Differential privacy EV charging data release based on variable window

a. Adaptive sampling

For data stream differential privacy release, every release of noisy data requires a certain privacy budget. The data stream itself has the characteristics of continuity, and if noise is added to each timestamp, it will inevitably cause large error. To minimize the disturbance error, the general strategy is to sample the data stream. In this paper, the data dynamics are detected by the predicted value of the data prediction model, and the sampling interval is reduced when the data changes rapidly, and vice versa. We use the ARIMA prediction model (Wu, Yang & Chen (2019)) to predict the data. First, the charging time series are differentiated to obtain the stationary series X_t. According to AIC and BIC, we find the optimal model (the AIC and BIC function values reach the minimum) to determine the model order, and perform a white noise test on the model residual sequence that has been created. If the test fails, reselect the model to fit, and finally check the future Time series for forecasting.

The ARIMA model is generally denoted as ARIMA(p,q,d), which represents the stationary sequence X_t after d difference processing is performed on the charging data sequence Y_t. After that, the stationary series X_t is fitted into an ARMA(p,q) model, which is expressed as follows: (5)${\displaystyle {\hat{y}}_t={\varphi }_1\ast X_{t-1}+\dots +{\varphi }_p\ast X_{t-p}+u-{\theta }_1\ast e_{t-1}-\dots -{\theta }_q\ast e_{t-q}}$ In the formula: the first half is the autoregressive process; p is the autoregressive order; ϕ is the autoregressive coefficient; The second half is the moving average process; q is the moving average order; θ is the moving average coefficient; X_t is a stationary data series; e_t is the unobserved white noise sequence $e_t=y_t-{\hat{y}}_t$, X_t is the d-order difference of the time series data y_t.

In particular, when q = 0, the model becomes the autoregressive model AR (p), and the expression is as follows: (6)${\displaystyle X_t={\varphi }_1\ast X_{t-1}+\dots +{\varphi }_p\ast X_{t-p}+e_t}$ When p = 0, the model becomes a moving average model MA (q), the expression is as follows: (7)${\displaystyle X_t=e_t-{\theta }_1\ast e_{t-1}-\dots -{\theta }_q\ast e_{t-q}}$ The prediction model can obtain the predicted value ${\hat{y}}_t$ of the current timestamp through the historical data for the sampling algorithm.

As shown Algorithm1 in the Table 1, for any timestamp t, first we obtain its predicted data through the prediction algorithm, and secondly calculate whether t is a sampling timestamp based on the difference from the previous publishing node. If it is not the sampling point, directly publish the forecast data. If it is a sampling point, a privacy budget is allocated according to differential privacy requirements.

b. Variable window

In the existing dynamic data publishing based on sliding windows, algorithms mostly use fixed-length sliding windows. However, the data stream is always fluctuating, with fluctuating periods and smooth periods. For example, within consecutive timestamps , the charging data of a public charging station changes greatly during the day, but it is relatively stable at night. To reflect this data change and reduce the release error, we propose a variable-size sliding window, which can adjust the window size adaptively according to the dynamic changes of the data stream, which is more flexible. Intuitively speaking, when the data is flat, there are relatively few sampling points. We need to expand the sliding window to include more data. When the data changes rapidly, reduce the window size.

Specifically, we predefine the optimal sampling frequency within a period, and then calculate and inspect the sampling frequency within a period (the sampling points are obtained according to the sampling model), and compare the difference with the optimal sampling rate to reflect the current period data Rate of change. We use PID (Proportional-Integral-Derivative), a commonly used control loop feedback mechanism to dynamically adjust the window size. We define the PID error calculation formula as follows: (8)${\displaystyle {\delta }_i=C_p\times E_i+C_i\times \sum _{o=n-\pi -1}^n{E}_o+C_d\times \frac{E_i-E_j}{t_i-t_j}{C}_p+C_i+C_d=1,C_p,C_i,C_d\ge 0}$

The parameter $E_i=\left|\frac{n_i}{M}-\frac{n}{N}\right|$ is the feedback error, $\frac{n}{N}$ is the defined optimal sampling frequency, M is the number of timestamps in the current period, and n_i is the number of sampling points in the M timestamp. For the convenience of calculation, we calculate M according to the number of sampling points to obtain the current sampling frequency. The first term of PID error C_p × E_i is the proportional term representing the proportional error of the current error, the second term ${\sum }_{o=n-\pi -1}^n{E}_o$ is the integral term representing the integral error of the past accumulated error, E_o is in The error at the sampling point t_o, the third term ${\theta }_d\times \frac{E_i-E_j}{t_i-t_j}$ is the derivative error of the derivative term predicting the future error.

From the above formula, we can find the PID error, which feedbacks the size of the sliding window according to the data change rate. However, when the data changes slowly, the sliding window with fewer sampling points will contain more data items, especially non-sampling points. Non-sampling points are published with their predicted values, and the error will gradually increase as the window increases, so we introduce non-sampling point errors to constrain the window size: (9)${\displaystyle W_t=\mathrm{N}+\text{sign}\left(\frac{n}{N}-\frac{n_i}{M}\right)\times \theta \times {\delta }_i-\beta \sum _{\gamma =i-s+1}^i{e}_{\gamma }}$ Here sign(.) is a sign function, which controls the window is expand or shrink. The parameters θ and β respectively determine the influence of PID error and cumulative error of non-sampling points. e_γ represents the prediction error, where the parameter $s=\mathrm{N}+\text{sign}\left(\frac{C}{N}-\frac{C_i}{M}\right)\times \theta \times {\delta }_i$, note that e_γ here does not include sampling points.

Due to the variability of the window, when we slide the window between two adjacent windows, the sliding step of the left end of the window is the interval between sampling points and the right end of the window controls the size of the window.

c. Privacy budget allocation

W-event privacy requires that the sum of the budget in any window with a step size of w does not exceed the entire privacy budget ϵ. The existing privacy budget allocation mechanism does not apply to the method we proposed. For example, the BA and BD mechanisms rely on an assumption that the data will not change significantly within consecutive timestamps, which is not in line with the real scene. RescueDP uses dynamic data changes to allocate privacy budgets. Consider our method. When the data changes from fast to slow, our adaptive window size changes from small to large, but the remaining budget at the sampling point where the data changes slowly are small. Introduce larger errors and vice versa.

The aforementioned existing privacy budget allocation algorithms all assume a fixed window size and are not suitable for adaptive size window technology. In this article, as with the previous technology, we consider the dynamic changes of data to allocate the privacy budget (Wang et al., 2018), but we have to consider the adaptive change of the window on this basis. Specifically, we calculated the weight ratio of the sampling interval of the current sampling point in the window. If the sampling interval of the sampling point at the current moment occupies a larger ratio of the window, we judge that the data has a tendency to change slowly, so we assign it to the current node A relatively small privacy budget is used to reduce the error due to the remaining more privacy budget at the later sampling points. Vice versa.

It can be seen from Algorithm 2 in the Table 2 that for a sampling point, it is firstly necessary to determine whether it is within the range of the window because the length of the window at each moment is not the same. If the sampling point is not in the window, then we need to slide the window (remove a sampling point from the left end of the window) to update the length of the window until the window contains the current sampling point and allocate a privacy budget. It can be seen from the privacy budget allocation formula that we use the natural logarithmic coefficient ln(I + 1) to describe the relationship between the sampling interval and the privacy budget. To consider the data changes in the next window, the coefficient $\left(1-\frac{I}{w}\right)$ the value range is between (0, 1). When I becomes larger, it becomes smaller to constrain the remaining privacy budget and vice versa.

d. Grouping Perturbation

Inspired by RescueDP, instead of directly adding Laplace noise to the sampling point when perturbing each sampling point, we group each time stamp t_i data and add Laplace noise to the grouping result. In this paper, the FCM clustering algorithm (Zheng et al., 2020) is used to group all the sampling points at this moment (non-sampling points do not need to add noise and do not group). To protect data privacy, the algorithm uses the predicted values of the sampling points instead of the original data values.

In Algorithm 3 in the Table 3, the threshold τ reflects whether the value has sufficient anti-noise ability. Specifically, the input is the predicted value of the site at each timestamp t_i. Firstly, the Euclidean distance between the data point and the cluster center is calculated according to the cluster center, and then the membership matrix of the data point is obtained. It represents each the degree to which a data point belongs to a certain cluster is in the interval (0, 1). Then the value function is calculated. If it is less than a certain threshold, or the amount of change from the previous value function value is less than a certain threshold, the algorithm stops, otherwise, a new membership matrix is calculated. To meet the differential privacy requirements, Laplace plus noise is performed on the minimum privacy budget of each group and then averaged to each value in the group.

e. Filtering

To reduce the errors caused by using published data in privacy budget allocation and grouping, we use Kalman filtering to improve the accuracy of data publishing. Kalman filtering has been proven in FAST to improve the accuracy of data stream release. In the final release result, it uses the state-space model to implement posterior estimation (prediction and correction) of the sampling points, and we omit the filtering details. Please refer to (Fan & Xiong, 2014) for detailed steps.

f. Privacy Analysis

Theorem 2Proposed satisfies w-event privacy.

Proof. In the method framework proposed in this paper, only privacy budget allocation and the grouping algorithm have an impact on data disturbance. Therefore, we only need to prove that these two modules satisfy w-event differential privacy, and our method is to satisfy w-event differential privacy. In the privacy budget allocation algorithm, we do not allocate privacy budgets to non-sampling points, while for sampling points we calculate the remaining privacy budget in the calculation window and then allocate it to the corresponding sampling points ${ϵ}_r\times \left(1-\frac{I}{w}\right)\cdot ln\left(I+1\right)$, the total privacy budget in each w step window ${\sum }_{k=i-w+1}^{i-1}{ϵ}_k<ϵ$, because we always allocate part of the remaining privacy budget to the sampling points in the window. For the grouping algorithm, we divide the sampling points at the same time into n groups, and for each group, we add noise in the following way $A\left(g_1\right)={\sum }_{j=1}^{k}g\left[j\right]+Lap\left(\frac{\Delta \left(f\right)}{min\left({ϵ}_{g\left[j\right]}\right)}\right)$, it can be known from theorem 1, $A\left(g_1\right)\text{satisfies}min\left({ϵ}_{g\left[j\right]}\right)$-differential privacy. According to Axiom 2.1.1 in (Kifer & Lin, 2010), as long as the post-processing algorithm does not directly use sensitive information, the data can be kept private after the post-processing purification. Therefore, we know that the privacy budget used for disturbance is not greater than the privacy budget allocated to the sampling points. So our method satisfies w-event differential privacy.

Experimental setup

In this section, we compare the performance of our method with BA and RescueDP on real data sets. The BA method is a scheme with w-event privacy protection designed for real-time data publishing, while RescueDP is a classic strategy to provide w-event privacy for real-time aggregated data publishing. The experimental environment of all schemes is A10-7300 Radeon R6, 10 Compute Cores 4C+6G 1.90 GHz, 8GB RAM, Windows 10 Operating system, implemented in java. For the description and default values of the parameters used in the experiment, we set the PID parameters (C_p, C_i, C_d) to (0.9,0.1,0), π to 5, At the beginning of the release, the privacy budget needs to be calculated based on the window size, so we set the initial value of the window w = 40. The minimum value of N is min(N)=40, and the grouping algorithm threshold τ is set to τ=40.

Datasets: Our data source comes from ACN-Data, which is a dynamic data set of EV charging sessions in the workplace. There are currently more than 80 EV charging ports in a garage on the Caltech campus, and the shared power limit is 300 kWh (enough to accommodate 42 conventional ports). The system currently charges 65 EVs per day on average, and in the past three years, it has delivered more than 2.3 million miles of charging. The data set contains information about each charging session from 3 different locations.

This article uses two evaluation standards to measure the availability of algorithms, namely the average relative error and the average absolute error. The average relative error and average absolute error are defined as follows:

(10)${\displaystyle \mathrm{MAE}=\sum _{r\in R}\frac{\left|\mathrm{D}\left(r\right)-{\mathrm{D}}^{\prime }\left(r\right)\right|}{\left|R\right|}}$ (11)${\displaystyle \mathrm{MRE}=\sum _{r\in R}\frac{\left|\mathrm{D}\left(r\right)-{\mathrm{D}}^{\prime }\left(r\right)\right|}{\left|R\right|\ast \mathrm{D}\left(r\right)}}$

Among them, $\mathrm{D}\left(r\right)$ is the original data stream, D′(r) is the data stream after interference, and R is the set of all timestamps.