EDEN: Enforcing Location Privacy through Re-identification Risk Assessment: A Federated Learning Approach

AbstractCrowd sensing applications have demonstrated their usefulness in many real-life scenarios (e.g., air quality monitoring, traffic and noise monitoring). Preserving the privacy of crowd sensing app users is becoming increasingly important as the collected geo-located data may reveal sensitive information about these users (e.g., home, work places, political, religious, sexual preferences). In this context, a large variety of Location Privacy Protection Mechanisms (LPPMs) have been proposed. However, each LPPM comes with a given set of configuration parameters. The value of these parameters impacts not only the privacy level but also the utility of the resulting data. Choosing the right LPPM and the right configuration for reaching a satisfactory privacy vs. utility tradeoff is generally a difficult problem mobile app developers have to face. Solving this problem is commonly done by relying on a trusted proxy server to which raw geo-located traces are sent and privacy vs. utility assessment is performed enabling the selection of the best LPPM for each trace. In this paper we present EDEN, the first solution that selects automatically the best LPPM and its corresponding configuration without sending raw geo-located traces outside the user's device. We reach this objective by relying on a federated learning approach. The evaluation of EDEN on five real-world mobility datasets shows that EDEN outperforms state-of-the-art LPPMs reaching a better privacy vs. utility tradeoff.