Information Management Laboratory
University of Piraeus

Private-HERMES: A Benchmark Framework for Privacy-Preserving Mobility Data Querying and Mining Methods

Nikos Pelekis, Aris Gkoulalas-Divanis, Marios Vodas, Anargyros Plemenos, Despina Kopanaki, Yannis Theodoridis


Mobility data sources feed larger and larger trajectory databases nowadays. Due to the need of extracting useful knowledge patterns that improve services based on users’ and customers’ behavior, querying and mining such databases has gained significant attention in recent years. However, publishing mobility data may lead to severe privacy violations. In this paper, we present Private-HERMES, an integrated platform for applying data mining and privacy-preserving querying over mobility data. The presented platform provides a two-dimension benchmark framework that includes: (i) a query engine that provides privacy-aware data management functionality of the in-house data via a set of auditing mechanisms that protect the sensitive information against several types of attacks, and (ii) a progressive analysis framework, which, apart from anonymization methods for data publishing, includes various well-known mobility data mining techniques to evaluate the effect of anonymization in the querying and mining results. The demonstration of Private-HERMES via a real-world case study, illustrates the flexibility and usefulness of the platform for supporting privacy-aware data analysis, as well as for providing an extensible blueprint benchmark architecture for privacy-preservation related methods in mobility data.

The overview of the framework

Video Showcase

Anonymizing Data

Original Data from a Range Query
NWA-based Anonymized Data: A) Results projection through graphical map B) Parameters selection through GUI

Clustering on Data

T-Optics on the Original Data: 4 clusters have been detected (The noise has been excluded from the Layer Manager)
T-Optics on the Anonymized Data: 3 clusters have been detected (The noise is illustrated with the color grey)

Hermes++: Privacy-Aware Query Engine

Comparing Hermes and Hermes++

Range Query
Parameter setting for range query++ through a GUI
There are 8 fake trajectories painted black on Hermes++ using Traj_auditor and Traj_faker, respectively.

Distance Query
Parameter setting for distance query++ through a GUI
There is 1 fake trajectory painted black on Hermes++ using Traj_auditor and Traj_faker, respectively but it follows different direction in each case.

Blocking User Identification Attack

We execute a query that overlaps with the previous one: The auditor finds that a previous query was answered in this area and throws a privacy error.

Blocking Sequential Tracking Attack

We execute a query that is near to the previous one (but doesn't overlap) considering the spatiotemporal threshold: Again this query is blocked by the auditor.

Experimental Evaluation for Range Queries

Malevolent User Detection

The user 3203 (malevolent) presents suspicious behavior as he/she operates queries in a small spatial temporal space and the sequence of queries is close to each other. In contrast, the user 2100 (honest) executes queries based on a random sequence and the corresponding space-time regions are in a larger range. In addition to this, the distortion in database for malevolent user is greater than this for honest user.