kth.sePublications
Change search
Link to record
Permanent link

Direct link
Oechtering, Tobias J.ORCID iD iconorcid.org/0000-0002-0036-9049
Alternative names
Publications (10 of 215) Show all publications
Saeidian, S., Cervia, G., Oechtering, T. J. & Skoglund, M. (2025). Rethinking disclosure prevention with pointwise maximal leakage. Journal of Privacy and Confidentiality, 15(1)
Open this publication in new window or tab >>Rethinking disclosure prevention with pointwise maximal leakage
2025 (English)In: Journal of Privacy and Confidentiality, E-ISSN 2575-8527, Vol. 15, no 1Article in journal (Refereed) Published
Abstract [en]

This paper introduces a paradigm shift in the way privacy is defined, driven by a novel interpretation of the fundamental result of Dwork and Naor about the impossibility of absolute disclosure prevention. We propose a general model of utility and privacy in which utility is achieved by disclosing the value of low-entropy features of a secret X, while privacy is maintained by hiding the value of high-entropy features of X. Adopting this model, we prove that, contrary to popular opinion, it is possible to provide meaningful inferential privacy guarantees. These guarantees are given in terms of an operationally-meaningful information measure called pointwise maximal leakage (PML) and prevent privacy breaches against a large class of adversaries regardless of their prior beliefs about X. We show that PML-based privacy is compatible with and provides insights into existing notions such as differential privacy. We also argue that our new framework enables highly flexible mechanism designs, where the randomness of a mechanism can be adjusted to the entropy of the data, ultimately, leading to higher utility.

Place, publisher, year, edition, pages
Society for Privacy and Confidentiality Research, 2025
Keywords
Disclosure Prevention, Inferential Privacy, Information Leakage, Pointwise Maximal Leakage
National Category
Computer Sciences
Identifiers
urn:nbn:se:kth:diva-362541 (URN)10.29012/jpc.893 (DOI)2-s2.0-105002152635 (Scopus ID)
Note

QC 20250417

Available from: 2025-04-16 Created: 2025-04-16 Last updated: 2025-04-17Bibliographically approved
Avula, R. R., Oechtering, T. J. & Månsson, D. (2024). Adversarial Inference Control in Cyber-Physical Systems: A Bayesian Approach With Application to Smart Meters. IEEE Access, 12, 24933-24948
Open this publication in new window or tab >>Adversarial Inference Control in Cyber-Physical Systems: A Bayesian Approach With Application to Smart Meters
2024 (English)In: IEEE Access, E-ISSN 2169-3536, Vol. 12, p. 24933-24948Article in journal (Refereed) Published
Abstract [en]

With the emergence of cyber-physical systems (CPSs) in utility systems like electricity, water, and gas networks, data collection has become more prevalent. While data collection in these systems has numerous advantages, it also raises concerns about privacy as it can potentially reveal sensitive information about users. To address this issue, we propose a Bayesian approach to control the adversarial inference and mitigate the physical-layer privacy problem in CPSs. Specifically, we develop a control strategy for the worst-case scenario where an adversary has perfect knowledge of the user’s control strategy. For finite state-space problems, we derive the fixed-point Bellman’s equation for an optimal stationary strategy and discuss a few practical approaches to solve it using optimization-based control design. Addressing the computational complexity, we propose a reinforcement learning approach based on the Actor-Critic architecture. To also support smart meter privacy research, we present a publicly accessible “Co-LivEn” dataset with comprehensive electrical measurements of appliances in a co-living household. Using this dataset, we benchmark the proposed reinforcement learning approach. The results demonstrate its effectiveness in reducing privacy leakage. Our work provides valuable insights and practical solutions for managing adversarial inference in cyber-physical systems, with a particular focus on enhancing privacy in smart meter applications.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2024
Keywords
Adversarial inference, Bayesian control, cyber-physical systems, deep reinforcement learning, privacy control, smart meters
National Category
Signal Processing
Research subject
Electrical Engineering
Identifiers
urn:nbn:se:kth:diva-343859 (URN)10.1109/access.2024.3365270 (DOI)001173060400001 ()2-s2.0-85186047121 (Scopus ID)
Note

QC 20240226

Available from: 2024-02-26 Created: 2024-02-26 Last updated: 2024-04-29Bibliographically approved
Zhao, M., Treust, M. L. & Oechtering, T. J. (2024). Causal Vector-Valued Witsenhausen Counterexamples with Feedback. In: 2024 IEEE Information Theory Workshop, ITW 2024: . Paper presented at 2024 IEEE Information Theory Workshop, ITW 2024, Shenzhen, China, Nov 24 2024 - Nov 28 2024 (pp. 687-692). Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>Causal Vector-Valued Witsenhausen Counterexamples with Feedback
2024 (English)In: 2024 IEEE Information Theory Workshop, ITW 2024, Institute of Electrical and Electronics Engineers (IEEE) , 2024, p. 687-692Conference paper, Published paper (Refereed)
Abstract [en]

We study the continuous vector-valued Witsen-hausen counterexample with Gaussian states through the lens of empirical coordination coding. We characterize the region of achievable pairs of costs in three scenarios: (i) causal encoding and causal decoding, (ii) causal encoding and causal decoding with channel feedback, and (iii) causal encoding and noncausal decoding with channel feedback. In these vector-valued versions of the problem, the optimal coding schemes must rely on a time-sharing strategy, since the region of achievable pairs of costs might not be convex in the scalar version of the problem. We examine the role of the channel feedback when the encoder is causal and the decoder is either causal or non-causal, and we show that feedback improves the performance, only when the decoder is non-causal.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2024
National Category
Telecommunications
Identifiers
urn:nbn:se:kth:diva-359867 (URN)10.1109/ITW61385.2024.10806960 (DOI)001433908800116 ()2-s2.0-85216513296 (Scopus ID)
Conference
2024 IEEE Information Theory Workshop, ITW 2024, Shenzhen, China, Nov 24 2024 - Nov 28 2024
Note

Part of ISBN 9798350348934]

QC 20250213

Available from: 2025-02-12 Created: 2025-02-12 Last updated: 2025-05-05Bibliographically approved
Zhao, M., Treust, M. L. & Oechtering, T. J. (2024). Coordination Coding with Causal Encoder for Vector-Valued Witsenhausen Counterexample. In: 2024 IEEE International Symposium on Information Theory, ISIT 2024 - Proceedings: . Paper presented at 2024 IEEE International Symposium on Information Theory, ISIT 2024, Athens, Greece, Jul 7 2024 - Jul 12 2024 (pp. 3255-3260). Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>Coordination Coding with Causal Encoder for Vector-Valued Witsenhausen Counterexample
2024 (English)In: 2024 IEEE International Symposium on Information Theory, ISIT 2024 - Proceedings, Institute of Electrical and Electronics Engineers (IEEE) , 2024, p. 3255-3260Conference paper, Published paper (Refereed)
Abstract [en]

We investigate the Witsenhausen counterexample in a continuous vector-valued context with a causal encoder and noncausal decoder. Our main result is the optimal single-letter condition that characterizes the set of achievable Witsenhausen power costs and estimation costs, leveraging a modified weak typicality approach. In particular, we accommodate our power analysis to the causal encoder constraint, and provide an improved distortion error analysis for the challenging estimation of the interim state. Interestingly, the idea of dual role of control is explicitly captured by the two auxiliary random variables.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2024
National Category
Probability Theory and Statistics
Identifiers
urn:nbn:se:kth:diva-353516 (URN)10.1109/ISIT57864.2024.10619377 (DOI)2-s2.0-85202801591 (Scopus ID)
Conference
2024 IEEE International Symposium on Information Theory, ISIT 2024, Athens, Greece, Jul 7 2024 - Jul 12 2024
Note

Part of ISBN [9798350382846]

QC 20240919

Available from: 2024-09-19 Created: 2024-09-19 Last updated: 2024-11-08Bibliographically approved
Pan, C., Bohlin, G. & Oechtering, T. J. (2024). Environmental Variation or Instrumental Drift? A Probabilistic Approach to Gas Sensor Drift Modeling and Evaluation. In: 2024 IEEE Sensors, SENSORS 2024 - Conference Proceedings: . Paper presented at 2024 IEEE Sensors, SENSORS 2024, Kobe, Japan, Oct 20 2024 - Oct 23 2024. Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>Environmental Variation or Instrumental Drift? A Probabilistic Approach to Gas Sensor Drift Modeling and Evaluation
2024 (English)In: 2024 IEEE Sensors, SENSORS 2024 - Conference Proceedings, Institute of Electrical and Electronics Engineers (IEEE) , 2024Conference paper, Published paper (Refereed)
Abstract [en]

Drift is a significant issue that undermines the reliability of gas sensors. This paper introduces a probabilistic model to distinguish between environmental variation and instrumental drift, using low-cost non-dispersive infrared (NDIR) CO2 sensors as a case study. Data from a long-term field experiment is analyzed to evaluate both sensor performance and environmental changes over time. Our approach employs importance sampling to isolate instrumental drift from environmental variation, providing a more accurate assessment of sensor performance. The results show that failing to account for environmental variation can significantly affect the evaluation of sensor drift, leading to improper calibration processes.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2024
Keywords
environmental variation, importance sampling, instrumental drift, NDIR CO sensors 2, probabilistic modeling, Sensor drift
National Category
Other Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
urn:nbn:se:kth:diva-359272 (URN)10.1109/SENSORS60989.2024.10784897 (DOI)001417533500303 ()2-s2.0-85215273737 (Scopus ID)
Conference
2024 IEEE Sensors, SENSORS 2024, Kobe, Japan, Oct 20 2024 - Oct 23 2024
Note

Part of ISBN 979-8-3503-6351-7

QC 20250131

Available from: 2025-01-29 Created: 2025-01-29 Last updated: 2025-04-01Bibliographically approved
Saeidian, S., Oechtering, T. J. & Skoglund, M. (2024). Evaluating Differential Privacy on Correlated Datasets Using Pointwise Maximal Leakage. In: Privacy Technologies and Policy - 12th Annual Privacy Forum, APF 2024, Proceedings: . Paper presented at 12th Annual Privacy Forum, APF 2024, Karlstad, Sweden, Sep 4 2024 - Sep 5 2024 (pp. 73-86). Springer Nature
Open this publication in new window or tab >>Evaluating Differential Privacy on Correlated Datasets Using Pointwise Maximal Leakage
2024 (English)In: Privacy Technologies and Policy - 12th Annual Privacy Forum, APF 2024, Proceedings, Springer Nature , 2024, p. 73-86Conference paper, Published paper (Refereed)
Abstract [en]

Data-driven advancements significantly contribute to societal progress, yet they also pose substantial risks to privacy. In this landscape, differential privacy (DP) has become a cornerstone in privacy preservation efforts. However, the adequacy of DP in scenarios involving correlated datasets has sometimes been questioned and multiple studies have hinted at potential vulnerabilities. In this work, we delve into the nuances of applying DP to correlated datasets by leveraging the concept of pointwise maximal leakage (PML) for a quantitative assessment of information leakage. Our investigation reveals that DP’s guarantees can be arbitrarily weak for correlated databases when assessed through the lens of PML. More precisely, we prove the existence of a pure DP mechanism with PML levels arbitrarily close to that of a mechanism which releases individual entries from a database without any perturbation. By shedding light on the limitations of DP on correlated datasets, our work aims to foster a deeper understanding of subtle privacy risks and highlight the need for the development of more effective privacy-preserving mechanisms tailored to diverse scenarios.

Place, publisher, year, edition, pages
Springer Nature, 2024
Keywords
Correlated data, Differential privacy, Pointwise maximal leakage
National Category
Computer Sciences
Identifiers
urn:nbn:se:kth:diva-352149 (URN)10.1007/978-3-031-68024-3_4 (DOI)001292734100004 ()2-s2.0-85200951545 (Scopus ID)
Conference
12th Annual Privacy Forum, APF 2024, Karlstad, Sweden, Sep 4 2024 - Sep 5 2024
Note

QC 20240823

Available from: 2024-08-22 Created: 2024-08-22 Last updated: 2024-09-27Bibliographically approved
Zamani, A., Daei, S., Oechtering, T. J. & Skoglund, M. (2024). Multi-Task Private Semantic Communication. In: 2024 IEEE International Symposium on Information Theory, ISIT 2024 - Proceedings: . Paper presented at 2024 IEEE International Symposium on Information Theory, ISIT 2024, Athens, Greece, Jul 7 2024 - Jul 12 2024 (pp. 3480-3485). Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>Multi-Task Private Semantic Communication
2024 (English)In: 2024 IEEE International Symposium on Information Theory, ISIT 2024 - Proceedings, Institute of Electrical and Electronics Engineers (IEEE) , 2024, p. 3480-3485Conference paper, Published paper (Refereed)
Abstract [en]

We study a multi-task private semantic communication problem, in which an encoder has access to an information source arbitrarily correlated with some latent private data. A user has L tasks with priorities. The encoder designs a message to be revealed which is called the semantic of the information source. Due to the privacy constraints the semantic can not be disclosed directly and the encoder adds noise to produce disclosed data. The goal is to design the disclosed data that maximizes the weighted sum of the utilities achieved by the user while satisfying a privacy constraint on the private data. In this work, we first consider a single-task scenario and design the added noise utilizing various methods including the extended versions of the Functional Representation Lemma, Strong Functional Representation Lemma, and separation technique. We then study the multi-task scenario and derive a simple design of the source semantics. We show that in the multi-task scenario the main problem can be divided into multiple parallel single-task problems.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2024
National Category
Communication Systems Computer Sciences
Identifiers
urn:nbn:se:kth:diva-353512 (URN)10.1109/ISIT57864.2024.10619137 (DOI)2-s2.0-85202801221 (Scopus ID)
Conference
2024 IEEE International Symposium on Information Theory, ISIT 2024, Athens, Greece, Jul 7 2024 - Jul 12 2024
Note

 Part of ISBN [9798350382846]

QC 20240923

Available from: 2024-09-19 Created: 2024-09-19 Last updated: 2024-09-23Bibliographically approved
Ramachandran, V., Oechtering, T. J. & Skoglund, M. (2024). Multi-terminal Strong Coordination over Noisy Channels with Secrecy Constraints. In: 2024 IEEE International Symposium on Information Theory, ISIT 2024 - Proceedings: . Paper presented at 2024 IEEE International Symposium on Information Theory, ISIT 2024, Athens, Greece, Jul 7 2024 - Jul 12 2024 (pp. 1925-1930). Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>Multi-terminal Strong Coordination over Noisy Channels with Secrecy Constraints
2024 (English)In: 2024 IEEE International Symposium on Information Theory, ISIT 2024 - Proceedings, Institute of Electrical and Electronics Engineers (IEEE) , 2024, p. 1925-1930Conference paper, Published paper (Refereed)
Abstract [en]

We investigate the problem of secure multi-terminal strong coordination aided by a multiple-access wiretap channel (MAC-WT). In this setup, independent and identically distributed (i.i.d.) copies of correlated sources are observed by two transmitters who encode the channel inputs to the MAC-WT. The legitimate receiver on observing the channel output must produce approximately i.i.d. copies of an output random variable jointly distributed with the two sources. Furthermore, we demand that an external eavesdropper learns essentially nothing about the sources and the simulated output sequence by observing its corresponding MAC-WT output. This is aided by the presence of independent pairwise shared randomness between each encoder and the legitimate decoder. The shared randomness rate tuples which permit such channel simulation with strong secrecy are of interest. We derive an achievable rate region based on a combination of coordination coding and wiretap coding, along with an outer bound. The inner bound is shown to be tight and a complete characterization is derived for the special case when the sources are independent and the legitimate receiver's channel is composed of deterministic links.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2024
National Category
Telecommunications
Identifiers
urn:nbn:se:kth:diva-353517 (URN)10.1109/ISIT57864.2024.10619089 (DOI)2-s2.0-85202798870 (Scopus ID)
Conference
2024 IEEE International Symposium on Information Theory, ISIT 2024, Athens, Greece, Jul 7 2024 - Jul 12 2024
Note

Part of ISBN 9798350382846

QC 20240919

Available from: 2024-09-19 Created: 2024-09-19 Last updated: 2024-09-19Bibliographically approved
Ramachandran, V., Oechtering, T. J. & Skoglund, M. (2024). Multi-terminal Strong Coordination with Degraded Source Observations. In: 2024 IEEE INFORMATION THEORY WORKSHOP, ITW 2024: . Paper presented at 2024 Information Theory Workshop, NOV 24-28, 2024, Shenzhen, PEOPLES R CHINA (pp. 103-108). Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>Multi-terminal Strong Coordination with Degraded Source Observations
2024 (English)In: 2024 IEEE INFORMATION THEORY WORKSHOP, ITW 2024, Institute of Electrical and Electronics Engineers (IEEE) , 2024, p. 103-108Conference paper, Published paper (Refereed)
Abstract [en]

We investigate the problem of multi-terminal strong coordination over a network of noiseless links with degraded source observations. In this setup, independent and identically distributed (i.i.d.) copies of correlated sources are observed by two transmitters, with one of the source observations being common while the other one is private. The transmitters communicate their source descriptions over noiseless links to the receiver, which must produce approximately i.i.d. copies of an output random variable jointly distributed with the two sources. This is aided by the presence of common randomness shared between all three parties. The communication and common randomness rate tuples which permit such channel simulation are of interest. We derive a complete characterization for this multi-terminal strong coordination problem. It is observed that the optimal scheme is based on a superposition structure, where the common source description forms the base layer and the private source description forms the top layer.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2024
Series
Information Theory Workshop, ISSN 2475-420X
National Category
Telecommunications
Identifiers
urn:nbn:se:kth:diva-362935 (URN)10.1109/ITW61385.2024.10806964 (DOI)001433908800018 ()2-s2.0-85211820950 (Scopus ID)
Conference
2024 Information Theory Workshop, NOV 24-28, 2024, Shenzhen, PEOPLES R CHINA
Note

Part of ISBN 979-8-3503-4894-1, 979-8-3503-4893-4

QC 20250430

Available from: 2025-04-30 Created: 2025-04-30 Last updated: 2025-06-03Bibliographically approved
Zamani, A., Oechtering, T. J. & Skoglund, M. (2024). On the Privacy-Utility Trade-Off With and Without Direct Access to the Private Data. IEEE Transactions on Information Theory, 70(3), 2177-2200
Open this publication in new window or tab >>On the Privacy-Utility Trade-Off With and Without Direct Access to the Private Data
2024 (English)In: IEEE Transactions on Information Theory, ISSN 0018-9448, E-ISSN 1557-9654, Vol. 70, no 3, p. 2177-2200Article in journal (Refereed) Published
Abstract [en]

We study an information theoretic privacy mechanism design problem for two scenarios where the private data is either observable or hidden. In the hidden private data scenario, an agent observes useful data Y that is correlated with private data X , and generate disclosed data U which maximizes the revealed information about Y while satisfying a bounded privacy leakage constraint. Considering the other scenario, the agent has additional access to X . To design the privacy mechanism, we first extend the Functional Representation Lemma and Strong Functional Representation Lemma by relaxing the independence condition and thereby allowing a certain leakage. We then find lower and upper bounds on the privacy-utility trade-offs in both scenarios. In particular, for the case where no leakage is allowed and X is observable, our upper and lower bounds improve previous bounds. Considering bounded mutual information as privacy constraint and the observable private data scenario we show that if the common information and mutual information between X and Y are equal, then the attained upper bound is tight. Finally, the privacy-utility trade-off with prioritized private data is studied where part of X is more private than the remaining part.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2024
Keywords
Data privacy, information-theoretic privacy, Extended Functional Representation Lemma (EFRL), Extended Strong Functional Representation Lemma (ESFRL), per-letter privacy leakage measure, prioritized private data
National Category
Communication Systems
Identifiers
urn:nbn:se:kth:diva-346304 (URN)10.1109/TIT.2023.3326070 (DOI)001203295400009 ()2-s2.0-85174851335 (Scopus ID)
Note

QC 20240513

Available from: 2024-05-13 Created: 2024-05-13 Last updated: 2024-05-13Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0002-0036-9049

Search in DiVA

Show all publications