Abstract: With the continuous development of location services, location privacy protection has become a hotspot in privacy protection research. At present, a series of location privacy protection schemes have been proposed, most of which are based on spatial disturbance technology. However, the existing research on location privacy protection has two problems: First of all, most of the location privacy protection schemes do not consider the complicated correlation between the trajectory points of a single trajectory when performing spatial disturbances, and they usually underestimate the risk of cracking desensitization trajectories; Secondly, there is a lack of quantitative measurement of the risk of cracking the desensitization trajectory. Although differential privacy has made considerable efforts in this regard, the existence of complex relationships makes the model may not be able to objectively describe the degree of privacy protection. If the cracking risk of data after privacy protection cannot be quantified, a quantitative evaluation index cannot be established for the privacy protection scheme. Therefore, first of all, the location information with the association relationship is used to attack the desensitization trajectory. Specifically, the Markov attack algorithms using simple association relationships and the deep neural network attack algorithms using complex association relationships are designed in this paper. Secondly, the cracking risk of desensitization trajectory is quantified, and a quantitative evaluation scheme is established to evaluate the threat degree of attack algorithm to privacy protection scheme. Finally, these two kinds of attack algorithms are used to attack Geo-Indistinguishability privacy protection scheme, and the attack effect is evaluated. The results show that Geo-Indistinguishability privacy protection scheme can resist the attack of the Markov attack algorithm, but can not resist the attack of deep neural network attack algorithm.