A Blackbox Model Is All You Need to Breach Privacy: Smart Grid Forecasting Models as a Use Case

TL;DR

This paper reveals that black box access to smart grid forecasting models, especially LSTM, can leak sensitive information, posing significant privacy risks comparable to direct data access, emphasizing the need for model protection.

Contribution

It demonstrates that forecasting models like LSTM can leak sensitive data through black box access, a risk previously overlooked in privacy assessments.

Findings

Black box access to LSTM models can reveal data with 1% AUC difference.

Forecasting models pose similar privacy risks as direct data access.

Protecting models is crucial for safeguarding sensitive information.

Abstract

This paper investigates the potential privacy risks associated with forecasting models, with specific emphasis on their application in the context of smart grids. While machine learning and deep learning algorithms offer valuable utility, concerns arise regarding their exposure of sensitive information. Previous studies have focused on classification models, overlooking risks associated with forecasting models. Deep learning based forecasting models, such as Long Short Term Memory (LSTM), play a crucial role in several applications including optimizing smart grid systems but also introduce privacy risks. Our study analyzes the ability of forecasting models to leak global properties and privacy threats in smart grid systems. We demonstrate that a black box access to an LSTM model can reveal a significant amount of information equivalent to having access to the data itself (with the difference being as low as 1% in Area Under the ROC Curve). This highlights the importance of protecting forecasting models at the same level as the data.