TU Darmstadt / ULB / TUbiblio

Two Is Not Enough: Privacy Assessment of Aggregation Schemes in Smart Metering

Büscher, Niklas and Boukoros, Spyros and Bauregger, Stefan and Katzenbeisser, Stefan (2017):
Two Is Not Enough: Privacy Assessment of Aggregation Schemes in Smart Metering.
In: Proceedings on Privacy Enhancing Technologies, De Gruyter, Minneapolis, USA, DOI: 10.1515/popets-2017-0030, [Conference or Workshop Item]

Abstract

The widespread deployment of smart meters that frequently report energy consumption information, is a known threat to consumers’ privacy. Many promising privacy protection mechanisms based on secure aggregation schemes have been proposed. Even though these schemes are cryptographically secure, the energy provider has access to the plaintext aggregated power consumption. A privacy trade-off exists between the size of the aggregation scheme and the personal data that might be leaked, where smaller aggregation sizes leak more personal data. Recently, a UK industrial body has studied this privacy trade-off and identified that two smart meters forming an aggregate, are sufficient to achieve privacy. In this work, we challenge this study and investigate which aggregation sizes are sufficient to achieve privacy in the smart grid. Therefore, we propose a flexible, yet formal privacy metric using a cryptographic game based definition. Studying publiclyavailable, real world energy consumption datasets with various temporal resolutions, ranging from minutes to hourly intervals, we show that a typical household can be identified with very high probability. For example, we observe a 50% advantage over random guessing in identifying households for an aggregation size of 20 households with a 15-minutes reporting interval. Furthermore, our results indicate that single appliances can be identified with significant probability in aggregation sizes up to 10 households.

Item Type: Conference or Workshop Item
Erschienen: 2017
Creators: Büscher, Niklas and Boukoros, Spyros and Bauregger, Stefan and Katzenbeisser, Stefan
Title: Two Is Not Enough: Privacy Assessment of Aggregation Schemes in Smart Metering
Language: English
Abstract:

The widespread deployment of smart meters that frequently report energy consumption information, is a known threat to consumers’ privacy. Many promising privacy protection mechanisms based on secure aggregation schemes have been proposed. Even though these schemes are cryptographically secure, the energy provider has access to the plaintext aggregated power consumption. A privacy trade-off exists between the size of the aggregation scheme and the personal data that might be leaked, where smaller aggregation sizes leak more personal data. Recently, a UK industrial body has studied this privacy trade-off and identified that two smart meters forming an aggregate, are sufficient to achieve privacy. In this work, we challenge this study and investigate which aggregation sizes are sufficient to achieve privacy in the smart grid. Therefore, we propose a flexible, yet formal privacy metric using a cryptographic game based definition. Studying publiclyavailable, real world energy consumption datasets with various temporal resolutions, ranging from minutes to hourly intervals, we show that a typical household can be identified with very high probability. For example, we observe a 50% advantage over random guessing in identifying households for an aggregation size of 20 households with a 15-minutes reporting interval. Furthermore, our results indicate that single appliances can be identified with significant probability in aggregation sizes up to 10 households.

Title of Book: Proceedings on Privacy Enhancing Technologies
Volume: 2017
Number: 4
Publisher: De Gruyter
Uncontrolled Keywords: smart grid, smart meters, privacy, aggrega- tion, measurements, privacy metric
Divisions: 20 Department of Computer Science
20 Department of Computer Science > Security Engineering
DFG-Graduiertenkollegs
DFG-Graduiertenkollegs > Research Training Group 2050 Privacy and Trust for Mobile Users
Profile Areas
Profile Areas > Cybersecurity (CYSEC)
Event Location: Minneapolis, USA
Date Deposited: 07 Aug 2017 13:42
DOI: 10.1515/popets-2017-0030
Identification Number: TUD-CS-2017-0213
Export:

Optionen (nur für Redakteure)

View Item View Item