De-anonymization attack on geolocated data

Sébastien Gambs; Marc Olivier Killijian; Miguel Núñez Del Prado Cortez

doi:10.1016/j.jcss.2014.04.024

De-anonymization attack on geolocated data

Sébastien Gambs, Marc Olivier Killijian, Miguel Núñez Del Prado Cortez

Research output: Contribution to journal › Article in a journal › peer-review

114 Scopus citations

Abstract

With the advent of GPS-equipped devices, a massive amount of location data is being collected, raising the issue of the privacy risks incurred by the individuals whose movements are recorded. In this work, we focus on a specific inference attack called the de-anonymization attack, by which an adversary tries to infer the identity of a particular individual behind a set of mobility traces. More specifically, we propose an implementation of this attack based on a mobility model called Mobility Markov Chain (MMC). An MMC is built out from the mobility traces observed during the training phase and is used to perform the attack during the testing phase. We design several distance metrics quantifying the closeness between two MMCs and combine these distances to build de-anonymizers that can re-identify users. Experiments conducted on real datasets demonstrate that the attack is both accurate and resilient to sanitization mechanisms.

Original language	English
Pages (from-to)	1597-1614
Number of pages	18
Journal	Journal of Computer and System Sciences
Volume	80
Issue number	8
DOIs	https://doi.org/10.1016/j.jcss.2014.04.024
State	Published - Dec 2014
Externally published	Yes

Keywords

De-anonymization
Geolocation
Inference attack
Privacy

Access to Document

10.1016/j.jcss.2014.04.024

Cite this

@article{a5dca84941ab460d87cf191149ba7652,

title = "De-anonymization attack on geolocated data",

abstract = "With the advent of GPS-equipped devices, a massive amount of location data is being collected, raising the issue of the privacy risks incurred by the individuals whose movements are recorded. In this work, we focus on a specific inference attack called the de-anonymization attack, by which an adversary tries to infer the identity of a particular individual behind a set of mobility traces. More specifically, we propose an implementation of this attack based on a mobility model called Mobility Markov Chain (MMC). An MMC is built out from the mobility traces observed during the training phase and is used to perform the attack during the testing phase. We design several distance metrics quantifying the closeness between two MMCs and combine these distances to build de-anonymizers that can re-identify users. Experiments conducted on real datasets demonstrate that the attack is both accurate and resilient to sanitization mechanisms.",

keywords = "De-anonymization, Geolocation, Inference attack, Privacy, De-anonymization, Geolocation, Inference attack, Privacy",

author = "S{\'e}bastien Gambs and Killijian, {Marc Olivier} and {N{\'u}{\~n}ez Del Prado Cortez}, Miguel",

year = "2014",

month = dec,

doi = "10.1016/j.jcss.2014.04.024",

language = "English",

volume = "80",

pages = "1597--1614",

number = "8",

}

TY - JOUR

T1 - De-anonymization attack on geolocated data

AU - Gambs, Sébastien

AU - Killijian, Marc Olivier

AU - Núñez Del Prado Cortez, Miguel

PY - 2014/12

Y1 - 2014/12

N2 - With the advent of GPS-equipped devices, a massive amount of location data is being collected, raising the issue of the privacy risks incurred by the individuals whose movements are recorded. In this work, we focus on a specific inference attack called the de-anonymization attack, by which an adversary tries to infer the identity of a particular individual behind a set of mobility traces. More specifically, we propose an implementation of this attack based on a mobility model called Mobility Markov Chain (MMC). An MMC is built out from the mobility traces observed during the training phase and is used to perform the attack during the testing phase. We design several distance metrics quantifying the closeness between two MMCs and combine these distances to build de-anonymizers that can re-identify users. Experiments conducted on real datasets demonstrate that the attack is both accurate and resilient to sanitization mechanisms.

AB - With the advent of GPS-equipped devices, a massive amount of location data is being collected, raising the issue of the privacy risks incurred by the individuals whose movements are recorded. In this work, we focus on a specific inference attack called the de-anonymization attack, by which an adversary tries to infer the identity of a particular individual behind a set of mobility traces. More specifically, we propose an implementation of this attack based on a mobility model called Mobility Markov Chain (MMC). An MMC is built out from the mobility traces observed during the training phase and is used to perform the attack during the testing phase. We design several distance metrics quantifying the closeness between two MMCs and combine these distances to build de-anonymizers that can re-identify users. Experiments conducted on real datasets demonstrate that the attack is both accurate and resilient to sanitization mechanisms.

KW - De-anonymization

KW - Geolocation

KW - Inference attack

KW - Privacy

KW - De-anonymization

KW - Geolocation

KW - Inference attack

KW - Privacy

UR - https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=84905121759&origin=inward

UR - https://www.scopus.com/inward/citedby.uri?partnerID=HzOxMe3b&scp=84905121759&origin=inward

U2 - 10.1016/j.jcss.2014.04.024

DO - 10.1016/j.jcss.2014.04.024

M3 - Article in a journal

SN - 0022-0000

VL - 80

SP - 1597

EP - 1614

JO - Journal of Computer and System Sciences

JF - Journal of Computer and System Sciences

IS - 8

ER -

De-anonymization attack on geolocated data

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this