Inference Attacks on Location Tracks

  • John Krumm
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4480)


Although the privacy threats and countermeasures associated with location data are well known, there has not been a thorough experiment to assess the effectiveness of either. We examine location data gathered from volunteer subjects to quantify how well four different algorithms can identify the subjects’ home locations and then their identities using a freely available, programmable Web search engine. Our procedure can identify at least a small fraction of the subjects and a larger fraction of their home addresses. We then apply three different obscuration countermeasures designed to foil the privacy attacks: spatial cloaking, noise, and rounding. We show how much obscuration is necessary to maintain the privacy of all the subjects.


location privacy inference attack location tracks 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Agrawal, R., Srikant, R.: Privacy-Preserving Data Mining. In: ACM SIGMOD Conference on Management of Data, Dallas, TX, USA, ACM Press, New York (2000)Google Scholar
  2. 2.
    Ashbrook, D., Starner, T.: Using GPS to Learn Significant Locations and Predict Movement across Multiple Users. Personal and Ubiquitous Computing 7(5), 275–286 (2003)CrossRefGoogle Scholar
  3. 3.
    Barbaro, M., Zeller Jr., T.: A Face Is Exposed for AOL Searcher No. 4417749. New York Times, New York (2006)Google Scholar
  4. 4.
    Beresford, A.R., Stajano, F.: Location Privacy in Pervasive Computing. IEEE Pervasive Computing, 46–55 (2003)Google Scholar
  5. 5.
    Consolvo, S., et al.: Location Disclosure to Social Relations: Why, When, & What People Want to Share. In: CHI ’05: Proceedings of the SIGCHI Conference on Human factors in Computing Systems, New York, NY (2005)Google Scholar
  6. 6.
    Danezis, G., Lewis, S., Anderson, R.: How Much is Location Privacy Worth? In: Fourth Workshop on the Economics of Information Security, Harvard University (2005)Google Scholar
  7. 7.
    Duckham, M., Kulik, L.: Location Privacy and Location-Aware Computing. In: Drummond, J., et al. (eds.) Dynamic & Mobile GIS: Investigating Change in Space and Time, CRC Press, Boca Raton (2006)Google Scholar
  8. 8.
    Gendar, A., Lisberg, A.: How Cell Phone Helped Cops Nail Key Murder Suspect. Daily News, New York (2006)Google Scholar
  9. 9.
    Gruteser, M., Grunwald, D.: Anonymous Usage of Location-Based Services through Spatial and Temporal Cloaking. In: First ACM/USENIX International Conference on Mobile Systems, Applications, and Services (MobiSys 2003), San Francisco, CA, USA (2003)Google Scholar
  10. 10.
    Hariharan, R., Krumm, J., Horvitz, E.: Web-Enhanced GPS. In: Strang, T., Linnhoff-Popien, C. (eds.) LoCA 2005. LNCS, vol. 3479, Springer, Heidelberg (2005)Google Scholar
  11. 11.
    Toyama, K., Hariharan, R.: Project Lachesis: Parsing and Modeling Location Histories. In: Egenhofer, M.J., Freksa, C., Miller, H.J. (eds.) GIScience 2004. LNCS, vol. 3234, pp. 106–124. Springer, Heidelberg (2004)Google Scholar
  12. 12.
    LaMarca, A., et al.: Learning and Recognizing the Places We Go. In: Beigl, M., et al. (eds.) UbiComp 2005. LNCS, vol. 3660, pp. 159–176. Springer, Heidelberg (2005)Google Scholar
  13. 13.
    Hoh, B., et al.: Enhancing Security and Privacy in Traffic-Monitoring Systems. IEEE Pervasive Computing, 38–46 (2006)Google Scholar
  14. 14.
  15. 15.
  16. 16.
    Abowd, G.D., et al.: Control, Deception, and Communication: Evaluating the Deployment of a Location-Enhanced Messaging Service. In: Beigl, M., et al. (eds.) UbiComp 2005. LNCS, vol. 3660, pp. 213–231. Springer, Heidelberg (2005)Google Scholar
  17. 17.
    Kaasinen, E.: User Needs for Location-Aware Mobile Services. Personal and Ubiquitous Computing 7(1), 70–79 (2003)CrossRefGoogle Scholar
  18. 18.
    Kang, J.H., et al.: Extracting Places from Traces of Locations. In: 2nd ACM International Workshop on Wireless Mobile Applications and Services on WLAN Hotspots (WMASH’04) (2004)Google Scholar
  19. 19.
    Krumm, J., Horvitz, E.: Predestination: Inferring Destinations from Partial Trajectories. In: Dourish, P., Friday, A. (eds.) UbiComp 2006. LNCS, vol. 4206, pp. 243–260. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  20. 20.
    Letchner, J., Krumm, J., Horvitz, E.: Trip Router with Individualized Preferences (TRIP): Incorporating Personalization into Route Planning. In: Eighteenth Conference on Innovative Applications of Artificial Intelligence (IAAI-06), Cambridge, MA, USA (2006)Google Scholar
  21. 21.
    Liao, L., Fox, D., Kautz, H.A.: Location-Based Activity Recognition using Relational Markov Networks. In: Nineteenth International Joint Conference on Artificial Intelligence (IJCAI 2005), Edinburgh, Scotland (2005)Google Scholar
  22. 22.
    Lorkowski, S., et al.: Towards Area-Wide Traffic Monitoring-Applications Derived from Probe Vehicle Data. In: 8th International Conference on Applications of Advanced Technologies in Transportation Engineering, Beijing, China (2004)Google Scholar
  23. 23.
    Marmasse, N.: Providing Lightweight Telepresence in Mobile Communication to Enhance Collaborative Living. In: Program in Media Arts and Sciences, School of Architecture and Planning, p. 124. MIT, Cambridge, MA, USA (2004)Google Scholar
  24. 24.
    Schmandt, C., Marmasse, N.: Location-Aware Information Delivery with ComMotion. In: Thomas, P., Gellersen, H.-W. (eds.) HUC 2000. LNCS, vol. 1927, Springer, Heidelberg (2000)Google Scholar
  25. 25.
    Orland, K.: Stalker Victims Should Check For GPS. Associated Press on CBS News (2003),
  26. 26.
    Gajos, K., et al.: Opportunity Knocks: A System to Provide Cognitive Assistance with Transportation Services. In: Davies, N., Mynatt, E.D., Siio, I. (eds.) UbiComp 2004. LNCS, vol. 3205, pp. 433–450. Springer, Heidelberg (2004)Google Scholar
  27. 27.
    Pfitzmann, A., Köhntopp, M.: Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, Springer, Heidelberg (2001)CrossRefGoogle Scholar
  28. 28.
    Schilit, B., Hong, J., Gruteser, M.: Wireless Location Privacy Protection. IEEE Computer, 135–137 (2003)Google Scholar
  29. 29.
    Scott, D., Beresford, A., Mycroft, A.: Spatial Security Policies for Mobile Agents in a Sentient Computing Environment. In: Pezzé, M. (ed.) ETAPS 2003 and FASE 2003. LNCS, vol. 2621, Springer, Heidelberg (2003)CrossRefGoogle Scholar
  30. 30.
    Subramanya, A., et al.: Recognizing Activities and Spatial Context Using Wearable Sensors. In: 21st Conference on Uncertainty in Artificial Intelligence (UAI06), Cambridge, MA (2006)Google Scholar

Copyright information

© Springer Berlin Heidelberg 2007

Authors and Affiliations

  • John Krumm
    • 1
  1. 1.Microsoft Research, One Microsoft Way, Redmond, WAUSA

Personalised recommendations