CN109104696A - A kind of method for protecting track privacy and system of the mobile subscriber based on difference privacy - Google Patents

A kind of method for protecting track privacy and system of the mobile subscriber based on difference privacy Download PDF

Info

Publication number
CN109104696A
CN109104696A CN201810916399.6A CN201810916399A CN109104696A CN 109104696 A CN109104696 A CN 109104696A CN 201810916399 A CN201810916399 A CN 201810916399A CN 109104696 A CN109104696 A CN 109104696A
Authority
CN
China
Prior art keywords
user
privacy
base station
data
time
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810916399.6A
Other languages
Chinese (zh)
Other versions
CN109104696B (en
Inventor
陈志立
阚晓立
张顺
仲红
崔杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anhui University
Original Assignee
Anhui University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui University filed Critical Anhui University
Priority to CN201810916399.6A priority Critical patent/CN109104696B/en
Publication of CN109104696A publication Critical patent/CN109104696A/en
Application granted granted Critical
Publication of CN109104696B publication Critical patent/CN109104696B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/029Location-based management or tracking services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/80Jamming or countermeasure characterized by its function
    • H04K3/82Jamming or countermeasure characterized by its function related to preventing surveillance, interception or detection
    • H04K3/825Jamming or countermeasure characterized by its function related to preventing surveillance, interception or detection by jamming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/021Services related to particular areas, e.g. point of interest [POI] services, venue services or geofences
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W64/00Locating users or terminals or network equipment for network management purposes, e.g. mobility management
    • H04W64/003Locating users or terminals or network equipment for network management purposes, e.g. mobility management locating network equipment

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses the method for protecting track privacy of mobile subscriber based on difference privacy a kind of, and this method is applied to server, and acts on m communication base station L={ l1,l2,…lm, n user U={ u1,u2... unIn the mobile context that is constituted, wherein liIt indicates the position of i-th of communication base station, 1≤i≤m;ujIndicate j-th of user, 1≤j≤n, method includes the following steps: S1, initial phase;S2, data aggregate stage;S3, disturbance of data stage;S4, data publication stage.The invention also discloses the protecting track privacy systems of mobile subscriber based on difference privacy a kind of.The present invention is different from other schemes and is disturbed by the position to each user by disturbing to the user number that communication base station covers, and greatly reduces the use of privacy budget in this way, ensure that the availability of data, and reduces computing cost.

Description

A kind of method for protecting track privacy and system of the mobile subscriber based on difference privacy
Technical field
The present invention relates to Networks and information security technical field more particularly to a kind of mobile subscribers based on difference privacy Method for protecting track privacy and system.
Background technique
With the rapid development of Internet technology, big data era is come along, and mobile device universal is so that the mankind Mobile data can widely be collected by cellular network and mobile applications, and due to academic research and business Purpose releases with being disclosed.However, a main problem of this data publication is how to protect the privacy of mobile subscriber?
In order to protect the privacy of user, data owner (operator) often can only issue the mobile data of polymerization, without It is to provide the track record of each user, such as in specific timestamp, issues the number of users in base station range.This The mobile statistical data of user after kind polymerization has very big practical valence in numerous applications such as traffic scheduling and busincess intelligence Value.Importantly, these data set providers are thought mostly, the statistical data after this polymerization by publication can protect user Privacy because opponent can not distinguish some specific user from aggregated data.
It is newest studies have shown that publication polymerization after user mobility statistical data may result in it is hidden in its motion track Private leakage, this is primarily due to two key features present in mankind's moving process.Firstly, the Move Mode of single user has There are continuity and systematicness, this makes the predictability for having height for the track of single user.Secondly, any one user Move Mode and other users Move Mode it is significantly different, this enables opponent specifically to re-recognize out some user's Track.Although being difficult therefrom to distinguish the record of each user, consecutive hours for the aggregated data under some timestamp Between under, according to the mobility of above-mentioned user, so that it may recover the motion profile of user from aggregated data, and then therefrom Reacquire the motion profile of specific user.So the track privacy problem of effective protection mobile device user is heavy to closing It wants.
Summary of the invention
The object of the present invention is to provide the method for protecting track privacy of mobile subscriber based on difference privacy a kind of and System protects the location privacy of user by using Laplce's mechanism in difference privacy, to prevent with any Recovery of the opponent of background knowledge to the motion track of user.
The present invention is achieved by the following technical solutions: a kind of track privacy guarantor of the mobile subscriber based on difference privacy Maintaining method, this method is applied to server, and acts on m communication base station L={ l1, l2... lm, n user U={ u1, u2,…unIn the mobile context that is constituted, wherein liIt indicates the position of i-th of communication base station, 1≤i≤m;ujIt indicates j-th User, 1≤j≤n, method includes the following steps:
S1, initial phase: as user ujInto communication base station liCoverage area in, the server of common carrier will It will record the relevant information of lower user: the ID users after anonymization, the communication base station location information of access and access time t;
S2, data aggregate stage: server by the relevant information for the user being collected into a period of time according to it is certain when Between interval carry out statistics and convergence, extract the location information that each user in each period accesses most frequent communication base station, And calculate the user's total number of persons for including in each communication base station under the period It indicates Under time t, communication base station liUser's total number of persons of covering, 1≤i≤m;
S3, disturbance of data stage: according to the mobility of the mankind, day time stage, are divided time into the time in the evening Stage and late night hours stage, pass throughCalculate each people from base station under each period Several distribution situationsDifference privacy mechanism is quoted to the data under these three periodsCarry out different disturbance treatments;
S4, data publication stage: common carrier will treated dataIt releases.
As one of preferred embodiment of the invention, the data aggregate stage of the step S2 specifically includes following operation stream Journey:
(1) period divides: according to the requirement of the resolution ratio to user's motion track, being drawn according to different time intervals Point, time interval is bigger, then the resolution ratio of user's motion track is smaller;Time interval is smaller, and user's motion track is more accurate;
(2) position is extracted: after having divided time interval, user will appear one or more differences in some time interval Communication base station access record, we will extract in these communication base stations at this time, when user accesses most frequent base station as this Between user is accessed under section position;
(3) data statistics: by step (2), it is known that user is only possible to one communication of access under each timestamp Base station, therefore calculate at timestamp t, each base station (l1,l2,…lm) area of coverage intra domain user access numberIt is hereby achieved that under real-time condition, in the overlay area of some each communication base station in area The distribution situation of number of users, i.e. data set
As one of preferred embodiment of the invention, the disturbance of data stage of the step S3 is specifically included:
(1) during the day between under section, be set as between 7 points to 6 points at night of morning, the base stations position of user is in continuous Update the state of transformation;Adjacent moment data set D at this timet-1And DtUser number distributional difference it is larger, we are to each time Under data set DtIt is introduced directly into and meets ε-difference privacy Laplce's mechanism to add the disturbance for meeting laplacian distribution Noise
(2) period at night is set as at night between 6 points to 11 points at night, the base stations location updating speed of user It reduces;Adjacent moment data set D at this timet-1And DtUser number distribution still there is difference, but it is big when difference is in when and very Small situation;
(3) period at dead of night is set as at night between 11 points to 7 points of morning, and the base stations position of user will not It can change, at this time adjacent moment data set Dt-1And DtUser distribution difference it is almost unchanged;The track privacy of user is only used in It can just be exposed in moving process, directly be issued at this time with initial data.
It as one of preferred embodiment of the invention, does not change to meet base station total number of persons n, in the step (1) Disturbance treatment only is carried out to preceding m-1 base station, the noise vector that preceding m-1 base station introduces is Noisem-1=(x1,x2,…, xm-1), the noise that m-th of base station is added is by the noise being added according to preceding m-1 base station and takes opposite number,
As one of preferred embodiment of the invention, in the step (2): as adjacent moment data set Dt-1And DtUse In the biggish situation of family distributional difference, the data set D at current time need to be only calculatedtThe data released with the previous moment Collect Dt-1Between distribution difference, and be compared with the fixed threshold T set, judge whether to disturb current data set Dynamic processing;It therefore only need to be to partial data collection DtDisturbance treatment is carried out, and enabling the number for needing the data set D of disturbance treatment is C.
As one of preferred embodiment of the invention, following perturbation motion method is applied in the step (2) the period in the evening, Its perturbation motion method the following steps are included:
(1) privacy budget allocation: before carrying out disturbance treatment to data set D, being first allocated privacy budget ε, It is set to meet ε-difference privacy in entire disturbance of data processing stage;Enable ε=ε12, ε1It is pre- for the privacy in decision process It calculates, and ε1=k ε, ε2It is for the privacy budget in data set D perturbation process;
(2) decision stage: in the process, the Laplce's mechanism for meeting difference privacy is taken to meet La Pula to add The turbulent noise of this distributionCalculate noise thresholdAnd when current The data set at quarterThe data set released with the previous momentBetween distribution difference noise figure
(3) stage is disturbed: forData set, introduce privacy budget beNoise, take Meet Laplce's mechanism of difference privacy to add the turbulent noise for meeting laplacian distribution Noisem-1=(x1,x2,…,xm-1),Calculate noise data collection
As one of preferred embodiment of the invention, in the decision stage of the step (2): when It is then rightDisturbance treatment is carried out, is otherwise usedIt is issued instead of current time user location distribution, i.e.,
As one of preferred embodiment of the invention, in the disturbance stage of the step (3): when there are also remaining for privacy budget When, the noise of remaining all privacy budgets is added at the last one moment;As privacy budget ε2It uses up, it will be with being finally distributed Data set replaces subsequent set of data to be issued.
The invention also discloses the protecting track privacy system of mobile subscriber based on difference privacy a kind of, the system applications In server, and act on m communication base station L={ l1, l2,…lm, n user U={ u1, u2,…unThe movement that is constituted In scene, wherein liIt indicates the position of i-th of communication base station, 1≤i≤m;ujIndicate j-th of user, 1≤j≤n, the system It comprises the following modules:
Initialization module: as user ujInto communication base station liCoverage area in, for the service by common carrier Device records the relevant information of user: the ID users after anonymization, the communication base station location information of access and access time t;
Data aggregate module: by server by the relevant information for the user being collected into a period of time according to it is certain when Between interval carry out statistics and convergence, extract the location information that each user in each period accesses most frequent communication base station, And calculate the user's total number of persons for including in each communication base station under the period It indicates Under time t, communication base station liUser's total number of persons of covering, 1≤i≤m;
Disturbance of data module: according to the mobility of the mankind, for dividing time into day time stage, the time in the evening Stage and late night hours stage, and pass throughCalculate each base station under each period The distribution situation of numberDifference privacy mechanism is quoted to the data under these three periodsCarry out different disturbance treatments;
Data publication module: for by common carrier treated dataIt issues out It goes.
The present invention compared with prior art the advantages of be:
(1) present invention is by disturbing the user number that communication base station covers, and be different from other schemes by pair The position of each user disturbs, and greatly reduces the use of privacy budget in this way, ensure that the availability of data, and subtracts Small computing cost;
(2) present invention is to be put forward for the first time the aggregated data information based on communication base station, is protected using difference privacy mechanism The motion track of user is protected, and the noise introduced defers to the constant principle of communication base station covering total number of persons, and it is extensive to increase opponent The difficulty of multiple user trajectory;
(3) present invention is according to adjacent moment data set D under different time sectionst-1And DtUser number distribution difference it is special Point will divide day time stage, evening time phase and late night hours stage the time, under these three periods, quote Difference privacy mechanism carries out different disturbance treatments.
Detailed description of the invention
Fig. 1 is the application scenarios schematic diagram of the embodiment of the present invention 1;
Fig. 2 is the main reality of the method for protecting track privacy of the mobile subscriber based on difference privacy of the embodiment of the present invention 1 Apply flow chart of steps;
Fig. 3 is the aggregated data distribution map that the embodiment of the present invention 1 at a time descends communication base station covering number.
Specific embodiment
It elaborates below to the embodiment of the present invention, the present embodiment carries out under the premise of the technical scheme of the present invention Implement, the detailed implementation method and specific operation process are given, but protection scope of the present invention is not limited to following implementation Example.
Embodiment 1
Referring to Fig. 1-3: in order to protect track privacy of the user of mobile device in communication process not will be leaked, this reality The method for protecting track privacy of mobile subscriber based on difference privacy of example a kind of is applied, this method is applied to server, and acts on In m communication base station L={ l1,l2,…lm, n user U={ u1,u2,…unIn the mobile context that is constituted, wherein liIts Indicate the position of i-th of communication base station, 1≤i≤m;ujIndicate j-th of user, 1≤j≤n, as user ujIn base station liCover In cover area, base station l will be passed throughiSignal is transmitted, association requests service is obtained;The server on backstage will collect user ujIt is a People's location privacy information, and insincere third party is sent in a manner of aggregated data, method includes the following steps:
S1, initial phase: as user ujInto communication base station liCoverage area in, the server of common carrier will It will record the relevant information of lower user: the ID users after anonymization, the communication base station location information of access and access time t;Each user at any time can be within the coverage area of some ready-portioned communication base station, when user needs to request When service, it will generate and communicate with base station, base station can be by the personally identifiable information of user, location information at this time, and access is logical The time of letter base station records the server for being sent to backstage;
S2, data aggregate stage: server by the relevant information for the user being collected into a period of time according to it is certain when Between interval carry out statistics and convergence, extract the location information that each user in each period accesses most frequent communication base station, And calculate the user's total number of persons for including in each communication base station under the period It indicates Under time t, communication base station liUser's total number of persons of covering, 1≤i≤m;The user information that server will be collected into a period of time Statistics and convergence is carried out according to certain time interval, each user in each period is extracted and accesses most frequent communication base station Location information, and calculate the user's total number of persons for including in each communication base station under the period;
S3, disturbance of data stage: according to the mobility of the mankind, day time stage, are divided time into the time in the evening Stage and late night hours stage, pass throughCalculate each people from base station under each period Several distribution situationsDifference privacy mechanism is quoted to the data under these three periodsCarry out different disturbance treatments;
S4, data publication stage: common carrier will treated dataIt releases.
Further, the data aggregate stage of the step S2 specifically includes following operating process:
(1) period divides: according to the requirement of the resolution ratio to user's motion track, being drawn according to different time intervals Point, time interval is bigger, then the resolution ratio of user's motion track is smaller;Time interval is smaller, and user's motion track is more accurate;
(2) position is extracted: after having divided time interval, user will appear one or more differences in some time interval Communication base station access record, we will extract in these communication base stations at this time, when user accesses most frequent base station as this Between user is accessed under section position;
(3) data statistics: by step (2), it is known that user is only possible to one communication of access under each timestamp Base station, therefore calculate at timestamp t, each base station (l1, l2... lm) area of coverage intra domain user access numberIt is hereby achieved that under real-time condition, in the overlay area of some each communication base station in area The distribution situation of number of users, i.e. data set
Further, the disturbance of data stage of the step S3 specifically includes:
(1) during the day between under section, be set as between 7 points to 6 points at night of morning, the base stations position of user is in continuous Update the state of transformation;Adjacent moment data set D at this timet-1And DtUser number distributional difference it is larger, we are to each time Under data set DtIt is introduced directly into and meets ε-difference privacy Laplce's mechanism to add the disturbance for meeting laplacian distribution Noise
(2) period at night is set as at night between 6 points to 11 points at night, the base stations location updating speed of user It reduces;Adjacent moment data set D at this timet-1And DtUser number distribution still there is difference, but it is big when difference is in when and very Small situation;
(3) period at dead of night is set as at night between 11 points to 7 points of morning, and the base stations position of user will not It can change, at this time adjacent moment data set Dt-1And DtUser distribution difference it is almost unchanged;The track privacy of user is only used in It can just be exposed in moving process, directly be issued at this time with initial data.
Further, do not change to meet base station total number of persons n, in the step (1) only to preceding m-1 base station into Row disturbance treatment, the noise vector that preceding m-1 base station introduces are Noisem-1=(x1,x2..., xm-1), what m-th of base station was added Noise is by the noise being added according to preceding m-1 base station and takes opposite number,
Further, in the step (2): as adjacent moment data set Dt-1And DtUser distribution differ greatly In the case of, can location track privacy to user generate threat, need to only calculate the data set D at current timetWith it is previous when Carve the data set D releasedt-1Between distribution difference, and be compared, judge whether pair with the fixed threshold T set Current data set carries out disturbance treatment;It therefore only need to be to partial data collection DtDisturbance treatment is carried out, and enables and needs disturbance treatment The number of data set D is C.
Further, in the step (2) the period in the evening apply following perturbation motion method, perturbation motion method include with Lower step:
(1) privacy budget allocation: before carrying out disturbance treatment to data set D, being first allocated privacy budget ε, It is set to meet ε-difference privacy in entire disturbance of data processing stage;Enable ε=ε12, ε1It is pre- for the privacy in decision process It calculates, and ε1=k ε, ε2It is for the privacy budget in data set D perturbation process;
(2) decision stage: in the process, the Laplce's mechanism for meeting difference privacy is taken to meet La Pula to add The turbulent noise of this distributionCalculate noise thresholdAnd when current The data set at quarterThe data set released with the previous momentBetween distribution difference noise figure
(3) stage is disturbed: forData set, introduce privacy budget beNoise, take satisfaction Laplce's mechanism of difference privacy adds the turbulent noise for meeting laplacian distributionNoisem-1 =(x1,x2,…,xm-1),Calculate noise data collection
Further, in the decision stage of the step (2): whenIt is then rightIt is disturbed Processing, is otherwise usedIt is issued instead of current time user location distribution, i.e.,
Further, in the disturbance stage of the step (3): when privacy budget is also remaining, at the last one Carve the noise that remaining all privacy budgets are added;As privacy budget ε2It uses up, will be replaced with the data set being finally distributed subsequent Data set is issued.
The present embodiment also discloses the protecting track privacy system of mobile subscriber based on difference privacy a kind of, which answers For server, and act on m communication base station L={ l1,l2,…lm, n user U={ u1,u2,…unThe shifting that is constituted It moves in scene, wherein liIt indicates the position of i-th of communication base station, 1≤i≤m;ujIndicate j-th of user, 1≤j≤n, this is System comprises the following modules:
Initialization module: as user ujInto communication base station liCoverage area in, for the service by common carrier Device records the relevant information of user: the ID users after anonymization, the communication base station location information of access and access time t;
Data aggregate module: by server by the relevant information for the user being collected into a period of time according to it is certain when Between interval carry out statistics and convergence, extract the location information that each user in each period accesses most frequent communication base station, And calculate the user's total number of persons for including in each communication base station under the period It indicates Under time t, communication base station liUser's total number of persons of covering, 1≤i≤m;
Disturbance of data module: according to the mobility of the mankind, for dividing time into day time stage, the time in the evening Stage and late night hours stage, and pass throughCalculate each base station under each period The distribution situation of numberDifference privacy mechanism is quoted to the data under these three periodsCarry out different disturbance treatments;
Data publication module: for by common carrier treated dataIt issues out It goes.
In order to preferably be easy to understand, assume that there are 7 user U={ u as shown in Figure 1:1,u2,u3,u4,u5,u6,u7, 3 A communication base station L={ l1,l2,l3};When each user is when sending request service by base station, communication base station can should The relevant information of user is sent to server, and is stored in server in a manner of record;For example, user u1In base station l1's When requesting service in overlay area, server end will store a record
Server end will carry out aggregate statistics according to the data record being collected into, in t1In time range, server discovery User u1There are 3 access records, respectively Table Show user u1Have accessed communication base station l1Twice, communication base station l is had accessed2Once, base station l most with access times at this time1Make For user u1In t1The base station location accessed in period.Accordingly, other users are found out respectively in t1The base station accessed in period Position generates data setSimilarly generate t2Data set under time t3Data set under timeTo can get data set
IfFor the data set under day time period, to the data set D under each timetDirectly draw Enter to meet ε-difference privacy Laplce's mechanism to add the turbulent noise for meeting laplacian distributionFor Meeting base station total number of persons does not change, and only carries out disturbance treatment to preceding 2 base stations, and the noise vector that the one before base station introduces is Noise2=(x1, x2)=(1,2), the noise that m-th of base station is added is by the noise being added according to preceding 2 base stations and takes opposite number, x3=-x1-x2=-3.
IfFor the data set under, then for the data set under first time the period in the eveningIt introduces Laplce's mechanism and carries out disturbance treatment, add noise Noise2=(x1, x2)=(1,0), x3=-1 can get For next time t2Under data setIt carries out judging whether to need disturbance treatment.It calculates separately out and fixes The noise figure of threshold value T, andWithBetween distance noise figure, need to introduce Laplce's mechanism generation noiseNoise threshold Noise distance WhenWhen, noise is added in reference second layer Laplce mechanismIt is available IfThenSame method can be with It obtains
IfFor the data set under, then without any disturbance treatment the period in the evening.
In above-mentioned example, day time period is directly to have used the Laplacian noise for meeting difference privacy mechanism It carries out directly plus makes an uproar.And period at night, use Laplce's mechanism in difference privacy twice, first layer Laplce In mechanism, after carrying out disturbance treatment to fixed threshold T, then it is compared and judges whether to execute second layer Laplce mechanism, it is right Current data set DiIt carries out plus makes an uproar.According to Laplce's mechanism difference privacy, first layer Laplce's mechanism meets ε1Difference is hidden Private, second layer Laplce's mechanism meet ε2Difference privacy.According to associativity, entire mechanism meets ε+ε12Difference privacy, Delete any one user base stations record on the data set finally issued without what influence, therefore attacker according to The result of publication can not restore the motion track of user, realize the track privacy of mobile subscriber during issuing aggregated data Protection.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention Made any modifications, equivalent replacements, and improvements etc., should all be included in the protection scope of the present invention within mind and principle.

Claims (9)

1. a kind of method for protecting track privacy of the mobile subscriber based on difference privacy, which is characterized in that this method is applied to clothes Business device, and act on m communication base station L={ l1, l2... lm, n user U={ u1, u2... unThe moving field that is constituted Jing Zhong, wherein liIt indicates the position of i-th of communication base station, 1≤i≤m;ujIndicate j-th of user, 1≤j≤n, this method packet Include following steps:
S1, initial phase: as user ujInto communication base station liCoverage area in, the server of common carrier will be remembered Record the relevant information of lower user: the ID users after anonymization, the communication base station location information and access time t of access;
S2, data aggregate stage: server is by the relevant information for the user being collected into a period of time according between the regular hour Every carrying out statistics and convergence, extracts each user in each period and access the location information of most frequent communication base station, and count Calculate the user's total number of persons for including in each communication base station under the period Indicate time t Under, user's total number of persons of communication base station li covering, 1≤i≤m;
S3, disturbance of data stage: according to the mobility of the mankind, day time stage, evening time phase are divided time into And the late night hours stage, pass throughCalculate point of each base station number under each period Cloth situationDifference privacy mechanism is quoted to the data under these three periodsCarry out different disturbance treatments;
S4, data publication stage: common carrier will treated dataIt releases.
2. the method for protecting track privacy of the mobile subscriber according to claim 1 based on difference privacy, which is characterized in that The data aggregate stage of the step S2 specifically includes following operating process:
(1) period divides: according to the requirement of the resolution ratio to user's motion track, divided according to different time intervals, Time interval is bigger, then the resolution ratio of user's motion track is smaller;Time interval is smaller, and user's motion track is more accurate;
(2) position is extracted: after having divided time interval, user will appear one or more different communications in some time interval Base stations record, we will extract in these communication base stations at this time, and user accesses most frequent base station as the period The position that lower user is accessed;
(3) data statistics: by step (2), it is known that user is only possible to one communication base of access under each timestamp It stands, therefore calculates at timestamp t, each base station (l1, l2... lm) area of coverage intra domain user access numberIt is hereby achieved that under real-time condition, in the overlay area of some each communication base station in area The distribution situation of number of users, i.e. data set
3. the method for protecting track privacy of the mobile subscriber according to claim 1 based on difference privacy, which is characterized in that The disturbance of data stage of the step S3 specifically includes:
(1) during the day between under section, be set as between 7 points to 6 points at night of morning, the base stations position of user is in constantly updating The state of transformation;Adjacent moment data set D at this timet-1And DtUser number distributional difference it is larger, we are under each time Data set DtIt is introduced directly into and meets ε-difference privacy Laplce's mechanism to add the turbulent noise for meeting laplacian distribution
(2) period at night is set as at night between 6 points to 11 points at night, and the base stations location updating speed of user reduces; Adjacent moment data set D at this timet-1And DtUser number distribution still there is difference, but it is big when difference is in when and very little Situation;
(3) period at dead of night is set as at night between 11 points to 7 points of morning, and the base stations position of user will not be sent out Changing, at this time adjacent moment data set Dt-1And DtUser distribution difference it is almost unchanged;The track privacy of user is only used in movement It can just be exposed in the process, directly be issued at this time with initial data.
4. the method for protecting track privacy of the mobile subscriber according to claim 3 based on difference privacy, which is characterized in that It does not change to meet base station total number of persons n, disturbance treatment, preceding m-1 only is carried out to preceding m-1 base station in the step (1) The noise vector that a base station introduces is Noisem-1=(x1, x2..., xm-1), the noise that m-th of base station is added will be according to preceding m-1 The noise and take opposite number that a base station is added,
5. the method for protecting track privacy of the mobile subscriber according to claim 3 based on difference privacy, which is characterized in that In the step (2): as adjacent moment data set Dt-1And DtUser distribution differ greatly in the case where, only need to calculate The data set D at current timetThe data set D released with the previous momentt-1Between distribution difference, and with set Fixed threshold T is compared, and judges whether to carry out disturbance treatment to current data set;It therefore only need to be to partial data collection DtIt carries out Disturbance treatment, and enabling the number for needing the data set D of disturbance treatment is C.
6. the method for protecting track privacy of the mobile subscriber according to claim 3 based on difference privacy, which is characterized in that In the step (2) the period in the evening apply following perturbation motion method, perturbation motion method the following steps are included:
(1) privacy budget allocation: before carrying out disturbance treatment to data set D, privacy budget ε is allocated first, makes it Meet ε-difference privacy in entire disturbance of data processing stage;Enable ε=ε12, ε1Be for the privacy budget in decision process, And ε1=k ε, ε2It is for the privacy budget in data set D perturbation process;
(2) decision stage: in the process, the Laplce's mechanism for meeting difference privacy is taken to add and meet Laplce point The turbulent noise of clothCalculate noise thresholdAnd the number at current time According to collectionThe data set released with the previous momentBetween distribution difference noise figure
(3) stage is disturbed: forData set, introduce privacy budget beNoise, take meet it is poor Laplce's mechanism of point privacy adds the turbulent noise for meeting laplacian distributionNoisem-1= (x1, x2..., xm-1),Calculate noise data collection
7. the method for protecting track privacy of the mobile subscriber according to claim 6 based on difference privacy, which is characterized in that In the decision stage of the step (2): whenIt is then rightDisturbance treatment is carried out, is otherwise usedInstead of Current time user location distribution is issued, i.e.,
8. the method for protecting track privacy of the mobile subscriber according to claim 6 based on difference privacy, which is characterized in that In the disturbance stage of the step (3): when privacy budget there are also it is remaining when, be added at the last one moment remaining all hidden The noise of private budget;As privacy budget ε2It uses up, subsequent set of data will be replaced to issue with the data set being finally distributed.
9. a kind of protecting track privacy system of -8 any mobile subscribers based on difference privacy according to claim 1, It is characterized in that, the system is applied to server, and act on m communication base station L={ l1, l2... lm, n user U= {u1, u2... unIn the mobile context that is constituted, wherein liIt indicates the position of i-th of communication base station, 1≤i≤m;ujIt indicates J-th of user, 1≤j≤n, the system comprise the following modules:
Initialization module: as user ujInto communication base station liCoverage area in, for being remembered by the server of common carrier Record the relevant information of lower user: the ID users after anonymization, the communication base station location information and access time t of access;
Data aggregate module: by server by the relevant information for the user being collected into a period of time according between the regular hour Every carrying out statistics and convergence, extracts each user in each period and access the location information of most frequent communication base station, and count Calculate the user's total number of persons for including in each communication base station under the period Indicate time t Under, communication base station liUser's total number of persons of covering, 1≤i≤m;
Disturbance of data module: according to the mobility of the mankind, for dividing time into day time stage, evening time phase And the late night hours stage, and pass throughCalculate each base station number under each period Distribution situationDifference privacy mechanism is quoted to the data under these three periodsCarry out different disturbance treatments;
Data publication module: for by common carrier treated dataIt releases.
CN201810916399.6A 2018-08-13 2018-08-13 Track privacy protection method and system for mobile user based on differential privacy Active CN109104696B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810916399.6A CN109104696B (en) 2018-08-13 2018-08-13 Track privacy protection method and system for mobile user based on differential privacy

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810916399.6A CN109104696B (en) 2018-08-13 2018-08-13 Track privacy protection method and system for mobile user based on differential privacy

Publications (2)

Publication Number Publication Date
CN109104696A true CN109104696A (en) 2018-12-28
CN109104696B CN109104696B (en) 2020-10-02

Family

ID=64849638

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810916399.6A Active CN109104696B (en) 2018-08-13 2018-08-13 Track privacy protection method and system for mobile user based on differential privacy

Country Status (1)

Country Link
CN (1) CN109104696B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109670341A (en) * 2018-12-29 2019-04-23 中山大学 The method for secret protection that a kind of pair of structural data and semi-structured data combine
CN110516476A (en) * 2019-08-31 2019-11-29 贵州大学 Geographical indistinguishable location privacy protection method based on frequent location classification
CN110602631A (en) * 2019-06-11 2019-12-20 东华大学 Processing method and processing device for location data for resisting conjecture attack in LBS
CN112580701A (en) * 2020-12-09 2021-03-30 哈尔滨理工大学 Mean value estimation method and device based on classification transformation disturbance mechanism
CN113207120A (en) * 2021-03-30 2021-08-03 郑州铁路职业技术学院 Differential privacy method for collecting user real-time position information in mobile crowd sensing
CN115017440A (en) * 2022-05-31 2022-09-06 湖南大学 Aggregated location data publishing method based on differential privacy protection

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104394509A (en) * 2014-11-21 2015-03-04 西安交通大学 High-efficiency difference disturbance location privacy protection system and method

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104394509A (en) * 2014-11-21 2015-03-04 西安交通大学 High-efficiency difference disturbance location privacy protection system and method

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
JIANG ZHANG,ET AL.: "PA-CRT: Chinese Remainder Theorem Based Conditional Privacy-preserving Authentication Scheme in Vehicular Ad-hoc Networks", 《JOURNAL OF LATEX CLASS FILES》 *
ZHILI CHEN,ET AL.: "Differentially Private Aggregated Mobility Data Publication Using Moving Characteristics", 《ANONYMOUS SUBMISSION #231 TO ACM CCS 2019》 *
张琳,等: "位置大数据服务中基于差分隐私的数据发布技术", 《通信学报》 *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109670341A (en) * 2018-12-29 2019-04-23 中山大学 The method for secret protection that a kind of pair of structural data and semi-structured data combine
CN110602631A (en) * 2019-06-11 2019-12-20 东华大学 Processing method and processing device for location data for resisting conjecture attack in LBS
CN110516476A (en) * 2019-08-31 2019-11-29 贵州大学 Geographical indistinguishable location privacy protection method based on frequent location classification
CN112580701A (en) * 2020-12-09 2021-03-30 哈尔滨理工大学 Mean value estimation method and device based on classification transformation disturbance mechanism
CN112580701B (en) * 2020-12-09 2022-07-12 哈尔滨理工大学 Mean value estimation method and device based on classification transformation disturbance mechanism
CN113207120A (en) * 2021-03-30 2021-08-03 郑州铁路职业技术学院 Differential privacy method for collecting user real-time position information in mobile crowd sensing
CN115017440A (en) * 2022-05-31 2022-09-06 湖南大学 Aggregated location data publishing method based on differential privacy protection
CN115017440B (en) * 2022-05-31 2024-05-07 湖南大学 Aggregation position data release method based on differential privacy protection

Also Published As

Publication number Publication date
CN109104696B (en) 2020-10-02

Similar Documents

Publication Publication Date Title
CN109104696A (en) A kind of method for protecting track privacy and system of the mobile subscriber based on difference privacy
Wu et al. Constructing dummy query sequences to protect location privacy and query privacy in location-based services
De Mulder et al. Identification via location-profiling in GSM networks
Chow et al. Casper* query processing for location services without compromising privacy
Dewri et al. Query m-invariance: Preventing query disclosures in continuous location-based services
CN108234493A (en) The space-time crowdsourcing statistical data dissemination method of secret protection under insincere server
CN101834858A (en) Trust and replacement-based privacy information protection method in data sharing
CN109743323A (en) A kind of Resources Sharing based on block chain technology
CN105095447A (en) Distributed w-event differential privacy infinite streaming data distribution method
CN104680072A (en) Personalized track data privacy protection method based on semantics
Fang et al. Privatebus: Privacy identification and protection in large-scale bus wifi systems
CN111353173A (en) Sensitive tag track data publishing method using graph difference privacy model
Palanisamy et al. Effective mix-zone anonymization techniques for mobile travelers
Zhang et al. The location privacy protection research in location-based service
To et al. A Hilbert-based framework for preserving privacy in location-based services
Li et al. A cloaking algorithm based on spatial networks for location privacy
Han et al. Privacy Protection Algorithm for the Internet of Vehicles Based on Local Differential Privacy and Game Model.
Wu et al. Vehicle-based secure location clustering for IoT-equipped building and facility management in smart city
Khodaei et al. Privacy Preservation through Uniformity
CN110750806A (en) TP-MFSA (TP-Multi-function document analysis) inhibition release-based high-dimensional position track data privacy protection release system and method
CN108921514A (en) A kind of enterprise mobile working system Internet-based
Yang et al. High performance computing and communications
Al-Dhubhani et al. A framework for preserving location privacy for continuous queries
Xu et al. No more than what I post: Preventing linkage attacks on check-in services
Atluri et al. Efficient security policy enforcement in a location based service environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant