Generalized framework for protecting privacy in the smart grid environment and measuring the efficacy of privacy attacks *

One of the most complex cyber-physical infrastructures is the smart grid, which integrates electricity production, transmission, and consumption with customer realms and millions of connected endpoints. This technology generates a large amount of data and has collected and stored highly sensitive personal information. For this reason, protecting the privacy of data collected by smart grids is important, as it often contains personally identifiable information. Because of this, it is important to give consumers a privacy solution that lets them decide how much information they want to share and what might happen if they do. In this paper, we extend data categorization and sensitivity leveling while simultaneously providing each data attribute with a numerical value. We also propose a generalized methodology based on user-chosen data openness for safeguarding privacy in the context of the smart grid and assessing the effectiveness of privacy attacks. In the end, we developed two algorithms to assess the efficacy of privacy attacks and create a table displaying the findings.


I. INTRODUCTION
The smart grid is evolving into the next-generation power grid, facilitating communication and electricity flows in both directions between energy customers and utility corporations [1].It reduces costs, improves system reliability, and makes the system more transparent while getting power from utilities to users [2].With fewer power outages, wasted energy, and lower greenhouse gas emissions, the smart grid improves our quality of life.In the smart grid context, the smart meter is the most crucial component.Every smart meter interacts with smart appliances and energy providers in real time and generating massive amounts of data.
The term "Smart Grid" refers to the process of modernizing the existing electrical grid to ensure that there is a bi-directional flow of data and electricity.This is done in order to accomplish the following objectives, which are as follows: provide consumers with some more choices on how, when, and in what amounts electricity they utilize; self-heal in the incident of interruptions, physical and cyber attacks, and environmental catastrophes; and link with a varied range of energy sources, such as the the generation of renewable energy [3].The other contrary, the traditional electrical power grid is commonly understood to be a transmission system that moves electricity from power producing systems in mass to electrical distribution substations.Eventually, each substation provides electricity towards its end customers at a low voltage [4].To assist you comprehend the differences between conventional and smart grid environments and their electrical and communication flows, we designed the architecture shown in figure 1.If we look closely, we can see that unlike the smart grid system, where communication lines are present in addition to the electrical flow, traditional grids simply have an electricity flow between energy producers and consumers.This communication flow generates a significant amount of data that is associated with personally identifiable information, smart meters, and other internet of things (IoT) devices.The concept of smart environment introduced a novel paradigm, Internet of Things (IoT), a rapidly growing network of interconnected physical objects (the things).The Internet of Things has the potential to make it possible for people and things to be connected at any time, any place, with anything and anyone, preferably utilizing any path or network and any service [5].According to the report of statistica, the worldwide number of the total installed base of connected IoT devices will be approximately 75.44 billions by 2025 [6].Although an individual device may not provide so much information, aggregated data generated from multiple devices can provide a vast amount of information which can be used to improve our society, environment and industry [7].Big data and its analysis, associated with IoT that is related to the smart environment, have drawn a lot of attention in recent years, and the characteristics of big data are defined by the three V's: volume, velocity, and variety.Volume indicates the amount of data which is received in real-time or in batches.On the other hand, velocity is the rate of data received.
The enormous amount of data produced by the smart grid environment that is associated with persons needs to be categorized so that they can have improved privacy.One of the earliest proposals [8] was to categorize these data attributes into three groups in any record-keeping system.These classifications are restricted, confidential, and unclassified.The British Computer Society [9] has recommended a more comprehensive information classification scheme as well as sensitivity scales.All publicly available information is accessible, including information that has been published but has not yet been collected.Information that is not generally known to the public is referred to as confidential.The term "secret" refers to knowledge that is kept from most others, including the person being discussed.This category of "big data" encompasses a wide variety of data, including, but not limited to, personal data, data from smart grids, and derived data constructed from attributes.
Big data includes a variety of data kinds, including personal data.Personal information is data or an opinion that may be used to identify a specific person.Along with a person's name, contact information, and biographical details, this may also include details about their preferences, transactional history, records of their activities or travels, or any information derived from the foregoing, such as a profile or score, as well as details about others who may be added to their file, such as family, friends, coworkers, etc [3].Any information that may be used to identify you or your energy use would constitute personal information in the context of the Smart Grid.
Since data is collected from various sources, the heterogeneous nature of data is referred as variety.Benefited from those characteristic, the smart grid and IoT data collection and analysis can be used for many purposes such as autonomous suggestions and business analytics.A large amount of data is generated from smart environment such as personal health records, social networking interactions, click streams, location sharing etc [10,11].Since the collected data may contain sensitive private user data, releasing these kinds of data at a future point in time is critical for privacy reasons.
The concept of data sensitivity refers to the information that, due to the sensitive nature of the data, must be guarded from unauthorized access or exposure [12].The British Computer Society [9] has suggested using a sensitivity scale that ranges from 0 to 10, with 0 representing the data that is the least sensitive and 10 representing the data that is the most sensitive.Some other researchers [8] proposed the sensitive scale, which has a rating system that goes from 0 to 5, along with its possible negative impacts and data examples.The classification of data and the sensitivity levels of that data are closely related to the attacks on data privacy and the protection mechanisms that are implemented.
In this paper, we propose a generalized framework for protecting privacy in the smart grid environment and measuring the efficacy of privacy attacks.The contributions of our paper are mainly as follows: • First, we conducted a systematic mapping study to identify the main privacy objectives, attacks, and preventative measures in IoT and big data in the smart grid environment.We want to learn about the privacy goals for IoT and Big Data in smart grid environments, the types of privacy attacks, their privacy attacking procedures, and the ways these attacks can be stopped right now.
• Secondly, we extend data categorization and sensitivity leveling while simultaneously providing each data attribute with a numerical value.• Thirdly, We described our proposed generic framework, which receives openness as input from the user and returns the desired level of privacy.• Lastly, Two algorithms were developed by us in order to evaluate the efficacy of privacy attacks and to generate a table containing the results of these evaluations.The remaining parts of the paper are structured as described below.In chapter 2, we examine the related work regarding existing smart grid data privacy framework, data classification, the sensitivity level of data, and privacy protection techniques.We also offer some background information regarding our research.In chapter 3, we discuss our mapping study on privacy attacks in order to gain an understanding of the attacking technique used by potential adversaries while evaluating the performance of our proposed system.The proposed generic framework that we have based on user-chosen levels of privacy openness is discussed in Chapter 4. In Chapter 5, we will discuss how to evaluate the framework in light of potential invasions of privacy.Chapter 6 is where we finally put an end to our research.

II. BACKGROUND
In smart grid environments, a lot of data is collected and stored, some of which is related to personally identifiable information, and if this data is revealed, there will be a privacy breach.The smart meter is the most crucial component of the smart grid environment for data collection.Smart meters will deliver this information at considerably shorter intervals than their analog predecessors did, which measured energy consumption at the end of each billing cycle [3].
Privacy concern for smart grid have grown dramatically in the recent years.These smart grid is connect with IoT devices that collects varieties of sensitive and private data which can cause a serious issue if accessed by malicious parties.For example, when someone started a new smart meter, it is mandatory to provide personal information, i.e., name, DOB, geographic location, bank information, meter details, etc. User activities, such as when, where, and how much energy uses, etc., are stored on these platforms for later usage.Collection and analysis of all of these data can be used to better and flexible life of users.It is also possible that users' data is shared with third-party entities on occasion, frequently without the consumers' knowledge or consent.For instance, if the customer data attributes were revealed to the public or fell into the wrong hands, he or she could lose their life, their financial security, or even their social standing.A better privacy solution has been presented by a number of eminent scientists in the form of multiple privacy frameworks.

A. Existing privacy framework
Various privacy architectures have already been proposed by numerous research scientists.To better comprehend the architecture we've suggested, we'll discuss about a few of them.According to the way in which they function, we are able to divide them into four primary categories, which are as follows:

B. Software based privacy framework
There are already several software-based privacy frameworks that have been proposed by various scholars.One of the software based methods is smart energy gateway (SEG) [13] by H. Simo Fhom "Users' interactions with the utility or in-home smart appliances can be optimized by intelligent computer software acting on their behalf."This model's limitation is that it is only a preliminary model with a very theoretical framework.One other model is credential-based privacy, proposed by Mihir B. "The proposed method employs both software and a blind signature scheme to protect user privacy [14]."The limitations of this system are not intended for smart grid environments.

C. Hardware based privacy framework
There are already several hardware-based privacy frameworks that have been proposed by various researchers.One of them is the Extension of load signature masking(LSM) by Georgios K. "An affordable battery option for home smart meters' privacy.It is feasible to conceal appliance occurrences while saving money to contribute to peak load shedding [15] ."This model's limitation is that cost analysis is not done and implementation is very low.One other model is GERI(Gachon Energy Research Institute), proposed by Ken Budka min idea is "Getting data that has been anonymized and sending it to the server for batch processing through a proxy device [16]."This method is very basic idea and also not specific for smart grid.

D. Rule based privacy framework
There are already several ruled-based privacy frameworks that have been proposed by different scholars.One of them is Secure data aggregation and dispatch by Ye Yan. the main idea is "Only the smart meter can recreate the original data through mutual authentication in a secure data aggregation and distribution mechanism [17]."This model's limitation is optimization issues is not analyzed.One other model is [18]EPPA(Efficient and privacy preserving aggregation) scheme by Rongxing Lu "Implementation of the EPPA protocol for safe smart grid communications."This method doesn't provide proper implementation details.

E. Other privacy framework
There are several other privacy frameworks.One of the method is data mining proposed by George K.The main idea is "Empirical probability distribution(EPD) analyzes the content of power signals from the viewpoint of privacy by using data mining techniques [19]."The fact that different types of EPD databases are not considered is the main limitation of this model.One other model is State vector estimation technique by Y. Kim, the main idea is "Describe a method for estimating cooperative states that protects the privacy of users' data attribute [20]."Privacy guarantees are not provided by this method.
Customers' privacy, which includes the quantity of electricity they use on a daily basis, can be protected via privacypreserving authentication [21], which also enables the control center to generate and distribute the appropriate amount of electricity.
The smart grid is a bidirectional supply chain [22] connecting power generation to transmission, distribution, and consumers utilizing information communication technologies, and it analyzes security and privacy issues.
A privacy strategy [23] for smart grids that is based on information theory and can evaluate both the level of accuracy and the level of competitive privacy in smart grid operations.
Security and privacy in smart grid architectures [24], which examine the relationships between the various entities involved in the development of the smart grid infrastructure.
A smart metering system that protects users' privacy can be implemented for any and all sorts of smart metering, including those that measure gas, water, and electricity [25].
A theoretical framework is presented by the Utility privacy framework [26], which abstracts both the privacy and the utility requirements of smart meter data.Some of the architectures that protect users' privacy can be quickly and easily put into place.There are some of them that are easy, others that are medium, and some that are difficult.
Each architecture has various benefits and drawbacks.Similar to the ones mentioned above, the architectures mentioned above have some flaws [4], including some that are very theoretical and have not yet been validated, some that have optimization issues, some that do not perform cost analyses, some that provide very strict privacy guarantees, some that only provide a very basic idea, and some that do not take real-time implementation impact into account.

F. Data classification and sensitivity analysis
In order to ensure that the data attributes linked with any field, including the smart grid, are afforded the level of privacy that is suitable, we need to have proper classification.A generalized categorization system and a data sensitivity level were both offered by Rein Turn [8].When it comes to any type of record-keeping system, one of the initial ideas was to divide these data attributes up into three distinct groups [8] and these classifications are restricted, confidential, and unclassified.The British Computer Society [9] has advocated for the implementation of sensitivity scales in addition to an information classification system that is more complete.There is access to any and all public information, including information that has been published but has not yet been collected.Information that has been published but has not yet been gathered is also available.Confidential information is defined as that which the general public does not have access to or is not aware of The phrase "secret" refers to information that is concealed from the majority of people, including the individual who is the subject of the conversation.The term "big data" refers to an umbrella term that covers a wide range of data types, some of which include but are not limited to personal data, data collected from smart grids, and derived data generated from attribute values.

G. Ensuring privacy characteristics
Privacy can be described as the right of an entity to be secure from unauthorized disclosure of sensitive information from any unwanted party.A privacy attack leverages seemingly benign data to deduce personal information.Users' private and sensitive datasets are aggregated and published to the public for research purposes with or without adding distortion.These statistics can be predetermined or chosen by the analyst when the dataset is queried.The purpose of privacy-preserving data analysis is to safeguard the privacy of individual records in the dataset, even if the analyst maliciously selects queries based on an attack method meant to harm privacy [27].User privacy can be protected by ensuring the following metrics.
• Anonymity -Within a system, it is impossible to identify an item of interest (IoI).For example, anonymity of a sender requires that the other users are unable to determine the identity of the sender within a set of potential sender.Similarly, within a set of potential recipients, other users should be unable to determine the recipient.This set of IoIs are known as anonymity set.• Unlinkability -Within a system, it is impossible identify if two or more entities are related or not.If two events occur within a set, i.e., sending messages, unlinkability refers that an attacker won't be able to differentiate if the messages were sent by the same sender or different senders.
• Undetectability -Within a system, the attacker cannot adequately recognize whether an IoI exits or not.If we consider messages as IoIs, then undetectability means that these messages are indiscernible from random noises.• Unobservability -Within a system, the same type of IoIs are indistiguishable.Similar to the anonymity set, we have unobservability set of IoTs with respect to unobservability [28].In perspective of sending/receiving messages, unobservability refers that it is sufficiently undetectable whether any sender has sent any messages to a set of could-be recipients.
In order to protect the privacy of the data, it is necessary for us to ensure that the data possesses the following four qualities: anonymity, unlinkability, undetectability, and unobservability [28].We need to add the appropriate amount of noise so that all four of these characteristics can be made.There are four very basic methods for adding noise to the raw data, and these are as follows: 1) Additive Noise -In the context of statistical databases, the term "noise addition" refers to a family of approaches employed for the purpose of protecting the privacy of individual data (microdata) [29].To generate noise for private quantitative attributes, a stochastic or randomly generated number is appended to those attributes.2) Multipicative Noise It explains how to make multiplicative noise by producing random numbers with a mean of one, which are then utilized as noise and multiplied by the initial data set.This method is used to generate multiplicative noise [30,31].3) Logarithmic multiplicative noise Logarithmic multiplicative noise is a subtype of multiplicative noise that is characterized by the use of a logarithmic transformation on the data that was initially collected [30,31].4) Differential Privacy -Differential privacy, the most recent and cutting-edge method for keeping data private, preserves privacy by returning perturbed aggregated query replies from databases.This is the most recent and cutting-edge method for keeping data private [32].

III. PROPOSED METHOD -PRIVACY OPENNESS
Personal data attributes include any information or data attributes that can be utilized to unanonymize any individual.The smart grid is something that affects everyone's lives today, and it generates and retains a plethora of personally identifiable information for use in the future.There is a privacy concern because retaining information could have either positive or negative consequences.Within the framework of our proposed method, we will categorize the data attributes and then explain the sensitivity level in conjunction with the negative consequences that are linked with categorized data.After that, we will give each data attribute a numerical rating based on its associated sensitivity level.After that, we will move on to a more in-depth discussion of our suggested framework, which is based on the user's willingness to share their data attribute.

Extended data classification, sensitivity and impacts
The information is currently being organized by the scientists based on the degree of its privacy.The judgments that are made regarding the classification of personal data will be influenced by public policy, rules, legal interpretations, agency requirements, and individual requirements.At first, it was suggested that information be classified into three primary groups: open to the public, restricted to certain individuals, and kept secret [33].
We employ the eight categories in our technique to arrange the data in table II.According to what privacy experts advised us to do, we assigned a number to each group.The first one is like data being public by default, which means data can be accessed by the general public and is available in a public domain; the numeric weighted value that has been assigned to it is zero.This set of data has a weighted value of one, and the term "data public by enactment" refers to the data that is made available to the public by any institution or government.The third type of open data is considered to be internal open data.This means that the data can be open internally, such as when an employee of an organization is privy to some information about their coworkers, such as a mobile number, occupation, and so on.The value that has been assigned to this group is two.The fourth type is called internally limited access data, and it refers to information whose access is restricted within an organization or by an individual.For instance, a female worker who works at the company wants her mobile phone number to remain private among her other coworkers, and the value three has been allocated to this group.The next category is known as "low-level confidential," and it refers to information that is not strictly classified as confidential but can nonetheless be disclosed upon request.They, together with a person's location and use of social media, are potential indicators of someone's economic state.The numerical value of this group has been determined to be five.High level confidential information resembles a unique identifier of a person who may inflict harm if it were to be revealed or reproduced.High-level confidential data includes social security numbers and dates of birth, and the group numerical value is seven.Data that has never been made available to the general public because doing so is against the law is referred to as "data restricted by user" in the following category.Nine is the value that has been allotted to this type of information, which includes things like bank information and biometrics data.The final category, known as "data restricted by the organization or government," refers to information that has never been made available to the general public.Secret Service agents fall under the category of "information that is controlled by the organization or government," and this group's assigned numerical value is ten.
After using the data category, we create a table III that lists the data sensitivity levels, which range from 0 to 5, along with their adverse affects on a person's daily life.The data sensitivity level zero is the least sensitive level, and it is the only level that does not have any negative consequences on individual lives.This level includes public data groups.The data sensitivity level five is the most sensitive level, and it has the worst impact on a human, such as the individual being at risk of losing his or her life.In order for the data to be classified at this sensitive level, the organization or the government restricts access to it.The loss of friendship, solitude, and social respect are some of the minor negative impacts that are associated with the first level of sensitivity.This sensitivity level encompasses both open and limited access to the company's own internal data.sensitivity include a loss of expertise, reputation, and social respect.This degree of sensitivity includes data with internal limited access as well as data with a low level of confidentiality.Loss of employment, precarious financial situations, and other potentially devastating outcomes are all associated with having a sensitivity level of three.This degree of sensitivity encompasses both data with a low level of confidential data with a high level of confidential data.When you have a sensitivity level of four, you run the risk of losing your civil rights, going to jail, and experiencing a variety of other potentially disastrous effects.This level of sensitivity encompasses both information that is kept strictly confidential and information that is restricted to a select group of users.

B. Data attribute with sensitivity level
We will designate a sensitive level in table IV for each attribute by using the value of the data category weight in conjunction with the value of the sensitivity level.It's possible for a single data attribute to have many sensitivity levels.Users and professionals in the field of privacy believe that different data attributes could have varying degrees of sensitivity.As an illustration, the sensitivity level of certain jobs, such as that of a software engineer, ranges from around 1 to 3, whereas the level of sensitivity of working in the secret service is from about 5. The level of sensitivity for several data attributes is the same, for example, the levels of sensitivity for age, race, mobile, and email.Human interaction or behavior is the least sensitive data, while genetic information, defense or diplomatic secrets, or secret service occupations are the most sensitive data features.We will assign a numerical value to each data attribute in the subsequent section using the sensitivity level and data category value.

C. Rating data attributes with numerical value
One of the most difficult aspects of the strategy that we suggested was assigning a numerical value to each data attribute.This was one of the most crucial hurdles.With the help of the SocreU (X i ) (equation 1) function, we can obtain the numerical rating for each data attribute.The rating is computed by the SocreU function by combining the sensitivity value, denoted by Att s, and the average value for the data category (avgDC).ScoreU calculates the rating of an individual attribute by utilizing two to the power of the attribute's sensitivity level (Att s) since the effect level grows in proportional to the sensitivity level.For instance, if we compare a sensitivity level of 2 and 4, the difference between the two in terms of numerical value is only 2, but the impact is tremendous.
The most of the data attributes can be categorized into a variety of different sensitivity levels.The equation 2 evaluates the average sensitivity level of each data attribute and then rounds up the resulting value to determine the final sensitivity level value for the attribute called Att s.For example, the Att s value for the address attribute will be the average of ⌋) sensitivity levels, and the final result will be 2 when the flooring average is taken into account.
The computation of the average data category weight, denoted by avgDC (equation 3), is performed in a manner analogous to that of the calculation of the average sensitivity level for each individual data attribute.Each data attribute may belong to more than one data category; for example, an address may be part of the ILAD and LLCD group.The final value (4) for address attributes such as (⌈ 3+5 2 ⌉) and ceiling will be determined by the average value for the data category that corresponds to address attributes.

AvgDC = ⌈
Data category value N umber of data category ⌉ For example, the numerical rating for address attribute is :

D. Generic framework for preserving privacy
One of the world's most renowned scientists is well aware of the privacy concerns surrounding the smart grid environment, as well as the privacy measures that were designed [34] in 2011 by Ann Cavoukian, who was the privacy commissioner for the province of Ontario.By design, no third-party, utility, or appliance company will have access to any user data in our proposed framework based on user openness of data.
The users of our proposed framework in figure -2 will initially be requested to indicate whether they are open by default or not.If a user decides to keep the default level of openness, then no data will be shared with any appliance or utility companies.After adding the maximum degree of noise possible and guaranteeing adequate data protection, companies that provide utilities or appliances can store data.The system offers users four options if they don't want to use the default privacy, including no openness with high privacy, medium openness with medium privacy, high openness with low privacy, and full openness with no privacy.Depending on the user-selected level of data openness, a noise level will be imposed.Before storing the raw data from the smart grid and the user's personal information, the same amount of noise was added to account for the user's preference for data openness.

IV. PERFORMANCE EVALUATION
The paradigm that we have proposed needs to be evaluated with regard to the various attacks on data privacy.Various privacy attacks employ various operating techniques with the aid of various kinds of data properties.Some privacy  attacks use association rules or bayesian rules, and try to generate various confidential data attributes to combine various nonconfidential data attributes.Others attempt to re-generate new secret data attributes by using correlations like sapiotemporal correlation between various attributes.In the system that we have presented, we have developed two algorithms that will evaluate whether or not a number of specified privacy attacks were successful.In this chapter, first we will discuss our proposed two algorithms, and then we will prepare the result table based on our algorithmic results.

A. Algorithm for assessing privacy threats
The first algorithm will take two inputs and then respond with one of two possible outcomes: the privacy attack was successful or it was unsuccessful.The level of openness of the user data will serve as the first input.There are four possible enum values to choose from for the first input parameter.These are no openness, low openness, medium openness, and all openness.When a user selects no open, it indicates he or she wishes to restrict access to all data attributes that guarantee high privacy.In contrast, when data is marked as all open, the user is not limited in any way in terms of how it can be shared publicly.The algorithm then generates a list of data attributes using the table V rating value as a basis.The number of data attributes will be zero in both the no openness and def ault scenarios.In addition to the data attribute list and the privacy attack, the first algorithm will send the information on to our second algorithm, which is called P rivacyAttackStatus, so that it can be determined whether or not the privacy attack was successful.
We already have a list of data attributes and the name of the privacy attack in our second algorithm.We also have a different of data attributes as well as our eleven privacy attacks.Now, the operation will be carried out for a particular attack and data attribute.According to the data attribute we provided, each individual privacy attack has a unique process for invading privacy.Linkage attacks, database linkage attacks, and correlation attacks, for example, violate privacy if they have only five to seven data attributes related to an individual.However, it is impossible to conduct both a collusion attack and a NILM attack on the same set of data attributes.All other privacy attacks can be partially successful with five to seven data attributes.All privacy attacks will be successful if either the majority of data or all data attributes are publicly available.On the other side, if there are no open data attributes, then none of the privacy attacks will be successful in compromising privacy.

B. Data openness determines the success of privacy attack
We can observe the table VI for instance, linakage attacks, database linkage attacks, and correlation attacks are privacyinvading even if they just have five to seven data elements pertaining to a specific individual.The same collection of data attributes cannot, however, be utilized for both a collusion attack and a NILM attack.With only five to seven data qualities, it is possible to conduct an effective privacy attack.When either the large majority of data or all data qualities are fully available, any privacy attack will succeed.However, if no open data attributes are available, then none of the privacy attacks will be successful.

V. CONCLUSION
The smart grid is connected to the home, which is the most private place on earth.Additionally, it deals with the most sensitive and private data related to persons that is collected via smart appliances, smart meters, and other sources.As a consequence of this, any information concerning the smart grid is incredibly important, and as a result, it must be kept strictly confidential.In order to improve privacy, we first carried out a systematic mapping study to pinpoint the main privacy goals, threats, and defenses in the context of IoT and big data in the smart grid.We already published that mapping study paper at the 13th International Conference on Information and Communication Technology Convergence (ICTC), "A Mapping Study on Privacy Attacks in Big Data and IoT" [35] in 2022.Then we provide an extended data classification and sensitivity level analysis, and we also provide a proper method for assigning a numerical value to every data attribute.Within the generic framework that we have proposed, the level of the user's privacy will be set to a high default, and no privacy attacks will be successful.If a user does not wish to use the system's default level of privacy, they have the option of selecting one of the following alternative settings: full openness with no privacy; medium openness with medium privacy; high openness with low privacy; or no openness at all with high privacy.They will receive the same amount of data privacy regardless of the level of openness of the data that the user chooses to have.To accommodate the user's demand for data privacy, the same amount of noise was applied before storing the raw data from the smart grid and the user's personal information.Also two algorithms were developed in order to evaluate the efficacy of privacy attacks and to generate a table containing the results of these evaluations.The implementation of our proposed framework in an actual system is not only very simple, but it also does not require any additional funds.We can improve on our proposed approach in the future and implement it.For all different types of data attributes, we can also offer more extensive classification and sensitivity.We might also make our proposed method work with smart systems other than smart grid environments.Check the PrivacyAttack value using a switch statement.
For each case in the switch statement: a. IF N is less than or equal to 0, set status to "Fail".
b. ELSE IF N is between 0 and 7 (inclusive), set status to "Partial Success".c. ELSE, set status to "Success".
IF the PrivacyAttack value does not match any of the cases in the switch statement, check if n is less than or equal to 0. If so, set status to "Fail".Otherwise, set status to "Success".
Return the status of the attack.end function

Fig
Fig.2.General framework to protect data attributes in smart grid environment

Fig. 4 .
Fig. 4.An algorithm for determining the status of attacks Function PrivacyAttackStatus(PrivacyAttack, List of attributes) N ← number of attributes in the List Output ← Status of the attack (Fail, Partial Success, or Success)

TABLE V A
RATING VALUE IS PROVIDED FOR EACH INDIVIDUAL DATA ATTRIBUTE . 2. General framework to protect data attributes in smart grid environment Function PrivacyAttackEvaluationAlgorithm(OpennessLevel, PrivacyAttack) X ← data attributes rating from table V switch (OpennessLevel) case No: List ← List of data attributes rating X, X ≤ 0 attackStatus ← PrivacyAttackStatus(PrivacyAttack, List) break