Section: New Results

Foundations of information hiding

Information hiding refers to the problem of protecting private information while performing certain tasks or interactions, and trying to avoid that an adversary can infer such information. This is one of the main areas of research in Comète; we are exploring several topics, described below.

Secure Information Flow and Game Theory

In the inference attacks studied in Quantitative Information Flow (QIF), the attacker typically tries to interfere with the system in the attempt to increase its leakage of secret information. The defender, on the other hand, typically tries to decrease leakage by introducing some controlled noise. This noise introduction can be modeled as a type of protocol composition, i.e., a probabilistic choice among different protocols, and its effect on the amount of leakage depends heavily on whether or not this choice is visible to the attacker. In [21], [11], we considered operators for modeling visible and hidden choice in protocol composition, and we studied their algebraic properties. We then formalized the interplay between defender and attacker in a game-theoretic framework adapted to the specific issues of QIF, where the payoff is information leakage. We considered various kinds of leakage games, depending on whether players act simultaneously or sequentially, and on whether or not the choices of the defender are visible to the attacker. In the case of sequential games, the choice of the second player is generally a function of the choice of the first player, and his/her probabilistic choice can be either over the possible functions (mixed strategy) or it can be on the result of the function (behavioral strategy). We showed that when the attacker moves first in a sequential game with a hidden choice, then behavioral strategies are more advantageous for the defender than mixed strategies. This contrasts with the standard game theory, where the two types of strategies are equivalent. Finally, we established a hierarchy of these games in terms of their information leakage and provide methods for finding optimal strategies (at the points of equilibrium) for both attacker and defender in the various cases.

The additive capacity problem for Quantitative Information Flow

Preventing information leakage is a fundamental goal in achieving confidentiality. In many practical scenarios, however, eliminating such leaks is impossible. It becomes then desirable to quantify the severity of such leaks and establish bounds on the threat they impose. Aiming at developing measures that are robust wrt a variety of operational conditions, a theory of channel capacity for the $g$-leakage model was developed in [25], providing solutions for several scenarios in both the multiplicative and the additive setting. In [16] we continued this line of work by providing substantial improvements over the results of [25] for additive leakage. The main idea of employing the Kantorovich distance remains, but it is now applied to quasimetrics, and in particular the novel “convex-separation” quasimetric. The benefits were threefold: first, it allowed to maximize leakage over a larger class of gain functions, most notably including the one of Shannon. Second, a solution was obtained to the problem of maximizing leakage over both priors and gain functions, left open in [25]. Third, it allowed to establish an additive variant of the " Miracle " theorem from [26].

Local Differential Privacy and Statistical Utility

Local differential privacy (LDP) is a variant of differential privacy (DP) where the noise is added directly on the individual records, before being collected. The main advantage with respect to DP is that we do not need a trusted third party to collect and sanitise the sensitive data of the user. The main disadvantage is that the trade-off between privacy and utility is usually worse than in DP, and typically to retrieve reasonably good statistics from the locally sanitised data it is necessary to have access to a huge collection of them. In [22], we focused on the problem of estimating the counting queries on numerical data, and we proposed a variant of LDP based on the addition of geometric noise. Such noise function is known to have appealing properties in the case of counting queries. In particular, it is universally optimal for DP, i.e., it provides the best utility for a given level of DP, regardless of the side knowledge of the attacker. We explored the properties of geometric noise for counting queries in the LDP setting, and we conjectured an optimality property, similar to the one that holds in the DP setting. In [15] we proposed a variant of LDP suitable for metric spaces, such as location data or energy consumption data, and we showed that it provides a better utility, for the same level of privacy, then the other known LPD mechanisms.

Information-Theoretic Methods for Feature Selection in Machine Learning

The identification of the “best” features for classification is a problem of increasing importance in machine learning. The size of available datasets is becoming larger and larger, both in terms of samples and in terms of features of the samples, and keeping the dimensionality of the data under control is necessary for avoiding an explosion of the training complexity and for the accuracy of the classification. The known methods for reducing the dimensionality can be divided in two categories: those which transform the feature space by reshaping the original features into new ones (feature extraction), and those which select a subset of the features (feature selection). Several proposals for feature selection have successfully applied concepts and techniques from information theory. In [19] we proposed a new information-theoretic algorithm for ordering the features according to their relevance for classification. The novelty of our proposal consisted in adopting Rényi min-entropy instead of the commonly used Shannon entropy. In particular, we adopted a notion of conditional min-entropy that has been recently proposed in the field of security and privacy, and that avoids the anomalies of previously-attempted information-theoretic definitions. This notion is strictly related to the Bayes error, which is a promising property for achieving accuracy in the classification. We evaluated our method on various classifiers and datasets, and we showed that it compares favorably to the corresponding one based on Shannon entropy.

A Logical Characterization of Differential Privacy via Behavioral Metrics

Differential privacy (DP) is a formal definition of privacy ensuring that sensitive information relative to individuals cannot be inferred by querying a database. In [18], we exploited a modeling of this framework via labeled Markov Chains (LMCs) to provide a logical characterization of differential privacy: we considered a probabilistic variant of the Hennessy-Milner logic and we defined a syntactical distance on formulae in it measuring their syntactic disparities. Then, we defined a trace distance on LMCs in terms of the syntactic distance between the sets of formulae satisfied by them. We proved that such distance corresponds to the level of privacy of the LMCs. Moreover, we used the distance on formulae to define a real-valued semantics for them, from which we obtained a logical characterization of weak anonymity: the level of anonymity is measured in terms of the smallest formula distinguishing the considered LMCs. Then, we focused on bisimulation semantics on nondeterministic probabilistic processes and we provide a logical characterization of generalized bisimulation metrics, namely those defined via the generalized Kantorovich lifting. Our characterization is based on the notion of mimicking formula of a process and the syntactic distance on formulae, where the former captures the observable behavior of the corresponding process and allows us to characterize bisimilarity. We showed that the generalized bisimulation distance on processes is equal to the syntactic distance on their mimicking formulae. Moreover, we used the distance on mimicking formulae to obtain bounds on differential privacy.

Probability and Nondeterminism in Process Calculi from a Logical Perspective

Behavioral equivalences and modal logics have been successfully employed for the specification and verification of communicating concurrent systems, henceforth processes. The former ones, in particular the family of bisimulations, provide a simple and elegant tool for the comparison of the observable behavior of processes. The latter ones allow for an immediate expression of the desired properties of processes. Since the work on the Hennessy-Milner logic (HML), these two approaches are connected by means of logical characterizations of behavioral equivalences: two processes are behaviorally equivalent if and only if they satisfy the same formulae in the logic. Hence, the characterization of an equivalence subsumes both the fact that the logic is as expressive as the equivalence and the fact that the equivalence preserves the logical properties of processes. However, the connection between behavioral equivalences and modal logics goes even further: modal decomposition of formulae exploits the characterization of an equivalence to derive its compositional properties. Roughly speaking, the definition of the semantic behavior of processes by means of the Structural Operational Semantics (SOS) framework allowed for decomposing the satisfaction problem of a formula for a process into the verification of the satisfaction problem of certain formulae for its subprocesses. In [12] we extended the SOS-driven decomposition approach to processes in which the nondeterministic behavior coexists with probability. To deal with the probabilistic behavior of processes, and thus with the decomposition of formulae characterizing it, we introduced a SOS-like machinery allowing for the specification of the behavior of open distribution terms. By our decomposition, we obtained (pre)congruence formats for probabilistic bisimilarity, ready similarity and similarity.

The combination of nondeterminism and probability in concurrent systems leads to different interpretations of process behavior. If we restrict our attention to linear properties only, we can identify three main approaches to trace and testing semantics: the trace distributions, the trace-by-trace and the extremal probabilities approaches. In [17] we proposed novel notions of behavioral metrics that are based on the three classic approaches above, and that can be used to measure the disparities in the linear behavior of processes wrt. trace and testing semantics. We studied the properties of these metrics, like non-expansiveness, and we compare their expressive powers.