TY - JOUR T1 - A risk model for privacy in trajectory data JF - Journal of Trust Management Y1 - 2015 A1 - Anirban Basu A1 - Anna Monreale A1 - Roberto Trasarti A1 - Juan Camilo Corena A1 - Fosca Giannotti A1 - Dino Pedreschi A1 - Shinsaku Kiyomoto A1 - Yutaka Miyake A1 - Tadashi Yanagihara AB - Time sequence data relating to users, such as medical histories and mobility data, are good candidates for data mining, but often contain highly sensitive information. Different methods in privacy-preserving data publishing are utilised to release such private data so that individual records in the released data cannot be re-linked to specific users with a high degree of certainty. These methods provide theoretical worst-case privacy risks as measures of the privacy protection that they offer. However, often with many real-world data the worst-case scenario is too pessimistic and does not provide a realistic view of the privacy risks: the real probability of re-identification is often much lower than the theoretical worst-case risk. In this paper, we propose a novel empirical risk model for privacy which, in relation to the cost of privacy attacks, demonstrates better the practical risks associated with a privacy preserving data release. We show detailed evaluation of the proposed risk model by using k-anonymised real-world mobility data and then, we show how the empirical evaluation of the privacy risk has a different trend in synthetic data describing random movements. VL - 2 ER - TY - CONF T1 - CF-inspired Privacy-Preserving Prediction of Next Location in the Cloud T2 - Cloud Computing Technology and Science (CloudCom), 2014 IEEE 6th International Conference on Y1 - 2014 A1 - Anirban Basu A1 - Juan Camilo Corena A1 - Anna Monreale A1 - Dino Pedreschi A1 - Fosca Giannotti A1 - Shinsaku Kiyomoto A1 - Vaidya, Jaideep A1 - Yutaka Miyake AB - Mobility data gathered from location sensors such as Global Positioning System (GPS) enabled phones and vehicles is valuable for spatio-temporal data mining for various location-based services (LBS). Such data is often considered sensitive and there exist many a mechanism for privacy preserving analyses of the data. Through various anonymisation mechanisms, it can be ensured with a high probability that a particular individual cannot be identified when mobility data is outsourced to third parties for analysis. However, challenges remain with the privacy of the queries on outsourced analysis results, especially when the queries are sent directly to third parties by end-users. Drawing inspiration from our earlier work in privacy preserving collaborative filtering (CF) and next location prediction, in this exploratory work, we propose a novel representation of trajectory data in the CF domain and experiment with a privacy preserving Slope One CF predictor. We present evaluations for the accuracy and the computational performance of our proposal using anonymised data gathered from real traffic data in the Italian cities of Pisa and Milan. One use-case is a third-party location-prediction-as-a-service deployed on a public cloud, which can respond to privacy-preserving queries while enabling data owners to build a rich predictor on the cloud. JF - Cloud Computing Technology and Science (CloudCom), 2014 IEEE 6th International Conference on PB - IEEE UR - http://dx.doi.org/10.1109/CloudCom.2014.114 ER - TY - CONF T1 - A Privacy Risk Model for Trajectory Data T2 - Trust Management {VIII} - 8th {IFIP} {WG} 11.11 International Conference, {IFIPTM} 2014, Singapore, July 7-10, 2014. Proceedings Y1 - 2014 A1 - Anirban Basu A1 - Anna Monreale A1 - Juan Camilo Corena A1 - Fosca Giannotti A1 - Dino Pedreschi A1 - Shinsaku Kiyomoto A1 - Yutaka Miyake A1 - Tadashi Yanagihara A1 - Roberto Trasarti AB - Time sequence data relating to users, such as medical histories and mobility data, are good candidates for data mining, but often contain highly sensitive information. Different methods in privacy-preserving data publishing are utilised to release such private data so that individual records in the released data cannot be re-linked to specific users with a high degree of certainty. These methods provide theoretical worst-case privacy risks as measures of the privacy protection that they offer. However, often with many real-world data the worst-case scenario is too pessimistic and does not provide a realistic view of the privacy risks: the real probability of re-identification is often much lower than the theoretical worst-case risk. In this paper we propose a novel empirical risk model for privacy which, in relation to the cost of privacy attacks, demonstrates better the practical risks associated with a privacy preserving data release. We show detailed evaluation of the proposed risk model by using k-anonymised real-world mobility data. JF - Trust Management {VIII} - 8th {IFIP} {WG} 11.11 International Conference, {IFIPTM} 2014, Singapore, July 7-10, 2014. Proceedings UR - http://dx.doi.org/10.1007/978-3-662-43813-8_9 ER -