Privacy against a Hypothesis Testing Adversary
Zuxing Li, Tobias J. Oechtering, and Deniz Gunduz
TL;DR
This paper analyzes how to manipulate data sequences to maximize privacy against adversaries performing hypothesis tests, using information-theoretic measures, with applications to smart meter privacy.
Contribution
It introduces a framework for data manipulation to maximize hypothesis testing error probabilities, characterized by KL divergence and Chernoff information rates.
Findings
Asymptotic exponents characterized by KL divergence and Chernoff information.
Comparison of hypothesis-aware and hypothesis-unaware policies.
Application to smart meter privacy with renewable energy.
Abstract
Privacy against an adversary (AD) that tries to detect the underlying privacy-sensitive data distribution is studied. The original data sequence is assumed to come from one of the two known distributions, and the privacy leakage is measured by the probability of error of the binary hypothesis test carried out by the AD. A management unit (MU) is allowed to manipulate the original data sequence in an online fashion, while satisfying an average distortion constraint. The goal of the MU is to maximize the minimal type II probability of error subject to a constraint on the type I probability of error assuming an adversarial Neyman-Pearson test, or to maximize the minimal error probability assuming an adversarial Bayesian test. The asymptotic exponents of the maximum minimal type II probability of error and the maximum minimal error probability are shown to be characterized by a…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsWireless Communication Security Techniques · Adversarial Robustness in Machine Learning · Privacy-Preserving Technologies in Data