Geoprivacy assessment

Appropriate assessment techniques are needed to analyze the efficiency of geoprivacy protection protocols and mechanisms. We focus here on assessment via inference attacks.

From the movements of an individual it is possible to infer his Point Of Interest (POIs) (such as his home and place of work), to predict his past, current and future locations, or even to infer his social network. Furthermore, we advocate that a simple signature of one’s mobility is enough to i) identify him and ii) learn most of this private information. We developed the Markov Mobility Chain mobility model (MMC) [GKP11], a probabilistic automaton, in which each state corresponds to one (or possibly several) POI, and an edge indicates a probabilistic transition between two states.

We proposed a wide range of inference attacks based on MMCs: next-place prediction [GKP12], learning the semantics of mobility, de-anonymization. Via a de-anonymization attack [GKP11], an adversary tries to infer the identity of a particular individual behind a set of mobility traces. Experiments conducted on real datasets demonstrate that the attack is both accurate and resilient to sanitization mechanisms such as downsampling. Moreover, we have developed GEPETO, for GEoPrivacy-Enhancing TOolkit, a flexible software that can be used to visualize, sanitize, perform the various inference attacks we developed and measure the utility of a particular geolocated dataset.



[GKP12] S. Gambs, M.O. Killijian, M.N. Prado Cortez: Next Place Prediction using Mobility Markov Chains. EuroSys 2012 Workshop on Measurement, Privacy, and Mobility (MPM), April 10, Bern, Switzerland, 2012

[GKP11] S. Gambs, M.O. Killijian, M.N. Prado Cortez. Show Me How You Move and I Will Tell You Who You Are. Transactions on Data Privacy 2011Transactions on Data Privacy 4:2, pp. 103 – 126, 2011.


Back to TSF Research Topics page