Trajectory collection is fundamental for location-based services but often involves sensitive information, such as a user's daily routine, raising privacy concerns. Local differential privacy (LDP) provides provable privacy guarantees for users, even when the data collector is untrusted. Existing trajectory collection methods ensure LDP only for discrete location spaces, where the number of locations affects their privacy guarantees and trajectory utility. Moreover, the location space is often naturally continuous, such as in flying and sailing trajectories, making these methods unsuitable. This paper proposes two trajectory collection methods that ensure LDP for continuous spaces: TraCS-D, which perturbs the direction and distance of locations, and TraCS-C, which perturbs the Cartesian coordinates of locations. Both methods are theoretically and experimentally analyzed for trajectory utility. TraCS can also be applied to discrete spaces by rounding perturbed locations to the nearest discrete points. It is independent of the number of locations and has only $\Theta(1)$ time complexity in each perturbation generation. Evaluation results on discrete location spaces validate this advantage and show that TraCS outperforms state-of-the-art methods with improved trajectory utility, especially for large privacy parameters.
翻译:轨迹收集是基于位置服务的基础,但通常涉及用户的日常活动等敏感信息,从而引发隐私担忧。局部差分隐私(LDP)为用户提供了可证明的隐私保障,即使数据收集者不可信。现有的轨迹收集方法仅能确保离散位置空间的LDP,其中位置数量会影响其隐私保障和轨迹效用。此外,位置空间通常是自然连续的,例如飞行和航行轨迹,使得这些方法不再适用。本文提出了两种确保连续空间LDP的轨迹收集方法:TraCS-D(通过扰动位置的方向和距离)和TraCS-C(通过扰动位置的笛卡尔坐标)。两种方法均在理论和实验上分析了轨迹效用。TraCS也可通过将扰动位置舍入至最近离散点而应用于离散空间。该方法独立于位置数量,且每次扰动生成仅具有$\Theta(1)$时间复杂度。在离散位置空间上的评估结果验证了这一优势,并表明TraCS在轨迹效用上优于现有先进方法,尤其在大隐私参数情况下表现更佳。