH)
Topic
Computer algorithms
RelatedItem
(type = host)
TitleInfo
Title
Graduate School - New Brunswick Electronic Theses and Dissertations
Identifier
(type = local)
rucore19991600001
Identifier
(type = hdl)
http://hdl.rutgers.edu/1782.2/rucore10001600001.ETD.17501
Identifier
ETD_1326
Location
PhysicalLocation
(authority = marcorg);
(displayLabel = Rutgers, The State University of New Jersey)
NjNbRU
Identifier
(type = doi)
doi:10.7282/T3HH6KC5
Genre
(authority = ExL-Esploro)
ETD doctoral
Back to the top
Rights
RightsDeclaration
(AUTHORITY = GS);
(ID = rulibRdec0006)
The author owns the copyright to this work.
Copyright
Status
Copyright protected
Availability
Status
Open
AssociatedEntity
(AUTHORITY = rulib);
(ID = 1)
Name
Baik Hoh
Role
Copyright holder
Affiliation
Rutgers University. Graduate School - New Brunswick
RightsEvent
(AUTHORITY = rulib);
(ID = 1)
Type
Permission or license
Detail
Non-exclusive ETD license
AssociatedObject
(AUTHORITY = rulib);
(ID = 1)
Type
License
Name
Author Agreement License
Detail
I hereby grant to the Rutgers University Libraries and to my school the non-exclusive right to archive, reproduce and distribute my thesis or dissertation, in whole or in part, and/or my abstract, in whole or in part, in and from an electronic format, subject to the release date subsequently stipulated in this submittal form and approved by my school. I represent and stipulate that the thesis or dissertation and its abstract are my original work, that they do not infringe or violate any rights of others, and that I make these grants as the sole owner of the rights to my thesis or dissertation and its abstract. I represent that I have obtained written permissions, when necessary, from the owner(s) of each third party copyrighted matter to be included in my thesis or dissertation and will supply copies of such upon request by my school. I acknowledge that RU ETD and my school will not distribute my thesis or dissertation or its abstract if, in their reasonable judgment, they believe all such rights have not been secured. I acknowledge that I retain ownership rights to the copyright of my work. I also retain the right to use all or part of this thesis or dissertation in future works, such as articles or books.
Back to the top
Technical
Format
(TYPE = mime);
(VERSION = )
application/x-tar
FileSize
(UNIT = bytes)
6752768
Checksum
(METHOD = SHA1)
8247d59239b9026c05cca05c8af3c4452f72c550
ContentModel
ETD
CompressionScheme
other
OperatingSystem
(VERSION = 5.1)
windows xp
Format
(TYPE = mime);
(VERSION = NULL)
application/x-tar
Back to the top
Statistical Profile