CN109104696A - A kind of method for protecting track privacy and system of the mobile subscriber based on difference privacy - Google Patents
A kind of method for protecting track privacy and system of the mobile subscriber based on difference privacy Download PDFInfo
- Publication number
- CN109104696A CN109104696A CN201810916399.6A CN201810916399A CN109104696A CN 109104696 A CN109104696 A CN 109104696A CN 201810916399 A CN201810916399 A CN 201810916399A CN 109104696 A CN109104696 A CN 109104696A
- Authority
- CN
- China
- Prior art keywords
- user
- privacy
- base station
- data
- time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/029—Location-based management or tracking services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04K—SECRET COMMUNICATION; JAMMING OF COMMUNICATION
- H04K3/00—Jamming of communication; Counter-measures
- H04K3/80—Jamming or countermeasure characterized by its function
- H04K3/82—Jamming or countermeasure characterized by its function related to preventing surveillance, interception or detection
- H04K3/825—Jamming or countermeasure characterized by its function related to preventing surveillance, interception or detection by jamming
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/021—Services related to particular areas, e.g. point of interest [POI] services, venue services or geofences
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W64/00—Locating users or terminals or network equipment for network management purposes, e.g. mobility management
- H04W64/003—Locating users or terminals or network equipment for network management purposes, e.g. mobility management locating network equipment
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses the method for protecting track privacy of mobile subscriber based on difference privacy a kind of, and this method is applied to server, and acts on m communication base station L={ l1,l2,…lm, n user U={ u1,u2... unIn the mobile context that is constituted, wherein liIt indicates the position of i-th of communication base station, 1≤i≤m;ujIndicate j-th of user, 1≤j≤n, method includes the following steps: S1, initial phase;S2, data aggregate stage;S3, disturbance of data stage;S4, data publication stage.The invention also discloses the protecting track privacy systems of mobile subscriber based on difference privacy a kind of.The present invention is different from other schemes and is disturbed by the position to each user by disturbing to the user number that communication base station covers, and greatly reduces the use of privacy budget in this way, ensure that the availability of data, and reduces computing cost.
Description
Technical field
The present invention relates to Networks and information security technical field more particularly to a kind of mobile subscribers based on difference privacy
Method for protecting track privacy and system.
Background technique
With the rapid development of Internet technology, big data era is come along, and mobile device universal is so that the mankind
Mobile data can widely be collected by cellular network and mobile applications, and due to academic research and business
Purpose releases with being disclosed.However, a main problem of this data publication is how to protect the privacy of mobile subscriber?
In order to protect the privacy of user, data owner (operator) often can only issue the mobile data of polymerization, without
It is to provide the track record of each user, such as in specific timestamp, issues the number of users in base station range.This
The mobile statistical data of user after kind polymerization has very big practical valence in numerous applications such as traffic scheduling and busincess intelligence
Value.Importantly, these data set providers are thought mostly, the statistical data after this polymerization by publication can protect user
Privacy because opponent can not distinguish some specific user from aggregated data.
It is newest studies have shown that publication polymerization after user mobility statistical data may result in it is hidden in its motion track
Private leakage, this is primarily due to two key features present in mankind's moving process.Firstly, the Move Mode of single user has
There are continuity and systematicness, this makes the predictability for having height for the track of single user.Secondly, any one user
Move Mode and other users Move Mode it is significantly different, this enables opponent specifically to re-recognize out some user's
Track.Although being difficult therefrom to distinguish the record of each user, consecutive hours for the aggregated data under some timestamp
Between under, according to the mobility of above-mentioned user, so that it may recover the motion profile of user from aggregated data, and then therefrom
Reacquire the motion profile of specific user.So the track privacy problem of effective protection mobile device user is heavy to closing
It wants.
Summary of the invention
The object of the present invention is to provide the method for protecting track privacy of mobile subscriber based on difference privacy a kind of and
System protects the location privacy of user by using Laplce's mechanism in difference privacy, to prevent with any
Recovery of the opponent of background knowledge to the motion track of user.
The present invention is achieved by the following technical solutions: a kind of track privacy guarantor of the mobile subscriber based on difference privacy
Maintaining method, this method is applied to server, and acts on m communication base station L={ l1, l2... lm, n user U={ u1,
u2,…unIn the mobile context that is constituted, wherein liIt indicates the position of i-th of communication base station, 1≤i≤m;ujIt indicates j-th
User, 1≤j≤n, method includes the following steps:
S1, initial phase: as user ujInto communication base station liCoverage area in, the server of common carrier will
It will record the relevant information of lower user: the ID users after anonymization, the communication base station location information of access and access time
t;
S2, data aggregate stage: server by the relevant information for the user being collected into a period of time according to it is certain when
Between interval carry out statistics and convergence, extract the location information that each user in each period accesses most frequent communication base station,
And calculate the user's total number of persons for including in each communication base station under the period It indicates
Under time t, communication base station liUser's total number of persons of covering, 1≤i≤m;
S3, disturbance of data stage: according to the mobility of the mankind, day time stage, are divided time into the time in the evening
Stage and late night hours stage, pass throughCalculate each people from base station under each period
Several distribution situationsDifference privacy mechanism is quoted to the data under these three periodsCarry out different disturbance treatments;
S4, data publication stage: common carrier will treated dataIt releases.
As one of preferred embodiment of the invention, the data aggregate stage of the step S2 specifically includes following operation stream
Journey:
(1) period divides: according to the requirement of the resolution ratio to user's motion track, being drawn according to different time intervals
Point, time interval is bigger, then the resolution ratio of user's motion track is smaller;Time interval is smaller, and user's motion track is more accurate;
(2) position is extracted: after having divided time interval, user will appear one or more differences in some time interval
Communication base station access record, we will extract in these communication base stations at this time, when user accesses most frequent base station as this
Between user is accessed under section position;
(3) data statistics: by step (2), it is known that user is only possible to one communication of access under each timestamp
Base station, therefore calculate at timestamp t, each base station (l1,l2,…lm) area of coverage intra domain user access numberIt is hereby achieved that under real-time condition, in the overlay area of some each communication base station in area
The distribution situation of number of users, i.e. data set
As one of preferred embodiment of the invention, the disturbance of data stage of the step S3 is specifically included:
(1) during the day between under section, be set as between 7 points to 6 points at night of morning, the base stations position of user is in continuous
Update the state of transformation;Adjacent moment data set D at this timet-1And DtUser number distributional difference it is larger, we are to each time
Under data set DtIt is introduced directly into and meets ε-difference privacy Laplce's mechanism to add the disturbance for meeting laplacian distribution
Noise
(2) period at night is set as at night between 6 points to 11 points at night, the base stations location updating speed of user
It reduces;Adjacent moment data set D at this timet-1And DtUser number distribution still there is difference, but it is big when difference is in when and very
Small situation;
(3) period at dead of night is set as at night between 11 points to 7 points of morning, and the base stations position of user will not
It can change, at this time adjacent moment data set Dt-1And DtUser distribution difference it is almost unchanged;The track privacy of user is only used in
It can just be exposed in moving process, directly be issued at this time with initial data.
It as one of preferred embodiment of the invention, does not change to meet base station total number of persons n, in the step (1)
Disturbance treatment only is carried out to preceding m-1 base station, the noise vector that preceding m-1 base station introduces is Noisem-1=(x1,x2,…,
xm-1), the noise that m-th of base station is added is by the noise being added according to preceding m-1 base station and takes opposite number,
As one of preferred embodiment of the invention, in the step (2): as adjacent moment data set Dt-1And DtUse
In the biggish situation of family distributional difference, the data set D at current time need to be only calculatedtThe data released with the previous moment
Collect Dt-1Between distribution difference, and be compared with the fixed threshold T set, judge whether to disturb current data set
Dynamic processing;It therefore only need to be to partial data collection DtDisturbance treatment is carried out, and enabling the number for needing the data set D of disturbance treatment is C.
As one of preferred embodiment of the invention, following perturbation motion method is applied in the step (2) the period in the evening,
Its perturbation motion method the following steps are included:
(1) privacy budget allocation: before carrying out disturbance treatment to data set D, being first allocated privacy budget ε,
It is set to meet ε-difference privacy in entire disturbance of data processing stage;Enable ε=ε1+ε2, ε1It is pre- for the privacy in decision process
It calculates, and ε1=k ε, ε2It is for the privacy budget in data set D perturbation process;
(2) decision stage: in the process, the Laplce's mechanism for meeting difference privacy is taken to meet La Pula to add
The turbulent noise of this distributionCalculate noise thresholdAnd when current
The data set at quarterThe data set released with the previous momentBetween distribution difference noise figure
(3) stage is disturbed: forData set, introduce privacy budget beNoise, take
Meet Laplce's mechanism of difference privacy to add the turbulent noise for meeting laplacian distribution
Noisem-1=(x1,x2,…,xm-1),Calculate noise data collection
As one of preferred embodiment of the invention, in the decision stage of the step (2): when
It is then rightDisturbance treatment is carried out, is otherwise usedIt is issued instead of current time user location distribution, i.e.,
As one of preferred embodiment of the invention, in the disturbance stage of the step (3): when there are also remaining for privacy budget
When, the noise of remaining all privacy budgets is added at the last one moment;As privacy budget ε2It uses up, it will be with being finally distributed
Data set replaces subsequent set of data to be issued.
The invention also discloses the protecting track privacy system of mobile subscriber based on difference privacy a kind of, the system applications
In server, and act on m communication base station L={ l1, l2,…lm, n user U={ u1, u2,…unThe movement that is constituted
In scene, wherein liIt indicates the position of i-th of communication base station, 1≤i≤m;ujIndicate j-th of user, 1≤j≤n, the system
It comprises the following modules:
Initialization module: as user ujInto communication base station liCoverage area in, for the service by common carrier
Device records the relevant information of user: the ID users after anonymization, the communication base station location information of access and access time
t;
Data aggregate module: by server by the relevant information for the user being collected into a period of time according to it is certain when
Between interval carry out statistics and convergence, extract the location information that each user in each period accesses most frequent communication base station,
And calculate the user's total number of persons for including in each communication base station under the period It indicates
Under time t, communication base station liUser's total number of persons of covering, 1≤i≤m;
Disturbance of data module: according to the mobility of the mankind, for dividing time into day time stage, the time in the evening
Stage and late night hours stage, and pass throughCalculate each base station under each period
The distribution situation of numberDifference privacy mechanism is quoted to the data under these three periodsCarry out different disturbance treatments;
Data publication module: for by common carrier treated dataIt issues out
It goes.
The present invention compared with prior art the advantages of be:
(1) present invention is by disturbing the user number that communication base station covers, and be different from other schemes by pair
The position of each user disturbs, and greatly reduces the use of privacy budget in this way, ensure that the availability of data, and subtracts
Small computing cost;
(2) present invention is to be put forward for the first time the aggregated data information based on communication base station, is protected using difference privacy mechanism
The motion track of user is protected, and the noise introduced defers to the constant principle of communication base station covering total number of persons, and it is extensive to increase opponent
The difficulty of multiple user trajectory;
(3) present invention is according to adjacent moment data set D under different time sectionst-1And DtUser number distribution difference it is special
Point will divide day time stage, evening time phase and late night hours stage the time, under these three periods, quote
Difference privacy mechanism carries out different disturbance treatments.
Detailed description of the invention
Fig. 1 is the application scenarios schematic diagram of the embodiment of the present invention 1;
Fig. 2 is the main reality of the method for protecting track privacy of the mobile subscriber based on difference privacy of the embodiment of the present invention 1
Apply flow chart of steps;
Fig. 3 is the aggregated data distribution map that the embodiment of the present invention 1 at a time descends communication base station covering number.
Specific embodiment
It elaborates below to the embodiment of the present invention, the present embodiment carries out under the premise of the technical scheme of the present invention
Implement, the detailed implementation method and specific operation process are given, but protection scope of the present invention is not limited to following implementation
Example.
Embodiment 1
Referring to Fig. 1-3: in order to protect track privacy of the user of mobile device in communication process not will be leaked, this reality
The method for protecting track privacy of mobile subscriber based on difference privacy of example a kind of is applied, this method is applied to server, and acts on
In m communication base station L={ l1,l2,…lm, n user U={ u1,u2,…unIn the mobile context that is constituted, wherein liIts
Indicate the position of i-th of communication base station, 1≤i≤m;ujIndicate j-th of user, 1≤j≤n, as user ujIn base station liCover
In cover area, base station l will be passed throughiSignal is transmitted, association requests service is obtained;The server on backstage will collect user ujIt is a
People's location privacy information, and insincere third party is sent in a manner of aggregated data, method includes the following steps:
S1, initial phase: as user ujInto communication base station liCoverage area in, the server of common carrier will
It will record the relevant information of lower user: the ID users after anonymization, the communication base station location information of access and access time
t;Each user at any time can be within the coverage area of some ready-portioned communication base station, when user needs to request
When service, it will generate and communicate with base station, base station can be by the personally identifiable information of user, location information at this time, and access is logical
The time of letter base station records the server for being sent to backstage;
S2, data aggregate stage: server by the relevant information for the user being collected into a period of time according to it is certain when
Between interval carry out statistics and convergence, extract the location information that each user in each period accesses most frequent communication base station,
And calculate the user's total number of persons for including in each communication base station under the period It indicates
Under time t, communication base station liUser's total number of persons of covering, 1≤i≤m;The user information that server will be collected into a period of time
Statistics and convergence is carried out according to certain time interval, each user in each period is extracted and accesses most frequent communication base station
Location information, and calculate the user's total number of persons for including in each communication base station under the period;
S3, disturbance of data stage: according to the mobility of the mankind, day time stage, are divided time into the time in the evening
Stage and late night hours stage, pass throughCalculate each people from base station under each period
Several distribution situationsDifference privacy mechanism is quoted to the data under these three periodsCarry out different disturbance treatments;
S4, data publication stage: common carrier will treated dataIt releases.
Further, the data aggregate stage of the step S2 specifically includes following operating process:
(1) period divides: according to the requirement of the resolution ratio to user's motion track, being drawn according to different time intervals
Point, time interval is bigger, then the resolution ratio of user's motion track is smaller;Time interval is smaller, and user's motion track is more accurate;
(2) position is extracted: after having divided time interval, user will appear one or more differences in some time interval
Communication base station access record, we will extract in these communication base stations at this time, when user accesses most frequent base station as this
Between user is accessed under section position;
(3) data statistics: by step (2), it is known that user is only possible to one communication of access under each timestamp
Base station, therefore calculate at timestamp t, each base station (l1, l2... lm) area of coverage intra domain user access numberIt is hereby achieved that under real-time condition, in the overlay area of some each communication base station in area
The distribution situation of number of users, i.e. data set
Further, the disturbance of data stage of the step S3 specifically includes:
(1) during the day between under section, be set as between 7 points to 6 points at night of morning, the base stations position of user is in continuous
Update the state of transformation;Adjacent moment data set D at this timet-1And DtUser number distributional difference it is larger, we are to each time
Under data set DtIt is introduced directly into and meets ε-difference privacy Laplce's mechanism to add the disturbance for meeting laplacian distribution
Noise
(2) period at night is set as at night between 6 points to 11 points at night, the base stations location updating speed of user
It reduces;Adjacent moment data set D at this timet-1And DtUser number distribution still there is difference, but it is big when difference is in when and very
Small situation;
(3) period at dead of night is set as at night between 11 points to 7 points of morning, and the base stations position of user will not
It can change, at this time adjacent moment data set Dt-1And DtUser distribution difference it is almost unchanged;The track privacy of user is only used in
It can just be exposed in moving process, directly be issued at this time with initial data.
Further, do not change to meet base station total number of persons n, in the step (1) only to preceding m-1 base station into
Row disturbance treatment, the noise vector that preceding m-1 base station introduces are Noisem-1=(x1,x2..., xm-1), what m-th of base station was added
Noise is by the noise being added according to preceding m-1 base station and takes opposite number,
Further, in the step (2): as adjacent moment data set Dt-1And DtUser distribution differ greatly
In the case of, can location track privacy to user generate threat, need to only calculate the data set D at current timetWith it is previous when
Carve the data set D releasedt-1Between distribution difference, and be compared, judge whether pair with the fixed threshold T set
Current data set carries out disturbance treatment;It therefore only need to be to partial data collection DtDisturbance treatment is carried out, and enables and needs disturbance treatment
The number of data set D is C.
Further, in the step (2) the period in the evening apply following perturbation motion method, perturbation motion method include with
Lower step:
(1) privacy budget allocation: before carrying out disturbance treatment to data set D, being first allocated privacy budget ε,
It is set to meet ε-difference privacy in entire disturbance of data processing stage;Enable ε=ε1+ε2, ε1It is pre- for the privacy in decision process
It calculates, and ε1=k ε, ε2It is for the privacy budget in data set D perturbation process;
(2) decision stage: in the process, the Laplce's mechanism for meeting difference privacy is taken to meet La Pula to add
The turbulent noise of this distributionCalculate noise thresholdAnd when current
The data set at quarterThe data set released with the previous momentBetween distribution difference noise figure
(3) stage is disturbed: forData set, introduce privacy budget beNoise, take satisfaction
Laplce's mechanism of difference privacy adds the turbulent noise for meeting laplacian distributionNoisem-1
=(x1,x2,…,xm-1),Calculate noise data collection
Further, in the decision stage of the step (2): whenIt is then rightIt is disturbed
Processing, is otherwise usedIt is issued instead of current time user location distribution, i.e.,
Further, in the disturbance stage of the step (3): when privacy budget is also remaining, at the last one
Carve the noise that remaining all privacy budgets are added;As privacy budget ε2It uses up, will be replaced with the data set being finally distributed subsequent
Data set is issued.
The present embodiment also discloses the protecting track privacy system of mobile subscriber based on difference privacy a kind of, which answers
For server, and act on m communication base station L={ l1,l2,…lm, n user U={ u1,u2,…unThe shifting that is constituted
It moves in scene, wherein liIt indicates the position of i-th of communication base station, 1≤i≤m;ujIndicate j-th of user, 1≤j≤n, this is
System comprises the following modules:
Initialization module: as user ujInto communication base station liCoverage area in, for the service by common carrier
Device records the relevant information of user: the ID users after anonymization, the communication base station location information of access and access time
t;
Data aggregate module: by server by the relevant information for the user being collected into a period of time according to it is certain when
Between interval carry out statistics and convergence, extract the location information that each user in each period accesses most frequent communication base station,
And calculate the user's total number of persons for including in each communication base station under the period It indicates
Under time t, communication base station liUser's total number of persons of covering, 1≤i≤m;
Disturbance of data module: according to the mobility of the mankind, for dividing time into day time stage, the time in the evening
Stage and late night hours stage, and pass throughCalculate each base station under each period
The distribution situation of numberDifference privacy mechanism is quoted to the data under these three periodsCarry out different disturbance treatments;
Data publication module: for by common carrier treated dataIt issues out
It goes.
In order to preferably be easy to understand, assume that there are 7 user U={ u as shown in Figure 1:1,u2,u3,u4,u5,u6,u7, 3
A communication base station L={ l1,l2,l3};When each user is when sending request service by base station, communication base station can should
The relevant information of user is sent to server, and is stored in server in a manner of record;For example, user u1In base station l1's
When requesting service in overlay area, server end will store a record
Server end will carry out aggregate statistics according to the data record being collected into, in t1In time range, server discovery
User u1There are 3 access records, respectively Table
Show user u1Have accessed communication base station l1Twice, communication base station l is had accessed2Once, base station l most with access times at this time1Make
For user u1In t1The base station location accessed in period.Accordingly, other users are found out respectively in t1The base station accessed in period
Position generates data setSimilarly generate t2Data set under time t3Data set under timeTo can get data set
IfFor the data set under day time period, to the data set D under each timetDirectly draw
Enter to meet ε-difference privacy Laplce's mechanism to add the turbulent noise for meeting laplacian distributionFor
Meeting base station total number of persons does not change, and only carries out disturbance treatment to preceding 2 base stations, and the noise vector that the one before base station introduces is
Noise2=(x1, x2)=(1,2), the noise that m-th of base station is added is by the noise being added according to preceding 2 base stations and takes opposite number,
x3=-x1-x2=-3.
IfFor the data set under, then for the data set under first time the period in the eveningIt introduces Laplce's mechanism and carries out disturbance treatment, add noise
Noise2=(x1, x2)=(1,0), x3=-1 can get For next time
t2Under data setIt carries out judging whether to need disturbance treatment.It calculates separately out and fixes
The noise figure of threshold value T, andWithBetween distance noise figure, need to introduce Laplce's mechanism generation noiseNoise threshold Noise distance
WhenWhen, noise is added in reference second layer Laplce mechanismIt is available IfThenSame method can be with
It obtains
IfFor the data set under, then without any disturbance treatment the period in the evening.
In above-mentioned example, day time period is directly to have used the Laplacian noise for meeting difference privacy mechanism
It carries out directly plus makes an uproar.And period at night, use Laplce's mechanism in difference privacy twice, first layer Laplce
In mechanism, after carrying out disturbance treatment to fixed threshold T, then it is compared and judges whether to execute second layer Laplce mechanism, it is right
Current data set DiIt carries out plus makes an uproar.According to Laplce's mechanism difference privacy, first layer Laplce's mechanism meets ε1Difference is hidden
Private, second layer Laplce's mechanism meet ε2Difference privacy.According to associativity, entire mechanism meets ε+ε1+ε2Difference privacy,
Delete any one user base stations record on the data set finally issued without what influence, therefore attacker according to
The result of publication can not restore the motion track of user, realize the track privacy of mobile subscriber during issuing aggregated data
Protection.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention
Made any modifications, equivalent replacements, and improvements etc., should all be included in the protection scope of the present invention within mind and principle.
Claims (9)
1. a kind of method for protecting track privacy of the mobile subscriber based on difference privacy, which is characterized in that this method is applied to clothes
Business device, and act on m communication base station L={ l1, l2... lm, n user U={ u1, u2... unThe moving field that is constituted
Jing Zhong, wherein liIt indicates the position of i-th of communication base station, 1≤i≤m;ujIndicate j-th of user, 1≤j≤n, this method packet
Include following steps:
S1, initial phase: as user ujInto communication base station liCoverage area in, the server of common carrier will be remembered
Record the relevant information of lower user: the ID users after anonymization, the communication base station location information and access time t of access;
S2, data aggregate stage: server is by the relevant information for the user being collected into a period of time according between the regular hour
Every carrying out statistics and convergence, extracts each user in each period and access the location information of most frequent communication base station, and count
Calculate the user's total number of persons for including in each communication base station under the period Indicate time t
Under, user's total number of persons of communication base station li covering, 1≤i≤m;
S3, disturbance of data stage: according to the mobility of the mankind, day time stage, evening time phase are divided time into
And the late night hours stage, pass throughCalculate point of each base station number under each period
Cloth situationDifference privacy mechanism is quoted to the data under these three periodsCarry out different disturbance treatments;
S4, data publication stage: common carrier will treated dataIt releases.
2. the method for protecting track privacy of the mobile subscriber according to claim 1 based on difference privacy, which is characterized in that
The data aggregate stage of the step S2 specifically includes following operating process:
(1) period divides: according to the requirement of the resolution ratio to user's motion track, divided according to different time intervals,
Time interval is bigger, then the resolution ratio of user's motion track is smaller;Time interval is smaller, and user's motion track is more accurate;
(2) position is extracted: after having divided time interval, user will appear one or more different communications in some time interval
Base stations record, we will extract in these communication base stations at this time, and user accesses most frequent base station as the period
The position that lower user is accessed;
(3) data statistics: by step (2), it is known that user is only possible to one communication base of access under each timestamp
It stands, therefore calculates at timestamp t, each base station (l1, l2... lm) area of coverage intra domain user access numberIt is hereby achieved that under real-time condition, in the overlay area of some each communication base station in area
The distribution situation of number of users, i.e. data set
3. the method for protecting track privacy of the mobile subscriber according to claim 1 based on difference privacy, which is characterized in that
The disturbance of data stage of the step S3 specifically includes:
(1) during the day between under section, be set as between 7 points to 6 points at night of morning, the base stations position of user is in constantly updating
The state of transformation;Adjacent moment data set D at this timet-1And DtUser number distributional difference it is larger, we are under each time
Data set DtIt is introduced directly into and meets ε-difference privacy Laplce's mechanism to add the turbulent noise for meeting laplacian distribution
(2) period at night is set as at night between 6 points to 11 points at night, and the base stations location updating speed of user reduces;
Adjacent moment data set D at this timet-1And DtUser number distribution still there is difference, but it is big when difference is in when and very little
Situation;
(3) period at dead of night is set as at night between 11 points to 7 points of morning, and the base stations position of user will not be sent out
Changing, at this time adjacent moment data set Dt-1And DtUser distribution difference it is almost unchanged;The track privacy of user is only used in movement
It can just be exposed in the process, directly be issued at this time with initial data.
4. the method for protecting track privacy of the mobile subscriber according to claim 3 based on difference privacy, which is characterized in that
It does not change to meet base station total number of persons n, disturbance treatment, preceding m-1 only is carried out to preceding m-1 base station in the step (1)
The noise vector that a base station introduces is Noisem-1=(x1, x2..., xm-1), the noise that m-th of base station is added will be according to preceding m-1
The noise and take opposite number that a base station is added,
5. the method for protecting track privacy of the mobile subscriber according to claim 3 based on difference privacy, which is characterized in that
In the step (2): as adjacent moment data set Dt-1And DtUser distribution differ greatly in the case where, only need to calculate
The data set D at current timetThe data set D released with the previous momentt-1Between distribution difference, and with set
Fixed threshold T is compared, and judges whether to carry out disturbance treatment to current data set;It therefore only need to be to partial data collection DtIt carries out
Disturbance treatment, and enabling the number for needing the data set D of disturbance treatment is C.
6. the method for protecting track privacy of the mobile subscriber according to claim 3 based on difference privacy, which is characterized in that
In the step (2) the period in the evening apply following perturbation motion method, perturbation motion method the following steps are included:
(1) privacy budget allocation: before carrying out disturbance treatment to data set D, privacy budget ε is allocated first, makes it
Meet ε-difference privacy in entire disturbance of data processing stage;Enable ε=ε1+ε2, ε1Be for the privacy budget in decision process,
And ε1=k ε, ε2It is for the privacy budget in data set D perturbation process;
(2) decision stage: in the process, the Laplce's mechanism for meeting difference privacy is taken to add and meet Laplce point
The turbulent noise of clothCalculate noise thresholdAnd the number at current time
According to collectionThe data set released with the previous momentBetween distribution difference noise figure
(3) stage is disturbed: forData set, introduce privacy budget beNoise, take meet it is poor
Laplce's mechanism of point privacy adds the turbulent noise for meeting laplacian distributionNoisem-1=
(x1, x2..., xm-1),Calculate noise data collection
7. the method for protecting track privacy of the mobile subscriber according to claim 6 based on difference privacy, which is characterized in that
In the decision stage of the step (2): whenIt is then rightDisturbance treatment is carried out, is otherwise usedInstead of
Current time user location distribution is issued, i.e.,
8. the method for protecting track privacy of the mobile subscriber according to claim 6 based on difference privacy, which is characterized in that
In the disturbance stage of the step (3): when privacy budget there are also it is remaining when, be added at the last one moment remaining all hidden
The noise of private budget;As privacy budget ε2It uses up, subsequent set of data will be replaced to issue with the data set being finally distributed.
9. a kind of protecting track privacy system of -8 any mobile subscribers based on difference privacy according to claim 1,
It is characterized in that, the system is applied to server, and act on m communication base station L={ l1, l2... lm, n user U=
{u1, u2... unIn the mobile context that is constituted, wherein liIt indicates the position of i-th of communication base station, 1≤i≤m;ujIt indicates
J-th of user, 1≤j≤n, the system comprise the following modules:
Initialization module: as user ujInto communication base station liCoverage area in, for being remembered by the server of common carrier
Record the relevant information of lower user: the ID users after anonymization, the communication base station location information and access time t of access;
Data aggregate module: by server by the relevant information for the user being collected into a period of time according between the regular hour
Every carrying out statistics and convergence, extracts each user in each period and access the location information of most frequent communication base station, and count
Calculate the user's total number of persons for including in each communication base station under the period Indicate time t
Under, communication base station liUser's total number of persons of covering, 1≤i≤m;
Disturbance of data module: according to the mobility of the mankind, for dividing time into day time stage, evening time phase
And the late night hours stage, and pass throughCalculate each base station number under each period
Distribution situationDifference privacy mechanism is quoted to the data under these three periodsCarry out different disturbance treatments;
Data publication module: for by common carrier treated dataIt releases.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810916399.6A CN109104696B (en) | 2018-08-13 | 2018-08-13 | Track privacy protection method and system for mobile user based on differential privacy |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810916399.6A CN109104696B (en) | 2018-08-13 | 2018-08-13 | Track privacy protection method and system for mobile user based on differential privacy |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109104696A true CN109104696A (en) | 2018-12-28 |
CN109104696B CN109104696B (en) | 2020-10-02 |
Family
ID=64849638
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810916399.6A Active CN109104696B (en) | 2018-08-13 | 2018-08-13 | Track privacy protection method and system for mobile user based on differential privacy |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109104696B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109670341A (en) * | 2018-12-29 | 2019-04-23 | 中山大学 | The method for secret protection that a kind of pair of structural data and semi-structured data combine |
CN110516476A (en) * | 2019-08-31 | 2019-11-29 | 贵州大学 | Geographical indistinguishable location privacy protection method based on frequent location classification |
CN110602631A (en) * | 2019-06-11 | 2019-12-20 | 东华大学 | Processing method and processing device for location data for resisting conjecture attack in LBS |
CN112580701A (en) * | 2020-12-09 | 2021-03-30 | 哈尔滨理工大学 | Mean value estimation method and device based on classification transformation disturbance mechanism |
CN113207120A (en) * | 2021-03-30 | 2021-08-03 | 郑州铁路职业技术学院 | Differential privacy method for collecting user real-time position information in mobile crowd sensing |
CN115017440A (en) * | 2022-05-31 | 2022-09-06 | 湖南大学 | Aggregated location data publishing method based on differential privacy protection |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104394509A (en) * | 2014-11-21 | 2015-03-04 | 西安交通大学 | High-efficiency difference disturbance location privacy protection system and method |
-
2018
- 2018-08-13 CN CN201810916399.6A patent/CN109104696B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104394509A (en) * | 2014-11-21 | 2015-03-04 | 西安交通大学 | High-efficiency difference disturbance location privacy protection system and method |
Non-Patent Citations (3)
Title |
---|
JIANG ZHANG,ET AL.: "PA-CRT: Chinese Remainder Theorem Based Conditional Privacy-preserving Authentication Scheme in Vehicular Ad-hoc Networks", 《JOURNAL OF LATEX CLASS FILES》 * |
ZHILI CHEN,ET AL.: "Differentially Private Aggregated Mobility Data Publication Using Moving Characteristics", 《ANONYMOUS SUBMISSION #231 TO ACM CCS 2019》 * |
张琳,等: "位置大数据服务中基于差分隐私的数据发布技术", 《通信学报》 * |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109670341A (en) * | 2018-12-29 | 2019-04-23 | 中山大学 | The method for secret protection that a kind of pair of structural data and semi-structured data combine |
CN110602631A (en) * | 2019-06-11 | 2019-12-20 | 东华大学 | Processing method and processing device for location data for resisting conjecture attack in LBS |
CN110516476A (en) * | 2019-08-31 | 2019-11-29 | 贵州大学 | Geographical indistinguishable location privacy protection method based on frequent location classification |
CN112580701A (en) * | 2020-12-09 | 2021-03-30 | 哈尔滨理工大学 | Mean value estimation method and device based on classification transformation disturbance mechanism |
CN112580701B (en) * | 2020-12-09 | 2022-07-12 | 哈尔滨理工大学 | Mean value estimation method and device based on classification transformation disturbance mechanism |
CN113207120A (en) * | 2021-03-30 | 2021-08-03 | 郑州铁路职业技术学院 | Differential privacy method for collecting user real-time position information in mobile crowd sensing |
CN115017440A (en) * | 2022-05-31 | 2022-09-06 | 湖南大学 | Aggregated location data publishing method based on differential privacy protection |
CN115017440B (en) * | 2022-05-31 | 2024-05-07 | 湖南大学 | Aggregation position data release method based on differential privacy protection |
Also Published As
Publication number | Publication date |
---|---|
CN109104696B (en) | 2020-10-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109104696A (en) | A kind of method for protecting track privacy and system of the mobile subscriber based on difference privacy | |
Wu et al. | Constructing dummy query sequences to protect location privacy and query privacy in location-based services | |
De Mulder et al. | Identification via location-profiling in GSM networks | |
Chow et al. | Casper* query processing for location services without compromising privacy | |
Dewri et al. | Query m-invariance: Preventing query disclosures in continuous location-based services | |
CN108234493A (en) | The space-time crowdsourcing statistical data dissemination method of secret protection under insincere server | |
CN101834858A (en) | Trust and replacement-based privacy information protection method in data sharing | |
CN109743323A (en) | A kind of Resources Sharing based on block chain technology | |
CN105095447A (en) | Distributed w-event differential privacy infinite streaming data distribution method | |
CN104680072A (en) | Personalized track data privacy protection method based on semantics | |
Fang et al. | Privatebus: Privacy identification and protection in large-scale bus wifi systems | |
CN111353173A (en) | Sensitive tag track data publishing method using graph difference privacy model | |
Palanisamy et al. | Effective mix-zone anonymization techniques for mobile travelers | |
Zhang et al. | The location privacy protection research in location-based service | |
To et al. | A Hilbert-based framework for preserving privacy in location-based services | |
Li et al. | A cloaking algorithm based on spatial networks for location privacy | |
Han et al. | Privacy Protection Algorithm for the Internet of Vehicles Based on Local Differential Privacy and Game Model. | |
Wu et al. | Vehicle-based secure location clustering for IoT-equipped building and facility management in smart city | |
Khodaei et al. | Privacy Preservation through Uniformity | |
CN110750806A (en) | TP-MFSA (TP-Multi-function document analysis) inhibition release-based high-dimensional position track data privacy protection release system and method | |
CN108921514A (en) | A kind of enterprise mobile working system Internet-based | |
Yang et al. | High performance computing and communications | |
Al-Dhubhani et al. | A framework for preserving location privacy for continuous queries | |
Xu et al. | No more than what I post: Preventing linkage attacks on check-in services | |
Atluri et al. | Efficient security policy enforcement in a location based service environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |