ABSTRACT
Real-world network measurements are critical to building performant and resilient networks at scale. However, access to such data exposes end-users to significant privacy risks; and this is particularly true for wireless network measurements. In this paper, we apply six state-of-the-art differentially private (DP) algorithms, that span data-independent/dependent and workload-aware/unaware classes, to privatize queries from real-world WiFi traces on a large-scale campus network. We analyze utility-vs-privacy trade-offs involved in constructing privatized queries for canonical network resource provisioning tasks. We present the following results: (1) for count and histogram queries, the utility of the Laplacian-algorithm shows comparable (or better) performance compared to more complex data-aware DP algorithms, (2) for a given query-type and DP algorithm, the utility-to-noise trade-off varies for each distinct network metric, and finally, (3) we implement a state-of-the-art DP algorithm for trajectory analysis that reveals that there exist significant challenges in accurately reconstructing privatized network mobility trajectories, for relatively small trajectory lengths, even with relaxed privacy budgets.
- [n.d.]. World Street Map.Google Scholar
- John M Abowd. 2018. The US Census Bureau adopts differential privacy. In Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. 2867--2867.Google ScholarDigital Library
- Noah Apthorpe, Danny Yuxing Huang, Dillon Reisman, Arvind Narayanan, and Nick Feamster. 2019. Keeping the smart home private with smart (er) IoT traffic shaping. Proceedings on Privacy Enhancing Technologies 2019, 3 (2019).Google ScholarCross Ref
- Magdalena Balazinska and Paul Castro. 2003. Characterizing mobility and network usage in a corporate wireless local-area network. In Proceedings of the 1st international conference on Mobile systems, applications and services. ACM, 303--316.Google ScholarDigital Library
- Janet Barkdoll, Angela Reyes Cervantes, Danielle Dos Santos, Shayne Rothman, and Vasanta Chaganti. 2019. Resource dimensioning in a large-scale campus WiFi Network. "REU UPenn-CSR Presentation".Google Scholar
- Vincent Bindschaedler and Reza Shokri. 2016. Synthesizing plausible privacy-preserving location traces. In 2016 IEEE Symposium on Security and Privacy (SP). IEEE, 546--563.Google ScholarCross Ref
- Aaron Cahn, Scott Alfeld, Paul Barford, and Shanmugavelayutham Muthukrishnan. 2016. An empirical study of web cookies. In Proceedings of the 25th international conference on world wide web. 891--901.Google ScholarDigital Library
- Rui Chen, Gergely Acs, and Claude Castelluccia. 2012. Differentially private sequential data publication via variable-length n-grams. In Proceedings of the 2012 ACM conference on Computer and communications security. 638--649.Google ScholarDigital Library
- Yung-Chih Chen, Jim Kurose, and Don Towsley. 2012. A mixed queueing network model of mobility in a campus wireless network. In 2012 Proceedings IEEE INFOCOM. IEEE, 2656--2660.Google Scholar
- KC Claffy, David Clark, John Heidemann, Fabian Bustamante, Mattijs Jonker, Aaron Schulman, and Ellen Zegura. 2021. Workshop on Overcoming Measurement Barriers to Internet Research (WOMBIR 2021) Final Report. ACM SIGCOMM Computer Communication Review 51, 3 (2021), 33--40.Google Scholar
- David D Clark and Sara Wedeman. 2021. Measurement, Meaning and Purpose: Exploring the M-Lab NDT Dataset. Meaning and Purpose: Exploring the M-Lab NDT Dataset (August 2, 2021) (2021).Google Scholar
- Phillipa; Friedman Timur; Moon Sue B Clark, David D; Gill. [n.d.]. Network Datasets: what exists, and what are the problems? https://networkingchannel.eu/network-datasets-what-exists-and-what-are-the-problems/Google Scholar
- Scott E Coull, Charles V Wright, Fabian Monrose, Michael P Collins, Michael K Reiter, et al. 2007. Playing Devil's Advocate: Inferring Sensitive Information from Anonymized Network Traces.. In Ndss, Vol. 7. 35--47.Google Scholar
- Cynthia Dwork, Frank McSherry, Kobbi Nissim, and Adam Smith. 2016. Calibrating noise to sensitivity in private data analysis. Journal of Privacy and Confidentiality 7, 3 (2016), 17--51.Google ScholarCross Ref
- Cynthia Dwork, Aaron Roth, et al. 2014. The algorithmic foundations of differential privacy. Found. Trends Theor. Comput. Sci. 9, 3-4 (2014), 211--407.Google ScholarDigital Library
- Andy Greenberg. 2016. Apple's 'differential privacy' is about collecting your data---but not your data. Wired, June 13 (2016).Google Scholar
- Moritz Hardt, Katrina Ligett, and Frank McSherry. 2010. A simple and practical algorithm for differentially private data release. arXiv preprint arXiv:1012.4763 (2010).Google Scholar
- Michael Hay, Ashwin Machanavajjhala, Gerome Miklau, Yan Chen, and Dan Zhang. 2016. Principled evaluation of differentially private algorithms using DPBench. In Proceedings of the 2016 International Conference on Management of Data. 139--154.Google ScholarDigital Library
- Wei-Jen Hsu, Thrasyvoulos Spyropoulos, Konstantinos Psounis, and Ahmed Helmy. 2009. Modeling spatial and temporal dependencies of user mobility in wireless mobile networks. IEEE/ACM Transactions on Networking (ToN) 17, 5 (2009), 1564--1577.Google ScholarDigital Library
- Jeeyoung Kim and Ahmed Helmy. 2010. The challenges of accurate mobility prediction for ultra mobile users. ACM SIGMOBILE Mobile Computing and Communications Review 13, 3 (2010), 58--61.Google ScholarDigital Library
- Minkyong Kim and David Kotz. 2005. Classifying the mobility of users and the popularity of access points. In Location-and Context-Awareness. Springer, 198--210.Google Scholar
- Minkyong Kim and David Kotz. 2007. Periodic properties of user mobility and access-point popularity. Personal and Ubiquitous Computing 11, 6 (2007), 465--479.Google ScholarDigital Library
- David Kotz, Tristan Henderson, Ilya Abyzov, and J Yeo. 2004. [CRAWDAD Dataset Dartmouth/campus.] https://crawdad.org/dartmouth/campus/20090909.Google Scholar
- Jonah Langlieb. 2020. Differentially Private Data Privatization of College Campus Mobility Data. https://www.cs.swarthmore.edu/~chaganti/pubs/Langlieb_Thesis.pdfGoogle Scholar
- Peeter Laud, Alisa Pankova, and Martin Pettai. 2020. A Framework of Metrics for Differential Privacy from Local Sensitivity. Proc. Priv. Enhancing Technol. 2020, 2 (2020), 175--208.Google ScholarCross Ref
- Chao Li, Michael Hay, Gerome Miklau, and Yue Wang. 2014. A data-and workload-aware algorithm for range queries under differential privacy. arXiv preprint arXiv:1410.0265 (2014).Google Scholar
- Giulia Mauri and Giacomo Verticale. 2014. On the tradeoff between performance and user privacy in information centric networking. In 2014 6th International Conference on New Technologies, Mobility and Security (NTMS). IEEE, 1--5.Google ScholarCross Ref
- Ryan McKenna, Gerome Miklau, Michael Hay, and Ashwin Machanavajjhala. 2021. HDMM: Optimizing error of high-dimensional statistical queries under differential privacy. arXiv preprint arXiv:2106.12118 (2021).Google Scholar
- Frank McSherry and Ratul Mahajan. 2010. Differentially-private network trace analysis. ACM SIGCOMM Computer Communication Review 40, 4 (2010), 123--134.Google ScholarDigital Library
- Frank D McSherry. 2009. Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In Proceedings of the 2009 ACM SIGMOD International Conference on Management of data. 19--30.Google ScholarDigital Library
- Xiaoqiao George Meng, Starsky HY Wong, Yuan Yuan, and Songwu Lu. 2004. Characterizing flows in large wireless data networks. In Proceedings of the 10th annual international conference on Mobile computing and networking. ACM, 174--186.Google ScholarDigital Library
- Jeffrey C Mogul, Priya Mahadevan, Christophe Diot, John Wilkes, Phillipa Gill, and Amin Vahdat. 2021. Data-driven networking research: models for academic collaboration with industry (a Google point of view). ACM SIGCOMM Computer Communication Review 51, 4 (2021), 47--49.Google ScholarDigital Library
- Aarti Munjal, Tracy Camp, and Nils Aschenbruck. 2012. Changing trends in modeling mobility. Journal of Electrical and Computer Engineering 2012 (2012).Google Scholar
- University of Massachusetts-Amherst. 2020. University of Massachusetts-Amherst GIS Data. https://www.umass.edu/oir/sites/default/files/publications/glance/FS_gla_01.pdf.Google Scholar
- Ruoming Pang, Mark Allman, Vern Paxson, and Jason Lee. 2006. The devil and packet trace anonymization. ACM SIGCOMM Computer Communication Review 36, 1 (2006), 29--38.Google ScholarDigital Library
- Pratap S Prasad and Prathima Agrawal. 2010. Movement prediction in wireless networks using mobility traces. In Consumer Communications and Networking Conference (CCNC), 2010 7th IEEE. IEEE, 1--5.Google ScholarCross Ref
- Wahbeh Qardaji, Weining Yang, and Ninghui Li. 2013. Understanding hierarchical methods for differentially private histograms. Proceedings of the VLDB Endowment 6, 14 (2013), 1954--1965.Google ScholarDigital Library
- Bruno F Ribeiro, Weifeng Chen, Gerome Miklau, and Donald F Towsley. 2008. Analyzing Privacy in Enterprise Packet Trace Anonymization.. In NDSS.Google Scholar
- Abdessamed Sassi, Salah Eddine Henouda, and Abdelmalik Bachir. 2017. On predicting the residence time of mobile users at relevant places. In 2017 international symposium on networks, computers and communications (ISNCC). IEEE, 1--6.Google ScholarCross Ref
- Jennie Steshenko, Vasanta G Chaganti, and James Kurose. 2014. Mobility in a large-scale WiFi network: from syslog events to mobile user sessions. In Proceedings of the 17th ACM international conference on Modeling, analysis and simulation of wireless and mobile systems. ACM, 331--334.Google ScholarDigital Library
- Latanya Sweeney. 2002. k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 10, 05 (2002), 557--570.Google ScholarDigital Library
- Royce J Wilson, Celia Yuxin Zhang, William Lam, Damien Desfontaines, Daniel Simmons-Marengo, and Bryant Gipson. 2019. Differentially private sql with bounded user contribution. arXiv preprint arXiv:1909.01917 (2019). https://arxiv.org/pdf/1909.01917.pdfGoogle Scholar
- Dan Zhang, Ryan McKenna, Ios Kotsogiannis, Michael Hay, Ashwin Machanavajjhala, and Gerome Miklau. 2018. Ektelo: A framework for defining differentially-private computations. In Proceedings of the 2018 International Conference on Management of Data. 115--130.Google ScholarDigital Library
Index Terms
- Quantifying the privacy-vs-performance trade-offs for fine-grained wireless network measurement data
Recommendations
Quantifying Temporal Privacy Leakage in Continuous Event Data Publishing
Cooperative Information SystemsAbstractProcess mining employs event data extracted from different types of information systems to discover and analyze actual processes. Event data often contain highly sensitive information about the people who carry out activities or the people for ...
Personal privacy vs population privacy: learning to attack anonymization
KDD '11: Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data miningOver the last decade great strides have been made in developing techniques to compute functions privately. In particular, Differential Privacy gives strong promises about conclusions that can be drawn about an individual. In contrast, various syntactic ...
A privacy framework: indistinguishable privacy
EDBT '13: Proceedings of the Joint EDBT/ICDT 2013 WorkshopsIn this paper we illustrate a privacy framework named Indistinguishable Privacy. Indistinguishable privacy could be deemed as the formalization of the existing privacy definitions in privacy preserving data publishing as well as secure multi-party ...
Comments