Privacy-Preserving Filtering for Event Streams

Many large-scale information systems such as intelligent transportation systems, smart grids or smart buildings collect data about the activities of their users to optimize their operations. To encourage participation and adoption of these systems, it is becoming increasingly important that the design process take privacy issues into consideration. In a typical scenario, signals originate from many sensors capturing events involving the users, and several statistics of interest need to be continuously published in real-time. This paper considers the problem of providing differential privacy guarantees for such multi-input multi-output systems processing event streams. We show how to construct and optimize various extensions of the zero-forcing equalization mechanism, which we previously proposed for single-input single-output systems. Some of these extensions can take a model of the input signals into account. We illustrate our privacy-preserving filter design methodology through the problem of privately monitoring and forecasting occupancy in a building equipped with multiple motion detection sensors.

[1]  Christoforos N. Hadjicostis,et al.  Privacy-preserving asymptotic average consensus , 2013, 2013 European Control Conference (ECC).

[2]  Christopher G. Atkeson,et al.  Simultaneous Tracking and Activity Recognition (STAR) Using Many Anonymous, Binary Sensors , 2005, Pervasive.

[3]  D. Luenberger Optimization by Vector Space Methods , 1968 .

[4]  George J. Pappas,et al.  Differentially Private Filtering , 2012, IEEE Transactions on Automatic Control.

[5]  Yin Yang,et al.  Compressive mechanism: utilizing sparse representation in differential privacy , 2011, WPES.

[6]  J.E. Mazo,et al.  Digital communications , 1985, Proceedings of the IEEE.

[7]  Aleksandar Nikolov,et al.  Private decayed predicate sums on streams , 2013, ICDT '13.

[8]  Vaidy S. Sunderam,et al.  Differentially Private Multi-dimensional Time Series Release for Traffic Monitoring , 2013, DBSec.

[9]  Vitaly Shmatikov,et al.  How To Break Anonymity of the Netflix Prize Dataset , 2006, ArXiv.

[10]  Moni Naor,et al.  Differential privacy under continual observation , 2010, STOC '10.

[11]  H. Vincent Poor,et al.  A Theory of Privacy and Utility in Databases , 2011, ArXiv.

[12]  Moni Naor,et al.  Our Data, Ourselves: Privacy Via Distributed Noise Generation , 2006, EUROCRYPT.

[13]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[14]  Lennart Ljung,et al.  System Identification: Theory for the User , 1987 .

[15]  C.A. Belfiore,et al.  Decision feedback equalization , 1979, Proceedings of the IEEE.

[16]  Adrian Perrig,et al.  Security and Privacy in Sensor Networks , 2003, Computer.

[17]  Suman Nath,et al.  Differentially private aggregation of distributed time-series with transformation and encryption , 2010, SIGMOD Conference.

[18]  Chris H. Q. Ding,et al.  R1-PCA: rotational invariant L1-norm principal component analysis for robust subspace factorization , 2006, ICML.

[19]  L. Wasserman,et al.  A Statistical Framework for Differential Privacy , 2008, 0811.2501.

[20]  Inkyu Lee,et al.  The effect of decision delay in finite-length decision feedback equalization , 1996, IEEE Trans. Inf. Theory.

[21]  Petre Stoica,et al.  Spectral Analysis of Signals , 2009 .

[22]  Elaine Shi,et al.  Private and Continual Release of Statistics , 2010, ICALP.

[23]  Jerome Le Ny,et al.  Privacy-preserving nonlinear observer design using contraction analysis , 2015, 2015 54th IEEE Conference on Decision and Control (CDC).

[24]  Jian Yang,et al.  On joint transmitter and receiver optimization for multiple-input-multiple-output (MIMO) transmission systems , 1994, IEEE Trans. Commun..

[25]  Sandip Roy,et al.  Security concepts for the dynamics of autonomous vehicle networks , 2014, Autom..

[26]  Gerome Miklau,et al.  An Adaptive Mechanism for Accurate Query Answering under Differential Privacy , 2012, Proc. VLDB Endow..

[27]  J. Salz,et al.  Digital transmission over cross-coupled linear channels , 1985, AT&T Technical Journal.

[28]  Elisa Bertino,et al.  Efficient and accurate strategies for differentially-private sliding window queries , 2013, EDBT '13.

[29]  Vitaly Shmatikov,et al.  2011 IEEE Symposium on Security and Privacy “You Might Also Like:” Privacy Risks of Collaborative Filtering , 2022 .

[30]  Jerome Le Ny,et al.  On differentially private filtering for event streams , 2013, 52nd IEEE Conference on Decision and Control.

[31]  George T. Duncan,et al.  Disclosure-Limited Data Dissemination , 1986 .

[32]  J. Yang,et al.  Joint transmitter-receiver optimization for multi-input multi-output systems with decision feedback , 1994, IEEE Trans. Inf. Theory.

[33]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[34]  George J. Pappas,et al.  Real-time privacy-preserving model-based estimation of traffic flows , 2014, 2014 ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS).

[35]  Christopher Richard Wren,et al.  Visualizing the History of Living Spaces , 2007, IEEE Transactions on Visualization and Computer Graphics.

[36]  Rolf H. Weber,et al.  Internet of Things - New security and privacy challenges , 2010, Comput. Law Secur. Rev..

[37]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[38]  Jerome Le Ny,et al.  Differentially private MIMO filtering for event streams and spatio-temporal monitoring , 2014, 53rd IEEE Conference on Decision and Control.

[39]  H. Vincent Poor,et al.  An Introduction to Signal Detection and Estimation , 1994, Springer Texts in Electrical Engineering.

[40]  H. Vincent Poor,et al.  An introduction to signal detection and estimation (2nd ed.) , 1994 .

[41]  Darren Leigh,et al.  The MERL Motion Detector Dataset: 2007 Workshop on Massive Datasets , 2007 .