@article {990, title = {A risk model for privacy in trajectory data}, journal = {Journal of Trust Management}, volume = {2}, number = {1}, year = {2015}, pages = {9}, abstract = {Time sequence data relating to users, such as medical histories and mobility data, are good candidates for data mining, but often contain highly sensitive information. Different methods in privacy-preserving data publishing are utilised to release such private data so that individual records in the released data cannot be re-linked to specific users with a high degree of certainty. These methods provide theoretical worst-case privacy risks as measures of the privacy protection that they offer. However, often with many real-world data the worst-case scenario is too pessimistic and does not provide a realistic view of the privacy risks: the real probability of re-identification is often much lower than the theoretical worst-case risk. In this paper, we propose a novel empirical risk model for privacy which, in relation to the cost of privacy attacks, demonstrates better the practical risks associated with a privacy preserving data release. We show detailed evaluation of the proposed risk model by using k-anonymised real-world mobility data and then, we show how the empirical evaluation of the privacy risk has a different trend in synthetic data describing random movements.}, doi = {10.1186/s40493-015-0020-6}, author = {Anirban Basu and Anna Monreale and Roberto Trasarti and Juan Camilo Corena and Fosca Giannotti and Dino Pedreschi and Shinsaku Kiyomoto and Yutaka Miyake and Tadashi Yanagihara} } @conference {637, title = {CF-inspired Privacy-Preserving Prediction of Next Location in the Cloud}, booktitle = {Cloud Computing Technology and Science (CloudCom), 2014 IEEE 6th International Conference on}, year = {2014}, publisher = {IEEE}, organization = {IEEE}, abstract = {Mobility data gathered from location sensors such as Global Positioning System (GPS) enabled phones and vehicles is valuable for spatio-temporal data mining for various location-based services (LBS). Such data is often considered sensitive and there exist many a mechanism for privacy preserving analyses of the data. Through various anonymisation mechanisms, it can be ensured with a high probability that a particular individual cannot be identified when mobility data is outsourced to third parties for analysis. However, challenges remain with the privacy of the queries on outsourced analysis results, especially when the queries are sent directly to third parties by end-users. Drawing inspiration from our earlier work in privacy preserving collaborative filtering (CF) and next location prediction, in this exploratory work, we propose a novel representation of trajectory data in the CF domain and experiment with a privacy preserving Slope One CF predictor. We present evaluations for the accuracy and the computational performance of our proposal using anonymised data gathered from real traffic data in the Italian cities of Pisa and Milan. One use-case is a third-party location-prediction-as-a-service deployed on a public cloud, which can respond to privacy-preserving queries while enabling data owners to build a rich predictor on the cloud. }, doi = {10.1109/CloudCom.2014.114}, url = {http://dx.doi.org/10.1109/CloudCom.2014.114}, author = {Anirban Basu and Juan Camilo Corena and Anna Monreale and Dino Pedreschi and Fosca Giannotti and Shinsaku Kiyomoto and Vaidya, Jaideep and Yutaka Miyake} } @conference {565, title = {A Privacy Risk Model for Trajectory Data}, booktitle = {Trust Management {VIII} - 8th {IFIP} {WG} 11.11 International Conference, {IFIPTM} 2014, Singapore, July 7-10, 2014. Proceedings}, year = {2014}, pages = {125{\textendash}140}, abstract = {Time sequence data relating to users, such as medical histories and mobility data, are good candidates for data mining, but often contain highly sensitive information. Different methods in privacy-preserving data publishing are utilised to release such private data so that individual records in the released data cannot be re-linked to specific users with a high degree of certainty. These methods provide theoretical worst-case privacy risks as measures of the privacy protection that they offer. However, often with many real-world data the worst-case scenario is too pessimistic and does not provide a realistic view of the privacy risks: the real probability of re-identification is often much lower than the theoretical worst-case risk. In this paper we propose a novel empirical risk model for privacy which, in relation to the cost of privacy attacks, demonstrates better the practical risks associated with a privacy preserving data release. We show detailed evaluation of the proposed risk model by using k-anonymised real-world mobility data.}, doi = {10.1007/978-3-662-43813-8_9}, url = {http://dx.doi.org/10.1007/978-3-662-43813-8_9}, author = {Anirban Basu and Anna Monreale and Juan Camilo Corena and Fosca Giannotti and Dino Pedreschi and Shinsaku Kiyomoto and Yutaka Miyake and Tadashi Yanagihara and Roberto Trasarti} }