一种基于最优轨迹的假查询隐私保护机制

刘燕妮; 叶阿勇; 张强; 赵云涛

引用本文：

刘燕妮,叶阿勇,张强,赵云涛.一种基于最优轨迹的假查询隐私保护机制[J].信息安全学报,2023,8(6):110-120 [点击复制]
LIU Yanni,YE Ayong,ZHANG Qiang,ZHAO Yuntao.A Privacy Preserving Mechanism with False Queries Based on Optimal Trajectories[J].Journal of Cyber Security,2023,8(6):110-120 [点击复制]

本文已被：浏览 708次下载 795次	码上扫一扫！
一种基于最优轨迹的假查询隐私保护机制
刘燕妮^1,2, 叶阿勇^1,2, 张强^1,2, 赵云涛^1,2
0 字体:加大+\|默认\|缩小-
(1.福建师范大学计算机与网络空间安全学院福州中国 350117;2.福建省网络安全与密码技术重点实验室福州中国 350117)

摘要:

随着移动通信技术和无线传感器的发展, 基于位置服务的应用给我们的生活带来极大的便利。在实际使用中, 用户需要向不可信的LBS服务提供商发送自己的实时位置和相关的查询信息, 这可能会导致用户的个人隐私信息遭到泄露, 特别是在使用连续位置查询服务时, 服务提供商可以利用位置的时空相关性来构建用户的轨迹信息, 进而推断出用户的居住地址、公司位置等敏感信息。传统的位置隐私保护方法通常只考虑到当前位置, 在解决连续位置查询时存在挑战, 因此, 为了解决连续位置查询中难以权衡轨迹可用性与隐私性的问题, 提出一种基于最优位置轨迹的假查询隐私保护机制。首先, 通过真实轨迹和假轨迹间的互信息来度量轨迹的隐私, 解决轨迹隐私难以量化的问题。在此基础上, 提出一种基于马尔科夫链的轨迹互信息计算方法, 简化了轨迹互信息的计算过程,并使用两条轨迹上对应位置点间的欧几里距离来量化位置轨迹的可用性。其次, 考虑到生成的假轨迹可能并不符合用户的通行习惯, 容易被识别出来, 我们选择历史轨迹作为假轨迹。为了减少轨迹上位置点的数量, 使用四叉树法对路网区域进行划分, 将轨迹划分为不同的片段, 在相关约束条件下寻找最优的历史轨迹作为假轨迹, 从而保证使用的假轨迹更加真实、合理。最后, 实验结果表明,本文的方案可以最大程度的实现位置数据隐私性和可用性平衡, 与其他方案相比, 安全性更高、系统计算开销更少。

关键词: 隐私轨迹假查询互信息马尔科夫链

DOI：10.19363/J.cnki.cn10-1380/tn.2023.11.09

投稿时间：2022-03-27修订日期：2022-06-08

基金项目:本课题得到国家自然科学基金(No. 61972096, No. 61771140, No. 61872088, No. 61872090)、福建省高校产学合作项目(No. 2022H6025)资助。

A Privacy Preserving Mechanism with False Queries Based on Optimal Trajectories

LIU Yanni^1,2, YE Ayong^1,2, ZHANG Qiang^1,2, ZHAO Yuntao^1,2

(1.College of Computer and Cyber Security, Fujian Normal University, Fuzhou 350117, China;2.Fujian Provincial Key Laboratory of Network Security and Cryptology, Fuzhou 350117, China)

Abstract:

With the development of mobile communication technology and wireless sensor, the application of location-based services has brought great convenience to our life. In actual use, the user needs to send untrusted LBS service provider own real-time position and related query information, this can lead to a user's personal privacy information leakage, especially when using continuous location query service, service providers can take advantage of the location of the spatial and temporal correlation to build a track of user information. In turn, sensitive information such as the user's residential address and company location can be inferred. Traditional location privacy protection methods have challenges in solving continuous location query. Therefore, in order to solve the problem that it is difficult to balance trajectory availability and privacy in continuous location query, an optimal location trajectory based fake query privacy protection mechanism is proposed. Firstly, the privacy of trajectory is measured through the mutual information between real trajectory and false trajectory to solve the problem that trajectory privacy is difficult to quantify. On this basis, a method of track mutual information calculation based on Markov chain is proposed to simplify the calculation process of track mutual information, and the usability of the track is quantified by the Euclidean distance between the corresponding position points on two tracks. Secondly, considering that the generated false track may not conform to the user's traffic habits and be easily identified, we choose the historical track as the false track. In order to reduce the number of position points on the track, the quadtree method is used to divide the road network area and divide the track into different segments. Under relevant constraints, the optimal historical track is found as the false track, so as to ensure that the false track used is more realistic and reasonable. Finally, experimental results show that the proposed scheme can maximize the balance between privacy and availability of location data, with higher security and less system computing overhead compared with other schemes.

Key words: trajectory privacy fake query mutual information markov chain