Differentially Private Feature Release for Wireless Sensing: Adaptive Privacy Budget Allocation on CSI Spectrograms
- URL: http://arxiv.org/abs/2512.20323v3
- Date: Mon, 29 Dec 2025 12:08:34 GMT
- Title: Differentially Private Feature Release for Wireless Sensing: Adaptive Privacy Budget Allocation on CSI Spectrograms
- Authors: Ipek Sena Yilmaz, Onur G. Tuncer, Zeynep E. Aksoy, Zeynep Yağmur Baydemir,
- Abstract summary: We study differentially private (DP) feature release for wireless sensing.<n>We propose an adaptive privacy budget allocation mechanism tailored to the highly non-uniform structure of CSI time-frequency representations.<n>Our method yields higher accuracy and lower error while substantially reducing empirical leakage in identity and membership inference attacks.
- Score: 0.0
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Wi-Fi/RF-based human sensing has achieved remarkable progress with deep learning, yet practical deployments increasingly require feature sharing for cloud analytics, collaborative training, or benchmark evaluation. Releasing intermediate representations such as CSI spectrograms can inadvertently expose sensitive information, including user identity, location, and membership, motivating formal privacy guarantees. In this paper, we study differentially private (DP) feature release for wireless sensing and propose an adaptive privacy budget allocation mechanism tailored to the highly non-uniform structure of CSI time-frequency representations. Our pipeline converts CSI to bounded spectrogram features, applies sensitivity control via clipping, estimates task-relevant importance over the time-frequency plane, and allocates a global privacy budget across spectrogram blocks before injecting calibrated Gaussian noise. Experiments on multi-user activity sensing (WiMANS), multi-person 3D pose estimation (Person-in-WiFi 3D), and respiration monitoring (Resp-CSI) show that adaptive allocation consistently improves the privacy-utility frontier over uniform perturbation under the same privacy budget. Our method yields higher accuracy and lower error while substantially reducing empirical leakage in identity and membership inference attacks.
Related papers
- PPEDCRF: Privacy-Preserving Enhanced Dynamic CRF for Location-Privacy Protection for Sequence Videos with Minimal Detection Degradation [7.329775099113131]
This paper studies location-privacy leakage under a background-based retrieval attacker.<n>It proposes PPEDCRF, a privacy-preserving conditional random field framework.<n>Experiments on public driving datasets demonstrate that PPEDCRF significantly reduces location-retrieval attack success.
arXiv Detail & Related papers (2026-03-02T08:18:53Z) - DP-MGTD: Privacy-Preserving Machine-Generated Text Detection via Adaptive Differentially Private Entity Sanitization [26.29089564225218]
We propose a framework incorporating an Adaptive Differentially Private Entity Sanitization algorithm.<n>Our method achieves near-perfect detection accuracy, significantly outperforming non-private baselines.
arXiv Detail & Related papers (2026-01-08T06:33:15Z) - Personalized 3D Spatiotemporal Trajectory Privacy Protection with Differential and Distortion Geo-Perturbation [64.60694805725727]
This paper proposes a personalized 3Dtemporal trajectory privacy protection mechanism named 3DSTPM.<n>We analyze the characteristics of attackers that exploit correlations between locations in a trajectory and present the attack model.<n>Results demonstrate that the proposed 3DSTPM effectively reduces loss while meeting the user's personalized privacy protection needs.
arXiv Detail & Related papers (2025-11-27T07:41:14Z) - Road Network-Aware Personalized Trajectory Protection with Differential Privacy under Spatiotemporal Correlations [33.41548062041307]
This paper proposes a Personalized Trajectory Privacy Protection Mechanism (PTPPM) to address these challenges.<n>Our approach begins by modeling an attacker's knowledge of a user's trajectory sensitivity, which enables the attacker to identify possible location sets.<n>To combat this, we integrate geo-inability correlations with distortion, allowing users to customize their privacy preferences.
arXiv Detail & Related papers (2025-11-26T03:33:24Z) - Adversary-Aware Private Inference over Wireless Channels [51.93574339176914]
AI-based sensing at wireless edge devices has the potential to significantly enhance Artificial Intelligence (AI) applications.<n>As sensitive personal data can be reconstructed by an adversary, transformation of the features are required to reduce the risk of privacy violations.<n>We propose a novel framework for privacy-preserving AI-based sensing, where devices apply transformations of extracted features before transmission to a model server.
arXiv Detail & Related papers (2025-10-23T13:02:14Z) - Collaborative Inference over Wireless Channels with Feature Differential Privacy [57.68286389879283]
Collaborative inference among multiple wireless edge devices has the potential to significantly enhance Artificial Intelligence (AI) applications.
transmitting extracted features poses a significant privacy risk, as sensitive personal data can be exposed during the process.
We propose a novel privacy-preserving collaborative inference mechanism, wherein each edge device in the network secures the privacy of extracted features before transmitting them to a central server for inference.
arXiv Detail & Related papers (2024-10-25T18:11:02Z) - TeD-SPAD: Temporal Distinctiveness for Self-supervised
Privacy-preservation for video Anomaly Detection [59.04634695294402]
Video anomaly detection (VAD) without human monitoring is a complex computer vision task.
Privacy leakage in VAD allows models to pick up and amplify unnecessary biases related to people's personal information.
We propose TeD-SPAD, a privacy-aware video anomaly detection framework that destroys visual private information in a self-supervised manner.
arXiv Detail & Related papers (2023-08-21T22:42:55Z) - CRONOS: Colorization and Contrastive Learning for Device-Free NLoS Human
Presence Detection using Wi-Fi CSI [9.927073290898848]
Device-free human detection through sensors or cameras has been widely adopted, but it comes with privacy issues as well as misdetection for motionless people.
We propose a system called CRONOS, which generates dynamic recurrence plots (RPs) and color-coded CSI ratios to distinguish mobile and stationary people.
arXiv Detail & Related papers (2022-11-07T16:18:18Z) - A Differentially Private Framework for Deep Learning with Convexified
Loss Functions [4.059849656394191]
Differential privacy (DP) has been applied in deep learning for preserving privacy of the underlying training sets.
Existing DP practice falls into three categories - objective perturbation, gradient perturbation and output perturbation.
We propose a novel output perturbation framework by injecting DP noise into a randomly sampled neuron.
arXiv Detail & Related papers (2022-04-03T11:10:05Z) - Partial sensitivity analysis in differential privacy [58.730520380312676]
We investigate the impact of each input feature on the individual's privacy loss.
We experimentally evaluate our approach on queries over private databases.
We also explore our findings in the context of neural network training on synthetic data.
arXiv Detail & Related papers (2021-09-22T08:29:16Z) - Graph-Homomorphic Perturbations for Private Decentralized Learning [64.26238893241322]
Local exchange of estimates allows inference of data based on private data.
perturbations chosen independently at every agent, resulting in a significant performance loss.
We propose an alternative scheme, which constructs perturbations according to a particular nullspace condition, allowing them to be invisible.
arXiv Detail & Related papers (2020-10-23T10:35:35Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.