AAU Student Projects is unavailable between June 15th 1.30pm and 17th 1.30pm due to planned system maintenance. The projects cannot be downloaded during this period.
AAU Student Projects - visit Aalborg University's student projects portal
A master's thesis from Aalborg University
Book cover


A Comparison of GPS Trajectory Differential Privacy Mechanisms

Authors

;

Term

4. term

Education

Publication year

2026

Submitted on

Abstract

Trajectory data describe how people move through a city over time. They are used for applications such as transportation planning, urban development, and mobility analysis, for example by comparing routes (similarity measures) and studying trip lengths to identify movement patterns. However, the clear spatial (where) and temporal (when) patterns in such data can reveal sensitive information about individuals. A key privacy risk is re-identification, where an attacker uses knowledge such as a person’s home, workplace, or a few known visited locations to match the person to a specific trajectory in the dataset. Differential Privacy (DP) is a method that provides formal, mathematical guarantees for privacy protection. There are several different DP mechanisms, and they do not necessarily preserve the same properties of the original data. In this project, we compare four DP mechanisms: AdaTrace, DP-Star, DP-STTS, and PrivTrace. They are tested on multiple real-world trajectory datasets and under different privacy levels (known as privacy budgets). We evaluate privacy using several attack models that measure how likely it is that an attacker can infer sensitive information. We evaluate data utility using road network-based similarity measures and trip-length analysis, so we can see how useful the anonymized data remain for mobility analysis. The results show that none of the examined DP mechanisms achieves the best privacy-utility balance in every evaluation. Re-identification remains the most serious privacy risk, while the other attack models generally show lower levels of information leakage. Each mechanism therefore has different strengths and weaknesses. Overall, DP-Star provides the most balanced privacy protection, while the level of preserved utility varies across datasets, measures, and trajectory lengths. All our evaluations can be reproduced from the public code repository: https://github.com/D-Kuma-C/P10-DP

Trajektoriedata beskriver, hvordan mennesker bevæger sig gennem byen over tid. De bruges blandt andet til transportplanlægning, byudvikling og analyser af mobilitet, hvor man f.eks. sammenligner ruter (similaritetsmål) og undersøger længden af ture for at finde bevægelsesmønstre. Men de tydelige rumlige (hvor) og tidslige (hvornår) mønstre i sådanne data kan afsløre følsomme oplysninger om enkeltpersoner. En central privathedsrisiko er re-identifikation, hvor en angriber kan bruge viden som en persons hjemadresse, arbejdsplads eller få kendte besøgssteder til at matche personen til en bestemt trajektorie i datasættet. Differential Privacy (DP) er en metode, der giver formelle, matematiske garantier for privatlivsbeskyttelse. Der findes flere forskellige DP-mekanismer, og de bevarer ikke nødvendigvis de samme egenskaber ved de oprindelige data. I dette projekt sammenlignes fire DP-mekanismer: AdaTrace, DP-Star, DP-STTS og PrivTrace. De testes på flere virkelige trajektoriedatasæt og under forskellige privathedsniveauer (kaldet privathedsbudgetter). Vi vurderer privathed ved hjælp af flere typer angrebsscenarier, som måler, hvor stor risikoen er for, at en angriber kan udlede følsomme oplysninger. Datanytten vurderes ved hjælp af vejnet-baserede similaritetsmål og ved at analysere længden af ture, så vi kan se, hvor godt de anonymiserede data stadig kan bruges til mobilitetsanalyse. Resultaterne viser, at ingen af de undersøgte DP-mekanismer giver den bedste balance mellem privathed og nytte i alle evalueringer. Re-identifikation er fortsat den største privathedsrisiko, mens de øvrige angrebsmodeller typisk viser et lavere niveau af informationslækage. Hver mekanisme har derfor forskellige styrker og svagheder. Overordnet set giver DP-Star den mest afbalancerede privathedsbeskyttelse, mens graden af bevaret nytte varierer på tværs af datasæt, mål og længden af trajektorier. Alle vores analyser kan genskabes fra det offentlige kodebibliotek: https://github.com/D-Kuma-C/P10-DP

[This abstract has been rewritten with the help of AI based on the project's original abstract]