Title: Privacy-Preserving Data Collection and Sharing in Modern Mobile Internet Systems

Date: February 14, 2020 (Friday)

Time: 13:00-15:00 PM

Location: Klaus 2100

M. Emre Gursoy

Ph.D. Student

School of Computer Science

Georgia Institute of Technology

Committee:

Dr. Ling Liu (advisor) - School of Computer Science, Georgia Institute of Technology

Dr. Joy Arulraj - School of Computer Science, Georgia Institute of Technology

Dr. Margaret Loper - Georgia Tech Research Institute

Dr. Calton Pu - School of Computer Science, Georgia Institute of Technology

Dr. Yang Zhou - Department of Computer Science and Software Engineering, Auburn University

Abstract:

With the ubiquity and widespread use of mobile devices such as laptops, smartphones, smartwatches, and IoT devices, large volumes of user data are generated and recorded. While there is great value in collecting, analyzing, and sharing this data for improving products and services, data privacy poses a major concern.

This dissertation research addresses the problem of privacy-preserving data collection and sharing in the context of both mobile trajectory data and mobile Internet access data. The first contribution is the design and development of a system for utility-aware synthesis of differentially private and attack-resilient GPS location traces, called AdaTrace. Given a set of real location traces, AdaTrace executes a four-phase process consisting of feature extraction, synopsis construction, noise injection, and generation of synthetic location traces. Compared to representative prior approaches, the location traces generated by AdaTrace offer up to 3-fold improvement in utility, measured using a variety of utility metrics and datasets, while preserving both differential privacy and attack resilience.
 

The second contribution of this dissertation research is the design and development of locally private protocols for privacy-sensitive collection of mobile and Web user data. Motivated by the excessive utility loss of existing Local Differential Privacy (LDP) protocols under small user populations, I introduce the notion of Condensed Local Differential Privacy (CLDP) and a suite of protocols satisfying CLDP to enable the collection of various types of user data, ranging from ordinal data types in finite metric spaces (malware infection statistics), to non-ordinal items (OS versions and transaction categories), and to sequences of ordinal or non-ordinal items. Using cybersecurity data and case studies from Symantec, a major cybersecurity vendor, I show that proposed CLDP protocols are practical for key tasks including malware outbreak detection, OS vulnerability analysis, and inspecting suspicious activities on infected machines.

The third contribution of this dissertation research is the design and development of techniques that use Bayesian measurement for tracking long-term privacy loss in longitudinal data collection systems, as well as extending LDP protocols to support repeated and periodic data collection with strong longitudinal privacy guarantees.

In this proposal exam, I will give an overview of my PhD dissertation research and focus on the notion of Condensed Local Differential Privacy (CLDP) and the suite of protocols satisfying CLDP for privacy-preserving collection of sensitive data from user devices.