An efficient aggregation scheme resisting on malicious data mining attacks for smart grid

doi:10.1016/j.ins.2020.03.107

Information Sciences

Volume 526, July 2020, Pages 289-300

https://doi.org/10.1016/j.ins.2020.03.107 Get rights and content

Abstract

In the smart grid, efficient power supplies require near-real-time users’ electricity usage metering data, but these data might leak users’ private information, e.g., living habits. To address this problem, a number of privacy-preserving data aggregation schemes have been proposed in the literature. In this paper, we present a new type of attack, called malicious data mining attack, by which the adversary can infer a target user’s electricity usage data. When considering this attack, the majority of existing data aggregation schemes have one of the following two shortcomings. In one aspect, the schemes based on homomorphic encryption can output an accurate aggregation result, but most of them are vulnerable to this attack. In another aspect, the schemes based on differential privacy able to withstand this attack, but the random noises introduced prevent accurate aggregation results from being computed. In this paper, we propose a novel data aggregation scheme that is not only secure against the malicious data mining attack, but also capable of outputting an accurate aggregation result. Detailed security analyses indicate that the proposed scheme satisfies the desirable properties for privacy-preserving data aggregation in the smart grid, and the simulated results demonstrate that our proposed scheme enjoys low computation and communication overhead.

Introduction

The smart grid is a new type of power grid [7], [8] and is proposed to solve all challenges of future electricity supply [12]. It combines traditional power technology with modern information technologies and contributes to more effective infrastructure for energy management [1], [25]. However, the requirement for information exchange and the dependence on networking will undoubtedly expose the smart grid to potential weaknesses associated with communications and network system [1]. To enhance the effectiveness of energy usage, the smart grid needs to collect users’ near-real-time electricity consumption data in order to derive some useful information, such as the electricity consumption peaks period and customer demands. But near-real-time electricity consumption data may contain users’ sensitive information [23], [31]. For example, the low power consumption may be a sign that residents are sleeping or out of the house; the high power consumption may indicate that householders are in the house [18], [32]. Therefore, the realization of protecting users’ privacy is crucial before the smart grid being widely deployed in real-world applications.

In the smart grid, users’ metering data is sent to the control center through a gateway. Assuming that there are n users and the gateway forwards the n encrypted metering data to the control center at fixed intervals (e.g., 5 minutes)[11], [14]. The control center can decrypt the n encrypted data and then analyzes them. But this method is inefficient. And if the external adversaries invade the database of the control center, the adversaries can obtain the metering data of any user [16], [28]. Secure data aggregation is one kind of method to address this issue [28], [34]. By using secure data aggregation techniques, the gateway first aggregates the n encrypted metering data into one encrypted value, and then send it to the control center. After decrypting, the control center can only obtain the aggregation results (e.g., sum, average) but not the individual metering data. Therefore, the external adversaries cannot know anything about the metering data of each user. However, we consider an even more severe scenario: an external adversary can block the communication between a target user and the gateway in some interval, and then the adversary invades the database of the control center. In this way, the adversary can obtain the aggregated metering data of n users in the previous interval as well as the aggregated metering data of $n - 1$ users in the current interval. Therefore, the adversary will have the ability to gain some information about the metering data of the target user through the difference of the aggregation result in these two intervals. By launching this attack intermittently, the adversary can infer sensitive information about the target user by analyzing these differences using data mining methods. In real-world applications, the adversaries with this kind of attack ability are common. Hence, the data aggregation scheme in which privacy can be preserved in this scenario may attract more considerable attention in real-world applications. However, when this attack is taking into consideration, the majority of the existing data aggregation schemes are subject to some limitations. Many schemes relying on homomorphic encryption [9], [28], [33], [35], [36], [37] lack the ability to resist this data mining attack, while schemes relying on differential privacy [13], [19], [24], [30] cannot output the accurate aggregation result although they are immune to this attack. This paper pays close attention to realize an efficient data aggregation scheme that is secure against the malicious data mining attack but also capable of obtaining accurate aggregated results.

In this paper, we propose an efficient data aggregation scheme (named AMDM) with accurate aggregated results while resisting malicious data mining attack. This paper contributes to the following three aspects:

•
We introduce the malicious data mining attack: a malicious external adversary can derive some information about the metering data of the target user through intermittently blocking the communication between this user and the gateway and intruding the database of the control center.
•
We present an efficient data aggregation scheme for the smart grid. The proposed scheme not only resists the malicious data mining attack but also outputs accurate aggregation results without revealing the individual user’s metering data.
•
We prove that the security properties, such as data confidentiality, authentication and data integrity, and data privacy, are satisfied in our proposed scheme. Moreover, we conduct performance evaluations of our proposed scheme, demonstrating that it enjoys low computation costs and communication overhead.

The rest of this paper is organized as follows: In Section 2, we formalize the system model, as well as outline the threat model, describe a malicious data mining attack, and identify out security requirements, and provide the main idea in our scheme design. Then, we describe the preliminaries required to understand our scheme AMDM in Section 3. After that, we present our scheme AMDM in Section 4, followed by the security analysis and performance evaluation in Sections 5 and 6, respectively. Section 7 discusses the related works. Finally, Section 8 concludes the paper.

Section snippets

Problem formulation

In this section, we formalize our system model, define the threat model, and outline the security requirements. For ease of reading, we list the main parameters in Table 1.

Preliminaries

In our presented scheme, the Paillier Cryptosystem [15], [27] and the Bilinear Pairing [4], [28] are the building blocks.

Proposed scheme

In this section, we propose an efficient data aggregation scheme for resisting malicious data mining attack in the smart grid, which consists of five phases: system initialization, user reports generation, data aggregation, verification and decryption of aggregated ciphertext. Assume there are n users in the system.

Security analysis

In this part, we illustrate the security properties of our scheme AMDM. Especially, following the security requirements presented earlier, our discussions focus on how the proposed scheme can ensure confidentiality, authentication, and integrity of metering data of users and achieve the privacy goals about users’ metering data.

Theorem 1

The confidentiality of users’ metering data can be ensured in the proposed scheme.

Proof

In our scheme AMDM, the metering data of users are encrypted by using Paillier

Performance evaluation

In this section, we evaluate the performance of our scheme AMDM. We choose $| N | = 1024$ bits for Paillier Cryptosystem, and set $| p^{'} | = 512$ bits and $| G_{1} | = 160$ bits. To analyze the influence of withstanding malicious data mining attack on the performance of secure data aggregation, we compare our scheme AMDM with a traditional data aggregation approach (denoted by TRDA), which can also achieve secure data aggregation but does not consider malicious data mining attack. Specifically, for each user in the

Related works

In this section, we briefly review the relevant works from the following two aspects: homomorphic encryption based data aggregation and differential privacy based data aggregation.

Homomorphic encryption techniques can achieve homomorphic operation on ciphertexts under the same key without decrypting. Hence, homomorphic encryption techniques have been adopted widely for privacy-preserving aggregation in [9], [28], [29], [33], [35], [37]. Li et al. [17] proposed a secure data aggregation method

Conclusion

In this paper, we introduce a new attack in data aggregation schemes, called Malicious Data Mining Attack, through which external adversaries can mine the information of the target user’s metering data. We then demonstrate that most of the existing data aggregation schemes suffer the following limitation: they are either vulnerable to this attack or cannot gain accurate aggregation results. In our proposed scheme (called AMDM), we provide a method to determine whether the malicious data mining

CRediT authorship contribution statement

Hua Shen: Funding acquisition, Writing - review & editing, Formal analysis, Methodology, Conceptualization. Yajing Liu: Investigation, Validation, Writing - original draft, Software. Zhe Xia: Validation, Writing - review & editing. Mingwu Zhang: Formal analysis, Funding acquisition, Supervision.

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgment

The authors grateful thank the anonymous reviewers for their helpful comments. This work was supported by the National Natural Science Foundation of China (61702168, 61672010), the Hubei Provincial Department of Education Key Project (D20181402).

References (37)

M. Badra et al.
Lightweight and efficient privacy-preserving data aggregation approach for the smart grid
Ad Hoc Netw.
(2017)
J. Domingo-Ferrer et al.
Privacy-preserving cloud computing on sensitive data: a survey of methods, products and challenges
Comput. Commun.
(2019)
J. Zhang et al.
Entropy-driven data aggregation method for energy-efficient wireless sensor networks
Inf. Fusion
(2020)
A. Anzalchi et al.
A survey on security assessment of metering infrastructure in smart grid systems
SoutheastCon 2015
(2015)
H. Bao et al.
Comment on privacy-enhanced data aggregation scheme against internal attackers in smart grid
IEEE Trans. Ind. Inf.
(2015)
D. Boneh et al.
Short signatures from the weil pairing
J. Cryptol.
(2004)
T.W. Chim et al.
Prga: privacy-preserving recording & gateway-assisted authentication of power usage information for smart grid
IEEE Trans. Depend. Secure Comput.
(2014)
A. De Caro et al.
Jpbc: Java pairing based cryptography
Proceedings of the 16th IEEE Symposium on Computers and Communications, ISCC 2011
(2011)
R. Deng et al.
Fast distributed demand response with spatially and temporally coupled constraints in smart grid
IEEE Trans. Ind. Inf.
(2015)
R. Deng et al.
A survey on demand response in smart grids: mathematical models and approaches
IEEE Trans. Ind. Inf.
(2015)

C. Dwork et al.

Differential privacy for statistics: what we know and what we want to learn

J. Privacy Confidentiality

(2010)

C.I. Fan et al.

Privacy-enhanced data aggregation scheme against internal attackers in smart grid

IEEE Trans. Ind. Inf.

(2013)

Z. Guan et al.

Privacy-preserving and efficient aggregation based on blockchain for power grid communications in smart communities

IEEE Commun. Mag.

(2018)

M.U. Hassan et al.

Differential privacy for renewable energy resources based smart metering

J. Parallel Distrib. Comput.

(2019)

D. He et al.

Efficient and privacy-preserving data aggregation scheme for smart grid against internal adversaries

IEEE Trans. Smart Grid

(2017)

Q. Kong et al.

A privacy-preserving and verifiable querying scheme in vehicular fog data dissemination

IEEE Trans. Veh. Technol.

(2018)

B. Li et al.

Towards insider threats detection in smart grid communication systems

IET Commun.

(2019)

F. Li et al.

Preserving data integrity for smart grid data aggregation

2012 IEEE Third International Conference on Smart Grid Communications (SmartGridComm)

(2012)

Cited by (58)

A certificateless multi-dimensional data aggregation scheme for smart grid
2023, Journal of Systems Architecture
In the context of the smart grid, the use of smart meters to regularly collect electricity data from customers poses a significant risk of privacy disclosure. Furthermore, traditional data aggregation schemes assume a fully trusted authority, neglecting the possibility of malicious trusted third parties and collusive attacks from control centers and gateways, which raises privacy invasion concerns for users. To address this issue, this article proposes a multi-dimensional data aggregation scheme based on certificateless public key cryptography for smart grid, which utilizes Paillier homomorphic encryption system in a fog computing-based architecture and implements authentication and key negotiation among member users. This scheme is designed to resist collusive attacks from control centers (CC) and fog nodes (FNs), while also protecting users’ privacy even in the face of a malicious key generation center (KGC). Detailed security analysis demonstrates that the proposed scheme meets the security requirements of the smart grid. Additionally, Performance analysis shows that the proposed scheme can effectively reduce the computational overhead of both smart meters and aggregators compared to existing multidimensional data aggregation schemes.
Privacy-preserving data aggregation scheme against deletion and tampering attacks from aggregators
2023, Journal of King Saud University - Computer and Information Sciences
Because privacy-preserving data aggregation protocols provide data privacy and data compression, they have been extensively studied in smart grids. However, most of the existing data aggregation protocols are based on honest-but-curious aggregators, or adopt computationally intensive asymmetric homomorphic encryption, making these protocols only provably secure in weak security models, or resulting in high computational complexity for terminal users. To address the aforementioned issues, in this work, we propose a novel lightweight privacy-preserving data aggregation scheme against malicious aggregators based on our symmetric homomorphic encryption. The proposed scheme can reduce the computational cost of smart meters while also resisting tampering and deletion attacks from malicious aggregators. One of the highlights of the proposed scheme is its ability to withstand deletion attacks from malicious aggregators, which makes it unnecessary for the malicious aggregator to aggregate the readings of all smart meters instead of only a part of them. Therefore, our scheme is more secure than other schemes. It is the first privacy-preserving data aggregation scheme based on a stronger security model without multiple rounds of interaction. Finally, the detailed security analysis shows that the proposed scheme satisfies desirable security properties. Moreover, experimental results demonstrate that the proposed scheme is superior to the other four schemes in terms of computational complexity and communication overhead.
A novel privacy-preserving multi-level aggregate signcryption and query scheme for Smart Grid via mobile fog computing
2022, Journal of Information Security and Applications
Citation Excerpt :
By combining public key encryption with digital signature, certificateless signcryption technical can achieve efficient confidentiality and authentication at one logical runtime. To solving the security problems of remote downlink control commands in multicast manner in AMI, Wang et al. in 2020 proposed a secure certificateless multi-recipient signcryption scheme [31]. By using a fog computing framework that supports low latency, mobility and location awareness, Cui et al. designed a novel certificateless aggregate signcryption scheme [22].
With the vigorous development of edge computing, edge devices are more and more powerful and widely deployed. Mobile fog computing-based Smart Grid emerges as the times require and attracts much attention, by combining Smart Grid and mobile fog computing. Nonetheless, user privacy is also facing new challenges, which are caused by mobility. Particularly the key management problem when multiple users apply for key frequently. For the purpose of solving this problem, this paper proposes a novel privacy-preserving multi-level aggregate signcryption and query scheme for Smart Grid with mobile fog computing and quantum key pool. Firstly, we develop a multi-level and dynamic privacy-preserving aggregate signcryption method without trusted authority, including space-based data aggregation and time-based data aggregation. To enhance the security of key management, we introduce quantum key pool to fast distribute the keys. Secondly, we implement a data query and share method based on proxy re-encryption. It not only supports users to query historical data and bills, but also realizes secure data sharing with other third parties. Ultimately, we design formal security analysis and digital simulation experiments. The analysis results show that the proposed scheme can achieve the characteristics of secure, high efficiency, lightweight and robustness. In the background of the increasingly wide application of quantum technology, we hope this work is a trigger for other scholars and institutions in the hybrid application of quantum and classical technology.
Privacy-preserving statistical analysis over multi-dimensional aggregated data in edge computing-based smart grid systems
2022, Journal of Systems Architecture
Citation Excerpt :
Usually, smart meters are utilized to periodically collect and send users’ power consumption data to a smart grid control center. As the collected power consumption data are closely relevant to users’ living habits and household security, an adversary in the smart grid system may intercept transmitted data and seek to extract useful information with various attacking methods, e.g., machine learning, non-intrusive load monitoring (NILM), thereby violating users’ privacy [5–11]. As such, it is indispensable to preprocess users’ data to preserve privacy against these attacks.
Smart grid systems enable bidirectional data communication between users and a smart grid control center (CC), by utilizing various communication infrastructures and embedded devices. To extract valuable information from users’ power consumption data efficiently, multi-dimensional data of users are required to be analyzed deeply. To protect users’ privacy, power consumption data are usually encrypted before transmission, which simultaneously makes it difficult to conduct statistical analysis. In this paper, we propose a scheme which enables privacy-preserving statistical analysis over multi-dimensional aggregated data (SA-MAD) in smart grid systems equipped with edge computing. We modify Boneh–Goh–Nissim (BGN) public key cryptosystem to a dual-message encryption mode, combining with two special superincreasing sequences to deal with multi-dimensional encrypted data aggregation. Besides, we design an identity-based aggregate signature to ensure encrypted data integrity in smart grid systems, and employ shamir secret sharing technique to support transmission fault-tolerance mechanism from smart meters to corresponding edge servers. SA-MAD enables CC to flexibly conduct privacy-preserving statistical analysis (e.g., sum, average, and variance) over aggregated data, and it could be easily extended to support covariance and linear regression computation. The performance evaluation demonstrates the feasibility of SA-MAD in edge computing-based smart grid systems.
A distributed privacy-preserving data aggregation scheme for smart grid with fine-grained access control
2022, Journal of Information Security and Applications
Smart grid integrates smart meters and modern communication technologies with the traditional electricity grid. It not only improves efficiency in power resource management, but also enhances reliability of the grid. However, the power consumption data may reveal users’ privacy, e.g. their living habits, and its authenticity is also important for accurate billing. Although a number of privacy preserving data aggregation schemes for smart grid have been proposed in the literature, most of them still suffer some limitations. For example, a single party is normally required to decrypt the aggregated data and this party could be a single point of failure in the system. Moreover, once the aggregated data is decrypted, no access control is imposed and it is available to the public. In order to address the above problems, we introduce a distributed privacy-preserving data aggregation scheme for smart grid with fine-grained access control. In the proposed scheme, homomorphic encryption is employed to ensure user privacy, digital signature is used to ensure data authenticity, distributed proxy re-encryption is used to achieve fine-grained access control of the aggregated data, and zero-knowledge proof is used to ensure that the proxy servers perform their tasks properly. Security analyses prove that the proposed scheme achieves the desirable security properties. In particular, it does not suffer single point of failure and the aggregated data can only be accessed by the designated recipient. Efficiency analyses also demonstrate that it is practical for real-world applications.
Reshaping the energy landscape of Crete through renewable energy valleys
2024, Scientific Reports

View all citing articles on Scopus

View full text

An efficient aggregation scheme resisting on malicious data mining attacks for smart grid

Abstract

Introduction

Section snippets

Problem formulation

Preliminaries

Proposed scheme

Security analysis

Performance evaluation

Related works

Conclusion

CRediT authorship contribution statement

Declaration of Competing Interest

Acknowledgment

Ad Hoc Netw.

Comput. Commun.

Inf. Fusion

A survey on security assessment of metering infrastructure in smart grid systems

SoutheastCon 2015

Comment on privacy-enhanced data aggregation scheme against internal attackers in smart grid

IEEE Trans. Ind. Inf.

Short signatures from the weil pairing

J. Cryptol.

Prga: privacy-preserving recording & gateway-assisted authentication of power usage information for smart grid

IEEE Trans. Depend. Secure Comput.

Jpbc: Java pairing based cryptography

Proceedings of the 16th IEEE Symposium on Computers and Communications, ISCC 2011

Fast distributed demand response with spatially and temporally coupled constraints in smart grid

IEEE Trans. Ind. Inf.

A survey on demand response in smart grids: mathematical models and approaches

IEEE Trans. Ind. Inf.

Differential privacy for statistics: what we know and what we want to learn

J. Privacy Confidentiality

Privacy-enhanced data aggregation scheme against internal attackers in smart grid

IEEE Trans. Ind. Inf.

Privacy-preserving and efficient aggregation based on blockchain for power grid communications in smart communities

IEEE Commun. Mag.

Differential privacy for renewable energy resources based smart metering

J. Parallel Distrib. Comput.

Efficient and privacy-preserving data aggregation scheme for smart grid against internal adversaries

IEEE Trans. Smart Grid

A privacy-preserving and verifiable querying scheme in vehicular fog data dissemination

IEEE Trans. Veh. Technol.

Towards insider threats detection in smart grid communication systems

IET Commun.

Preserving data integrity for smart grid data aggregation

2012 IEEE Third International Conference on Smart Grid Communications (SmartGridComm)