Human mobility data has been ubiquitously collected through cellular networks and mobile applications, and publicly released for academic research and commercial purposes for the last decade. In this paper, we argue and prove that even publishing aggregated mobility data could lead to privacy breach in individuals’ trajectories. We develop an attack system that is able to exploit the uniqueness and regularity of human mobility to recover individual’s trajectories from the aggregated mobility data without any prior knowledge. Our experiments on two real-world datasets reveal that the attack system is able to recover users’ trajectories with accuracy about 73%~91% at the scale oftens of thousands to hundreds of thousands users, which indicates severe privacy leakage in such datasets and appeals for immediate attentions from both academy and industry.
Xu, Fengli, et al. "Trajectory Recovery From Ash: User Privacy Is NOT Preserved in Aggregated Mobility Data." Proceedings of the Twenty-Sixth World Wide Web Conference, 2017.
Xu, Fengli, et al. "Context-aware Real-time Population Estimation for Metropolis." Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing. ACM, 2016.
Wang, Huandong, et al. "Understanding Mobile Traffic Patterns of Large Scale Cellular Towers in Urban Environment." Proceedings of the 2015 ACM Conference on Internet Measurement Conference. ACM, 2015.