ABSTRACT
Differential privacy concepts have been successfully used to protect anonymity of individuals in population-scale analysis. Sharing of mobile sensor data, especially physiological data, raise different privacy challenges, that of protecting private behaviors that can be revealed from time series of sensor data. Existing privacy mechanisms rely on noise addition and data perturbation. But the accuracy requirement on inferences drawn from physiological data, together with well-established limits within which these data values occur, render traditional privacy mechanisms inapplicable. In this work, we define a new behavioral privacy metric based on differential privacy and propose a novel data substitution mechanism to protect behavioral privacy. We evaluate the efficacy of our scheme using 660 hours of ECG, respiration, and activity data collected from 43 participants and demonstrate that it is possible to retain meaningful utility, in terms of inference accuracy (90%), while simultaneously preserving the privacy of sensitive behaviors.
- Agrawal, D., and Aggarwal, C. C. On the design and quantification of privacy preserving data mining algorithms. In Proceedings of the twentieth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems, ACM (2001), 247--255. Google ScholarDigital Library
- Agrawal, R., and Srikant, R. Privacy-preserving data mining. In ACM Sigmod Record, vol. 29, ACM (2000), 439--450. Google ScholarDigital Library
- Ali, A. A., Hossain, S. M., Hovsepian, K., Rahman, M. M., Plarre, K., and Kumar, S. mpuff: automated detection of cigarette smoking puffs from respiration measurements. In Proceedings of the 11th international conference on Information Processing in Sensor Networks, ACM (2012), 269--280. Google ScholarDigital Library
- Atallah, L., Lo, B., King, R., and Yang, G.-Z. Sensor placement for activity detection using wearable accelerometers. In 2010 International Conference on Body Sensor Networks, IEEE (2010), 24--29. Google ScholarDigital Library
- Bao, L., and Intille, S. S. Activity recognition from user-annotated acceleration data. In Pervasive computing. Springer, 2004, 1--17.Google ScholarCross Ref
- Bhaskar, R., Laxman, S., Smith, A., and Thakurta, A. Discovering frequent patterns in sensitive data. In Proceedings of the 16th ACM SIGKDD international conference on Knowledge discovery and data mining, ACM (2010), 503--512. Google ScholarDigital Library
- Biel, L., Pettersson, O., Philipson, L., and Wide, P. Ecg analysis: a new approach in human identification. IEEE Transactions on Instrumentation and Measurement 50, 3 (2001), 808--812.Google ScholarCross Ref
- Bindschaedler, V., and Shokri, R. Synthesizing plausible privacy-preserving location traces. In 2016 IEEE Symposium on Security and Privacy, IEEE (2016).Google ScholarCross Ref
- Chakraborty, S. Balancing Behavioral Privacy and Information Utility in Sensory Data Flows. PhD thesis, University of California, Los Angeles, 2014.Google Scholar
- Chakraborty, S., Raghavan, K. R., Johnson, M. P., and Srivastava, M. B. A framework for context-aware privacy of sensor data on mobile systems. In Proceedings of the 14th Workshop on Mobile Computing Systems and Applications, ACM (2013), 11. Google ScholarDigital Library
- Chakraborty, S., Shen, C., Raghavan, K. R., Shoukry, Y., Millar, M., and Srivastava, M. ipShield: A Framework For Enforcing Context-Aware Privacy. In 11th USENIX Symposium on Networked Systems Design and Implementation (NSDI 14) (2014), 143--156. Google ScholarDigital Library
- Chen, R., Mohammed, N., Fung, B. C., Desai, B. C., and Xiong, L. Publishing set-valued data via differential privacy. Proceedings of the VLDB Endowment 4, 11 (2011), 1087--1098.Google ScholarDigital Library
- Clifford, G. D., Azuaje, F., and McSharry, P. Advanced methods and tools for ECG data analysis. Artech House, Inc., 2006. Google ScholarDigital Library
- Clifton, C., Kantarcioglu, M., Vaidya, J., Lin, X., and Zhu, M. Y. Tools for privacy preserving distributed data mining. ACM Sigkdd Explorations Newsletter 4, 2 (2002), 28--34. Google ScholarDigital Library
- Dinur, I., and Nissim, K. Revealing information while preserving privacy. In Proceedings of the twenty-second ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems, ACM (2003), 202--210. Google ScholarDigital Library
- Du, W., and Atallah, M. J. Secure multi-party computation problems and their applications: a review and open problems. In Proceedings of the 2001 workshop on New security paradigms, ACM (2001), 13--22. Google ScholarDigital Library
- Dwork, C. Differential privacy: A survey of results. In Theory and applications of models of computation. Springer, 2008, 1--19. Google ScholarDigital Library
- Dwork, C., McSherry, F., Nissim, K., and Smith, A. Calibrating noise to sensitivity in private data analysis. In Theory of cryptography. Springer, 2006, 265--284. Google ScholarDigital Library
- Dwork, C., Naor, M., Reingold, O., Rothblum, G. N., and Vadhan, S. On the complexity of differentially private data release: efficient algorithms and hardness results. In Proceedings of the forty-first annual ACM symposium on Theory of computing, ACM (2009), 381--390. Google ScholarDigital Library
- Evfimievski, A., Srikant, R., Agrawal, R., and Gehrke, J. Privacy preserving mining of association rules. Information Systems 29, 4 (2004), 343--364. Google ScholarDigital Library
- Friedman, A., and Schuster, A. Data mining with differential privacy. In Proceedings of the 16th ACM SIGKDD international conference on Knowledge discovery and data mining, ACM (2010), 493--502. Google ScholarDigital Library
- Götz, M., Nath, S., and Gehrke, J. Maskit: Privately releasing user context streams for personalized mobile applications. In Proceedings of the 2012 ACM SIGMOD International Conference on Management of Data, SIGMOD '12 (2012), 289--300. Google ScholarDigital Library
- Hay, M., Rastogi, V., Miklau, G., and Suciu, D. Boosting the accuracy of differentially private histograms through consistency. Proceedings of the VLDB Endowment 3, 1-2 (2010), 1021--1032. Google ScholarDigital Library
- He, Y., Barman, S., Wang, D., and Naughton, J. F. On the complexity of privacy-preserving complex event processing. In Proceedings of the Thirtieth ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, PODS '11 (2011), 165--174. Google ScholarDigital Library
- Hossain, S. M., Ali, A. A., Rahman, M. M., Ertin, E., Epstein, D., Kennedy, A., Preston, K., Umbricht, A., Chen, Y., and Kumar, S. Identifying drug (cocaine) intake events from acute physiological response in the presence of free-living physical activity. In Proceedings of the 13th international symposium on Information processing in sensor networks, IEEE Press (2014), 71--82. Google ScholarDigital Library
- Hovsepian, K., al'Absi, M., Ertin, E., Kamarck, T., Nakajima, M., and Kumar, S. cstress: towards a gold standard for continuous stress assessment in the mobile environment. In Proceedings of the 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing, ACM (2015), 493--504. Google ScholarDigital Library
- Li, N., Li, T., and Venkatasubramanian, S. t-closeness: Privacy beyond k-anonymity and l-diversity. In Data Engineering, 2007. ICDE 2007. IEEE 23rd International Conference on, IEEE (2007), 106--115.Google ScholarCross Ref
- Li, N., Qardaji, W. H., and Su, D. Provably private data anonymization: Or, k-anonymity meets differential privacy. Arxiv preprint (2011).Google Scholar
- Lindell, Y., and Pinkas, B. Privacy preserving data mining. In Advances in CryptologyCRYPTO 2000, Springer (2000), 36--54. Google ScholarDigital Library
- Machanavajjhala, A., Kifer, D., Gehrke, J., and Venkitasubramaniam, M. l-diversity: Privacy beyond k-anonymity. ACM Transactions on Knowledge Discovery from Data (TKDD) 1, 1 (2007), 3. Google ScholarDigital Library
- Pagani, M., Montano, N., Porta, A., Malliani, A., Abboud, F. M., Birkett, C., and Somers, V. K. Relationship between spectral components of cardiovascular variabilities and direct measures of muscle sympathetic nerve activity in humans. Circulation 95, 6 (1997), 1441--1448.Google ScholarCross Ref
- Parate, A., Chiu, M.-C., Chadowitz, C., Ganesan, D., and Kalogerakis, E. Risq: Recognizing smoking gestures with inertial sensors on a wristband. In Proceedings of the 12th annual international conference on Mobile systems, applications, and services, ACM (2014), 149--161. Google ScholarDigital Library
- Pinkas, B. Cryptographic techniques for privacy-preserving data mining. ACM SIGKDD Explorations Newsletter 4, 2 (2002), 12--19. Google ScholarDigital Library
- Plarre, K., Raij, A., Hossain, S. M., Ali, A. A., Nakajima, M., al'Absi, M., Ertin, E., Kamarck, T., Kumar, S., Scott, M., et al. Continuous inference of psychological stress from sensory measurements collected in the natural environment. In Information Processing in Sensor Networks (IPSN), 2011 10th International Conference on, IEEE (2011), 97--108.Google Scholar
- Rahman, M., Ali, A. A., Plarre, K., Absi, M., Ertin, E., and Kumar, S. mconverse : Inferring conversation episodes from respiratory measurements collected in the field. Wireless Health (2011). Google ScholarDigital Library
- Rahman, M. M., Bari, R., Ali, A. A., Sharmin, M., Raij, A., Hovsepian, K., Hossain, S. M., Ertin, E., Kennedy, A., Epstein, D. H., et al. Are we there yet?: Feasibility of continuous stress assessment via wireless physiological sensors. In Proceedings of the 5th ACM Conference on Bioinformatics, Computational Biology, and Health Informatics, ACM (2014), 479--488. Google ScholarDigital Library
- Roth, A., and Roughgarden, T. Interactive privacy via the median mechanism. In Proceedings of the forty-second ACM symposium on Theory of computing, ACM (2010), 765--774. Google ScholarDigital Library
- Saleheen, N., Ali, A. A., Hossain, S. M., Sarker, H., Chatterjee, S., Marlin, B., Ertin, E., al'Absi, M., and Kumar, S. puffmarker: a multi-sensor approach for pinpointing the timing of first lapse in smoking cessation. In Proceedings of the 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing, ACM (2015), 999--1010. Google ScholarDigital Library
- Sweeney, L. k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 10, 05 (2002), 557--570. Google ScholarDigital Library
- Thomaz, E., Essa, I., and Abowd, G. D. A practical approach for recognizing eating moments with wrist-mounted inertial sensing. In Proceedings of the 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing, ACM (2015), 1029--1040. Google ScholarDigital Library
- Vaidya, J., and Clifton, C. Privacy preserving association rule mining in vertically partitioned data. In Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining, ACM (2002), 639--644. Google ScholarDigital Library
- Xiao, Y., Xiong, L., and Yuan, C. Differentially private data release through multidimensional partitioning. In Secure Data Management. Springer, 2010, 150--168. Google ScholarDigital Library
Index Terms
- mSieve: differential behavioral privacy in time series of mobile sensor data
Recommendations
Fast track article: Balancing behavioral privacy and information utility in sensory data flows
Miniaturized smart sensors are increasingly being used to collect personal data which embed minute details of our everyday life. When shared, the data streams can easily be mined to draw a rich set of inferences regarding private behaviors and lifestyle ...
A framework for context-aware privacy of sensor data on mobile systems
HotMobile '13: Proceedings of the 14th Workshop on Mobile Computing Systems and ApplicationsWe study the competing goals of utility and privacy as they arise when a user shares personal sensor data with apps on a smartphone. On the one hand, there can be value to the user for sharing data in the form of various personalized services and ...
A privacy framework: indistinguishable privacy
EDBT '13: Proceedings of the Joint EDBT/ICDT 2013 WorkshopsIn this paper we illustrate a privacy framework named Indistinguishable Privacy. Indistinguishable privacy could be deemed as the formalization of the existing privacy definitions in privacy preserving data publishing as well as secure multi-party ...
Comments