Saleheen Nazir, Chakraborty Supriyo, Ali Nasir, Mahbubur Rahman Md, Hossain Syed Monowar, Bari Rummana, Buder Eugene, Srivastava Mani, Kumar Santosh
University of Memphis.
IBM T. J. Watson Research Center.
Proc ACM Int Conf Ubiquitous Comput. 2016 Sep;2016:706-717. doi: 10.1145/2971648.2971753.
Differential privacy concepts have been successfully used to protect anonymity of individuals in population-scale analysis. Sharing of mobile sensor data, especially physiological data, raise different privacy challenges, that of protecting private behaviors that can be revealed from time series of sensor data. Existing privacy mechanisms rely on noise addition and data perturbation. But the accuracy requirement on inferences drawn from physiological data, together with well-established limits within which these data values occur, render traditional privacy mechanisms inapplicable. In this work, we define a new behavioral privacy metric based on differential privacy and propose a novel data substitution mechanism to protect behavioral privacy. We evaluate the efficacy of our scheme using 660 hours of ECG, respiration, and activity data collected from 43 participants and demonstrate that it is possible to retain meaningful utility, in terms of inference accuracy (90%), while simultaneously preserving the privacy of sensitive behaviors.
差分隐私概念已成功用于在人口规模分析中保护个人隐私。移动传感器数据的共享,尤其是生理数据的共享,带来了不同的隐私挑战,即保护从传感器数据时间序列中可能泄露的私人行为。现有的隐私机制依赖于添加噪声和数据扰动。但是,从生理数据得出的推断对准确性有要求,再加上这些数据值出现的既定范围,使得传统的隐私机制不适用。在这项工作中,我们基于差分隐私定义了一种新的行为隐私度量,并提出了一种新颖的数据替换机制来保护行为隐私。我们使用从43名参与者收集的660小时心电图、呼吸和活动数据评估了我们方案的有效性,并证明在推理准确性(90%)方面可以保留有意义的效用,同时保护敏感行为的隐私。
