MaskIt: Privately Releasing User Context Streams for

Personalized Mobile Applications

SIGMOD '12 Proceedings of the 2012 ACM SIGMOD International Conference on Management of Data

Background

Not just location.

More sensors means more privacy can be detected.

Background

User’s contexts have correlation with former context.

Some contexts are not sensitive.

Solution

System Model

x1, x2,…, xt o1, o2,…, ot

To compute ot, MASKIT employs a check deciding whether to release or suppress the current context.

MaskIt

Solution

Propose MASKIT: a system that decide whether to release or to suppress the current state of the use. Probabilistic check: flips for each context a coin is

chosen suitably to guarantee privacy. Simulatable check: makes the decision only based

on the released contexts so far and completely ignores the current context.

Explain how to select the better check.

Problem Statement

Utility Goal Release as many states as possible, while satisfying

the privacy goal.

The MASKIT System

Problem

What is privacy?

To preserve privacy: When context should be suppressed? What context should be suppressed?

How to ensure utility?

Privacy

Privacy DEFINITION 1: We say that a system A preserves -

privacy against an adversary if for all possible inputs sampled from the Markov chain M with non-zero probability, for all possible outputs , for all times t and all sensitive contexts

Utility

Measure utility as the expected number of released context:

for state ci at time t’ a suppression probability

Probabilistic Privacy Check

Probabilistic Privacy Check

Prior belief:

suppression probability pit at time t for state

ci , the prior belief is 1- pit

Posterior belief:

HMM

Forward procedure

Backward procedure

Probabilistic Privacy Check

Utility ： For vectors passing the check we can compute their

utility Return the one with the maximum utility

Efficiency Use algorithms to speeding up IsPrivate &

SearchAlgorithm

Simulatable Privacy Check

Only based on information available to the adversary: The Markov chain M Output sequence

Posterior belief

t1: last time before or at t at which a context was released t2: earliest time after t at which a context was released t2: end state if t2 does not exist

Simulatable Privacy Check

Simulatable Privacy Check

Privacy :

Simulatable Privacy Check

Utility: The simulatable check is locally optimal in the sense

that if the next state is published despite the indication of the privacy check to suppress it (improving the utility) then there is a chance that future states will inevitably breach privacy.

Efficiency Speeding up okayToRelease

Comparative Analysis

Weakness of the simulatable check: It makes the suppression decision without looking at the current state.

Weakness of the probabilistic check: Its decision ignores the previously released states.

Comparative Analysis

Hybrid Privacy Check: Probabilistic check

Simulatable checkUsing suppi(t) we can compute recursively the expected number of suppressions following the release of Xt = ci

utilitySimulatable(M) = T - expected number

Limited Background Knowledge

Weak adversary: Knowing the Frequency of sensitive contexts Knowing a Set-Labeled chain

Experiment

Continuous data on daily activities of 100 students and staff at MIT.

For each user, we train a Markov chain on the first half of his trace; the remaining half is used to for evaluation.

This paper only use location data.

Experiment

Efficiency

Experiments

Compare MASKIT using: The simulatable check The probabilistic check (with a granularity of d = 10) The hybrid check

with the naive approach, called MaskSensitive

Experiments

Experiments

Experiments

Experiments

Thank you!

Problem Statement

User Model User’s behaves like a sample from a Markov chain M The states in M are labeled with contexts {c1,…,cn}

Each day, the user starts at the “start” state in M and ends T steps later in the “end” state

X1,… ,XT : random variables generated from M, each taking on the value of some context ci

The independence property of Markov chains states that

Problem Statement

Adversary Model Strong Adversary: know the Markov chain M of a user. Week Adversary: have less knowledge about M,but

they can learn more about M over time. can access the full output sequence generated by a

general suppression system A, and we assume the adversaries also know A.

adversaries have a prior belief about the user being in context ci at time t.

Problem Statement

Preliminaries: Markov chains Markovian process with transition matrices A(1),…, A(T+1):

PROPOSITION 1: The prior belief of an adversary about the user being in a sensitive context s at time t is equal to

The joint probability of a sequence of states is:

The probability of transitioning from state c i at time t1 to state cj at time t2

ei is the unit vector that is 1 at position i and 0 otherwise

Problem Statement

Preliminaries: Hidden Markov Models Hidden Markov models help us understand how

adversaries make inference about suppressed states.

Each state has a distribution over possible outputs from a set K = {k1,…,km}.

Define emission matrices B(t) as: For a given output sequence , we

compute the conditional probability that at tine t the hidden state was ci:

Problem Statement

Preliminaries: Hidden Markov Models Use the forward procedure and the backward

procedure to compute this ratio efficiently:

Initialize

Initialize , put everything together: