电子学报 ›› 2021, Vol. 49 ›› Issue (7): 1266-1273.DOI: 10.12263/DZXB.20200827

• 学术论文 • 上一篇    下一篇

基于差分隐私的轨迹隐私保护方法

袁水莲, 皮德常, 胥萌   

  1. 南京航空航天大学计算机科学与技术学院,江苏 南京 211106
  • 收稿日期:2020-08-03 修回日期:2020-11-27 出版日期:2021-07-25 发布日期:2021-08-11
  • 作者简介:袁水莲 女,1997年11月生于山东济宁.现为南京航空航天大学硕士研究生.主要研究方向为数据挖掘和隐私保护.E‑mail:shirley_ysl@nuaa.edu.cn
    皮德常(通信作者) 男,1971年11月生于河南周口.现为南京航空航天大学教授、博士生导师.主要研究方向为数据挖掘和隐私保护.E‑mail:dc.pi@nuaa.edu.cn
    胥 萌 男,1997年8月生于江苏盐城.现为南京航空航天大学硕士研究生.主要研究方向为数据挖掘.E‑mail: xu_meng@nuaa.edu.cn

Trajectory Privacy Protection Method Based on Differential Privacy

Shui-lian YUAN, De-chang PI, Meng XU   

  1. College of Computer Science and Technology,Nanjing University of Aeronautics and Astronautics,Nanjing,Jiangsu 211106,China
  • Received:2020-08-03 Revised:2020-11-27 Online:2021-07-25 Published:2021-08-11

摘要:

针对现有的轨迹隐私保护模型大多难以抵御复杂背景知识攻击的问题,本文提出了一种基于差分隐私的轨迹隐私保护方法.首先结合地理不可区分机制对原始轨迹数据添加半径受限的拉普拉斯噪音;其次构造数据映射模型将原始数据和噪音数据映射到新的发布位置,使攻击者无法获取真实轨迹数据;接着应用最优数据映射函数发布最优的轨迹位置以提高发布数据的可用性;最后利用差分隐私抵御非敏感信息推理攻击,进一步保护用户隐私.实验结果表明,本文算法既能有效保护轨迹数据中用户的隐私,也能保证数据的可用性.

关键词: 轨迹数据, 隐私保护, 差分隐私, 地理不可区分, 背景知识攻击, 推理攻击

Abstract:

Aiming at the problem that most of the existing trajectory privacy protection models are difficult to withstand complex background knowledge attacks, this paper proposes a trajectory privacy protection method based on differential privacy. Firstly, the Laplacian noise with limited radius is added to the original trajectory data by combining the mechanism of geographic indistinguishability. Secondly, a data mapping model is constructed to map the original data and noise data to the new publishing location, so that the attacker cannot obtain the real trajectory data. Then the optimal data mapping function is applied to publish the optimal trajectory position to improve the availability of published data. Finally, differential privacy is used to defend against non?sensitive information inference attack to further protect user privacy. The experimental results show that the algorithm in this paper can not only effectively protect the privacy of users in the trajectory data, but also ensure the availability of the data.

Key words: trajectory data, privacy protection, differential privacy, geographical indistinguishability, background knowledge attack, inference attack

中图分类号: