Differentially Private Real-time Data Release over Infinite Trajectory Streams

Size: px

Start display at page:

Download "Differentially Private Real-time Data Release over Infinite Trajectory Streams"

Louise Atkins
5 years ago
Views:

1 Differentially Private Real-time Data Release over Infinite Trajectory Streams Kyoto University, Japan Department of Social Informatics Yang Cao, Masatoshi Yoshikawa 1

2 Outline Motivation: opportunity & privacy risk Problem definition and analysis Proposed solution Experiment results Conclusion & Future work 2

<uid,time,loc, > Trajectory streams are consisting of many people s trajectories Statistics

3 Motivation: Opportunity A great opportunity to utilize personal real-life data Easy to collect Life log data, along with people s trajectory. <uid,time,loc, > Trajectory streams are consisting of many people s trajectories Statistics of trajectory streams are useful e.g., Q count {how many people at Pittsburgh station now?} A trajectory: time sequenced locations 3

<uid,time,loc, > Trajectory streams are consisting of many people s trajectories Statistics of

A trajectory: time sequenced locations e.g.

4 Motivation: Opportunity A great opportunity to utilize personal real-life data Easy to collect Life log data, along with people s trajectory. <uid,time,loc, > Trajectory streams are consisting of many people s trajectories Statistics of trajectory streams are useful e.g., Count: How many people at Pittsburgh station now? A trajectory: time sequenced locations e.g., Count: How many people at Pittsburgh station with Heart Rate>100 now? Health-aware Navigation System Marketing Analysis Intelligent Transportation System Leverage statistics of trajectory streams to data-based innovations! 4

5 Motivation: Privacy Risk Publish Statistics (of personal data) is risky 5

6 Motivation: Privacy Risk Publish Statistics (of personal data) is risky E.g., Release the data of Q1: COUNT(Sex=Female)=A. Q2: COUNT(Sex=Female OR What if B=A+1? Name Age Sex Dis. u1 40 M HIV u2 30 M - (Age=40 & Sex=Male & Employer= u1 )) = B 6

7 Motivation: Privacy Risk Publish Statistics (of personal data) is risky E.g., Release the data of Q1: COUNT(Sex=Female)=A. Q2: COUNT(Sex=Female OR If B=A+1 (Age=40 & Sex=Male & Employer= u1 )) = B Q3: COUNT(Sex=Female OR (Age=42 & Sex=Male & Employer= u1 ) & Diagnosis= HIV ) = C C = 1 or 0 Name Age Sex Dis. u1 40 M HIV u2 30 M - 7

8 Motivation: Privacy Risk Publish Statistics (of personal data) is risky E.g., Release the data of Q1: COUNT(Sex=Female)=A. Q2: COUNT(Sex=Female OR If B=A+1 (Age=40 & Sex=Male & Employer= u1 )) = B Q3: COUNT(Sex=Female OR (Age=42 & Sex=Male & Employer= u1 ) & Diagnosis= HIV ) = C C = 1 or 0 Positively or negatively compromised! Name Age Sex Dis. u1 40 M HIV u2 30 M - 8

9 Motivation: Privacy Risk Publish Statistics (of personal data) is risky Linkage attack on anonymized data [1][2] Released database An attacker s database [1] L. Sweeney, Simple demographics often identify people uniquely, Health (San Francisco), [2] C. Dwork, A Firm Foundation for Private Data Analysis, Commun. ACM, Jan

10 Motivation: Privacy Risk Publish Statistics (of personal data) is risky Linkage attack [1][2] Personal Trajectory data is highly sensitive! Four spatiotemporal data points can identify 95% of the individuals [3] Goal: to publish statistics of trajectory streams by a Privacy Preserving Data Publishing (PPDP) method, for open data utilizing untrusted cloud services data mining outsourcing [1] L. Sweeney, Simple demographics often identify people uniquely, Health (San Francisco), [2] C. Dwork, A Firm Foundation for Private Data Analysis, Commun. ACM, Jan [3]Y.-A. de Montjoye et al, Unique in the Crowd: The privacy bounds of human mobility, Sci. Rep.,Mar

11 Our contributions A rigorous and flexible PPDP framework over infinite trajectory streams The first definition of personalized privacy model for spatiotemporal data The protection is based on ε-differential Privacy. rigorous Designed algorithms to publish counts in real-time. E.g., Counts: How many people at Pittsburgh station now? Published data utility is better than the previous results. flexible real-time trajectory data users privacy preferences Privacy Model & PPDP algorithm sensitive data raw statistics in real-time noisy data publishable! Private Data 11

12 Our contributions A rigorous and flexible PPDP framework over infinite trajectory streams The first definition of personalized privacy model for spatiotemporal data The protection is based on ε-differential Privacy. rigorousness Designed algorithms to publish counts in real-time. E.g., Counts: How many people at Pittsburgh station now Personlized privacy & Published data utility is better. flexibility real-time trajectory data users privacy preferences Privacy Model & PPDP algorithm sensitive data raw statistics in real-time noisy data publishable! Private Data 12

13 Outline Motivation: opportunity & privacy risk Problem definition and analysis Proposed solution Experiment result Conclusion & Future work 13

14 Problem Definition PPDP over infinite trajectory streams Data collection process as follows: Trusted Server uid tim loc. u1 t1 e park u3 t1 park u2 t2 bar u3 t2 office u3 t3 gym u1 t5 bar u2 t5 park u3 t5 bar t1 t2 t3 t4 t5 u1 park bar u2 bar park u3 park office gym bar (b) trajectory representation of raw data safely publish risk locs t1 t2 t3 t4 t5 park office bar gym (c) raw statistics (a) raw data 14

Problem Definition PPDP over infinite trajectory streams How to transform (c) to safe version (c), while keeping it similar to (c) as much as possible? Trusted Server safely publish uid tim loc.

15 Problem Definition PPDP over infinite trajectory streams How to transform (c) to safe version (c), while keeping it similar to (c) as much as possible? Trusted Server safely publish uid tim loc. u1 t1 e park u3 t1 park u2 t2 bar u3 t2 office u3 t3 gym u1 t5 bar u2 t5 park u3 t5 bar (a) raw data t1 t2 t3 t4 t5 u1 park bar u2 bar park u3 park office gym bar (b) trajectory representation of raw data risk locs t1 t2 t3 t4 t5 park office bar gym (c) raw statistics 15

16 Problem Definition PPDP over infinite trajectory streams How to transform (c) to safe version (c), while keeping it similar to (c) as much as possible? Ad-hoc methods CANNOT provide a reliable privacy guarantee e.g., method of deleting the values of 1 It is hard to model the attacker s background knowledge in this big data locs t1 t2 t3 t4 t5 park office bar gym (c) raw statistics risk Ad-hoc PPDP algorithm locs t1 t2 t3 t4 t5 park office bar gym (c) safe(?) statistics 16

17 Differential Privacy: A rigorous privacy definition ε-differential Privacy (ε-dp) [4] As a de facto privacy standard for statistical data publishing. Randomized algorithm A achieve ε-dp, if it satisfies Pr[A(Q(D))] Pr[A(Q(D*))] eε, ε > 0 D*:database except any one individual s data then A achieves ε-dp ; ε is a given positive parameter. D Q( ) D* Q( ) ε: Privacy budget unitary privacy level control. Robust under attacker with arbitrary background knowl. Laplace Mechanism & Exponential Mechanism can be used as sub-procedure of A [4] C. Dwork, et al., Calibrating Noise to Sensitivity in Private Data Analysis, TCC [5] F. McSherry and K. Talwar, Mechanism Design via Differential Privacy, FOCS,

18 Differential Privacy: A rigorous privacy definition ε-differential Privacy (ε-dp) [4] As a de facto privacy standard for statistical data publishing. Randomized algorithm A achieve ε-dp, if it satisfies Pr[A(Q(D))] Pr[A(Q(D*))] eε, ε > 0 D*:database except any one individual s data then A achieves ε-dp ; ε is a given positive parameter. D A( Q( )) D* A( Q( )) ε: Privacy budget unitary privacy level control. Robust under attacker with arbitrary background knowl. Laplace Mechanism & Exponential Mechanism can be used as sub-procedure of A [4] C. Dwork, et al., Calibrating Noise to Sensitivity in Private Data Analysis, TCC [5] F. McSherry and K. Talwar, Mechanism Design via Differential Privacy, FOCS, Less noise More High Data utility Low Low Privacy Level High ε 0 18

19 Differential Privacy: A rigorous privacy definition ε-differential Privacy (ε-dp) [4] As a de facto privacy standard for statistical data publishing. Randomized algorithm A achieve ε-dp, if it satisfies Pr[A(Q(D))] Pr[A(Q(D*))] eε, ε > 0 D*:database except any one individual s data then A achieves ε-dp ; ε is a given positive parameter. D A( Q( )) D* A( Q( )) ε: Privacy budget unitary privacy level control. Robust under Linkage attack. Laplace Mechanism [4] & Exponential Mechanism [5] Less noise High Data utility can be used as sub-procedure of A [4] C. Dwork, et al., Calibrating Noise to Sensitivity in Private Data Analysis, TCC [5] F. McSherry and K. Talwar, Mechanism Design via Differential Privacy, FOCS, More Low Low Privacy Level High ε 0 19

20 Problem Analysis PPDP over infinite trajectory streams How to apply ε-dp to PPDP of infinite trajectory streams? depends on what we want to protect! 20

21 Problem Analysis PPDP over infinite trajectory streams How to apply ε-dp to PPDP of infinite trajectory streams? depends on what we want to protect! 21

Problem Analysis PPDP over infinite trajectory streams How to apply ε-dp to PPDP of infinite trajectory streams? depends on what we want to protect!

22 Problem Analysis PPDP over infinite trajectory streams How to apply ε-dp to PPDP of infinite trajectory streams? depends on what we want to protect! Two naive methods: (1) to protect data of each one timestamp. (2) to protect each user s data of all timestamps. However, it is not safe that protecting only 1 data point uid tim loc. u1 t1 e park u3 t1 park u2 t2 bar u3 t2 office u3 t3 gym u1 t5 bar u2 t5 park u3 t5 bar (a) raw data ε ε ε ε ε t1 t2 t3 t4 t5 u1 park bar u2 bar park u3 park office gym bar (b) trajectory representation of raw data risk locs t1 t2 t3 t4 t5 park office bar gym (c) raw statistics 22

23 Problem Analysis PPDP over infinite trajectory streams How to apply ε-dp to PPDP of infinite trajectory streams? depends on what we want to protect! Two naive methods: (1) to protect data of each one timestamp. (2) to protect each user s data of all timestamps. However, it is unrealistic for infinite trajectory streams uid tim loc. u1 t1 e park u3 t1 park u2 t2 bar u3 t2 office u3 t3 gym u1 t5 bar u2 t5 park u3 t5 bar (a) raw data ε ε ε t1 t2 t3 t4 t5 u1 park bar u2 bar park u3 park office gym bar (b) trajectory representation of raw data risk locs t1 t2 t3 t4 t5 park office bar gym (c) raw statistics 23

24 Problem Analysis PPDP over infinite trajectory streams How to apply ε-dp to PPDP of infinite trajectory streams? depends on what we want to protect! Two naive methods: (1) to protect data of each one timestamp. (2) to protect each user s data of all timestamps. Using Laplace Mechanism [4] as sub-procedure: uid tim loc. u1 t1 e park u3 t1 park u2 t2 bar u3 t2 office u3 t3 gym u1 t5 bar u2 t5 park u3 t5 bar (a) raw data ε ε ε t1 t2 t3 t4 t5 u1 park bar u2 bar park u3 park office gym bar (b) trajectory representation of raw data risk locs t1 t2 t3 t4 t5 park office bar gym (c) raw statistics [4] C. Dwork, et al., Calibrating Noise to Sensitivity in Private Data Analysis, TCC

25 Problem Analysis PPDP over infinite trajectory streams How to apply ε-dp to PPDP of infinite trajectory streams? depends on what we want to protect! Two naive methods: (1) to protect data of each one timestamp. (2) to protect each user s data of all timestamps. Using Laplace Mechanism [4] as sub-procedure: risk locs t1 t2 t3 t4 t5 park office bar gym (c) raw statistics adding special Laplace noise to counts PPDP algo. A locs t1 t2 t3 t4 t5 park office bar gym (c) ε-dp statistics [4] C. Dwork, et al., Calibrating Noise to Sensitivity in Private Data Analysis, TCC

26 Problem Analysis PPDP over infinite trajectory streams How to apply ε-dp to PPDP of infinite trajectory streams? depends on what we want to protect! Two naive methods: (1) to protect data of each one timestamp. (2) to protect each user s data of all timestamps. Our observation: In real-life, individuals may have different requirements on privacy. ε ε ε ε ε t1 t2 t3 t4 t5 u1 park bar u2 bar park u3 park office gym bar (1) protecting any one patiotemporal data point ε ε ε t1 t2 t3 t4 t5 u1 park bar u2 bar park u3 park office gym bar (2) protecting all length of trajectories 26

27 Problem Analysis PPDP over infinite trajectory streams How to apply ε-dp to PPDP of infinite trajectory streams? depends on what we want to protect! Two naive methods: (1) to protect data of each one timestamp. (2) to protect each user s data of all timestamps. Our observation: In real-life, individuals may have different requirements on privacy. 2-trajectory 3-trajectory ll1 ll2 ll3 privacy preference of user i overall privacy : ε t1 t2 t3 t4 t5 u1 park bar u2 bar park u3 park office gym bar (our method) to protect any ll-trajectory ll successive spatio-temporal data points 27

28 Related work Differential Privacy on finite streams (1) to protect data of each one timestamp. event-level privacy [8] (2) to protect each user s data of all timestamps. user-level privacy [8] FAST [7]: Laplace + Kalman filter (predict/correct the noisy data) Differential Privacy on infinite streams w-event privacy [6] [6]G. Kellaris et al, Differentially Private Event Sequences over Infinite Streams, VLDB 14. [7]L. Fan et al, FAST: Differentially Private Real-time Aggregate Monitor with Filtering and Adaptive Sampling, SIGMOD 13. [8] C. Dwork, Differential Privacy in New Settings., SODA, pp ,

29 Related work Differential Privacy on finite streams (1) to protect data of each one timestamp. event-level privacy [8] (2) to protect each user s data of all timestamps. user-level privacy [8] FAST [7]: Laplace + Kalman filter (predict/correct the noisy data) Differential Privacy on infinite streams w-event privacy [6] ε ε ε ε ε t1 t2 t3 t4 t5 u1 park bar u2 bar park u3 park office gym bar (1) event-level privacy ε ε ε t1 t2 t3 t4 t5 u1 park bar u2 bar park u3 park office gym bar (2) user-level privacy [7]L. Fan et al, FAST: Differentially Private Real-time Aggregate Monitor with Filtering and Adaptive Sampling, SIGMOD 13. [8] C. Dwork, Differential Privacy in New Settings., SODA, pp ,

30 Related work Differential Privacy on finite streams (1) to protect data of each one timestamp. event-level privacy [8] (2) to protect each user s data of all timestamps. user-level privacy [8] FAST [7]: Laplace + Kalman filter (predict/correct the noisy data) Differential Privacy on infinite streams w-event privacy [6] t1 t2 t3 t4 t5 u1 park bar u2 bar park u3 park office gym bar ll-trajectory privacy(ll=3) (this study) t1 t2 t3 t4 t5 u1 park bar u2 bar park u3 park office gym bar w-event privacy (w=3) [6] [6]G. Kellaris et al, Differentially Private Event Sequences over Infinite Streams, VLDB

31 Outline Motivation: opportunity & privacy risk Problem definition and analysis Proposed solution Experiment result Conclusion & Future work 31

32 Overview of our solution A rigorous and flexible privacy model: ll-trajectory privacy Challenge: proof of how to achieve it ll1 ll2 ll3 PPDP algorithm to publish counts in real-time. u 1 u 2 u 3 Challenge: real-time & infinite streams design a Greedy Algorithm (GA) to dynamically add noise at each timestamp; Challenge: to much noise re-publish the noisy data with Minimum Manhattan Distance (MMD) to the current data ll-trajectory PPDP algorithm privacy model t1 t2 t3 t4 t5 pa ba rk r ba pa r rk pa rk offi ce gy ba m r (b) Infinite trajectories risk loc t t t t t par offi bar gy (c) raw statistics Laplace Mechanism re-publish strategy loc t t t t t par offi bar gy (c) l-trajectory private data 32

33 Overview of our solution A rigorous and flexible privacy model: ll-trajectory privacy Challenge: proof of how to achieve it by DP mechanism ll1 ll2 ll3 PPDP algorithm to publish counts in real-time. u 1 u 2 u 3 Challenge: real-time & infinite streams design a Greedy Algorithm (GA) to dynamically add noise at each timestamp; Challenge: to much noise re-publish the noisy data with Minimum Manhattan Distance (MMD) to the current data ll-trajectory PPDP algorithm privacy model t1 t2 t3 t4 t5 pa ba rk r ba pa r rk pa rk offi ce gy ba m r (b) Infinite trajectories risk loc t t t t t par offi bar gy (c) raw statistics Laplace Mechanism re-publish strategy loc t t t t t par offi bar gy (c) l-trajectory private data 33

34 Overview of our solution A rigorous and flexible privacy model: ll-trajectory privacy Challenge: proof of how to achieve it by DP mechanism ll1 ll2 ll3 PPDP algorithm to publish counts in real-time. u 1 u 2 u 3 Challenge: real-time & infinite streams design a Greedy Algorithm (GA) to dynamically add noise at each timestamp; Challenge: to much noise re-publish the noisy data with Minimum Manhattan Distance (MMD) to the current data ll-trajectory PPDP algorithm privacy model t1 t2 t3 t4 t5 pa ba rk r ba pa r rk pa rk offi ce gy ba m r (b) Infinite trajectories risk loc t t t t t par offi bar gy (c) raw statistics Laplace Mechanism GA re-publish strategy loc t t t t t par offi bar gy (c) l-trajectory private data 34

35 Overview of our solution A rigorous and flexible privacy model: ll-trajectory privacy Challenge: proof of how to achieve it by DP mechanism ll1 ll2 ll3 PPDP algorithm to publish counts in real-time. u 1 u 2 u 3 Challenge: real-time & infinite streams design a Greedy Algorithm (GA) to dynamically add noise at each timestamp; Challenge: to much noise re-publish the noisy data with Minimum Manhattan Distance (MMD) to the current data ll-trajectory PPDP algorithm privacy model t1 t2 t3 t4 t5 pa ba rk r ba pa r rk pa rk offi ce gy ba m r (b) Infinite trajectories risk loc t t t t t par offi bar gy (c) raw statistics Laplace Mechanism GA re-publish strategy MMD loc t t t t t par offi bar gy (c) l-trajectory private data 35

36 Overview of our solution A rigorous and flexible privacy model: ll-trajectory privacy Challenge: proof of how to achieve it by DP mechanism ll1 ll2 ll3 PPDP algorithm to publish counts in real-time. u 1 u 2 u 3 Challenge: real-time & infinite streams design a Greedy Algorithm (GA) to dynamically add noise at each timestamp; Challenge: to much noise re-publish the noisy data with Minimum Manhattan Distance (MMD) to the current data ll-trajectory PPDP algorithm privacy model t1 t2 t3 t4 t5 pa ba rk r ba pa r rk pa rk offi ce gy ba m r (b) Infinite trajectories risk loc t t t t t par offi bar gy (c) raw statistics Laplace Mechanism GA re-publish strategy MMD loc t t t t t par offi bar gy (c) l-trajectory private data 36

37 How to achieve ll-trajectory privacy We proved that how to achieve it by conventional DP mechanisms (e.g., Laplace/Exponential mechanism) ε i is privacy budget variables at each ti the sum of ε i at timestamp i of any ll-trajectory should be less than ε uid tim loc. u1 t1 e park t1 t2 t3 t4 t5 u3 t1 park u2 t2 bar u1 park bar ll1 u3 t2 office u2 bar park ll2 u3 t3 gym u1 t5 bar u3 park office gym bar ll3 u2 t5 park u3 t5 bar (a) raw data privacy budget variables: ε1 ε2 ε3 ε4 ε5 (b) trajectory representation of raw data locs t1 t2 t3 t4 t5 park office bar gym (c) raw statistics risk 37

38 How to achieve ll-trajectory privacy We proved that how to achieve it by conventional DP mechanisms (e.g., Laplace/Exponential mechanism) ε i is privacy budget variables at each ti the sum of ε i at timestamp i of any ll-trajectory should be less than ε ε1+ε5 ε ε1+ε2+ε3 ε uid tim loc. u1 t1 e park u3 t1 park u2 t2 bar u3 t2 office u3 t3 gym u1 t5 bar u2 t5 park u3 t5 bar (a) raw data privacy budget variables: ε1 ε2 ε3 ε4 ε5 t1 t2 t3 t4 t5 u1 park bar ll1 u2 bar park ll2 u3 park office gym bar ll3 (b) trajectory representation of raw data ε2+ε5 ε ε2+ε3+ε5 ε locs t1 t2 t3 t4 t5 park office bar gym (c) raw statistics risk 38

39 uid tim loc. u1 t1 e park u3 t1 park u2 t2 bar u3 t2 office u3 t3 gym u1 t5 bar u2 t5 park u3 t5 bar (a) raw data How to achieve ll-trajectory privacy We proved that how to achieve it by conventional DP mechanisms (e.g., Laplace/Exponential mechanism) If we know all data in advance: ε i is privacy budget variables at each ti using Linear Programming the sum of ε i at timestamp i of any Maximize: ll-trajectory should be less than ε ε1+ε5 ε ε1+ε2+ε3 ε privacy budget variables: ε2+ε5 ε ε1 ε2 ε3 ε4 ε5 ε2+ε3+ε5 ε t1 t2 t3 t4 t5 u1 park bar ll1 u2 bar park ll2 u3 park office gym bar ll3 (b) trajectory representation of raw data approximate Maximum Utility locs t1 t2 t3 t4 t5 park office bar gym (c) raw statistics risk 39

40 How to achieve ll-trajectory privacy We proved that how to achieve it by conventional DP mechanisms (e.g., Laplace/Exponential mechanism) If we know all data in advance: privacy budget variables ε However, we need: i at each ti using Real-time Linear publishing Programming & the sum of ε i at timestamp i of any for Maximize: ll-trajectory Infinite streams should be less than ε ε1+ε5 ε ε1+ε2+ε3 ε privacy budget variables: ε2+ε5 ε ε1 ε2 ε3 ε4 ε5 ε2+ε3+ε5 ε uid tim loc. u1 t1 e park u3 t1 park u2 t2 bar u3 t2 office u3 t3 gym u1 t5 bar u2 t5 park u3 t5 bar (a) raw data t1 t2 t3 t4 t5 u1 park bar ll1 u2 bar park ll2 u3 park office gym bar ll3 (b) trajectory representation of raw data locs t1 t2 t3 t4 t5 park office bar gym (c) raw statistics risk 40

41 How to achieve ll-trajectory privacy We proved that how to achieve it by conventional DP mechanisms (e.g., Laplace/Exponential mechanism) privacy budget variables ε i at each ti the sum of ε i at timestamp i of any ll-trajectory should be less than ε ε1+ε5 ε? ε1+ε2+ε3 ε privacy budget variables: ε2+ε5 ε? ε1 ε2 ε3 ε4 ε5 ε2+ε3+ε5 ε? uid tim loc. u1 t1 e park u3 t1 park u2 t2 bar u3 t2 office u3 t3 gym u1 t5 bar u2 t5 park u3 t5 bar (a) raw data t1 t2 t3 t4 t5 u1 park bar ll1 u2 bar park ll2 u3 park office gym bar ll3 (b) trajectory representation of raw data locs t1 t2 t3 t4 t5 park office bar gym (c) raw statistics risk 41

42 PPDP algorithm: GA GA: Greedy Algorithm to get approximately optimal ε i by incomplete information uid tim loc. u1 t1 e park u3 t1 park u2 t2 bar u3 t2 office u3 t3 gym u1 t5 bar u2 t5 park u3 t5 bar (a) raw data privacy budget variables: ε1 ε2 ε3 ε4 ε5 t1 t2 t3 t4 t5 u1 park bar ll1 u2 bar park ll2 u3 park office gym bar ll3 (b) trajectory representation of raw data ε1+ε5 ε? ε1+ε2+ε3 ε ε2+ε5 ε? ε2+ε3+ε5 ε? locs t1 t2 t3 t4 t5 park office bar gym (c) raw statistics risk 42

43 PPDP algorithm: GA GA: Greedy Algorithm to get approximately optimal ε i by incomplete information idea: exponential decay (1) set? =0, then compute ε3=w (2) use w/2 as the value of ε3 (reserve w/2 for? ) uid tim loc. u1 t1 e park u3 t1 park u2 t2 bar u3 t2 office u3 t3 gym u1 t5 bar u2 t5 park u3 t5 bar (a) raw data privacy budget variables: ε1 ε2 ε3 ε4 ε5 t1 t2 t3 t4 t5 u1 park bar ll1 u2 bar park ll2 u3 park office gym bar ll3 (b) trajectory representation of raw data ε1+ε5 ε? ε1+ε2+ε3 ε ε2+ε5 ε? ε2+ε3+ε5 ε? locs t1 t2 t3 t4 t5 park office bar gym (c) raw statistics risk 43

44 PPDP algorithm: MMD Republishing strategy to improve data utility of counts idea: in real-life data, the data has periodically repeated pattern re-publish Adjacent noisy (Adj) data (has been studied in [6]) re-publish noisy data who is holding Minimum Manhattan Distance (MMD) to real data of current timestamp (using Exponential Mechanism[5]) published noisy data n1 ~ nt-1 the current real data rt counts time= nmmd or nadj [5] F. McSherry and K. Talwar, Mechanism Design via Differential Privacy, FOCS, [6]G. Kellaris et al, Differentially Private Event Sequences over Infinite Streams, VLDB

Personalized privacy control Proposed framework dynamic budget allocation (GA) Private Approximation strategy PPDP framework collected database at timestamp t ε 1 ε t-1 us 1 us t n 1 n t-1 r t GA

45 Personalized privacy control Proposed framework dynamic budget allocation (GA) Private Approximation strategy PPDP framework collected database at timestamp t ε 1 ε t-1 us 1 us t n 1 n t-1 r t GA Dynamic Budget Allocation set of uids us t real statistics r t ε t,1 ε t,2 D t Private Approximation Strategy Private Publishing stream Adj or MMD Private publishing ε t private statistics n t capable of publishing diverse statistical data over infinite trajectory streams Adj / MMD is optimized for counts publishing 45

46 Outline Motivation: opportunity & privacy risk Problem definition and analysis Proposed solution Experiment result Future work 46

47 Experiments Four real-life trajectory datasets Desc. PeopleFlow 1 Geolife 2 T-Drive 3 WorldCup98 4 people moving; people moving; diverse type of mobility; sparse;beijing taxis moving; Beijing webpage click streams Locs. Amt ,000 users Amt. 11, , ,762 TimeStamps Amt. 1,694 1, Interval of TS 5 mins 1 min 10 mins 1 hour Length of TS 6 days 24 hours* ~7 days ~35 days Datapoints Amt. 102, ,990 37,255 1,258, *.Aggregating 50,176 hours timestamps to 24 hours by omitting the date. 47

48 Experiments Budget Allocation Approximation Strategy realtime Utility Evaluation Uniform uniformly X O bad LP Approximately global optimised X X normal GA+Adj dynamically republish Adj O better GA+MMD dynamically republish MMD O Best FAST fix [7] uniformly _ O better,not stable [7]L. Fan et al, FAST: Differentially Private Real-time Aggregate Monitor with Filtering and Adaptive Sampling, SIGMOD

49 Experiments Real data v.s. Noisy data(ll=20,ε=1) real data GA+MMD FAST Uniform PeopleFlow counts real data GA+MMD FAST [7] timestamp

Experiments Metrics Mean of Absolute Error (MAE) MAE(R, N) = 1 T * locs T locs i=1 j=1 r i [ j] n i [ j] All of them are the lower, the better Mean of Square Error (MSE) sensitivity to large error

50 Experiments Metrics Mean of Absolute Error (MAE) MAE(R, N) = 1 T * locs T locs i=1 j=1 r i [ j] n i [ j] All of them are the lower, the better Mean of Square Error (MSE) sensitivity to large error MSE(R, N) = 1 T * locs T locs i=1 j=1 r i [ j] n i [ j] 2 KL-divergence similarity of two distribution (the lower the more similar ) D KL (R N) = 1 T T locs! ln r i[ j] * $ # & r " n i [ j] * i [ j] * % i=1 j=1 50

51 Experiments MAE/MSE by varying ll (ε=1) PeopleFlow Geolife T-Drive WorldCup98 1E+03 1E+02 UNIFORM FAST GA+Adj GA+MMD 1E+03 1E+02 UNIFORM FAST GA+Adj GA+MMD 1E+03 1E+02 UNIFORM FAST GA+Adj GA+MMD 1E+03 1E+02 UNIFORM FAST GA+Adj GA+MMD MAE 1E+01 1E+01 1E+01 1E+01 1E+00 1E E E ll ll ll ll PeopleFlow Geolife T-Drive WorldCup98 1E+06 1E+05 Uniform GA+Adj FAST GA+MMD 1E+06 1E+05 Uniform GA+Adj FAST GA+MMD 1E+06 1E+05 Uniform GA+Adj FAST GA+MMD 1E+06 1E+05 Uniform GA+Adj FAST GA+MMD MSE 1E+04 1E+03 1E+04 1E+03 1E+04 1E+03 1E+04 1E+03 1E+02 1E+02 1E+02 1E+02 1E+01 1E ll 1E ll 1E ll ll 51

52 Experiments MAE/MSE by varying ε (ll=20) PeopleFlow Geolife T-Drive WorldCup98 1E+06 1E+05 1E+04 UNIFORM FAST GA+Adj GA+MMD 1E+06 1E+04 UNIFORM FAST GA+Adj GA+MMD 1E+06 1E+04 UNIFORM FAST GA+Adj GA+MMD 1E+06 1E+04 UNIFORM FAST GA+Adj GA+MMD MAE 1E+03 1E+02 1E+02 1E+02 1E+02 1E+01 1E+00 1E+00 1E+00 1E E E E E ε ε ε ε PeopleFlow Geolife T-Drive WorldCup98 1E+12 1E+09 UNIFORM FAST GA+Adj GA+MMD 1E+12 1E+08 UNIFORM FAST GA+Adj GA+MMD 1E+12 1E+09 UNIFORM FAST GA+Adj GA+MMD 1E+12 1E+09 UNIFORM FAST GA+Adj GA+MMD MSE 1E+06 1E+06 1E+06 1E+03 1E+04 1E+03 1E+03 1E+00 1E+00 1E+00 1E E E E E ε ε ε ε 52

53 Outline Motivation: opportunity & privacy risk Problem definition and analysis Proposed solution Experiment result Conclusion & Future work 53

Conclusion Proposed a rigorous and flexible privacy model for spatio-temporal data: l-trajectory privacy; Personal Data application: PPDM Privacy Models business model: privacy as

54 Conclusion Proposed a rigorous and flexible privacy model for spatio-temporal data: l-trajectory privacy; Personal Data application: PPDM Privacy Models business model: privacy as services/money PPDP algorithms PPDM algorithms PPDP Framework for spatio-temporal data; safe OpenData safe MiningResult Algorithms GA+MMD for publishing private counts with high utility in real-time. 54

55 Future Work Improve algorithm GA+MMD for private counts the counts should be non-negative & integer More flexible privacy models ll-trajectory privacy Location-based privacy model PPDP/ PPDM for mining personal spatio-temporal data 55

56 Thank you! Any question? 56

Modeling Data Correlations in Private Data Mining with Markov Model and Markov Networks. Yang Cao Emory University

Modeling Data Correlations in Private Data Mining with Markov Model and Markov Networks Yang Cao Emory University 207..5 Outline Data Mining with Differential Privacy (DP) Scenario: Spatiotemporal Data