Search

CN-122001771-A - Distributed differential privacy security parameter estimation method, device, equipment and storage medium based on output disturbance

CN122001771ACN 122001771 ACN122001771 ACN 122001771ACN-122001771-A

Abstract

The application provides a distributed differential privacy security parameter estimation method, device and equipment based on output disturbance and a storage medium, and relates to the technical field of automatic control and information security. The method comprises the steps of adding fixed-scale Laplace noise to output observation data of each agent node to perform disturbance in each iteration, utilizing the output data added with the noise and parameter estimation from neighbor nodes, respectively adopting corresponding parameter estimation update formulas for the known or unknown conditions of a target system observation matrix, and giving quantitative relations between privacy parameters and noise variance and between convergence rate and privacy parameters. The method meets the requirement of outputting data by each node in the protection network While differential privacy, accurate estimation of system-agnostic parameters can be achieved.

Inventors

  • ZHANG KUN
  • SHANG YUTONG
  • TAN JIANWEI
  • ZHANG ZHENHUA

Assignees

  • 北京航空航天大学

Dates

Publication Date
20260508
Application Date
20260211

Claims (10)

  1. 1. The distributed differential privacy security parameter estimation method based on output disturbance is applied to a multi-agent cooperative estimation and control scene in an industrial Internet of things or a network physical system so as to protect the privacy of each agent output observation data while realizing the parameter identification and state estimation of the networked system, and is characterized by comprising the following steps: S1, constructing a distributed network parameter estimation model composed of a plurality of agents, and setting an initial parameter estimation value for each agent; S2, when each iteration is performed, each agent acquires current output observation data of the agent, generates a Laplacian noise vector and adds the Laplacian noise vector into the output observation data to obtain disturbed output data so as to ensure that each iteration satisfies -Differential privacy requirements; S3, based on a preset network topology structure, each intelligent agent sends the current parameter estimated value and the disturbed output data to the adjacent intelligent agent and receives the parameter estimated value from the adjacent intelligent agent; S4, respectively updating the parameter estimation values of the intelligent agent by adopting corresponding parameter updating rules according to whether the input matrix corresponding to the intelligent agent is completely known or not; S5, after each iteration is completed, judging whether the variation amplitude of the parameter estimation values of all the agents is lower than a preset threshold value, if not, returning to the step S2 to enter the next iteration, and if so, terminating the iteration; S6, outputting the parameter estimated values converged to be consistent by the intelligent agents as the estimated result of the target unknown parameters.
  2. 2. The method for estimating distributed differential privacy security parameters based on output disturbance according to claim 1, wherein in step S1, the observation model of each agent is: Wherein, the Representing a set of vertices of a corresponding network graph, , Is the number of vertexes; Numbering the agent; The time is the moment; Is an intelligent body At the position of Measuring an output vector at the moment; Is an intelligent body At the position of A time-varying measurement or input matrix of time of day; Is an intelligent body At the position of A noise vector at a time; is an unknown parameter vector to be estimated.
  3. 3. The method for estimating distributed differential privacy security parameters based on output disturbance according to claim 1, wherein each element in the laplace noise vector is independently and uniformly distributed and is subject to zero mean and zero variance Is a function of the Laplace noise of (a), The scale parameters of the Laplace noise are as follows: Wherein the method comprises the steps of For describing the degree of similarity between two pieces of similarly-sensitive information, if to any , Is a distance space with Then And (3) with At distance measurement In the sense that -Adjoining; to characterize the distance space of the sensitive information, For an adversary to observe the corresponding measurable space, Is the slave To the point of And (2) random mapping of Is probability space, if to any -Abutment Any set of All have , Is a natural constant, then randomly maps Is that Under abutment Differential privacy; An adversary is described to distinguish sensitive information based on observed information Information adjacent thereto Is difficult to be carried out.
  4. 4. The method for estimating distributed differential privacy security parameters based on output disturbance according to claim 2, wherein updating the parameter estimation values of the respective parameter updating rules according to whether the input matrix corresponding to the agent is completely known or not comprises: When (when) Fully known, the agent Updating its estimate according to the following rules: Wherein, the Representing an agent At the position of A parameter estimate of the time of day, Representing an agent At the position of A parameter estimate of the time of day, Representing an agent At the position of A parameter estimate of the time of day, For the transposition of the matrix, Is an intelligent body Is used to determine the Laplace noise vector of (c), Is that The step size of the moment in time, Is an intelligent body Is a neighbor set of (1); When (when) Partly known, the agent Updating its estimate according to the following rules: Wherein, the Is that Is used to determine the desired matrix of (a), , Is the desired operator.
  5. 5. The method for estimating distributed differential privacy security parameters based on output disturbance according to claim 4, wherein the step size is a step size decreasing with time, and the method is as follows: Wherein, the Is that Step size of time.
  6. 6. The distributed differential privacy security parameter estimation method based on output disturbance according to claim 4, wherein, in And (2) and In the case of (a), each iteration is in -Meeting under adjacency Differential privacy, convergence rate meeting: When (when) In the time-course of which the first and second contact surfaces, ; When (when) In the time-course of which the first and second contact surfaces, ; Wherein, the Representing a set of vertices of a corresponding network graph, Is the number of the intelligent agent, and the number of the intelligent agent, For the privacy parameters of differential privacy, As a parameter of the threshold value, As an exponential parameter of the step size, As a scale parameter of the laplace noise, For maximum between adjacent output data sequences The sensitivity of the sample is determined by the sensitivity, For the square norm of the parameter estimation error, Is the upper bound of the same order.
  7. 7. The utility model provides a distributed differential privacy safety parameter estimation device based on output disturbance, is applied to the cooperation of many agents in industry thing networking or the network physical system and estimates and control the scene to protect each agent output observation data's privacy when realizing networking system parameter identification and state estimation, characterized in that, the device includes: An initial estimation module configured to construct a distributed network parameter estimation model composed of a plurality of agents, and set an initial parameter estimation value for each agent; The noise adding module is configured to obtain current output observation data of each intelligent agent when each iteration is performed, generate a Laplace noise vector and add the Laplace noise vector into the output observation data to obtain disturbed output data so as to ensure that each iteration satisfies -Differential privacy requirements; The data communication module is configured to send the current parameter estimated value and the disturbed output data of each intelligent agent to adjacent neighbor intelligent agents based on a preset network topological structure, and receive the parameter estimated value from the neighbor intelligent agents; The parameter updating module is configured to respectively update the parameter estimation values of the parameter updating module by adopting corresponding parameter updating rules according to whether the input matrix corresponding to the intelligent agent is completely known or not; The iteration judging module is configured to judge whether the parameter estimation value change amplitude of all the agents is lower than a preset threshold value after each iteration is completed, if not, the noise adding module is returned to enter the next iteration, and if yes, the iteration is terminated; And the result output module is configured to output the parameter estimation value converged by each agent to be consistent as an estimation result of the target unknown parameter.
  8. 8. An electronic device comprising a processor and a memory communicatively coupled to the processor; The memory stores computer-executable instructions; the processor executes computer-executable instructions stored in the memory to implement the output perturbation based distributed differential privacy security parameter estimation method of any one of claims 1-6.
  9. 9. A computer readable storage medium having stored therein computer executable instructions which when executed by a processor are for implementing the distributed differential privacy security parameter estimation method based on output perturbation of any of claims 1-6.
  10. 10. A computer program product comprising a computer program which, when executed by a processor, implements the distributed differential privacy security parameter estimation method based on output perturbation of any one of claims 1-6.

Description

Distributed differential privacy security parameter estimation method, device, equipment and storage medium based on output disturbance Technical Field The application relates to the technical field of automatic control and information security, in particular to a distributed differential privacy security parameter estimation method, device and equipment based on output disturbance and a storage medium. Background Network control and cooperative control techniques have been widely studied and applied over the past several decades. However, in the collaborative estimation and control process of the multi-agent system, privacy and security problems related to local data of each individual are not paid enough attention. In many scenarios, the output observations of an agent often contain sensitive information, e.g., in the case of target positioning problems, the distance measurement output of the agent may expose its own location, and in machine learning model training, gradient information shared by the nodes may be utilized to reconstruct the original training data. Recent studies have shown that unprotected intermediate information exchange in distributed optimization and estimation algorithms can lead to privacy leakage (e.g., gradient leakage attacks). Therefore, the method ensures the data privacy while realizing the parameter identification and the state estimation of the networked system, and has important significance for the industrial Internet of things and the network physical system. Differential privacy, as a strict mathematical privacy definition, has been proposed by Cynthia Dwork et al, and has been successfully applied to numerous fields such as database query, machine learning, optimization control, and the like. In the field of distributed control and industrial internet of things, there have been some attempts to introduce differential privacy into collaborative algorithms, such as adding noise to distributed optimization, consistency algorithms, game theory, and distributed estimation to protect the participants' data. However, the prior art still has significant limitations in terms of privacy preserving effectiveness, system estimation performance and model adaptability for practical industrial scenarios. In an industrial internet of things environment, such as a multi-robot collaborative operation system or a wide area sensing network, each node observes real-time change and often contains sensitive information, the traditional method is difficult to achieve privacy and precision, the privacy can be improved by increasing noise, but the system state or parameter estimation precision is reduced, the convergence is slow, the real-time performance and the accuracy of control and decision are affected, the estimation efficiency can be improved by reducing noise, but the method is insufficient for coping with eavesdropping and inference attacks possibly existing in an actual system, and privacy guarantee is weakened. In addition, the observation conditions of actual industrial sites are complex and variable, and the sensing matrix may exhibit uncertainty and time variability due to device characteristics, communication interference or partial information loss, and existing schemes lack sufficient flexibility and robustness in processing such incompletely known or randomly time-varying observation models. Therefore, a new distributed estimation scheme is necessary to be provided, and the estimation precision and the convergence efficiency can be balanced while the strict differential privacy guarantee is provided, and the method can be suitable for various actual industrial scenes such as known and unknown observation matrixes, so that the dual requirements of a networked control system on data safety and estimation performance are met. Disclosure of Invention The application provides a distributed differential privacy security parameter estimation method, device, equipment and storage medium based on output disturbance, which are used for solving the problem of realizing cooperative optimization between strict differential privacy protection and distributed parameter estimation precision and convergence efficiency in an actual industrial scene with a known or unknown observation matrix. In a first aspect, the present application provides a distributed differential privacy security parameter estimation method based on output disturbance, which is applied to a multi-agent cooperative estimation and control scene in an industrial internet of things or a network physical system, so as to protect the privacy of each agent output observation data while realizing network system parameter identification and state estimation, and the method comprises the following steps: S1, constructing a distributed network parameter estimation model composed of a plurality of agents, and setting an initial parameter estimation value for each agent; S2, when each iteration is performed, each agent acquires curren