Privacy against Adversarial Classification in Cyber-Physical Systems

Carlos Murguia, Paulo Tabuada

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

Abstract

For a class of Cyber-Physical Systems (CPSs), we address the problem of performing computations over the cloud without revealing private information about the structure and operation of the system. We model CPSs as a collection of input-output dynamical systems (the system operation modes). Depending on the mode the system is operating on, the output trajectory is generated by one of these systems in response to driving inputs. Output measurements and driving inputs are sent to the cloud for processing purposes. We capture this processing through some function (of the input-output trajectory) that we require the cloud to compute accurately - referred here as the trajectory utility. However, for privacy reasons, we would like to keep the mode private, i.e., we do not want the cloud to correctly identify what mode of the CPS produced a given trajectory. To this end, we distort trajectories before transmission and send the corrupted data to the cloud. We provide mathematical tools (based on output-regulation techniques) to properly design distorting mechanisms so that: 1) the original and distorted trajectories lead to the same utility; and the distorted data leads the cloud to misclassify the mode.

Original languageEnglish
Title of host publication2020 59th IEEE Conference on Decision and Control, CDC 2020
PublisherInstitute of Electrical and Electronics Engineers
Pages5483-5488
Number of pages6
ISBN (Electronic)9781728174471
DOIs
Publication statusPublished - 14 Dec 2020
Event59th IEEE Conference on Decision and Control, CDC 2020 - Virtual, Jeju Island, Korea, Republic of
Duration: 14 Dec 202018 Dec 2020

Conference

Conference59th IEEE Conference on Decision and Control, CDC 2020
CountryKorea, Republic of
CityVirtual, Jeju Island
Period14/12/2018/12/20

Fingerprint Dive into the research topics of 'Privacy against Adversarial Classification in Cyber-Physical Systems'. Together they form a unique fingerprint.

Cite this