Personalized Privacy-Preserving Publication of Trajectory Data by Generalization and Distortion of Moving Points

With the rising prevalence of location-aware devices such as mobile phones, Radio-Frequency Identification (RFID) tags, and Global Positioning Systems (GPSs), the amount of trajectory data is significantly increasing, resulting in various data mining applications. Improper publication of trajectory data may jeopardize the privacy of moving objects, so trajectories ought to be anonymized before making them accessible to the public. Many existing approaches for privacy-preserving publication of trajectory data provide only the same level of privacy protection for all moving objects, whereas different moving objects may require different amounts of privacy protection. In this paper, we address this issue by presenting WINR2D, a novel clustering-based approach for privacy-preserving publication of trajectory data. Being based on the concept of personalized privacy, the aim of WINR2D is to anonymize trajectories to some extent so that an adversary having some background knowledge cannot uniquely identify a specific trajectory, but with a maximum probability inversely proportional to the privacy protection requirement of the moving object that produced it. In doing so, we first assign a privacy level to each trajectory based on the privacy protection requirement of its moving object and then partition all the trajectories into a set of clusters based on a greedy strategy. Each cluster is created such that its size is proportional to the highest privacy level of trajectories within it. Eventually, we anonymize the trajectories of each cluster and generate a set of anonymized trajectories containing generalized and distorted moving points. Our experimental results show that WINR2D achieves a reasonable trade-off between the conflicting goals of data utility and data privacy according to the privacy protection requirements of moving objects.