Upload
ann-brown
View
229
Download
0
Embed Size (px)
Citation preview
MaskIt: Privately Releasing User Context Streams for
Personalized Mobile Applications
SIGMOD '12 Proceedings of the 2012 ACM SIGMOD International Conference on Management of Data
Background
Not just location.
More sensors means more privacy can be detected.
Background
User’s contexts have correlation with former context.
Some contexts are not sensitive.
Solution
System Model
x1, x2,…, xt o1, o2,…, ot
To compute ot, MASKIT employs a check deciding whether to release or suppress the current context.
MaskIt
Solution
Propose MASKIT: a system that decide whether to release or to suppress the current state of the use. Probabilistic check: flips for each context a coin is
chosen suitably to guarantee privacy. Simulatable check: makes the decision only based
on the released contexts so far and completely ignores the current context.
Explain how to select the better check.
Problem Statement
Utility Goal Release as many states as possible, while satisfying
the privacy goal.
The MASKIT System
Problem
What is privacy?
To preserve privacy: When context should be suppressed? What context should be suppressed?
How to ensure utility?
Privacy
Privacy DEFINITION 1: We say that a system A preserves -
privacy against an adversary if for all possible inputs sampled from the Markov chain M with non-zero probability, for all possible outputs , for all times t and all sensitive contexts
Utility
Measure utility as the expected number of released context:
for state ci at time t’ a suppression probability
Probabilistic Privacy Check
Probabilistic Privacy Check
Prior belief:
suppression probability pit at time t for state
ci , the prior belief is 1- pit
Posterior belief:
HMM
Forward procedure
Backward procedure
Probabilistic Privacy Check
Utility : For vectors passing the check we can compute their
utility Return the one with the maximum utility
Efficiency Use algorithms to speeding up IsPrivate &
SearchAlgorithm
Simulatable Privacy Check
Only based on information available to the adversary: The Markov chain M Output sequence
Posterior belief
t1: last time before or at t at which a context was released t2: earliest time after t at which a context was released t2: end state if t2 does not exist
Simulatable Privacy Check
Simulatable Privacy Check
Privacy :
Simulatable Privacy Check
Utility: The simulatable check is locally optimal in the sense
that if the next state is published despite the indication of the privacy check to suppress it (improving the utility) then there is a chance that future states will inevitably breach privacy.
Efficiency Speeding up okayToRelease
Comparative Analysis
Weakness of the simulatable check: It makes the suppression decision without looking at the current state.
Weakness of the probabilistic check: Its decision ignores the previously released states.
Comparative Analysis
Hybrid Privacy Check: Probabilistic check
Simulatable checkUsing suppi(t) we can compute recursively the expected number of suppressions following the release of Xt = ci
utilitySimulatable(M) = T - expected number
Limited Background Knowledge
Weak adversary: Knowing the Frequency of sensitive contexts Knowing a Set-Labeled chain
Experiment
Continuous data on daily activities of 100 students and staff at MIT.
For each user, we train a Markov chain on the first half of his trace; the remaining half is used to for evaluation.
This paper only use location data.
Experiment
Efficiency
Experiments
Compare MASKIT using: The simulatable check The probabilistic check (with a granularity of d = 10) The hybrid check
with the naive approach, called MaskSensitive
Experiments
Experiments
Experiments
Experiments
Thank you!
Problem Statement
User Model User’s behaves like a sample from a Markov chain M The states in M are labeled with contexts {c1,…,cn}
Each day, the user starts at the “start” state in M and ends T steps later in the “end” state
X1,… ,XT : random variables generated from M, each taking on the value of some context ci
The independence property of Markov chains states that
Problem Statement
Adversary Model Strong Adversary: know the Markov chain M of a user. Week Adversary: have less knowledge about M,but
they can learn more about M over time. can access the full output sequence generated by a
general suppression system A, and we assume the adversaries also know A.
adversaries have a prior belief about the user being in context ci at time t.
Problem Statement
Preliminaries: Markov chains Markovian process with transition matrices A(1),…, A(T+1):
PROPOSITION 1: The prior belief of an adversary about the user being in a sensitive context s at time t is equal to
The joint probability of a sequence of states is:
The probability of transitioning from state c i at time t1 to state cj at time t2
ei is the unit vector that is 1 at position i and 0 otherwise
Problem Statement
Preliminaries: Hidden Markov Models Hidden Markov models help us understand how
adversaries make inference about suppressed states.
Each state has a distribution over possible outputs from a set K = {k1,…,km}.
Define emission matrices B(t) as: For a given output sequence , we
compute the conditional probability that at tine t the hidden state was ci:
Problem Statement
Preliminaries: Hidden Markov Models Use the forward procedure and the backward
procedure to compute this ratio efficiently:
Initialize
Initialize , put everything together: