Anonymization Study For Campus User’s Behavior And Trajectory

With the development of information technology, especially in the field of big data, it’s possible to handle massive users’data. However, the leakage of user privacy from these data has been a great issue nowadays. Students and teachers at school will also generate a variety of data, such as using smartcard to buy lunch, borrowing books from library, connecting to WiFi to surf the Internet, etc. Excellent personalized services can be emerged if these data are used properly. But publishing these data also exists privacy problems inevitability. In this paper, we propose an anonymization method based on set partition to protect the privacy in user data. We experiment on two campus datasets, making sure that this method can effectively protect user’s privacy even if adversary has a strong ability.In general, the main works of tihs paper are as follows:·Anonymization of user’s stable behavioral habit.User’s behavioral habit can be modeled by a first-order Markov chain. For the be-haviors user may act, split them into disjoint subsets. The anonymization method transforms user’s real behavior into the set that contains user’s real one. Seman-tic tree can be used if the partitioning set is very large. At last, we experiment on a smartcard dataset and compare the result with MaskIt system’s simulatable privacy check.·Anonymization of user’s dynamic trajectories.For the services that need user’s location infomation, we can send multiple loca-tions to protect privacy. This method combines set partition with dummy trajec-tories. Dynamic means that user will reach some new places. The probability of getting to a place is related to user’s history records and popularity of the place. We propose a heuristic algorithm to make partitions of a location set and send the subset with user’s real location to the server. At last, we experiment on a WiFi access dataset. It shows that the result of algorithm is not bad.·Research of adversary’s ability to identify a user.Before a dataset is published, user’s identifiers in the data should be removed. But the adversary can still identify a user with some of his records. We use the smartcard dataset and WiFi access dataset to do experiments. Figure out how many records adversary need to identify a user. Then we evaluate the influence of personal anonym ized data on adversary.