E-DPNCT: An Enhanced Attack Resilient Differential Privacy Model For Smart Grids Using Split Noise Cancellation

by   Khadija Hafeez, et al.

High frequency reporting of energy utilization data in smart grids can be used to infer sensitive information regarding the consumer's life style. We propose A Differential Private Noise Cancellation Model for Load Monitoring and Billing for Smart Meters (DPNCT) to protect the privacy of the smart grid data using noise cancellation protocol with a master smart meter to provide accurate billing and load monitoring. Next, we evaluate the performance of DPNCT under various privacy attacks such as filtering attack, negative noise cancellation attack and collusion attack. The DPNCT model relies on trusted master smart meters and is vulnerable to collusion attack where adversary collude with malicious smart meters in order to get private information of other smart meters. In this paper, we propose an Enhanced DPNCT (E-DPNCT) where we use multiple master smart meters for split noise at each instant in time t for better protection against collusion attack. We did extensive comparison of our E-DPNCT model with state of the art attack resistant privacy preserving models such as EPIC for collision attack and with Barbosa Differentialy Private (BDP) model for filtering attack. We evaluate our E-DPNCT model with real time data which shows significant improvement in privacy attack scenarios without any compute intensive operations.



page 1


DPNCT: A Differential Private Noise Cancellation Scheme for Load Monitoring and Billing for Smart Meters

Reporting granular energy usage data from smart meters to power grid ena...

Load Shaping Based Privacy Protection in Smart Grids: An Overview

Fine-grained energy usage data collected by Smart Meters (SM) is one of ...

Statistical-Based Privacy-Preserving Scheme with Malicious Consumers Identification for Smart Grid

As smart grids are getting popular and being widely implemented, preserv...

Light Ears: Information Leakage via Smart Lights

Modern Internet-enabled smart lights promise energy efficiency and many ...

When the signal is in the noise: The limits of Diffix's sticky noise

Finding a balance between privacy and utility, allowing researchers and ...

Achieving Differential Privacy against Non-Intrusive Load Monitoring in Smart Grid: a Fog Computing approach

Fog computing, a non-trivial extension of cloud computing to the edge of...

Market Value of Differentially-Private Smart Meter Data

This paper proposes a framework to investigate the value of sharing priv...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

I Introduction

Smart Grid technology enables efficient distribution and generation of electric power using smart meters, which collect and transmit real time data from end users to a utility provider for processing. Highly granular data is collected by smart meters from individual consumers, enabling power grids to enforce Demand Response (DR) policies for efficient energy management [2]. Despite the benefits associated with smart meters the collection of granular data raises privacy concerns, given that they can reveal sensitive and personal information related to the homeowners lifestyle [16]. Previous work such as Molina-Markhame et al.[17] demonstrate how data collected from smart meters can be used to reveal private lifestyle behaviour. For example, data collected can be used to determine when occupants of a household uses their washing machine or watch TV. While such data may be considered benign in nature, in the wrong hands it could be used to determine socio-economic status, dwelling size etc. This information could in turn be leveraged as part of a targeted marketing campaign or used by an adversary in determining when/if the house is occupied causing a serious security breach for the user.

Over the past number of years, various contributions have been proposed allowing the benefits of DR, while ensuring privacy of the home occupant, such as Encryption, Battery based load hiding, and Differential Privacy, etc [4, 15]. Differential Privacy (DP), first proposed by Dwork et al.[8], is one of the most recent and cost effective solution. It is a data perturbation technique, where a controlled randomised noise is added to data in a way that the results of a query upon two neighbouring data sets are indistinguishable. Paverd et al.[20] and Hassan et al.[13, 14] implement DP in a trusted architectural element referred to as a third party aggregator, which performs the perturbations, ensuring that only protected aggregated statistics are released to the power grid. The challenge with using a trusted central aggregator is that a creates a requirement of trust and introduces issues such as centralised point of error/failure, with a critical question emerging on “who watchers the watchers”.

The other approaches such as [9, 1, 22, 12] involves untrusted aggregators where individual smart meters perturb their data before sending it to the aggregator.

Ref. No Privacy Type Working Mechanism Aggregator Type Security Analysis Limitation
[20] Differential Privacy Laplacian noise is added at trusted remote entity for effective and private bi directional communication between power grid and consumer. Trusted No privacy attacks analysis is available No privacy from trusted entity
[13, 14] Differential Privacy Dual Differential Privacy (Laplacian Noise) with Dynamic pricing for fair billing using trusted third party Trusted No privacy attacks analysis is available No privacy from aggregator, no analysis on the usability of differentially private data at grid level
[9] Differential Privacy

Adding gamma distributed noise to each individual agent using infinite divisible Laplace distribution

Not Trusted No privacy attacks analysis is available Privacy for aggregated information only
[12] Differential Privacy Finding balance at individual level privacy with increased data points for decrease error in billing error Not Trusted No privacy attacks analysis is available Reduced accuracy in utility
[5] Differential Privacy Differential privacy using Laplacian noise with filtering attack analysis to preserve appliance usage privacy Not Trusted Filtering attack resistant Reduced accuracy in utility, No analysis on internal attacks
[3] Hash MAC and Homomorphic Encryption Aggregated load and bill calculation with privacy preservation of individual using multiple proxies and short term encrypted messages Not Trusted Collusion attack resistant High computational complexity and communication overhead
[21] Encryption with Fill Function Lightweight internal attack resistant privacy preservation technique using homomorphic enryption with dynamic entry and exit for member smart meters Not Trusted Collusion attack resistant High computational complexity and communication overhead
[1] DP with Encryption Multiple exchange of encrypted messages with aggregator for DP masked data and cluster based analysis for privacy and utility analysis Not Trusted Not secure against collusion attack as analysis shows reduced privacy Partial fault tolerance, increased utilization of bandwidth and privacy for aggregated data only
[22] DP with Encryption (Modular addition) Differential privacy using Laplacian noise with current and future cipher text for fault tolerance with modular additive encryption Not Trusted No privacy attacks analysis is available Computationally Complex, No privacy for individuals data profiles
[6] Encryp. with Charge control devices Electric storage units used as proxies for encrypted charging request sharing at different time slots to preserve privacy Not Trusted Collusion attack resistant High computational complexity and Material Cost
This paper Differential Privacy Laplacian noise added at an instant is split into multiple parts and sent to master smart meters for aggregated noise cancellation at aggregator level along with self noise cancellation models accurate billing Not Trusted Filtering Attack, Collusion attack High communication overhead
TABLE I: Comparison of Techniques for Privacy Preserving using Differential Privacy in smart meters

To address the challenge of the central trusted entity, we propose DPNCT to ensure accuracy in billing and load monitoring, while preserving the privacy of end users from untrusted third party aggregators, by performing data perturbation at the smart meter level. DPNCT is compared against the state of the art, Differentially Private Dynamic Pricing for Demand Response (DRDP) [13], evaluating its performance in ensuring privacy and dynamic pricing for demand response. Furthermore, DPNCT is appraised against various privacy attacks, to assess the resilience of the approach in the event of an attack. To improve the resistance against privacy attacks, in particular collusion attacks, we present E-DPNCT with split noise distribution among multiple master smart meters and evaluate our E-DPNCT model by experiments on real time data, to show its resistance against multiple privacy attacks. We carried out extensive comparison of our attack resistant E-DPNCT model against collusion attack resistant privacy model of EPIC [3] and compared results of filtering attack with BDP model[5].

The rest of the paper is organized as follows. The related work is discussed in section II. In section III, our proposed solution along with algorithm and example is present. We discuss the performance analysis of DPNCT against privacy attacks in section IV. In the section V we proposed E-DPNCT to cater collusion attack. Privacy and utility validation is discussed in V-A and V-B respectively. Finally we conclude the discussion in section VI.

Ii Literature Review

The literature review is further divided into two parts. In the first part overview of existing privacy models for smart grids based on privacy technique i.e. DP, encryption, and hybrid; and aggregator type i.e. trusted and untrusted third party aggregator, is presented. In the second part we will be discussing the security analysis of these privacy models on the basis of the privacy attacks analysis.

Ii-a Privacy Models for Smart Grid

Paverd et al. [20] use a remote trusted entity to add Laplacian noise in smart meters data. This remote trusted entity is responsible for bi-directional communication between the power grid and the smart meter for effective DR mechanism. Dynamic billing to reward correct behaviour and enforce demand response model is proposed by the authors from [13]. They provide DP at aggregator level where a trusted aggregator collects original data and Laplacian noise is generated and added to the original data. Dynamic bills are calculated using original data and only the customers responsible for peak load are charged with peak factor price to ensure fair billing. However, a trusted entity is required in both [20, 13] models to mask the original data and follow the demand response protocol honestly.

The solutions with non trusted third party including [9, 12] used infinite divisibility of Laplacian distribution and point-wise sensitivity to generate and add noise at smart meter level. The contributions in [9, 12] work were limited in that DP was discussed only within the context of aggregated data for load monitoring, and did not detail the subsequent impact of the noise and accuracy of billing to the end user, nor was a security analysis of the approach presented. BDP model [5] also uses DP for the preservation of individual’s privacy. They assessed the strength of their BDP model against filtering attack.

Similar to [9, 12, 5], EPIC by Alsharif et al. [3] and Wang et al. [21] use non trusted aggregator. They differ in their privacy mechanism as they only use compute intensive encryption based on key exchange mechanism which has a greater communication overhead as compared to pure DP based solutions.

Acs et al.[1] and Won et al.[22] also use a non trusted aggregator in their approach. They differ though in that as they proposed a hybrid approach, using encryption in addition to differential private noise between the smart meters and aggregator to mask the data. However, these solutions are computationally complex and take extra bandwidth in the network to send information. The authors from [6] make use of encryption and scheduling of charging batteries as privacy mechanism without a trusted third party but this solution requires extra material cost for installing and maintaining energy storage devices such as batteries.

Ii-B Security Analysis of Privacy Models

Table I, presents a summary of privacy mechanism in smart grid, highlighting a brief overview of its operation and the aggregator type along with a critical analysis of the main limitations of the approach and available security analysis. Apart from few research works [5, 3, 21, 6], most solutions did not present the security analysis of their model in case of a privacy attack. A brief comparison of attack resistance and cost of different solutions is shown in Table II.

The authors from [3] proposed EPIC and introduced the idea of where each smart meter selects a number of

and sends them small chunks of pairwise secret masks. They analysed the impact of collusion attack on EPIC using hyperbolic probability model. The privacy model proposed by

[21] used session keys and a fill function in a way that the aggregated mask becomes zero at the non trusted aggregator. In order to be protected from collusion attacks they used encryption and their mathematical model achieves reliable privacy protection against collusion attack.

Ref. Collusion AR Filtering AR MC CO CP
[3] NA
[5] NA
[21] NA
[6] NA
This paper
TABLE II: Comparison of attack resistant (AR) privacy models for smart grid w.r.t Communication Overhead (CO), Costly Material (MC) and Computationally Complex (CP)

To be protected from colluding aggregator and charging controller (CC) [6] uses blind signatures along with multiple charging requests instead of single request from energy storage unit. We did not compare our collusion resistant model with [6] as the solution requires costly material and complex encryption to preserve privacy against collusion attack. Furthermore, privacy preserving model introduced by them is for charging coordination of batteries only.

Our E-DPNCT preserves privacy and enable billing and load monitoring with least error but it is also resilient against a range of privacy attacks i.e. collusion, filtering etc. The split noise distribution E-DPNCT model helps in resisting from colluding master smart meters attack. Since it does not involve any complex encryption or charging device, it is not compute intensive or costly. Noise is generated by smart meters at each instant before sending the data to aggregator and the cost of generating random number as noise is constant. So for readings in a time period the cost of generating noise is which is less than any encryption methods used in previous solutions. We extensively performed security analysis of our model and compares it with the state of the art privacy attack resistant models of EPIC [3] and BDP model [5].

Iii Proposed Solution: DPNCT

In this section the DPNCT solution [11] which leverages DP as the privacy preserving technique is presented. The system model and the algorithms are also explained in this section.

Iii-a System Model

Fig. 1: Aggregator collects masked data from smart meter and aggregated noise from master smart meter to calculate bills and load monitoring.

The model for DPNCT, as shown in Fig. 1, has four components, smart meters, master smart meter, aggregator, and power grid. As shown in the diagram, the instantiating step involves the smart meter, which generates Laplacian noise and add it to the original reading . At each instant a smart meter is selected randomly in an area to be the master smart meter. Each smart meter sends the noise added at an instant to the master smart meter and the masked data to the aggregator . In step , the master smart meter aggregates the noise from all smart meters in an area and sends it to the aggregator. In the final step (step ), the aggregator removes the noise by subtracting aggregated noise from aggregated masked data to get accurate total load in an area at an instant .

To calculate the total energy consumption of an individual smart meter at aggregator level, a noise cancelling DP mechanism (DPNCT) is devised. Each smart meter stores the noise added in the time period and subtract it in the next time period in order to cancel the overall effect of noise in bill calculation. The algorithm of DPNCT mechanism is explained in function in algorithm 2.

Key Description Key Description
IDs of all master smart meters Error in previous bill reported by smart meters
Total number of smart meters Aggregated group noise
Original load consumption of the household at time chosen model in DPNCT (Hourly, Daily, Monthly)
TABLE III: Key Notations and their Description used in Algorithm 1 and 2
Function AggregatedLoadCalculation() ;
        while Billing Period  do
               for all smart meters in  do
                      = getMaskedData();
               end for
              for  in  do
                      = getNoiseData();
               end for
               = ;
        end while
Function BillCalculation() ;
        Input: ,
        for  all smart meters in  do
               if  then
                      = ;
                      = ;
                      Notify and to smart meter ;
                      = ;
                      Notify to smart meter ;
               end if
        end for
Algorithm 1 Calculation of Bill and Aggregated Load at Aggregator
Function DPNCT() ;
        = ;
        = 0;
        while Time Period  do
               = G(N,) - G’(N,);
               = Push();
               = Pop();
               = + - ;
               Send to aggregator ;
               if   then
                      for all smart meters in group do
                             get noise from member smart meter;
                      end for
                     Report aggregated group noise to aggregator
                      Send to master smart meter with
               end if
        end while
       if surcharge Reported By Aggrgator then
               if  then
                      Error =
                      Error = ;
               end if
              Notify Error To Aggregator ;
               Error = ;
        end if
Algorithm 2 Differential Privacy With Noise Cancellation at Smart Meter

Iii-B Differential Privacy

The probabilistic model of Dwork et al. [8] states that the DP protected data ensures privacy for a mechanism if any two neighbouring data sets and differ in one record and for all the possible outcomes , the below equation is satisfied:


With the privacy parameter controlled by user ranges from . With a decreasing trend in the utility, the lesser the value of the more private the data would be.

Iii-B1 Sensitivity

By definition, sensitivity refers to the maximum difference in the output of two neighbouring data sets for a function . As explained by Eibl and Engel et al. [9], point-wise sensitivity can be utilized where regardless of the data from the other smart meters, each smart meter generates noise , at time independently.


Given the above Equation 2, sensitivity refers to the highest consumption by any of the smart meters throughout the time period . Our paper does not cover the selection and analysis of different sensitivity strategies.

Iii-B2 Infinite divisibility of Laplace distribution

In order to take care of the privacy of each consumer/smart meter, noise is added to each smart meter before sending the data to the aggregator. Laplacian noise is used due to its infinite divisibility since every smart meter will be adding the noise independently without having any information of the other smart meters. According to the infinite divisibility property of the Laplacian noise, if the sampling of a random variable is done from the probability distribution function of Laplace distribution

then for , the distribution is infinite [11]:


In this equation , and represent identically distributed and independent gamma density functions having same parameters, represents the number of smart meters within the network and the selection of is based on and point-wise sensitivity. Equation 3 states that when using gamma density function, the aggregated noise of all the smart meters at the network level will be equal to at time .

Iii-C Differentially Private Noise Cancellation Mechanism

In DPNCT model, it is assumed that there is one aggregator and smart meters in an area. Power consumption reading in is being recorded by each smart meter at every minutes . In the model, the aggregator is interested in total energy consumption by individual smart meters in the billing period for bill calculation and total energy consumption by all smart meters in an area at an instant for load monitoring. In order to mask the individual user profile, the gamma noise is added to original energy consumption data by the smart meter at an instant such that; and each smart meter transmits this masked energy consumption value to the aggregator. Using the mechanism in equation 3, when aggregated according to the following equation 7, the masked data of smart meters gives differential privacy of .


To further increase the accuracy of the aggregated load at any given time , aggregated noise cancellation protocol is used where aggregator assigns an to each smart meter and groups are formed in each round. Each group have smart meters and a master smart meter is selected randomly in each group. All the smart meters in the group send noise to the master which is responsible for sending the total noise from the group to the aggregator. The aggregator deducts the aggregated group noise from the masked data and calculates the accurate load at any instant as shown below:


Each smart meter keeps a record of the noise being added to the smart meter data over a time period . As stated earlier, every smart meter generates the noise independently and that noise is added to the actual energy utilization data before it is sent to the aggregator. The overall effect of this noise is cancelled in the next time period of time . The protocol is explained by Algorithm 2 and Table III. The performance evaluation section will also shed light on the effects of selecting this time period .

Iii-D Adversary Model

An adversary is an intruder that is interested in finding real time energy usage data of consumers to analyse the pattern and infer sensitive information from it. The aggregators are assumed to be untrusted entity in this paper, hence, they can try to infer information from masked data and colluding smart meters may assist to launch a collusion attack by sharing their private information.

Iv Performance Analysis against Privacy Attacks

In this section different privacy attacks against smart grid data are discussed and security analysis of DPNCT model against these attacks is presented and compared with encryption based EPIC [3] collusion attack resistant privacy model. The attack resistance is not compared with DRDP [14] privacy model as it is not collusion attack resistant and assumes a trusted third party aggregator.

Iv-a Privacy Attacks

One of the most prominent type of privacy attacks is data reconstruction attacks, where an adversary can recover information through observation of noisy data in a dataset [19]

. Over the years, different types of reconstruction attacks have emerged such as Linking Attack and Naive Estimation Attacks

[10]. In both of these attacks the adversary leverages external added information about the consumer, or examines similarities between masked and unmasked data, to infer the original data. By using strong , DP protected data provides resistance against these attacks [7].

Another form of a reconstruction attack, uses statistical analysis of the perturbed data to reduce noise in the data. Filtering attacks and Negative Noise Reduction attacks are examples of this form of reconstruction attack, and a security analysis of DPNCT against these forms of reconstruction attacks are presented in IV-C and IV-B respectively.

Collusion attack is another data reconstruction attack which makes use of malicious entities within smart grid infrastructure. These entities can be a third party aggregator, power grid or colluding smart meters. The malicious entities try to get private internal information and collude with other entities to leak information from perturbed data set. Collusion attack analysis on DPNCT is discussed in detail in subsequent subsections.

House P value Corr. Coefficient House P value Corr. Coefficient
1 8 0.14 2 27 0.26
3 57 0.087 4 15 0.19
5 83 0.10 6 23 0.16
7 86 0.21 8 6 0.09
9 4 0.21 10 7 0.24
TABLE IV: Best fitted P values of filtered profiles of 10 houses

Iv-B Removal of Negative Noise

The minimum value of original consumption data of smart meters can only be because energy consumption can not be negative. However, as the Laplacian noise generated at each instant by the smart meter can be a negative or a positive integer, the masked protected data can have negative values. The adversary can easily remove negative values from masked user profile and replace them with the minimum possible value i.e. . Launching this attack alone on DPNCT protected data shows that the correlation of resulting profile does not significantly increase with original profile. However, this attack can be used in combination of other statistical attacks to improve their performance.

Iv-C Filtering Attack

Filtering attack (FA) is a data reconstruction attack where adversary has access to time series DP protected masked user profile where each data point is a masked reading at an instant in the time series. The attack is launched by calculating moving arithmetic mean of masked profile of a consumer to reduce the effect of noise in masked profile [5]. The steps to launch the filtering attack are as follows:

  1. Adversary selects a number .

  2. The first values of consumers masked profile are copied to the filtered profile .

  3. The reading at index in is calculated by using equation 6 till index.

  4. The last values of the filter profile are copied from last values of .

For example, if then first and last values of filter profile will be same as the masked profile and at the index the value of is the mean of values of indices from to from .

Fig. 2: A daily profile of randomly selected house compared with DPNCT filtered profiles P=8 (best fitted), P=22 and BDP filtered profile P=7.
Fig. 3: Comparison of effect of Negative noise removal on Filtering Attack between DPNCT and BDP Filtering Attack.
Fig. 4: Effect of number of data on Filtering Attack for multiple houses.

Iv-C1 Filtering Attack Analysis

To verify the effectiveness of the filtering attack, multiple values of are chosen on masked profiles of houses of one day to calculate filtered profiles. The effect of filtering attack is evaluated by calculating the correlation coefficient between the original profile and filtered profile for each value. The filtering attack is successful if correlation coefficient of filter profile with original user’s profile increases.

In Fig. 2, a randomly selected house’s daily profile is compared with filtered profiles with two values of and . As seen in the Fig. 2, for the filtered profile is best fitted with original profile with correlation coefficient . However, the best fitted value is different for different houses and it is impossible for adversary to know best fitted value without knowing original profile. Comparison of our filtered profile with filtered profile of BDP [5] protected data concludes that both provide similar resistance against filtering attack. Table IV depicts the best fitted values of houses along with improved correlation coefficient. It is worth noting that the correlation coefficient does not increase significantly for all houses except house numbers which means that even with best fitted value Filtering attack does not guarantee significant success in all cases.

Another observation can be made by Fig. 4 which shows that the correlation coefficient of different houses is lowest when calculated at days time period for all houses. However, for different time periods, that is, days, different houses do not follow same pattern. A successful filtering attack on a one day masked profile is not necessarily guarantee the same success on day data profile. Figure 3 depicts the effect of combination of negative noise cancellation attack with filtering attack of a randomly selected house. The correlation coefficient of a day data profile of a household increases from to with removed negative noise profile.

Fig. 5: Collusion attack scenario in DPNCT with one master smart.

Fig. 6: Collusion attack on DPNCT.

Iv-D Collusion Attack

A collusion attack is an attack where the adversary conspires with entities of the smart grid in order to retrieve the original time series data of users’ energy consumption. In DPNCT, at every instant the aggregator randomly selects a master smart meter and all member smart meters send the added noise to master smart meter. An example collusion attack scenario for DPNCT would be in form of colluding master smart meter as shown in Fig.5. For an adversary to be able to compute original reading of the smart meters in the group at instant , it needs to know the masked reading and the added noise. The master smart meter has the record of added noise at an instant . As can be seen from Fig. 5, an adversary can get masked data from aggregator and collude with a malicious master smart meter to get individual noise information added by each smart meter at an instant . The probability that the selected master smart meter would be a colluding smart meter increases with the increasing number of total number of colluding smart meters in the group.

Iv-E Collusion Attack Analysis

The success of collusion attack depends on the number of colluding smart meters. A multiple collusion attacks is launched on DPNCT protected data with increasing number of malicious smart meter in a group of smart meters for a time period month. In Fig. 6, the black line shows that with one master smart meter, the percentage data leak increases proportional to the increase in the number of malicious smart meters. In order to retrieve of the original data of the smart meters, the attacker needs to collude with out of smart meters. This retrieved original data can leak sensitive information of consumers/smart meters.

Fig. 7: System model of split noise E-DPNCT.
Fig. 8: Collusion attack scenario in E-DPNCT with master smart meters.

Fig. 9: Collusion attack on E-DPNCT with multiple master smart meters.

Fig. 10: Correlation between number of master smart meters in E-DPNCT and total number smart meters () in the network.

Fig. 11: Comparison of collusion attack resistance between split noise E-DPNCT and EPIC [3].
(a) Comparison of DRDP and E-DPNCT with real-time data.
(b) Comparison of MAE between Original Unprotected data, DRDP, and E-DPNCT in total energy consumption.
(c) Comparison of E-DPNCT hourly, daily and weekly models for MAE in billing and total energy consumption.
Fig. 12:
Function E-DPNCT() ;
        = ;
        = 0;
        while Time Period  do
               = G(N,) - G’(N,);
               = Push();
               = RandomlySplitNoise();
               = Pop();
               = + - ;
               Send to aggregator ;
               if  in  then
                      for all smart meters in group do
                             get noise from smart meter;
                      end for
                     Report aggregated group noise to aggregator
                      for all master smart meters in  do
                             = Pop() Send to master smart meter with ;
                      end for
               end if
        end while
Algorithm 3 Enhanced DPNCT

V Collusion Resistant E-DPNCT

A split noise E-DPNCT model is introduced in Fig. 7. Each smart meter splits its noise into parts and send them to different master smart meters at every instant . It is further explained by algorithm for E-DPNCT in 3. The collusion attack on this E-DPNCT model is successful only if all the master smart meters are malicious and colluding with the attacker. Fig. 8 shows that with three master smart meters, the attacker needs to collude with all three of the master smart meters to get complete noise information in order to compute original data.

To assess the resistance of our split noise E-DPNCT against collusion attack, a collusion attacks is launched with multiple master smart meters as depicted by Fig. 9. It can be seen from the figure that even with with a limited number of master smart meters, the E-DPNCT performs significantly better than DPNCT model in Fig. 6. With four master smart meters, the percentage leaked data is less than when out of smart meters are malicious.

The collusion attack resistance of our E-DPNCT model is compared with encryption based EPIC model in Fig. 11. As shown in the figure, our E-DPNCT model preformed similar to the EPIC privacy model [3] where with malicious smart meters and four master smart meter E-DPNCT leaks only data while EPIC leaks data. The advantage of our approach is that it is not compute intensive and has less communication overhead as compared to EPIC.

A key question emerging from our research is the number of smart maters required in our E-DPNCT model for successful resistance against collusion attacks. In order to answer this question, we simulated different scenarios varying the number of master smart meters as shown in Fig. 10. It can be deduced from the simulation that even with a large network size of smart meters, a very small number master smart meters i.e. six, is required for a successful resistance against collusion attack with of malicious smart meters.

V-a Privacy Analysis

Since the underlying DP mechanism remains the same in E-DPNCT, the results of privacy and accuracy are same as DPNCT. In order to verify the privacy and utility, we use the energy consumption data provided by [18] to perform experiments to evaluate the accuracy and privacy of the E-DPNCT model. This simulated data provides the energy consumption data of households in watts with the granularity of minutes and this gives data points for a single household per month. We used Numpy library of Python 3.0 (cf. https://numpy.org) to implement the E-DPNCT and to maintain simplicity while generating Laplacian noise, we fixed the and point-wise sensitivity with to measure the scale parameter . Generating a random number has the complexity cost of and our algorithm operates such that it adds a random number per reading so the complexity cost per smart meter of our algorithm comes out to be where represents the total number of house holds in the network. In our self noise cancelling protocol for billing we subtract the total noise added in in the next period , where we can set the duration of to hourly or weekly or daily. As demand response mechanism we set to be in a billing period and and to be and respectively. We also set up mechanism for falsely charged surcharge price due to addition of noise in our algorithm 1 elaborated in function as the error is subtracted in the subsequent bill. All the experiments were performed times and the average of them is taken as to normalise the nature of randomness in the noise cancellation and noise generation. Due to taking the average of Laplacian noise at each point the noise becomes more spread out and form more of a Gaussian shape.

The results from these experiments are compared with the benchmark as indicated by DRDP [13]. The results of privacy and accuracy of our model are not comparable with EPIC [3] due to use of completely different privacy mechanisms i.e. encryption. Fig. 11(a) compares our data perturbation with DRDP [13] protected data on a randomly selected daily profile of a household. The solid black line in Fig. 11(a), represents the original daily profile of the selected household. The E-DPNCT protected data is depicted by red line and DRDP protected data is depicted by blue line. We calculated the correlation of both protected data profiles with original data and they both have less than correlation with the original profile where is the highest correlation. This infers that there is no similarity in masked profile with the original profile hence, an adversary can not reveal sensitive information from the data.

V-B Utility Analysis

Mean Absolute Error (MAE) in total energy consumption of a single household is calculated as follows [1]:


Where is the original total energy consumption of the household and is the total masked energy consumption of the household. In Fig. 11(b), total energy consumption of a single household between E-DPNCT hourly model and DRDP is compared using MAE.

V-B1 Billing

Calculation of bills is the first utility goal of our proposed model. The error in the billing period occurs due to noise added in the last as all the previous noise is cancelled out in subsequent where can be an hour, a day or a week. Fig. 11(c) compares impact of different i.e. hour, day, and week on the Mean Absolute Error (MAE) in total energy consumption () and bills. As the smallest is one hour so is the lowest MAE () for total energy consumption and () for bills in hourly noise cancelling model. For daily and weekly noise cancellation models the total MAE is and respectively. The error in the bill is reported by each house hold and it is cancelled in the next billing period as depicted by the DPNCT Algorithm 1.

V-B2 Load Monitoring

Due to the use of infinite divisibility of Laplace noise, at each instant , the aggregated load has privacy of . In the ideal situation where each master smart meter sends the aggregated noise to the aggregator there would be no error. However, in situations where the aggregator does not receive any aggregated noise from master smart meters the error would be .

Vi Conclusion

In this paper, DPNCT model for smart grid privacy is proposed and assessed under different data reconstruction attacks such as Negative noise cancellation attack, Filtering attack and collusion attack. The DPNCT model is found to be vulnerable against collusion attack and an E-DPNCT model with split noise distribution to multiple master smart meters for a better resistance against privacy attacks is presented. We compared attack resistance of our E-DPNCT model with state of the art privacy models [3] and [5]. In conclusion, it is proved by our results that using multiple master smart meters reduces the probability of successful collusion attack in E-DPNCT and preserve privacy and accuracy in billing and load monitoring.


This publication has emanated from research conducted with the financial support of Science Foundation Ireland (SFI) and is funded under the Grant Number 18/CRT/6222.


  • [1] G. Ács and C. Castelluccia (2011) I have a dream! (differentially private smart metering). Vol. 6958 LNCS. External Links: Document Cited by: TABLE I, §I, §II-A, §V-B.
  • [2] I. Alotaibi, M. A. Abido, M. Khalid, and A. V. Savkin (2020) A comprehensive review of recent advances in smart grids: a sustainable future with renewable energy resources. Energies 13 (23), pp. 6269. Cited by: §I.
  • [3] A. Alsharif, M. Nabil, S. Tonyali, H. Mohammed, M. Mahmoud, and K. Akkaya (2019) EPIC: efficient privacy-preserving scheme with EtoE data integrity and authenticity for AMI networks. IEEE Internet of Things Journal 6 (2), pp. 3309–3321. External Links: Document Cited by: TABLE I, §I, §II-A, §II-B, §II-B, §II-B, TABLE II, Fig. 11, §IV, §V-A, §V, §VI.
  • [4] M. R. Asghar, G. Dán, D. Miorandi, and I. Chlamtac (2017) Smart meter data privacy: a survey. IEEE Communications Surveys & Tutorials 19 (4), pp. 2820–2835. Cited by: §I.
  • [5] P. Barbosa, A. Brito, and H. Almeida (2016) A technique to provide differential privacy for appliance usage in smart metering. Information Sciences 370-371. External Links: Document Cited by: TABLE I, §I, §II-A, §II-A, §II-B, §II-B, TABLE II, §IV-C1, §IV-C, §VI.
  • [6] M. Baza, M. Pazos-Revilla, A. Sherif, M. Nabil, A. J. Aljohani, M. Mahmoud, and W. Alasmary (2021) Privacy-preserving and collusion-resistant charging coordination schemes for smart grids. IEEE Transactions on Dependable and Secure Computing. Cited by: TABLE I, §II-A, §II-B, §II-B, TABLE II.
  • [7] M.A.P. Chamikara, P. Bertok, I. Khalil, D. Liu, and S. Camtepe (2021) PPaaS: privacy preservation as a service. Computer Communications 173, pp. 192–205. External Links: ISSN 0140-3664, Document Cited by: §IV-A.
  • [8] C. Dwork, A. Roth, et al. (2014) The algorithmic foundations of differential privacy.. Foundations and Trends in Theoretical Computer Science 9 (3-4), pp. 211–407. Cited by: §I, §III-B.
  • [9] G. Eibl and D. Engel (2017) Differential privacy for real smart metering data. Computer Science - Research and Development 32, pp. 173–182. External Links: Document Cited by: TABLE I, §I, §II-A, §II-A, §III-B1.
  • [10] K. Gai, Y. Wu, L. Zhu, M. Qiu, and M. Shen (2019) Privacy-preserving energy trading using consortium blockchain in smart grid. IEEE Transactions on Industrial Informatics 15 (6), pp. 3548–3558. External Links: Document Cited by: §IV-A.
  • [11] K. Hafeez, M. H. Rehmani, and D. OShea (2021) DPNCT: a differential private noise cancellation scheme for load monitoring and billing for smart meters. IEEE International Conference on Communications (ICC) - Workshop on Communication, Computing, and Networking in Cyber-Physical Systems (IEEE CCN-CPS ). Cited by: §III-B2, §III, footnote 1.
  • [12] M. Hale, P. Barooah, K. Parker, and K. Yazdani (2019) Differentially private smart metering: implementation, analytics, and billing. In Proceedings of the 1st ACM International Workshop on Urban Building Energy Sensing, Controls, Big Data Analysis, and Visualization, UrbSys’19, New York, NY, USA, pp. 33–42. External Links: Document, ISBN 9781450370141 Cited by: TABLE I, §I, §II-A, §II-A.
  • [13] M. U. Hassan, M. H. Rehmani, and J. Chen (2020) Differentially private dynamic pricing for efficient demand response in smart grid. In IEEE International Conference on Communications (ICC), pp. 1–6. External Links: Document Cited by: TABLE I, §I, §I, §II-A, §V-A.
  • [14] M. U. Hassan, M. H. Rehmani, and J. Chen (2021) Differentially private demand side management for incentivized dynamic pricing in smart grid.. External Links: Link Cited by: TABLE I, §I, §IV.
  • [15] M. U. Hassan, M. H. Rehmani, and J. Chen (2019) Differential privacy techniques for cyber physical systems: a survey. IEEE Communications Surveys & Tutorials 22 (1), pp. 746–789. Cited by: §I.
  • [16] M. A. Lisovich, D. K. Mulligan, and S. B. Wicker (2010) Inferring personal information from demand-response systems. in IEEE Security Privacy 8 (1), pp. 11–20. External Links: Document Cited by: §I.
  • [17] A. Molina-Markham, P. Shenoy, K. Fu, E. Cecchet, and D. Irwin (2010) Private memoirs of a smart meter. In Proceedings of the 2nd ACM Workshop on Embedded Sensing Systems for Energy-Efficiency in Building, BuildSys ’10, New York, NY, USA, pp. 61–66. External Links: Document, ISBN 9781450304580 Cited by: §I.
  • [18] M. Muratori (2017) Impact of uncoordinated plug-in electric vehicle charging on residential power demand-supplementary data.. National Renewable Energy Laboratory-Data (NREL DATA),Golden, CO (United States). External Links: Document Cited by: §V-A.
  • [19] B. D. Okkalioglu, M. Okkalioglu, M. Koc, and H. Polat (2015) A survey: deriving private information from perturbed data. Artif. Intell. Rev. 44 (4), pp. 547–569. External Links: ISSN 0269-2821, Document Cited by: §IV-A.
  • [20] A. Paverd, A. Martin, and I. Brown (2014) Privacy-enhanced bi-directional communication in the smart grid using trusted computing. In 2014 IEEE International Conference on Smart Grid Communications (SmartGridComm), Vol. , pp. 872–877. External Links: Document Cited by: TABLE I, §I, §II-A.
  • [21] X. Wang, W. Meng, and Y. Liu (2020) Lightweight privacy-preserving data aggregation protocol against internal attacks in smart grid. Journal of Information Security and Applications 55, pp. 102628. Cited by: TABLE I, §II-A, §II-B, §II-B, TABLE II.
  • [22] J. Won, C. Y. T. Ma, D. K. Y. Yau, and N. S. V. Rao (2016-06) Privacy-assured aggregation protocol for smart metering: a proactive fault-tolerant approach. IEEE/ACM Transactions on Networking 24 (3), pp. 1661–1674. External Links: Document Cited by: TABLE I, §I, §II-A.