PEEL: A Poisoning-Exposing Encoding Theoretical Framework for Local Differential Privacy

TL;DR

PEEL is a theoretical framework that enhances the detection of poisoning attacks in Local Differential Privacy systems by exploiting structural inconsistencies in perturbed data, improving exposure accuracy and reducing computational costs.

Contribution

PEEL introduces a resource-efficient, domain-agnostic post-processing method that reveals poisoning attacks in LDP data without relying on prior knowledge or heavy overheads.

Findings

Outperforms four state-of-the-art defenses in poisoning exposure accuracy.

Retains unbiasedness and statistical accuracy when integrated with LDP.

Reduces client-side computational costs significantly.

Abstract

Local Differential Privacy (LDP) is a widely adopted privacy-protection model in the Internet of Things (IoT) due to its lightweight, decentralized, and scalable nature. However, it is vulnerable to poisoning attacks, and existing defenses either incur prohibitive resource overheads or rely on domain-specific prior knowledge, limiting their practical deployment. To address these limitations, we propose PEEL, a Poisoning-Exposing Encoding theoretical framework for LDP, which departs from resource- or prior-dependent countermeasures and instead leverages the inherent structural consistency of LDP-perturbed data. As a non-intrusive post-processing module, PEEL amplifies stealthy poisoning effects by re-encoding LDP-perturbed data via sparsification, normalization, and low-rank projection, thereby revealing both output and rule poisoning attacks through structural inconsistencies in the reconstructed space. Theoretical analysis proves that PEEL, integrated with LDP, retains unbiasedness and statistical accuracy, while being robust to expose both output and rule poisoning attacks. Moreover, evaluation results show that LDP-integrated PEEL not only outperforms four state-of-the-art defenses in terms of poisoning exposure accuracy but also significantly reduces client-side computational costs, making it highly suitable for large-scale IoT deployments.