Trace recovery: attacking and defending the user privacy in smart meter data analytics

Nazim Uddin Sheikh; Zhigang Lu; Hassan Jameel Asghar; Mohamed Ali Kaafar

doi:10.1007/978-3-031-36840-0_14

Trace recovery: attacking and defending the user privacy in smart meter data analytics

Nazim Uddin Sheikh^*, Zhigang Lu, Hassan Jameel Asghar, Mohamed Ali Kaafar

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

Abstract

Energy consumption data is collected the service providers and shared with various stakeholders involved in a smart grid ecosystem. The fine-grained energy consumption data is immensely useful for maintaining and operating grid services. Further, these data can be used for future consumption prediction using machine learning and statistical models and market segmentation purposes. However, sharing and releasing fine-grained energy data or releasing predictive models trained on user-specific data induce explicit violations of private information of consumers [34, 41]. Thus, the service providers may share and release aggregated statistics to protect the privacy of users aiming at mitigating the privacy risks of individual users’ consumption traces. In this chapter, we show that an attacker can recover individual users’ traces of energy consumption data by exploiting regularity and uniqueness properties of individual consumption load patterns. We propose an unsupervised attack framework to recover hourly energy consumption time-series of users without any background information. We construct the problem of assigning aggregated energy consumption meter readings to individual users as a mathematical assignment problem and solve it by the Hungarian algorithm [30, 50]. We used two real-world datasets to demonstrate an attacker’s performance in recovering private traits of users. Our results show that an attacker is capable of recovering 70% of users’ energy consumption patterns with over 90% accuracy. Finally, we proposed few defense techniques, such as differential privacy and federated machine learning that may potentially help reduce an attacker’s capability to infer users’ private information.

Original language	English
Title of host publication	E-Business and Telecommunications
Subtitle of host publication	18th International Conference, ICETE 2021, virtual event, July 6–9, 2021, revised selected papers
Editors	Pierangela Samarati, Marten van Sinderen, Sabrina De Capitani di Vimercati, Fons Wijnhoven
Place of Publication	Cham
Publisher	Springer, Springer Nature
Pages	305-333
Number of pages	29
ISBN (Electronic)	9783031368400
ISBN (Print)	9783031368394
DOIs	https://doi.org/10.1007/978-3-031-36840-0_14
Publication status	Published - 2023
Event	18th International Joint Conference on e-Business and Telecommunications, ICETE 2021 - Virtual, Online Duration: 6 Jul 2021 → 9 Jul 2021

Publication series

Name	Communications in Computer and Information Science
Volume	1795
ISSN (Print)	1865-0929
ISSN (Electronic)	1865-0937

Conference

Conference	18th International Joint Conference on e-Business and Telecommunications, ICETE 2021
City	Virtual, Online
Period	6/07/21 → 9/07/21

Keywords

Inference Attacks
Aggregate Statistics
Differential Privacy
Energy Data Privacy
Smart Meter Privacy
Federated Learning

Access to Document

10.1007/978-3-031-36840-0_14

Cite this

Sheikh, N. U., Lu, Z., Asghar, H. J., & Kaafar, M. A. (2023). Trace recovery: attacking and defending the user privacy in smart meter data analytics. In P. Samarati, M. van Sinderen, S. D. C. D. Vimercati, & F. Wijnhoven (Eds.), E-Business and Telecommunications: 18th International Conference, ICETE 2021, virtual event, July 6–9, 2021, revised selected papers (pp. 305-333). (Communications in Computer and Information Science; Vol. 1795). Springer, Springer Nature. https://doi.org/10.1007/978-3-031-36840-0_14

Sheikh, Nazim Uddin ; Lu, Zhigang ; Asghar, Hassan Jameel et al. / Trace recovery : attacking and defending the user privacy in smart meter data analytics. E-Business and Telecommunications: 18th International Conference, ICETE 2021, virtual event, July 6–9, 2021, revised selected papers. editor / Pierangela Samarati ; Marten van Sinderen ; Sabrina De Capitani di Vimercati ; Fons Wijnhoven. Cham : Springer, Springer Nature, 2023. pp. 305-333 (Communications in Computer and Information Science).

@inproceedings{cde76bfe548345ec806d0c7c761a3b95,

title = "Trace recovery: attacking and defending the user privacy in smart meter data analytics",

abstract = "Energy consumption data is collected the service providers and shared with various stakeholders involved in a smart grid ecosystem. The fine-grained energy consumption data is immensely useful for maintaining and operating grid services. Further, these data can be used for future consumption prediction using machine learning and statistical models and market segmentation purposes. However, sharing and releasing fine-grained energy data or releasing predictive models trained on user-specific data induce explicit violations of private information of consumers [34, 41]. Thus, the service providers may share and release aggregated statistics to protect the privacy of users aiming at mitigating the privacy risks of individual users{\textquoteright} consumption traces. In this chapter, we show that an attacker can recover individual users{\textquoteright} traces of energy consumption data by exploiting regularity and uniqueness properties of individual consumption load patterns. We propose an unsupervised attack framework to recover hourly energy consumption time-series of users without any background information. We construct the problem of assigning aggregated energy consumption meter readings to individual users as a mathematical assignment problem and solve it by the Hungarian algorithm [30, 50]. We used two real-world datasets to demonstrate an attacker{\textquoteright}s performance in recovering private traits of users. Our results show that an attacker is capable of recovering 70% of users{\textquoteright} energy consumption patterns with over 90% accuracy. Finally, we proposed few defense techniques, such as differential privacy and federated machine learning that may potentially help reduce an attacker{\textquoteright}s capability to infer users{\textquoteright} private information.",

keywords = "Inference Attacks, Aggregate Statistics, Differential Privacy, Energy Data Privacy, Smart Meter Privacy, Federated Learning",

author = "Sheikh, {Nazim Uddin} and Zhigang Lu and Asghar, {Hassan Jameel} and Kaafar, {Mohamed Ali}",

year = "2023",

doi = "10.1007/978-3-031-36840-0_14",

language = "English",

isbn = "9783031368394",

series = "Communications in Computer and Information Science",

publisher = "Springer, Springer Nature",

pages = "305--333",

editor = "Pierangela Samarati and {van Sinderen}, Marten and Vimercati, {Sabrina De Capitani di} and Fons Wijnhoven",

booktitle = "E-Business and Telecommunications",

address = "United States",

note = "18th International Joint Conference on e-Business and Telecommunications, ICETE 2021 ; Conference date: 06-07-2021 Through 09-07-2021",

}

Sheikh, NU, Lu, Z, Asghar, HJ & Kaafar, MA 2023, Trace recovery: attacking and defending the user privacy in smart meter data analytics. in P Samarati, M van Sinderen, SDCD Vimercati & F Wijnhoven (eds), E-Business and Telecommunications: 18th International Conference, ICETE 2021, virtual event, July 6–9, 2021, revised selected papers. Communications in Computer and Information Science, vol. 1795, Springer, Springer Nature, Cham, pp. 305-333, 18th International Joint Conference on e-Business and Telecommunications, ICETE 2021, Virtual, Online, 6/07/21. https://doi.org/10.1007/978-3-031-36840-0_14

Trace recovery: attacking and defending the user privacy in smart meter data analytics. / Sheikh, Nazim Uddin; Lu, Zhigang; Asghar, Hassan Jameel et al.
E-Business and Telecommunications: 18th International Conference, ICETE 2021, virtual event, July 6–9, 2021, revised selected papers. ed. / Pierangela Samarati; Marten van Sinderen; Sabrina De Capitani di Vimercati; Fons Wijnhoven. Cham: Springer, Springer Nature, 2023. p. 305-333 (Communications in Computer and Information Science; Vol. 1795).

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

TY - GEN

T1 - Trace recovery

T2 - 18th International Joint Conference on e-Business and Telecommunications, ICETE 2021

AU - Sheikh, Nazim Uddin

AU - Lu, Zhigang

AU - Asghar, Hassan Jameel

AU - Kaafar, Mohamed Ali

PY - 2023

Y1 - 2023

N2 - Energy consumption data is collected the service providers and shared with various stakeholders involved in a smart grid ecosystem. The fine-grained energy consumption data is immensely useful for maintaining and operating grid services. Further, these data can be used for future consumption prediction using machine learning and statistical models and market segmentation purposes. However, sharing and releasing fine-grained energy data or releasing predictive models trained on user-specific data induce explicit violations of private information of consumers [34, 41]. Thus, the service providers may share and release aggregated statistics to protect the privacy of users aiming at mitigating the privacy risks of individual users’ consumption traces. In this chapter, we show that an attacker can recover individual users’ traces of energy consumption data by exploiting regularity and uniqueness properties of individual consumption load patterns. We propose an unsupervised attack framework to recover hourly energy consumption time-series of users without any background information. We construct the problem of assigning aggregated energy consumption meter readings to individual users as a mathematical assignment problem and solve it by the Hungarian algorithm [30, 50]. We used two real-world datasets to demonstrate an attacker’s performance in recovering private traits of users. Our results show that an attacker is capable of recovering 70% of users’ energy consumption patterns with over 90% accuracy. Finally, we proposed few defense techniques, such as differential privacy and federated machine learning that may potentially help reduce an attacker’s capability to infer users’ private information.

AB - Energy consumption data is collected the service providers and shared with various stakeholders involved in a smart grid ecosystem. The fine-grained energy consumption data is immensely useful for maintaining and operating grid services. Further, these data can be used for future consumption prediction using machine learning and statistical models and market segmentation purposes. However, sharing and releasing fine-grained energy data or releasing predictive models trained on user-specific data induce explicit violations of private information of consumers [34, 41]. Thus, the service providers may share and release aggregated statistics to protect the privacy of users aiming at mitigating the privacy risks of individual users’ consumption traces. In this chapter, we show that an attacker can recover individual users’ traces of energy consumption data by exploiting regularity and uniqueness properties of individual consumption load patterns. We propose an unsupervised attack framework to recover hourly energy consumption time-series of users without any background information. We construct the problem of assigning aggregated energy consumption meter readings to individual users as a mathematical assignment problem and solve it by the Hungarian algorithm [30, 50]. We used two real-world datasets to demonstrate an attacker’s performance in recovering private traits of users. Our results show that an attacker is capable of recovering 70% of users’ energy consumption patterns with over 90% accuracy. Finally, we proposed few defense techniques, such as differential privacy and federated machine learning that may potentially help reduce an attacker’s capability to infer users’ private information.

KW - Inference Attacks

KW - Aggregate Statistics

KW - Differential Privacy

KW - Energy Data Privacy

KW - Smart Meter Privacy

KW - Federated Learning

UR - http://www.scopus.com/inward/record.url?scp=85172413671&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-36840-0_14

DO - 10.1007/978-3-031-36840-0_14

M3 - Conference proceeding contribution

AN - SCOPUS:85172413671

SN - 9783031368394

T3 - Communications in Computer and Information Science

SP - 305

EP - 333

BT - E-Business and Telecommunications

A2 - Samarati, Pierangela

A2 - van Sinderen, Marten

A2 - Vimercati, Sabrina De Capitani di

A2 - Wijnhoven, Fons

PB - Springer, Springer Nature

CY - Cham

Y2 - 6 July 2021 through 9 July 2021

ER -

Sheikh NU, Lu Z, Asghar HJ , Kaafar MA. Trace recovery: attacking and defending the user privacy in smart meter data analytics. In Samarati P, van Sinderen M, Vimercati SDCD, Wijnhoven F, editors, E-Business and Telecommunications: 18th International Conference, ICETE 2021, virtual event, July 6–9, 2021, revised selected papers. Cham: Springer, Springer Nature. 2023. p. 305-333. (Communications in Computer and Information Science). doi: 10.1007/978-3-031-36840-0_14