High frequency reporting of energy consumption data in smart grids can be used to infer sensitive information regarding the consumer's life style and poses serious security and privacy threats. Differential privacy (DP) based privacy models for smart grids ensure privacy when analysing energy consumption data for billing and load monitoring. However, DP models for smart grids are vulnerable to collusion attack where an adversary colludes with malicious smart meters and un-trusted aggregator in order to get private information from other smart meters. We first show the vulnerability of DP based privacy model for smart grids against collusion attacks to establish the need of a collusion resistant model privacy model. Then, we propose an Enhanced Differential Private Noise Cancellation Model for Load Monitoring and Billing for Smart Meters (E-DPNCT) which not only provides resistance against collusion attacks but also protects the privacy of the smart grid data while providing accurate billing and load monitoring. We use differential privacy with a split noise cancellation protocol with multiple master smart meters (MSMs) to achieve colluison resistance. We did extensive comparison of our E-DPNCT model with state of the art attack resistant privacy preserving models such as EPIC for collusion attack. We simulate our E-DPNCT model with real time data which shows significant improvement in privacy attack scenarios. Further, we analyze the impact of selecting different sensitivity parameters for calibrating DP noise over the privacy of customer electricity profile and accuracy of electricity data aggregation such as load monitoring and billing.

翻译：智能电网中高频报告的能耗数据可能被用于推断消费者生活方式相关的敏感信息，构成严重的安全与隐私威胁。基于差分隐私的智能电网隐私模型在分析计费和负荷监测的能耗数据时能够保障隐私。然而，智能电网的差分隐私模型易受合谋攻击——攻击者与恶意智能电表及不可信聚合器合谋，以获取其他智能电表的隐私信息。我们首先展示了基于差分隐私的智能电网隐私模型面对合谋攻击的脆弱性，以论证抗合谋隐私模型的必要性。随后，我们提出了一种用于智能电表负荷监测与计费的增强型差分隐私噪声抵消模型（E-DPNCT），该模型不仅具备抗合谋攻击能力，还能在保障计费和负荷监测准确性的同时保护智能电网数据隐私。我们采用结合多主智能电表（MSMs）的分裂噪声抵消协议实现差分隐私，以达成抗合谋特性。我们将E-DPNCT模型与现有最先进的抗攻击隐私保护模型（如EPIC）进行了合谋攻击对比的广泛实验。基于实时数据的仿真表明，我们的E-DPNCT模型在隐私攻击场景中具有显著改进。此外，我们还分析了为校准差分隐私噪声而选择不同灵敏度参数对用户电力画像隐私及电力数据聚合准确性（如负荷监测与计费）的影响。