Yan-zi Li , Li Xu , Jing Zhang , Liao-ru-xing Zhang
{"title":"WF-LDPSR: A local differential privacy mechanism based on water-filling for secure release of trajectory statistics data","authors":"Yan-zi Li , Li Xu , Jing Zhang , Liao-ru-xing Zhang","doi":"10.1016/j.cose.2024.104165","DOIUrl":null,"url":null,"abstract":"<div><div>Open Data Processing Services are used to solve the bottleneck of big data storage and operation. At the same time, massive trajectory data is generated, and the basic information of users’ spatio-temporal historical data is provided, including points of interest and movement patterns. Improving the availability of published trajectory statistics data without compromising user privacy is critical. Differential privacy technology is a standard technology to realize the secure release of trajectory statistics data. Several research efforts have focused on secure publication of trajectory statistics data in a central environment by adding noise to a trusted third-party server. However, this central approach is vulnerable to privacy breaches, where adversaries can access real data by locking down the third-party server. The local differential privacy, based on a distributed architecture, overcomes this form of attack by allowing users to scramble personal data records before they are sent to third-party server. However, the existing distributed privacy protection schemes still have the balance problem of poor availability of data when ensuring privacy, as well as the problem of excessive operation cost. Therefore, a local differential privacy mechanism based on water-filling for secure release of trajectory statistics data (WF-LDPSR) is proposed in this paper. Firstly, in order to protect user privacy individually, a user automatic personalized segmentation method is proposed to determine the effective user sensitivity level automatically. Secondly, a distributed privacy protection model based on local differential privacy is designed to resist the attacks on the third-party server. Finally, in order to achieve the optimal allocation of privacy budget, the water-filling theorem in the field of communication is introduced. An adaptive privacy budget allocation algorithm based on water-filling theorem is proposed to realize the adaptive privacy budget allocation. In addition, to further improve data availability, a group processing idea based on user set sampling is proposed, which divides users into multiple disjoint subsets randomly, thus reducing the differential privacy noise effectively. Experiments prove that compared with other advanced mechanisms, the WF-LDPSR mechanism can improve the availability of published data by 84.92% while protecting user privacy.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":null,"pages":null},"PeriodicalIF":4.8000,"publicationDate":"2024-10-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S016740482400470X","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Open Data Processing Services are used to solve the bottleneck of big data storage and operation. At the same time, massive trajectory data is generated, and the basic information of users’ spatio-temporal historical data is provided, including points of interest and movement patterns. Improving the availability of published trajectory statistics data without compromising user privacy is critical. Differential privacy technology is a standard technology to realize the secure release of trajectory statistics data. Several research efforts have focused on secure publication of trajectory statistics data in a central environment by adding noise to a trusted third-party server. However, this central approach is vulnerable to privacy breaches, where adversaries can access real data by locking down the third-party server. The local differential privacy, based on a distributed architecture, overcomes this form of attack by allowing users to scramble personal data records before they are sent to third-party server. However, the existing distributed privacy protection schemes still have the balance problem of poor availability of data when ensuring privacy, as well as the problem of excessive operation cost. Therefore, a local differential privacy mechanism based on water-filling for secure release of trajectory statistics data (WF-LDPSR) is proposed in this paper. Firstly, in order to protect user privacy individually, a user automatic personalized segmentation method is proposed to determine the effective user sensitivity level automatically. Secondly, a distributed privacy protection model based on local differential privacy is designed to resist the attacks on the third-party server. Finally, in order to achieve the optimal allocation of privacy budget, the water-filling theorem in the field of communication is introduced. An adaptive privacy budget allocation algorithm based on water-filling theorem is proposed to realize the adaptive privacy budget allocation. In addition, to further improve data availability, a group processing idea based on user set sampling is proposed, which divides users into multiple disjoint subsets randomly, thus reducing the differential privacy noise effectively. Experiments prove that compared with other advanced mechanisms, the WF-LDPSR mechanism can improve the availability of published data by 84.92% while protecting user privacy.
期刊介绍:
Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world.
Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.