World Wide Web

, Volume 22, Issue 6, pp 2407–2436 | Cite as

PrivSem: Protecting location privacy using semantic and differential privacy

  • Yanhui LiEmail author
  • Xin Cao
  • Ye Yuan
  • Guoren Wang


In this paper, we address the problem of users’ location privacy preservation on road networks. Most existing privacy preservation techniques rely on structure-based spatial cloaking, but pay little attention to locations’ semantic information. Yet, the semantics may disclose sensitive information of mobile users. In addition, these studies ignore the location privacy requirements of other users, which is essential for location-based services (LBS). Thus, to tackle these problems, we propose PrivSem, a novel framework which integrates locationk-anonymity, segmentl-semantic diversity, and differential privacy to protect user location privacy from violation. In this framework, rather than using the original location data, we only access to the sanitized data according to differential privacy. Due to the nature of differential privacy which perturbs the real data with noise, it is particularly challenging to determine an effective cloaked area. Further, we investigate an error analysis model to ensure the effectiveness of the generated cloaked areas. Finally, through formal privacy analysis, we show that our proposed approach is effective in providing privacy guarantees. Extensive experimental evaluations on large real-world datasets are conducted to demonstrate the efficiency and effectiveness of PrivSem.


Location privacy l-semantic diversity Location k-anonymity Differential privacy 



This research was partially supported by the National Natural Science Foundation of China under Grant No. 61572119, 61622202, U1401256, 61732003 and 61729201; and the Fundamental Research Funds for the Central Universities under Grant No. N150402005.


  1. 1.
    Bamba, B., Liu, L., Pesti, P., Wang, T.: Supporting anonymous location queries in mobile environments with privacygrid. In: Proceedings of WWW, pp. 237–246 (2008)Google Scholar
  2. 2.
    Beresford, A.R., Stajano, F.: Location privacy in pervasive computing. Pervasive comput 2(1), 46–55 (2003)CrossRefGoogle Scholar
  3. 3.
    Bettini, C., Mascetti, S., Wang, X.S.: Privacy Threats in Location-Based Services. In: Encyclopedia of GIS, pp. 906–912 (2008)CrossRefGoogle Scholar
  4. 4.
    Chan, T.H.H., Shi, E., Song, D.: Private and continual release of statistics. Information and System Security Journal 14(3), 26 (2011)Google Scholar
  5. 5.
    Cheng, R., Zhang, Y., Bertino, E., Prabhakar, S.: Preserving user location privacy in mobile data management infrastructures. Lect. Notes Comput. Sci 4258, 393–412 (2006)CrossRefGoogle Scholar
  6. 6.
    Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: Proceedings of Annual Foundations of Computer Science, pp. 41–50 (1995)Google Scholar
  7. 7.
    Chow, C., Mokbel, M., Bao, J., Liu, X.: Query-aware location anonymization for road networks. GeoInformatica 15(3), 571–607 (2011)CrossRefGoogle Scholar
  8. 8.
    Cormode, G., Procopiuc, C., Srivastava, D., Shen, E., Yu, T.: Differentially private spatial decompositions. In: Proceedings of ICDE, pp. 20–31 (2012)Google Scholar
  9. 9.
    Damiani, M.L., Bertino, E., Silvestri, C., et al.: The probe framework for the personalized cloaking of private locations. Trans. Data Privacy Journal 3(2), 123–148 (2010)Google Scholar
  10. 10.
    Damiani, M.L., Silvestri, C., Bertino, E.: Fine-grained cloaking of sensitive positions in location-sharing applications. Pervasive Computing Journal 10(4), 64–72 (2011)CrossRefGoogle Scholar
  11. 11.
    Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Proceedings of TCC, vol. 3876. pp. 265–284 (2006)CrossRefGoogle Scholar
  12. 12.
    Fan, L., Xiong, L.: An adaptive approach to real-time aggregate monitoring with differential privacy. TKDE J 26(9), 2094–2106 (2014)Google Scholar
  13. 13.
    Fogaras, D., Rácz, B.: A scalable randomized method to compute link-based similarity rank on the web graph. In: Proceedings of EDBT Workshops, pp. 557–567 (2004)CrossRefGoogle Scholar
  14. 14.
    Gedik, B., Liu, L.: Location privacy in mobile systems: a personalized anonymization model. In: Proceedings of ICDCS, pp. 620–629 (2005)Google Scholar
  15. 15.
    Ghinita, G., Kalnis, P., Khoshgozaran, A., Shahabi, C., Tan, K.L.: Private queries in location based services: anonymizers are not necessary. In: Proceedings of SIGMOD, pp. 121–132 (2008)Google Scholar
  16. 16.
    Gruteser, M., Grunwald, D.: Anonymous usage of location-based services through spatial and temporal cloaking. In: Proceedings of MobiSys, pp. 31–42 (2003)Google Scholar
  17. 17.
    Hashem, T., Kulik, L., Ramamohanarao, K., Zhang, R., Soma, S.C.: Protecting privacy for distance and rank based group nearest neighbor queries. World Wide Web 22(1), 375–416 (2019)CrossRefGoogle Scholar
  18. 18.
    He, X., Cormode, G., Machanavajjhala, A., Procopiuc, C.M., Srivastava, D.: Dpt: differentially private trajectory synthesis using hierarchical reference systems. VLDB J. 8(11), 1154–1165 (2015)Google Scholar
  19. 19.
    Kalnis, P., Ghinita, G., Mouratidis, K., Papadias, D.: Preventing location-based identity inference in anonymous spatial queries. TKDE J. 19(12), 1719–1733 (2007)Google Scholar
  20. 20.
    Kellaris, G., Papadopoulos, S.: Practical differential privacy via grouping and smoothing. In: Proceedings of VLDB, vol. 6. pp. 301–312 (2013)CrossRefGoogle Scholar
  21. 21.
    Kellaris, G., Papadopoulos, S., Xiao, X., Papadias, D.: Differentially private event sequences over infinite streams. VLDB J. 7(12), 1155–1166 (2014)Google Scholar
  22. 22.
    Kido, H., Yanagisawa, Y., Satoh, T.: An anonymous communication technique using dummies for location-based services. In: Proceedings of ICPS, pp. 88–97 (2005)Google Scholar
  23. 23.
    Kong, X., Song, X., Xia, F., Guo, H., Wang, J., Tolba, A.: Lotad: long-term traffic anomaly detection based on crowdsourced bus trajectory data. World Wide Web 21(3), 825–847 (2018)CrossRefGoogle Scholar
  24. 24.
    Ku, W.S., Zimmermann, R., Peng, W.C., Shroff, S.: Privacy protected query processing on spatial networks. In: Proceedings of ICDE Workshop, pp. 215–220. IEEE (2007)Google Scholar
  25. 25.
    Lee, B., Oh, J., Yu, H., Kim, J.: Protecting location privacy using location semantics. In: Proceedings of SIGKDD, pp. 1289–1297 (2011)Google Scholar
  26. 26.
    Li, C., Palanisamy, B.: Differentially private trajectory analysis for points-of-interest recommendation (2017)Google Scholar
  27. 27.
    Li, M., Qin, Z., Wang, C.: Sensitive semantics-aware personality cloaking on road-network environment. International Journal of Security and Its Applications 8(1), 133–146 (2014)CrossRefGoogle Scholar
  28. 28.
    Li, P., Peng, W., Wang, T.: A cloaking algorithm based on spatial networks for location privacy. In: Proceedings of SUTC, pp. 90–97 (2008)Google Scholar
  29. 29.
    Li, Y., Yuan, Y., Wang, G., Chen, L., Li, J.: Semantic-aware location privacy preservation on road networks. In: Proceedings of DASFAA, pp. 314–331 (2016)CrossRefGoogle Scholar
  30. 30.
    Li, Z., Pei, Q., Liu, Y.: Spoofing attacks and countermeasures in fm indoor localization system. World Wide Web 21(1), 219–240 (2018)CrossRefGoogle Scholar
  31. 31.
    Machanavajjhala, A., Gehrke, J., Kifer, D.: Venkitasubramaniam, M.: l-diversity: Privacy beyond k-anonymity. In: Proceedings of ICDE, pp. 24–24 (2006)Google Scholar
  32. 32.
    Martínez-Hinarejos, C., Juan, A., Casacuberta, F.: Generalized k-medians clustering for strings. Pattern Recognition and Image Analysis pp .502–509 (2003)Google Scholar
  33. 33.
    McSherry, F., Mironov, I.: Differentially private recommender systems: building privacy into the net. In: Proceedings of SIGKDD, pp. 627–636 (2009)Google Scholar
  34. 34.
    Mokbel, M.F., Chow, C.Y., Aref, W.G.: The new casper: Query processing for location services without compromising privacy. In: Proceedings of VLDB, pp. 763–774 (2006)Google Scholar
  35. 35.
    Palanisamy, B., Liu, L.: Mobimix: Protecting location privacy with mix-zones over road networks. In: Proceedings of ICDE, pp. 494–505 (2011)Google Scholar
  36. 36.
    Papadopoulos, S., Bakiras, S., Papadias, D.: Nearest neighbor search with strong location privacy. VLDB J. 3(1-2), 619–629 (2010)Google Scholar
  37. 37.
    Qardaji, W., Yang, W., Li, N.: Differentially private grids for geospatial data. In: Proceedings of ICDE, pp. 757–768 (2013)Google Scholar
  38. 38.
    Shin, K.G., Ju, X., Chen, Z., Hu, X.: Privacy protection for users of location-based services. Wirel. Commun. J. 19(1), 30–39 (2012)CrossRefGoogle Scholar
  39. 39.
    Sibson, R.: Slink: an optimally efficient algorithm for the single-link cluster method. Comput. J. 16(1), 30–34 (1973)MathSciNetCrossRefGoogle Scholar
  40. 40.
    Soma, S.C., Hashem, T., Cheema, M.A., Samrose, S.: Trip planning queries with location privacy in spatial databases. World Wide Web J. 20(2), 205–236 (2017)CrossRefGoogle Scholar
  41. 41.
    Sweeney, L.: k-anonymity: A model for protecting privacy. Int. J. Uncertainty Fuzziness Knowledge Based Syst. 10(05), 557–570 (2002)MathSciNetCrossRefGoogle Scholar
  42. 42.
    To, H., Ghinita, G., Fan, L., Shahabi, C.: Differentially private location protection for worker datasets in spatial crowdsourcing. TMC Journal 16(4), 934–949 (2017)Google Scholar
  43. 43.
    Vicente, C.R., Freni, D., Bettini, C., Jensen, C.S.: Location-related privacy in geo-social networks. Internet Computing Journal 15(3), 20–27 (2011)CrossRefGoogle Scholar
  44. 44.
    Wang, Q., Zhang, Y., Lu, X., Wang, Z., Qin, Z., Ren, K.: Rescuedp: Real-time spatio-temporal crowd-sourced data publishing with differential privacy. In: Proceedings of INFOCOM, pp. 1–9 (2016)Google Scholar
  45. 45.
    Wang, T., Liu, L.: Privacy-aware mobile services over road networks. VLDB J. 2(1), 1042–1053 (2009)Google Scholar
  46. 46.
    Wu, W., Parampalli, U., Liu, J., Xian, M.: Privacy preserving k-nearest neighbor classification over encrypted database in outsourced cloud environments. World Wide Web pp. 1–23 (2018)Google Scholar
  47. 47.
    Xiao, X., Wang, G., Gehrke, J.: Differential privacy via wavelet transforms. TKDE Journal 23(8), 1200–1214 (2011)Google Scholar
  48. 48.
    Xiao, Y., Xiong, L., Yuan, C.: Differentially private data release through multidimensional partitioning. Secure Data Management Journal 6358, 150–168 (2010)CrossRefGoogle Scholar
  49. 49.
    Xu, J., Zhang, Z., Xiao, X., Yang, Y., Yu, G., Winslett, M.: Differentially private histogram publication. VLDB J. 22(6), 797–822 (2013)CrossRefGoogle Scholar
  50. 50.
    Xu, T., Cai, Y.: Exploring historical location data for anonymity preservation in location-based services. In: Proceedings of INFOCOM, pp. 547–555 (2008)Google Scholar
  51. 51.
    Xu, T., Cai, Y.: Feeling-based location privacy protection for location-based services, In: Proceedings of CCS, pp. 348–357 (2009)Google Scholar
  52. 52.
    Xue, M., Kalnis, P., Pung, H.K.: Location diversity: Enhanced privacy protection in location based services. In: Proceedings of LoCA, pp. 70–87 (2009)Google Scholar
  53. 53.
    Yigitoglu, E., Damiani, M.L., Abul, O., Silvestri, C.: Privacy-preserving sharing of sensitive semantic locations under road-network constraints. In: Proceedings of MDM, pp. 186–195 (2012)Google Scholar
  54. 54.
    Yiu, M.L., Jensen, C.S., Huang, X., Lu, H.: Spacetwist: Managing the trade-offs among location privacy, query performance, and query accuracy in mobile services. In: Proceedings of ICDE, pp. 366–375 (2008)Google Scholar
  55. 55.
    Zhang, Y., Szabo, C., Sheng, Q.Z., Fang, X.S.: Snaf: Observation filtering and location inference for event monitoring on twitter. World Wide Web 21(2), 311–343 (2018)CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Northeastern UniversityShenyangChina
  2. 2.The University of New South WalesSydneyAustralia

Personalised recommendations