学术文献库

We present a framework for designing distorting mechanisms that allow remotely operating anomaly detectors while preserving privacy. We consider the problem setting in which a remote station seeks to identify anomalies using system input-output signals transmitted over communication networks. However, disclosing true data of the system operation is not desired as it can be used to infer private information -- modeled here as a system private output. To prevent accurate estimation of private outputs by adversaries, we pass original signals through distorting (privacy-preserving) mechanisms and send the distorted data to the remote station (which inevitably leads to degraded monitoring performance). We formulate the design of these mechanisms as a privacy-utility trade-off problem. We cast the synthesis of dependent Gaussian mechanisms as the solution of a convex program where we seek to maximize privacy quantified using information-theoretic metrics (mutual information and differential entropy) over a finite window of realizations while guaranteeing a bound on monitoring performance degradation.