• The Inria's Research Teams produce an annual Activity Report presenting their activities and their results of the year. These reports include the team members, the scientific program, the software developed by the team and the new results of the year. The report also describes the grants, contracts and the activities of dissemination and teaching. Finally, the report gives the list of publications of the year.

• Legal notice
• Personal data

#### WIDE

##### WIDE - 2021

2021
Activity report
Project-Team
WIDE
RNSR: 201822640K
Research center
In partnership with:
Université Rennes 1
Team name:
the World Is Distributed Exploring the tension between scale and coordination
In collaboration with:
Institut de recherche en informatique et systèmes aléatoires (IRISA)
Domain
Networks, Systems and Services, Distributed Computing
Theme
Distributed Systems and middleware
Creation of the Project-Team: 2018 June 01

# Keywords

• A1.2.5. Internet of things
• A1.2.9. Social Networks
• A1.3.2. Mobile distributed systems
• A1.3.3. Blockchain
• A1.3.4. Peer to peer
• A1.3.5. Cloud
• A1.3.6. Fog, Edge
• A2.1.7. Distributed programming
• A2.6.2. Middleware
• A2.6.3. Virtual machines
• A3.5.1. Analysis of large graphs
• A4. Security and privacy
• A4.8. Privacy-enhancing technologies
• A7.1.1. Distributed algorithms
• A7.1.2. Parallel algorithms
• A7.1.3. Graph algorithms
• A9. Artificial intelligence
• A9.2. Machine learning
• A9.9. Distributed AI, Multi-agent
• B6.1.1. Software engineering
• B6.3.1. Web
• B6.3.5. Search engines
• B6.4. Internet of things
• B9.5.1. Computer science
• B9.5.6. Data science

# 1 Team members, visitors, external collaborators

## Research Scientists

• Davide Frey [Inria, Researcher, HDR]
• George Giakkoupis [Inria, Researcher]
• Erwan Le Merrer [Inria, Researcher, HDR]

## Faculty Members

• Francois Taiani [Team leader, Univ de Rennes I, Professor, HDR]
• David Bromberg [Univ de Rennes I, Professor, HDR]
• Barbe Thystere Mvondo Djob [Univ de Rennes I, Associate Professor, from Sep 2021]
• Michel Raynal [Univ de Rennes I, Emeritus, HDR]

## PhD Students

• Timothe Albouy [Univ de Rennes I, from Oct 2021]
• Alex Auvolat-Bernstein [Univ de Rennes I]
• Loick Bonniot [Technicolor, CIFRE, until Apr 2021]
• Amaury Bouchra Pilet [Univ de Rennes I, until Aug 2021]
• Quentin Dufour [Inria, until Feb 2021]
• Mathieu Gestin [Inria, from Oct 2021]
• Arthur Rauch [Inria, from Oct 2021]

## Technical Staff

• Jeremie Dautheribes [Inria, Engineer, until May 2021]
• Malo Dumont [Inria, Engineer, until Sep 2021]
• Mathieu Gestin [Univ de Rennes I, Engineer, from Mar 2021 until Jun 2021]
• Muhammed Selcuk Kok [Inria, Engineer, from Nov 2021]
• Matthieu Simonin [Inria, Engineer]
• Ali Yesilkanat [Inria, Engineer, from Nov 2021]

## Interns and Apprentices

• Timothe Albouy [Univ de Rennes I, from Mar 2021 until Aug 2021]
• Jade Garcia Bourrée [Univ de Rennes I, from May 2021 until Jul 2021]
• Mathieu Gestin [Univ de Rennes I, until Feb 2021]
• Costantino Lo Bello [Inria, From Dec 2021]
• Yohan Mabileau [École Normale Supérieure de Lyon, from May 2021 until Jul 2021]
• Eddy Singning [Univ de Rennes I, from May 2021 until Sep 2021]

• Virginie Desroches [Inria]

## Visiting Scientist

• Costantino Lo Bello [Inria, from Oct 2021 until Dec 2021]

# 2 Overall objectives

## 2.1 Overview

The long term goal of the WIDE team is to provide the practical tools and theoretical foundations required to address the scale, dynamicity, and uncertainty that constitute the foundations of modern distributed computer systems. In particular, we would like to explore the inherent tension between scalability and coordination guarantees, and develop novel techniques and paradigms that are adapted to the rapid and profound changes impacting today's distributed systems, both in terms of the application domains they support and the operational constraints they must meet.

These changes are particularly visible in three key areas related to our research: (i) planetary-scale information systems, (ii) personalized services, and (iii) new forms of social applications (e.g. in the field of the sharing economy).

## 2.2 Planetary-Scale Geo-Distributed Systems

Modern large-scale systems often encompass thousands of server nodes, hosted in tens of datacenters distributed over several continents. To address the challenges posed by such systems, alternative distributed architectures are today emerging that emphasize decentralized and loosely coupled interactions. This evolution can be observed at multiple levels of an application's distributed stack: the growing interest, both practical and theoretical, for weak consistency models is such an example. In spite of their potential counter-intuitive behaviors, weakly consistent data-structures allow developers to trade strict coordination guarantees for the ability to deliver a reactive and scalable service even when hit by arbitrary network delays or system partitions. At a higher, more architectural level, similar motivations explain the push for micro-services on the server side of on-line applications and the growth of rich browser-based programming technologies on their client side. Micro services help development teams decompose complex applications into a set of simpler and loosely-connected distributed services. In a parallel evolution, modern browsers embark increasingly powerful networking APIs such as WebRTC. These APIs are prompting a fresh rethink of the typical distribution of capabilities between servers and clients. This is likely to lead to more services and computations being offloaded to browsers, in particular within hybrid architectures. The above evolutions, away from tightly synchronized and monolithic deployments towards heterogeneous, composite and loosely coordinated distributed systems, raise a number of difficult challenges at the crossroad of theoretical distributed algorithms, system architecture, and programming frameworks. One of these challenges pertains to the growing complexity arising from these systems: as richer and more diverse services are being composed to construct whole applications, individual developers can only hope to grasp parts of the resulting systems. Similarly, weak consistency models and loose coordination mechanisms tend to lead to counter-intuitive behaviors, while only providing weak overall guarantees. This lack of systematic guarantees and understandability make it harder for practitioners to design, deploy, and validate the distributed systems they produce, leading to rising costs and high entry barriers.

In order to address these challenges, we argue that modern-day distributed systems require new principled algorithms, approaches, and architectural patterns able to provide sound foundations to their development while guaranteeing robust service guarantees, thus lowering the cost of their development and maintenance, increasing their reliability, and rendering them technically approachable to a wider audience.

## 2.3 Highly Personalized On-Line Services

Ever increasing volumes of data are being produced and made available from a growing number of sources (Internet of Things sensors, open data repositories, user-generated content services).

As a result, digital users find it increasingly difficult to face the data deluge they are subjected to without additional help. This difficulty has fueled the rise of notification solutions over traditional search, in order to push few but relevant information items to users rather than leave them to sieve through a large mass of non-curated data. To provide such personalized services, most companies rely today on centralized or tightly coupled systems hosted in data centers or in the cloud. These systems use advanced data-mining and machine learning techniques to deliver enhanced, personalized, services to users and companies, and often exploit highly parallelized data analytics frameworks such as Spark, and Flink.

Selecting the best information for a user in order to provide a personalized experience requires however to gather enough information about this user, which raises a number of important technical challenges and privacy protection issues. More precisely, this concentration poses strong risks to the privacy of users, and limits the scope of personalization to tightly integrated datasets.

The use of large monolithic infrastructures also limits the use of machine learning and personalization to situations in which data is fully available to the organization managing the underlying computing infrastructure. This set-up prevents for instance cases in which sensitive data may not be shared freely, but might be of mutual interest to several independent participants in order to construct common machine learning models usable by all. Such situations occur for instance in the context of the mining of health-records by independent health-organizations, or in the collective harnessing of individual on-line profiles for personalization purpose by private users.

Alternative decentralized approaches that eschew the need for a central all-encompassing authority holds the promise of delivering knowledge while protecting individual participants. Constructing such systems requires however to address the inherent tension between the need to limit sensitive individual leaks, while maximizing collectively gained insights. Answering this tension calls on techniques and approaches from distributed systems, information theory, security, and randomized processes, making it a rich and dense research area, with a high impact potential. The problem of distributed privacy in a digital interconnected age further touches on interdisciplinary questions of Law, Sociology and Public Policy, which we think can only be explored in collaboration with colleagues from these fields.

## 2.4 Social Collaboration Platforms

On-line social networks have had a fundamental and lasting impact on the Internet. In recent years, numerous applications have appeared that go beyond the services originally provided by “pure” on-line social networks, such as posting messages or maintaining on-line “friendship” links. These new applications seek to organize and coordinate users, often in the context of the sharing economy, for instance in order to facilitate car-sharing (e.g. BlaBla car, www.blablacar.com), short-term renting (e.g. AirBnB, www.airbnb.com), and peer-to-peer financial services (e.g. Lending Club, www.lendingclub.com). Some systems, such as Bitcoin or Ethereum, have given rise to new distributed protocols combining elements of cryptography and distribution that are now largely discussed in the research community, and have attracted the attention of policy makers and leading financial actors.

The challenges faced by such social applications blend in many ways issues already discussed in the two previous subsections and cast them in an application-driven context. These social collaboration platforms require mechanisms that go beyond pure message propagation, with stricter consistency and robustness guarantees. Because they involve connected users, these applications must provide usable solutions, in particular in terms of latency and availability. At the same time, because they manipulate real-world transactions and objects (money, cars, accommodations) they must also provide a high level of consistency and guarantees. Many of these applications further operate at a planetary scale, and therefore also face stark scalability issues, that make them highly interesting case studies to investigate innovative architectures combining decentralized and centralized elements.

Formalizing and characterizing the needs and behaviors of these new applications seems particularly interesting in order to provide the fertile ground for new systems and novel theoretical work. The area of social applications also offers avenues for knowledge transfer and societal impact, along two dimensions. First, practical and usable approaches, back by a deep understanding of the foundation of distribution and coordination, are likely to find applications in future systems. Second, developers of complex social applications are often faced with a lack of robust scalable services1 that can be easily exploited to harness the latest understanding of large-scale distributed coordination. We therefore think these applications offer an opportunity to design and deliver modular reusable bricks that can be easily appropriated by a large population of innovative developers without requiring the level of deep understanding usually necessary to implement these solutions from scratch. Providing such reusable bricks is however difficult, as many interesting formal properties are not composable, and a unified composable theory of distributed systems still need to be fully articulated.

# 3 Research program

## 3.1 Overview

In order to progress in the four fields described above, the WIDE team is developing a research program which aims to help developers control and master the inherent uncertainties and performance challenges brought by scale and distribution.

More specifically, our program revolves around four key challenges.

• Challenge 1: Designing Hybrid Scalable Architectures,
• Challenge 2: Constructing Personalizable Privacy-Aware Distributed Systems,
• Challenge 3: Understanding Controllable Network Diffusion Processes,
• Challenge 4: Systemizing Modular Distributed Computability and Efficiency.

These four challenges have in common the inherent tension between coordination and scalability in large-scale distributed systems: strong coordination mechanisms can deliver strong guarantees (in terms of consistency, agreement, fault-tolerance, and privacy protection), but are generally extremely costly and inherently non-scalable if applied indiscriminately. By contrast, highly scalable coordination approaches (such as epidemic protocols, eventual consistency, or self-organizing overlays) perform much better when the size of a system increases, but do not, in most cases, provide any strong guarantees in terms of consistency or agreement.

The above four challenges explore these tensions from four complementary angles: from an architectural perspective (Challenge 1), from the point of view of a fundamental system-wide guarantee (privacy protection, Challenge 2), looking at one universal scalable mechanism (network diffusion, Challenge 3), and considering the interplay between modularity and computability in large-scale systems (Challenge 4). These four challenges range from practical concerns (Challenges 1 and 2) to more theoretical questions (Challenges 3 and 4), yet present strong synergies and fertile interaction points. E.g. better understanding network diffusion (Challenge 3) is a key enabler to develop more private decentralized systems (Challenge 2), while the development of a theoretically sound modular computability hierarchy (Challenge 4) has a direct impact on our work on hybrid architectures (Challenge 1).

## 3.2 Hybrid Scalable Architectures

The rise of planetary-scale distributed systems calls for novel software and system architectures that can support user-facing applications while scaling to large numbers of devices, and leveraging established and emerging technologies. The members of WIDE are particularly well positioned to explore this avenue of research thanks to their experience on de-concentrated architectures combining principles from both decentralized peer-to-peer  47, 57 systems and hybrid infrastructures (i.e. architectures that combines centralized or hierarchical elements, often hosted in well-provisioned data-centers, and a decentralized part, often hosted in a peer-to-peer overlay)   51. In the short term, we aim to explore two axes in this direction: browser-based communication, and micro services.

#### Browser-based fog computing

The dramatic increase in the amount of data being produced and processed by connected devices has led to paradigms that seek to decentralize the traditional cloud model. In 2011 Cisco  48 introduced the vision of fog computing that combines the cloud with resources located at the edge of the network and in between. More generally, the term edge computing has been associated with the idea of adding edge-of-the network storage and computation to traditional cloud infrastructures  43.

A number of efforts in this directions focus on specific hardware, e.g. fog nodes that are responsible for connected IoT devices  49. However, many of today's applications run within web browsers or mobile phones. In this context, the recent introduction of the WebRTC API, makes it possible for browsers and smartphones to exchange directly between each other, enabling mobile, or browser-based decentralized applications.

Maygh  72, for example, uses the WebRTC API to build a decentralized Content Delivery Network that runs solely on web browsers. The fact that the application is hosted completely on a web server and downloaded with enabled websites means that webmasters can adopt the Content Delivery Network (CDN) without requiring users to install any specific software.

For us, the ability of browsers to communicate with each other using the WebRTC paradigm provides a novel playground for new programming models, and for a browser-based fog architecture combining both a centralized, cloud-based part, and a decentralized, browser-supported part.

This model offers tremendous potential by making edge-of-the-network resources available through the interconnection of web-browsers, and offers new opportunities for the protection of the personal data of end users. But consistently engineering browser-based components requires novel tools and methodologies.

In particular, WebRTC was primarily designed for exchanging media and data between two browsers in the presence of a coordinating server. Its complex mechanisms for connection establishment make many of the existing peer-to-peer protocols inefficient. To address this challenge, we plan to consider two angles of attack. First, we plan to design novel protocols that take into account the specific requirements set by this new technology. Second, we envisage to investigate variants of the current WebRTC model with cheaper connection-establishment protocols, in order to provide lower delays and bandwidth consumption in large-scale browser-based applications.

We also plan to address the trade-offs associated with hybrid browser-cloud models. For example, when should computation be delegated to browsers and when should it be executed on the cloud in order to maximize the quality of service? Or, how can a decentralized analytics algorithms operating on browser-based data complement or exploit the knowledge built by cloud-based data analytics solutions?

#### Emergent micro-service deployment and management

Micro-services tend to produce fine-grained applications in which many small services interact in a loosely coupled manner to produce a wide range of services within an organization. Individual services need to evolve independently of each other over time without compromising the availability of the overall application. Lightweight isolation solutions such as containers (Docker, ...), and their associated tooling ecosystem (e.g. Google's Borg  71, Kubernetes  46) have emerged to facilitate the deployment of large-scale micro-service-based applications, but only provide preliminary solutions for key concerns in these systems, which we would like to investigate and extend.

Most of today's on-line computer systems are now too large to evolve in monolithic, entirely pre-planned ways. This applies to very large data centres, for example, where the placement of virtual machines to reduce heating and power consumption can no longer be treated using top-down exhaustive optimisation approaches beyond a critical size. This is also true of social networking applications, where different mechanisms—e.g. to spread news notifications, or to recommend new contacts—must be adapted to the different sub-communities present in the system.

To cope with the inherent complexity of building complex loosely-coupled distributed systems while fostering and increasing efficiency, maintainability, and scalability, we plan to study how novel programming techniques based on declarative programming, components and epidemic protocols can help design, deploy, and maintain self-adaptive structures (e.g. placement of VM) and mechanisms (e.g. contact recommendations) that are optimized to the local context of very large distributed systems. To fulfill this vision, we plan to explore a three-pronged strategy to raise the level of programming abstraction offered to developers.

• First, we plan to explore the use of high-level domain-specific languages (DSL) to declare how large-scale topologies should be achieved, deployed, and maintained. Our vision is a declarative approach to describe how to combine, deploy and orchestrate micro-services in an abstract manner thus abstracting away developers from the underlying cloud infrastructures, and from the intricacies involved in writing low-level code to build a large-scale distributed application that scales. With this effort, we plan notably to directly support the twin properties of emergence (the adaptation “from within”) and differentiation (the possibility from parts of the system to diverge while still forming a whole). Our central objective is to search for principled programming constructs to support these two capabilities using a modular and incremental software development approach.
• On a second strand of work, we plan to investigate how unikernels enable smaller footprints, more optimization options, and faster boot times for micro-services. Isolating micro-services into VMs is not the most adequate approach as it requires the use of hypervisors, or virtual machine monitors (VMMs), to virtualize hardware resources. VMMs are well known to be heavyweight with both boot and run time overheads that may have a strong impact on performances. Unikernels seem to offer the right balance between performance and flexibility to address this challenge. One of the key underlying challenges is to compile directly the aforementioned provided DSL to a dedicated and customized machine image, ready to be deployed directly on top of a large set of bare metal servers.
• Depending on the workload it is subjected to, and the state of its execution environment (network, VMs), a large-scale distributed application may present erratic or degraded performance that is hard to anticipate and plan for. There is therefore a strong need to adapt dynamically the way resources are allocated to a running application. We would like to study how the DSL approach we envisage can be extended to enable developers to express orchestration algorithms based on machine learning algorithms.

## 3.3 Personalizable Privacy-Aware Distributed Systems

On-line services are increasingly moving towards an in-depth analysis of user data, with the objective of providing ever better personalization. But in doing so, personalized on-line services inevitably pose risks to the privacy of users. Eliminating, or even reducing these risks raises important challenges caused by the inherent trade-off between the level of personalization users wish to achieve, and the amount of information they are willing to reveal about themselves (explicitly or through the many implicit sources of digital information such as smart homes, smart cars, and IoT environments).

At a general level, we would like to address these challenges through protocols that can provide access to unprecedented amounts of data coming from sensors, users, and documents published by users, while protecting the privacy of individuals and data sources. To this end, we plan to rely on our experience in the context of distributed systems, recommender systems, and privacy, as well as in our collaborations with experts in neighboring fields such as machine learning, and security. In particular, we aim to explore different privacy-utility tradeoffs that make it possible to provide differentiated levels of privacy guarantees depending on the context associated with data, on the users that provide the data, and on those that access it. Our research targets the general goal of privacy-preserving decentralized learning, with applications in different contexts such as user-oriented applications, and the Internet-of-Things (IoT).

#### Privacy-preserving decentralized learning

Personalization and recommendation can be seen as a specific case of general machine learning. Production-grade recommenders and personalizers typically centralize and process the available data in one location (a data-center, a cloud service). This is highly problematic, as it endangers the privacy of users, while hampering the analysis of datasets subject to privacy constraints that are held by multiple independent organizations (such as health records). A decentralized approach to machine learning appears as a promising candidate to overcome these weaknesses: if each user or participating organization keeps its data, while only exchanging gradient or model information, privacy leaks seem less likely to occur.

In some cases, decentralized learning may be achieved through relatively simple adaptations of existing centralized models, for instance by defining alternative learning models that may be more easily decentralized. But in all cases, processing growing amounts of information calls for high-performance algorithms and middleware that can handle diverse storage and computation resources, in the presence of dynamic and privacy-sensitive data. To reach this objective, we will therefore leverage our work in distributed and privacy-preserving algorithms and middleware  50, 52, 53 as well as the results of our work on large-scale hybrid architectures in Objective 1.

#### Personalization in user-oriented applications

As a first application perspective, we plan to design tools that exploit decentralized analytics to enhance user-centric personalized applications. As we observed above, such applications exhibit an inherent trade-off between personalization quality and privacy preservation. The most obvious goal in this direction consists in designing algorithms that can achieve high levels of personalization while protecting sensitive user information. But an equally important one consists in personalizing the trade-off itself by adapting the quality of the personalization provided to a user to his/her willingness to expose information. This, like other desirable behaviors, appears at odds with the way current systems work. For example, a user of a recommender system that does not reveal his/her profile information penalizes other users causing them to receive less accurate recommendations. We would like to mitigate this situation by means of protocols that reward users for sharing information. On the one hand, we plan to take inspiration from protocols for free-riding avoidance in peer-to-peer systems  54, 59. On the other hand, we will consider blockchains as a tool for tracking and rewarding data contributions. Ultimately, we aim at enabling users to configure the level of privacy and personalization they wish to experience.

#### Privacy preserving decentralized aggregation

As a second setting we would like to consider target applications running on constrained devices like in the Internet-of-Things (IoT). This setting makes it particularly important to operate on decentralized data in a light-weight privacy-preserving manner, and further highlights the synergy between this objective and Objective 1. For example, we plan to provide data subjects with the possibility to store and manage their data locally on their own devices, without having to rely on third-party managers or aggregators, but possibly storing less private information or results in the cloud. Using this strategy, we intend to design protocols that enable users themselves, or third-party companies to query distributed data in aggregate form, or to run data analytics processes on a distributed set of data repositories, thereby gathering knowledge without violating the privacy of other users. For example, we have started working on the problem of computing an aggregate function over a subset of the data in a distributed setting. This involves two major steps: selection and aggregation. With respect to selection, we envision defining a decentralized data-selection operation that can apply a selection predicate without violating privacy constraints. With respect to aggregation, we will continue our investigation of lightweight protocols that can provide privacy with limited computational complexity  44.

## 3.4 Network Diffusion Processes

Social, biological, and technological networks can serve as conduits for the spread of ideas, trends, diseases, or viruses. In social networks, rumors, trends and behaviors, or the adoption of new products, spread from person to person. In biological networks, diseases spread through contact between individuals, and mutations spread from an individual to its offsprings. In technological networks, such as the Internet and the power grid, viruses and worms spread from computer to computer, and power failures often lead to cascading failures. The common theme in all the examples above is that the rumor, disease, or failure starts out with a single or a few individual nodes, and propagates through the network, from node to node, to reach a potentially much larger number of nodes.

These types of network diffusion processes have long been a topic of study in various disciplines, including sociology, biology, physics, mathematics, and more recently, computer science. A main goal has been to devise mathematical models for these processes, describing how the state of an individual node can change as a function of the state of its neighbors in the network, and then analyse the role of the network structure in the outcome of the process. Based on our previous work, we would like to study to what extent one can affect the outcome of the diffusion process by controlling a small, possibly carefully selected fraction of the network.

For example, we plan to explore how we may increase the spread or speed of diffusion by choosing an appropriate set of seed nodes (a standard goal in viral marketing by word-of-mouth), or achieve the opposite effect either by choosing a small set of nodes to remove (a goal in immunization against diseases), or by seeding a competing diffusion (e.g., to limit the spread of misinformation in a social network).

Our goal is to provide a framework for a systematic and rigorous study of these problems. We will consider several standard diffusion models and extensions of them, including models from mathematical sociology, mathematical epidemiology, and interacting particle systems. We will consider existing and new variants of spread maximization/limitation problems, and will provide (approximation) algorithms or show negative (inapproximability) results. In case of negative results, we will investigate general conditions that make the problem tractable. We will consider both general network topologies and specific network models, and will relate the efficiency of solutions to structural properties of the topology. Finally, we will use these insights to engineer new network diffusion processes for efficient data dissemination.

Our goal is in particular to study spread maximization in a broader class of diffusion processes than the basic independent cascade (IC) and linear threshold (LT) models of influence  65, 63, 64 that have been studied in this context so far. This includes the randomized rumor spreading (RS) model for information dissemination  56, biased versions of the voter model  60 modelling influence, and the (graph-based) Moran processes  67 modelling the spread of mutations. We would like to consider several natural versions of the spread maximization problem, and the relationships between them. For these problems we will use the greedy algorithm and the submodularity-based analytical framework of  65, and will also explore new approaches.

#### Immunization optimization

Conversely we would also like to explore immunization optimization problems. Existing works on these types of problem assume a perfect-contagion model, i.e., once a node gets infected, it deterministically infects all its non-immunized neighbors. We plan to consider various diffusion processes, including the standard susceptible–infected (SI), susceptible–infected–recovered (SIR) and susceptible–infected–susceptible (SIS) epidemic models, and explore the extent to which results and techniques for the perfect-contagion model carry over to these probabilistic models. We will also investigate whether techniques for spread maximization could be applied to immunization problems.

Some immunization problems are known to be hard to approximate in general graphs, even for the perfect-contagion model, e.g., the fixed-budget version of the fire-fighter problem cannot be approximated to any ${n}^{1-ϵ}$ factor  45. This strand of work will consider restricted graph families, such as trees or graphs of small treewidth, for such problems. In addition, for some immunization problems, there is a large gap between the best known approximation algorithm and the best known inaproximability result, and we would like to make progress in reducing these gaps.

## 3.5 Systemizing Modular Distributed Computability and Efficiency

The applications and services envisaged in Objectives 1 and 2 will lead to increasingly complex and multifaceted systems. Constructing these novel hybrid and decentralized systems will naturally push our need to understand distributed computing beyond the current state of the art. These trends therefore demand research efforts in establishing sound theoretical foundations to allow everyday developers to master the design, properties and implementation of these systems.

We plan to investigate these foundations along two directions: first by studying novel approaches to some fundamental problems of mutual exclusion and distributed coordination, and second by exploring how we can build a comprehensive and modular framework capturing the foundations of distributed computation.

#### Randomized algorithm for mutual exclusion and coordination

To exploit the power of massive distributed applications and systems (such as those envisaged in Objectives 1 and 2) or multiple processors, algorithms must cope with the scale and asynchrony of these systems, and their inherent instability, e.g., due to node, link, or processor failures. Our goal is to explore the power and limits of randomized algorithms for large-scale networks of distributed systems, and for shared memory multi-processor systems, in effect providing fundamental building blocks to the work envisioned in Objectives 1 and 2.

For shared memory systems, randomized algorithms have notably proved extremely useful to deal with asynchrony and failures. Sometimes probabilistic algorithms provide the only solution to a problem; sometimes they are more efficient; sometimes they are simply easier to implement. We plan to devise efficient algorithms for some of the fundamental problems of shared memory computing, such as mutual exclusion, renaming, and consensus.

In particular, looking at the problem of mutual exclusion, it is desirable that mutual exclusion algorithms be abortable. This means that a process that is trying to lock the resource can abort its attempt in case it has to wait too long. Abortability is difficult to achieve for mutual exclusion algorithms. We will try to extend our algorithms for the cache-coherent (CC) and the distributed shared memory (DSM) model in order to make them abortable, while maintaining expected constant Remote Memory References (RMRs) complexity, under optimistic system assumptions. In order to achieve this, the algorithm will use strong synchronization primitives, called compare-and-swap objects. As part of our collaboration with the University of Calgary, we will work on implementing those objects from registers in such a way that they also allow aborts. Our goal is to build on existing non-abortable implementations 58. We plan then later to use these objects as building blocks in our mutual exclusion algorithm, in order to make them work even if the system does not readily provide such primitives.

We have also started working on blockchains, as these represent a new and interesting trade-off between probabilistic guarantees, scalability, and system dynamics, while revisiting some of the fundamental questions and limitations of consensus in fault-prone asynchronous systems.

#### Modular theory of distributed computing

Practitioners and engineers have proposed a number of reusable frameworks and services to implement specific distributed services (from Remote Procedure Calls with Java RMI or SOAP-RPC, to JGroups for group communication, and Apache Zookeeper for state machine replication). In spite of the high conceptual and practical interest of such frameworks, many of these efforts lack a sound grounding in distributed computation theory (with the notable exceptions of JGroups and Zookeeper), and often provide punctual and partial solutions for a narrow range of services. We argue that this is because we still lack a generic framework that unifies the large body of fundamental knowledge on distributed computation that has been acquired over the last 40 years.

To overcome this gap we would like to develop a systematic model of distributed computation that organizes the functionalities of a distributed computing system into reusable modular constructs assembled via well-defined mechanisms that maintain sound theoretical guarantees on the resulting system. This research vision arises from the strong belief that distributed computing is now mature enough to resolve the tension between the social needs for distributed computing systems, and the lack of a fundamentally sound and systematic way to realize these systems.

To progress on this vision, we plan in the near future to investigate, from a distributed software point of view, the impact due to failures and asynchrony on the layered architecture of distributed computing systems. A first step in this direction will address the notions of message adversaries (introduced a long time ago in  69) and process adversaries (investigated in several papers, e.g.  68, 55, 61, 62, 66). The aim of these notions is to consider failures, not as “bad events”, but as part of the normal behavior of a system. As an example, when considering round-based algorithms, a message adversary is a daemon which, at every round, is allowed to suppress some messages. The aim is then, given a problem $P$, to find the strongest adversary under which $P$ can be solved (“strongest” means here that giving more power to the adversary makes the problem impossible to solve). This work will allow us to progress in terms of general layered theory of distributed computing, and allow us to better map distributed computing models and their relations, in the steps of noticeable early efforts in this direction  68, 42.

# 4 Application domains

WIDE's research, while primarily focused on the progress of scientific knowledge, has a while range of potential application domains. Our work on modular algorithmic abstraction has strong links to and is inspired by Software engineering. Our work on graph analysis, and social media practice is of direct relevance to the web, while our work on randomized processes can be applied to track epidemics. Our work on recommenders and kNN graph construction applies to search engines. Finally our work on privacy is of keen interest to Law scholars, as demonstrated by several interdisciplinary projects with colleagues from this discipline.

# 5 Highlights of the year

## 5.1 Awards

The Coronasurveys team (https://coronasurveys.org/) led by Antonio Fernandez from IMDEA, and involving Davide Frey from the WIDE team, received an honorable mention in the XPrize Pandemic Response Challenge. They developed forecasting methods for the number of COVID-19 cases based on the impact of governmental measures.

## 5.2 New permanent members

Djob Mvondo has just joined WIDE since Sep 1 as "Maître de Conférence" (U. Rennes I). Prior to his recruitment in Rennes, Djob obtained his PhD from the LIG laboratory of the University of Grenoble Alpes (France), and completed a postdoctoral stay at the ICSA laboratory of the University of Edinburgh, Scotland, working with Antonio Barbalace. Djob is an expert in operating systems, and virtualization mechanisms. His recruitment will reinforce our systems research theme, and opens up many exciting synergies with out current work on large-scale computer systems.

Erwan Le Merrer, previously on an ARP position, has moved to an indefinite permanent contract as a Senior Researcher with Inria starting on Oct 1 2021.

# 6 New software and platforms

## 6.1 New software

### 6.1.1 KIFF

• Name:
KIFF: An impressively fast and efficient JAVA library for KNN construction
• Keyword:
KNN
• Functional Description:

This package implements the KIFF algorithm reported in [1]. KIFF is a generic, fast and scalable K-Nearest-Neighbor graph construction algorithm. This algorithm connects each object to its k most similar counterparts, according to a given similarity metric. In term of comparison, this package implements also HYREC [2] and NN-DESCENT [3]. The standalone program implements cosine similarity only, however this library supports arbitrary similarity measures.

[1] Antoine Boutet, Anne-Marie Kermarrec, Nupur Mittal, Francois Taiani. Being prepared in a sparse world: the case of KNN graph construction. ICDE 2016, Finland.

• Contact:
Antoine Boutet
• Partner:
LIRIS

### 6.1.2 Dietcoin

• Keywords:
Blockchain, Bitcoin, Smartphone
• Functional Description:
dietcoin-lib is a Java library implementing the Dietcoin protocol which is an extension of the Bitcoin protocol with the goal of enhancing Bitcoin user security on resource-constrained devices such as smartphones. This piece of software is based on the bitcoinj library, which is the most popular Java implementation of Bitcoin notably used for Android applications. dietcoin-lib also enables a block-by-block replay of the existing Bitcoin blockchain to simulate a Dietcoin client downloading the blockchain from a Dietcoin server, both ends using dietcoin-lib, with the goal of evaluation the protocole on a large real dataset.
• URL:
• Publications:
• Contact:
Pierre-Louis Roman
• Participants:
Pierre-Louis Roman, Davide Frey, François Taiani, Marc Makkes, François Taiani

### 6.1.3 Basalt

• Keywords:
Peer-sampling, Blockchain
• Functional Description:
A number of novel blockchain and cryptocurrency implementations rely on random peer sampling. But existing protocols remain vulnerable to Sybil attacks. BASALT is a peer-sampling protocol that addresses this limitation by leveraging three main components. First it employs a novel sampling approach, termed stubborn chaotic search, that exploits ranking functions to define a dynamic target random graph (i.e. a set of v target neighbors for each node) that cannot be controlled by Byzantine nodes. Second, it adopts a hit-counter mechanism that favors the exploration of new peers even in the presence of Byzantine nodes that flood the network with their identities. Finally, it incorporates hierarchical ranking functions that ensure that nodes sample their peers from a variety of address prefixes. The first two mechanisms ensure that the number of Byzantine nodes in a node’s view cannot be increased arbitrarily by attackers. This offers protection from general Byzantine behaviors including those resulting from botnet attacks, as defined above. The third mechanism ensures that nodes sample their peers from a variety of address prefixes, thereby countering institutional attacks where the attacker controls a limited number of entire address prefixes.
• Contact:
Alex Auvolat-Bernstein

### 6.1.4 Killerdroid-packer

• Name:
Practical implémentation of dissimulation techniques for Android application
• Keywords:
Malware, Android, Machine learning, Cybersecurity
• Functional Description:
Killerdroid-packer allows to intricate a Android guest application in a Android host application. A common use case is to hide a malicious code inside a benign one to evade typical detection systems. Killerdroid-packer has been proven effective and scalable. Applications generated with the tool can evade state-of-the art detection systems (Drebin, Mamadroid ...) and can be used to forge large scale datasets of malicious applications.
• Publication:
• Contact:
David Bromberg
• Participants:
David Bromberg, Matthieu Simonin, Louison Gitzinger
• Partner:
DGA-MI

### 6.1.5 python-andromak

• Name:
Andromak: A library to assess Android detector quality
• Keywords:
Android, Anomaly detection, Cybersecurity, Distribution, Malware, Machine learning
• Functional Description:

State of the Art detectors are numerous, but actually comparing them in a thorough way is tedious. Andromak aims to make a step toward easier and sound comparisons between the top existing detectors.

Python-andromak is a library to

(a) scale your training (features extraction can transparently leverage your laptop of a large scale grid) (b) evaluate the quality of you model against several input datasets and scenario (c) analyse the performance results (domain-specific metrics and statistical tests are shipped)

• Contact:
David Bromberg

# 7 New results

## 7.1 Blockchain and Large-Scale Systems

Participants: Davide Frey, Alex Auvolat, Michel Raynal, Francois Taiani.

Causal broadcast is a communication abstraction built on top of point-to-point send/receive networks that ensures that any two messages whose broadcasts are causally related (as captured by Lamport's “happened before” relation) are delivered in their sending order. Several causal broadcast algorithms have been designed for failure-free and crash-prone asynchronous message-passing systems.

With this work, published on Journal of Theoretical Computer Science (TCS) 13 we were the first to give a formal definition of a causal broadcast abstraction in the presence of Byzantine processes, in the form of two equivalent characterizations, and to present a simple causal broadcast algorithm that implements it. The main difficulty in the design and the proof of this algorithm comes from the very nature of Byzantine faults: Byzantine processes may have arbitrary behavior, and the algorithm must ensure that correct processes (i) maintain a coherent view of causality and (ii) are never prevented from communicating between themselves. To this end, our algorithm is built modularly, namely it works on top of any Byzantine-tolerant reliable broadcast algorithm. Due to this modularity, the proposed algorithm is easy to understand and inherits the computability assumptions (notably the maximal number of processes that may be Byzantine) and the message/time complexities of the underlying reliable broadcast on top of which it is built.

### 7.1.2 Byzantine-Tolerant Reliable Broadcast in the Presence of Silent Churn

Participants: Timothe Albouy, Davide Frey, Michel Raynal, Francois Taiani.

We introduced a new reliable broadcast communication abstraction suited to $n$-process asynchronous message-passing systems in which up to $t$ processes may behave arbitrarily (Byzantine processes) and where (due to transient disconnections or message losses) up to $d$ correct processes may not receive a message broadcast by a correct (i.e., not Byzantine) process. We also introduced and proved correct an algorithm implementing such a communication abstraction where the system parameters $n$, $t$, and $d$ are such that $n>3t+2d$. We published this work as an invited paper at SSS 2021 27.

### 7.1.3 On the Versatility of Bracha’s Byzantine Reliable Broadcast Algorithm

Participants: Michel Raynal.

G. Bracha presented in 1987 a simple and efficient reliable broadcast algorithm for $n$-process asynchronous message-passing systems, which tolerates up to $t Byzantine processes. Following an idea recently introduced by Hirt, Kastrato and Liu-Zhang (OPODIS 2020), instead of considering the upper bound on the number of Byzantine processes, we consider in 20 two types of Byzantine behavior: the ones that can prevent the safety property from being satisfied, and the ones that can prevent the liveness property from being satisfied (a Byzantine process can exhibit only one or both types of failures). This Byzantine differentiated failure model is captured by two associated upper bounds denoted ${t}_{s}$ (for safety) and ${t}_{\ell }$ for liveness). We show that only the threshold values used in the predicates of Bracha’s algorithm must be modified to obtain an algorithm that works with this differentiated Byzantine failure model.

### 7.1.4 Consensus-Free Ledgers When Operations of Distinct Processes are Commutative

Participants: Davide Frey, Lucie Guillou, Michel Raynal, Francois Taiani.

Considering asynchronous message-passing systems in which any number of processes may crash, we explored the construction of ledger objects where the append operations issued from distinct processes commute. In a very interesting way, it appears that the implementation of such ledgers does not need consensus, which makes them both attractive and efficient. We also proposed a formalization based on Mazurkiewicz's traces. We published this work at PACT2021 28.

### 7.1.5 The graph neural networking challenge: A worldwide competition for education in AI/ML for networks

Participants: Loïck Bonniot, Francois Taiani.

During the last decade, Machine Learning (ML) has increasingly become a hot topic in the field of Computer Networks and is expected to be gradually adopted for a plethora of control, monitoring and management tasks in real-world deployments. This poses the need to count on new generations of students, researchers and practitioners with a solid background in ML applied to networks. During 2020, the International Telecommunication Union (ITU) has organized the "ITU AI/ML in 5G challenge", an open global competition that has introduced to a broad audience some of the current main challenges in ML for networks. This large-scale initiative has gathered 23 different challenges proposed by network operators, equipment manufacturers and academia, and has attracted a total of 1300+ participants from 60+ countries. This work 21 describes our experience organizing one of the proposed challenges: the "Graph Neural Networking Challenge 2020". We describe the problem presented to participants, the tools and resources provided, some organization aspects and participation statistics, an outline of the top-3 awarded solutions, and a summary with some lessons learned during all this journey. As a result, this challenge leaves a curated set of educational resources openly available to anyone interested in the topic.

This is a joint work with Christoph Neumann and François Schnitzler from InterDigital.

### 7.1.6 Towards Internet-Scale Convolutional Root-Cause Analysis with DiagNet

Participants: Loïck Bonniot, Francois Taiani.

Diagnosing problems in Internet-scale services remains particularly difficult and costly for both content providers and ISPs. Because the Internet is decentralized, the cause of such problems might lie anywhere between a user’s device and the datacenters hosting the service. Further, the set of possible problems and causes is not known in advance, making it impossible in practice to train a classifier with all combinations of problems, causes and locations. In this work 23, we explore how machine learning techniques can be used for Internet-scale root cause analysis based on measurements taken from end-user devices. Using convolutional neural networks, we show how to build generic models that (i) are agnostic to the underlying network topology, (ii) do not require to define the full set of possible causes during training, and (iii) can be quickly adapted to diagnose new services. We evaluate our proposal, DiagNet, on a geodistributed multi-cloud deployment of online services, using a combination of fault injection and emulated clients running within automated browsers. Our experiments demonstrate the promising capabilities of our technique, delivering a recall of 73.9%, including on causes that were unknown at training time.

This is a joint work with Christoph Neumann and François Schnitzler from InterDigital.

### 7.1.7 Tell me when you are sleepy and what may wake you up!

Participants: Barbe Thystere Mvondo Djob.

Nowadays, there is a shift in the deployment model of applications in the Cloud. Applications are now deployed as a set of several small units communicating with each other, thus an obvious similarity with the microservice model. Moreover, each unit – a microservice, may be implemented as a virtual machine, container, function, etc., spanning the different cloud service models IaaS, PaaS, FaaS, etc. A microservice is instantiated upon the reception of a request (e.g., an http packet or a trigger), and a rack-level or data-center-level scheduler decides the placement for such unit of execution considering for example data locality and load balancing. With such a configuration, it is common to encounter scenarios where different units, as well as multiple instances of the same unit, may be running on a single server at the same time.

When multiple microservices are running on the same server not necessarily all of them are doing actual processing, some may be busy-waiting – i.e., waiting for events (or requests) sent by other units. However, these "idle" units are consuming CPU time which could be used by other running units or cloud utility functions on the server (e.g., monitoring daemons). In a controlled experiment, we observe that units can spend up to 20% - 55% of their CPU time waiting, thus a great amount of CPU time is wasted; these values significantly grow when overcommitting CPU resources (i.e., CPU reservations of units exceed server CPU capacity), where we observe up to 69% - 75%. This is a result of the lack of information/context about what is running in each unit from the server CPU scheduler perspective. In 35, we first provide evidence of the problem and discuss several research questions. Then, we propose a handful of solutions worth exploring that consists in revisiting hypervisor and host OS scheduler designs to reduce the CPU time wasted on idle units. Our proposal leverages the concepts of informed scheduling, and monitoring for internal and external events. Based on the aforementioned solutions, we propose our initial implementation on Linux/KVM.

## 7.2 Scaling and Understanding AI systems

### 7.2.1 SurFree: A fast surrogate-free black-box attack

Participants: Erwan Le Merrer.

Machine learning classifiers are critically prone to evasion attacks. Adversarial examples are slightly modified inputs that are then misclassified, while remaining perceptively close to their originals. Last couple of years have witnessed a striking decrease in the amount of queries a black box attack submits to the target classifier, in order to forge adversarials. This particularly concerns the black-box score-based setup, where the attacker has access to top predicted probabilites: the amount of queries went from to millions of to less than a thousand. In 34 we presents SurFree, a geometrical approach that achieves a similar drastic reduction in the amount of queries in the hardest setup: black box decision-based attacks (only the top-1 label is available). We first highlight that the most recent attacks in that setup, HSJA, QEBA and GeoDA all perform costly gradient surrogate estimations. SurFree proposes to bypass these, by instead focusing on careful trials along diverse directions, guided by precise indications of geometrical properties of the classifier decision boundaries. We motivate this geometric approach before performing a head-to-head comparison with previous attacks with the amount of queries as a first class citizen. We exhibit a faster distortion decay under low query amounts (few hundreds to a thousand), while remaining competitive at higher query budgets.

Join work with Teddy Furon (Inria) and Thibault Maho (Inria).

### 7.2.2 RoBIC: A benchmark suite for assessing classifiers robustness

Participants: Erwan Le Merrer.

Many defenses have emerged with the development of adversarial attacks. Models must be objectively evaluated accordingly. In 33 we systematically tackle this concern by proposing a new parameter-free benchmark we coin RoBIC. RoBIC fairly evaluates the robustness of image classifiers using a new half-distortion measure. It gauges the robustness of the network against white and black box attacks, independently of its accuracy. RoBIC is faster than the other available benchmarks. We present the significant differences in the robustness of 16 recent models as assessed by RoBIC. We make this benchmark publicly available for use and contribution at https://gitlab.inria.fr/tmaho/robustness_benchmark.

Join work with Benoît Bonnet (Inria), Teddy Furon (Inria) and Thibault Maho (Inria).

### 7.2.3 Setting the Record Straighter on Shadow Banning

Participants: Erwan Le Merrer.

"Shadow banning" consists for an online social network in limiting the visibility of some of its users, without them being aware of it. Twitter declares that it does not use such a practice, sometimes arguing about the occurrence of "bugs" to justify restrictions on some users. Our study in 32 is the first to address the plausibility of shadow banning on a major online platform, by adopting both a statistical and a graph topological approach. We first conduct an extensive data collection and analysis campaign, gathering occurrences of visibility limitations on user profiles (we crawl more than 2.5 millions of them). In such a black-box observation setup, we highlight the salient user profile features that may explain a banning practice (using machine learning predictors. We then pose two hypotheses for the phenomenon: i) limitations are bugs, as claimed by Twitter, and ii) shadow banning propagates as an epidemic on user interaction ego-graphs. We show that hypothesis i) is statistically unlikely with regards to the data we collected. We then show some interesting correlation with hypothesis ii), suggesting that the interaction topology is a good indicator of the presence of groups of shadow banned users on the service.

Join work with Benoît Morgan (IRIT-ACADIE) and Gilles Trédan (LAAS/CNRS).

### 7.2.4 zoNNscan: A boundary-entropy index for zone inspection of neural models

Participants: Erwan Le Merrer.

The training of deep neural network classifiers results in decision boundaries whose geometry is still not well understood. This is in direct relation with classification problems such as so-called corner case inputs. We introduce zoNNscan in 31, an index that is intended to inform on the boundary uncertainty (in terms of the presence of other classes) around one given input datapoint. It is based on confidence entropy, and is implemented through Monte Carlo sampling in the multidimensional ball surrounding that input. We detail the zoNNscan index, give an algorithm for approximating it, and finally illustrate its benefits on three applications.

Join work with Adel Jaouen (Technicolor).

### 7.2.5 Simple, Efficient and Convenient Decentralized Multi-Task Learning for Neural Networks

Participants: Amaury Bouchra-Pilet, Davide Frey, Francois Taiani.

Machine learning, and in particular neural networks, require large amounts of data, which is increasingly highly distributed (e.g. over user devices, or independent storage systems). Aggregating this data at one site for learning can be unpractical due to network costs, legal constraints, or privacy concerns. Decentralized machine learning holds the potential to address these concerns, but unfortunately, most of the approaches proposed so far for distributed learning with neural networks are mono-task, and do not transfer easily to multi-task problems. To address these issues, we proposed a novel learning method for neural networks that is decentralized, multi-task, and that keeps users' data local. Our approach works with different learning algorithms, on various types of neural networks. We formally analyzed the convergence of our method, and we evaluate its efficiency in a range of neural networks and learning algorithms, demonstrating its benefits in terms of learning quality and convergence. We published this work at IDA 2021 25.

### 7.2.6 AUCCCR: Agent Utility Centered Clustering for Cooperation Recommendation

Participants: Amaury Bouchra-Pilet, Davide Frey, Francois Taiani.

Providing recommendation to agents (e.g. people or organizations) regarding whom they should collaborate with in order to reach some objective is a recurring problem in a wide range of domains. It can be useful for instance in the context of collaborative machine learning, grouped purchases, and group holidays. This problem has been modeled by hedonic games, but this generic formulation cannot easily be used to provide efficient algorithmic solutions. In this work, we defined a class of hedonic games that allows us to provide an algorithmic solution to a wide class of collaboration recommendation problems by means of a clustering algorithm. We evaluated our algorithm, theoretically and experimentally, and show that it performs better than other well-known clustering algorithms in this context. We published this work at NETYS 2021 24.

### 7.2.7 Cluster-and-Conquer: When Randomness Meets Graph Locality

Participants: George Giakkoupis, Francois Taiani.

K-Nearest-Neighbors (KNN) graphs are central to many emblematic data mining and machine-learning applications. Some of the most efficient KNN graph algorithms are incremental and local: they start from a random graph, which they incrementally improve by traversing neighbors-of-neighbors links. Unfortunately, the initial random graph exhibits a poor graph locality, leading to many unnecessary similarity computations. In this work 30, we remove this drawback with Cluster-and-Conquer (C2 for short). Cluster-and-Conquer boosts the starting configuration of greedy algorithms thanks to a novel lightweight clustering mechanism, dubbed FastRandomHash. FastRandomHash leverages randomness and recursion to pre-cluster similar nodes at a very low cost. Our extensive evaluation on real datasets shows that Cluster-and-Conquer significantly outperforms existing approaches, including LSH, yielding speedups of up to ×4.42 and even improving the KNN quality.

This is a joint work with Anne-Marie Kermarrec from EPFL and Olivier Ruas from the SPIRALS team at Inria Lille.

## 7.3 Distributed Network and Graph Algorithms

### 7.3.1 Self-stabilizing clock synchronization with 1-bit messages

Participants: George Giakkoupis.

In 22 we study the fundamental problem of distributed clock synchronization in a basic probabilistic communication setting. We consider a synchronous fully-connected network of $n$ agents, where each agent has a local clock, that is, a counter increasing by one modulo $T$ in each round. The clocks have arbitrary values initially, and they must all indicate the same time eventually. We assume a pull communication model, where in every round each agent receives an $\ell$-bit message from a random agent. We devise several fast synchronization algorithms that use small messages and are self-stabilizing, that is, the complete initial state of each agent (not just its clock value) can be arbitrary.

We first provide a surprising algorithm for synchronizing a binary clock ($T=2$) using 1-bit messages ($\ell =1$). This is a variant of the voter model and converges in $O\left(logn\right)$ rounds w.h.p., unlike the voter model which needs polynomial time. Next we present an elegant extension of our algorithm that synchronizes a modulo $T=4$ clock, with $\ell =1$, in $O\left(logn\right)$ rounds. Using these two algorithms, we refine an algorithm of Boczkowski et al. (SODA'17), that synchronizes a modulo $T$ clock in polylogarithmic time (in $n$ and $T$). The original algorithm uses $\ell =3$ bit messages, and each agent receives messages from two agents per round. Our algorithm reduces the message size to $\ell =2$, and the number of messages received to one per round, without increasing the running time. Finally, we present two algorithms that simulate our last algorithm achieving $\ell <2$, without hurting the asymptotic running time. The first algorithm uses a message space of size 3, i.e., $\ell ={log}_{2}\left(3\right)$. The second requires a rough upper bound on $logn$, and uses just 1-bit messages. More generally, our constructions can simulate any self-stabilizing algorithm that requires a shared clock, without increasing the message size and by only increasing the running time by a constant factor and a polylogarithmic term.

Join work with Paul Bastide (ENS Rennes and WIDE Inria) and Hayk Saribekyan (U. Cambridge, UK).

### 7.3.2 Search via parallel Lévy walks

Participants: George Giakkoupis.

Motivated by the Lévy foraging hypothesis – the premise that various animal species have adapted to follow Lévy walks to optimize their search efficiency – we study in 26 the parallel hitting time of Lévy walks on the infinite two-dimensional grid. We consider $k$ independent discrete-time Lévy walks, with the same exponent $\alpha \in \left(1,\infty \right)$, that start from the same node, and analyze the number of steps until the first walk visits a given target at distance $\ell$. We show that for any choice of $k$ and $\ell$ from a large range, there is a unique optimal exponent ${\alpha }_{k,\ell }\in \left(2,3\right)$, for which the hitting time is $\stackrel{˜}{O}\left({\ell }^{2}/k\right)$ w.h.p., while modifying the exponent by any constant term $ϵ>0$ increases the hitting time by a factor polynomial in $\ell$, or the walks fail to hit the target almost surely. Based on that, we propose a surprisingly simple and effective parallel search strategy, for the setting where $k$ and $\ell$ are unknown: The exponent of each Lévy walk is just chosen independently and uniformly at random from the interval $\left(2,3\right)$. This strategy achieves optimal search time (modulo polylogarithmic factors) among all possible algorithms (even centralized ones that know $k$). Our results should be contrasted with a line of previous work showing that the exponent $\alpha =2$ is optimal for various search problems. In our setting of $k$ parallel walks, we show that the optimal exponent depends on $k$ and $\ell$, and that randomizing the choice of the exponents works simultaneously for all $k$ and $\ell$.

Join work with Andrea Clementi (U. Rome “Tor Vergata”), Francesco d'Amore (CNRS Sophia Antipolis), and Emanuele Natale (CNRS Sophia Antipolis).

## 7.4 Distributed Shared Memory Algorithms

### 7.4.1 Efficient randomized DCAS

Participants: George Giakkoupis.

Double Compare-And-Swap (DCAS) is a tremendously useful synchronization primitive, which is also notoriously difficult to implement efficiently from objects that are provided by hardware. In 29 we present a randomized implementation of DCAS with $O\left(logn\right)$ expected amortized step complexity against the oblivious adversary, where $n$ is the number of processes in the system. This is the only algorithm to-date that achieves sub-linear step complexity. We achieve that by first implementing two novel algorithms as building blocks. One is a mechanism that allows processes to repeatedly agree on a random value among multiple proposed ones, and the other one is a restricted bipartite version of DCAS.

Join work with Mehrdad Jafari Giv (U. Calgary) and Philipp Woelfel (U. Calgary).

### 7.4.2 On the weakest information on failures to solve mutual exclusion and consensus in asynchronous crash-prone read/write systems

Participants: Michel Raynal.

Mutual exclusion and consensus are among the most important coordination problems encountered in asynchronous concurrent systems, whether processes communicate using read/write registers or message passing. Unfortunately, neither can be solved in crash-prone systems, as soon as even a single process may crash. Hence, an important question: which is the weakest information on failures that must be given to the processes so that these problems can be solved whatever the number of crashes. This approach to circumvent impossibility results is known under the name failure detectors. Considering mutual exclusion and consensus in a crash-prone asynchronous system where the processes communicate through read/write registers, we answer in 15 the previous question by presenting two failure detectors. The first, called Quasi-Perfect ($QP$) allows mutual exclusion to be solved in the presence of any number of process crashes. The second, called ${\Omega }^{*}$, allows consensus to be solved in the general model where not all but an a priori unknown subset of processes participate in consensus. In addition to algorithms solving each of the previous problems with the help of the associated failure detector, the article shows that $QP$ and ${\Omega }^{*}$ provide the weakest information on failures needed to solve mutual exclusion and participant-restricted consensus respectively.

Join work with Carole Delporte-Gallet and Hugues Fauconnier from Inria Paris.

### 7.4.3 Set-constrained delivery broadcast: A communication abstraction for read/write implementable distributed objects

Participants: Michel Raynal.

In 18 we introduce a new communication abstraction, called Set-Constrained Delivery Broadcast (SCD-broadcast), whose aim is to provide its users with an appropriate abstraction level when they have to implement objects or distributed tasks in an asynchronous message-passing system prone to process crash failures. This abstraction allows each process to broadcast messages and deliver a sequence of sets of messages in such a way that, if a process delivers a set of messages including a message m and later delivers a set of messages including a message, no process delivers first a set of messages including and later a set of message including m. After having presented an algorithm implementing SCD-broadcast, we investigate its programming power and its computability limits. On the “power” side we present SCD-broadcast-based algorithms, which are both simple and efficient, building objects (such as snapshot and conflict-free replicated data types), and distributed tasks. On the “computability limits” side we show that SCD-broadcast and read/write registers are computationally equivalent.

Join work with Damien Imbs (U. Aix-Marseille), Achour Mostéfaoui (U. Nantes), and Matthieu Perrin (U. Nantes).

## 7.5 Covid-19-related results

### 7.5.1 Coronasurveys

Participants: Davide Frey.

CoronaSurveys is an ongoing interdisciplinary project developing a system to infer the incidence of COVID-19 around the world using anonymous open surveys. The surveys have been translated into 60 languages and are continuously collecting participant responses from any country in the world. The responses collected are pre-processed, organized, and stored in a version-controlled repository, which is publicly available to the scientific community. In addition, the CoronaSurveys team has devised several estimates computed on the basis of survey responses and other data, and makes them available on the project’s website in the form of tables, as well as interactive plots and maps. In 2021, this work led to the publication of two journal papers. The first 17 evaluates the effectiveness of indirect surveys in monitoring the pandemic. Specificaly, it compares the coronasurvey estimates with the results of a serology study for Spain, obtaining high correlations (R squared 0.89). The second 16 describes the computational system developed for the project: focusing on its architecture and on the major challenges we faced in designing and deploying it.

# 8 Bilateral contracts and grants with industry

## 8.1 Bilateral contracts with industry

#### CIFRE InterDigital: Distributed troubleshooting of edge-compute functions (2018-2021)

Participants: Loïck Bonniot, François Taïani.

This project seeks to explore how recent generations of end-user gateways (or more generally end-user devices) could implement an edge-compute paradigm powered by user-side micro-services. Our vision is that the devices distributed among the homes of end-users will expose (as a service) their computing power and their ability to quickly deploy compute functions in an execution environment. In order for service and application providers to actually use the system and deploy applications, the system must however ensure an appropriate level of reliability, while simultaneously requiring a very low level of maintenance in order to address the typical size and economics of gateway deployments (at least a few tens of million units). Providing a good level of reliability in such a large system at a reasonable cost is unfortunately difficult. To address this challenge, we aim in this thesis to exploit the natural distribution of such large-scale user-side device deployments to quickly pinpoint problems and troubleshoot applications experiencing performance degradations.

This project is in collaboration with Christoph Neumann from InterDigital.

# 9 Partnerships and cooperations

## 9.1 International initiatives

### 9.1.1 Associate Teams in the framework of an Inria International Lab or in the framework of an Inria International Program

#### Audita (2021-2023)

Although they still remain largely unnoticed, we are today surrounded by algorithms taking decisions on our behalf. These decisions range from apparently mundane choices, such as picking a VoD movie, or selecting on-line ads, to more life-changing decisions, such the granting of a credit by a bank, the triage of patients at a hospital, or the setting of a prison term for a convicted person. In their vast majority, decision-making algorithms exploit user data to predict the likely outcome of a decision. For instance, a credit will be granted to a customer based on the likelihood that this customer will default, based on her past credit history. In spite of the pervasiveness of such decision-making algorithms, users and institutions remain largely uninformed of their precise internal workings, and in particular tend to ignore how these algorithms operate on their data. This is a fundamental societal issue, as the decisions and their explanations are most of time not provided, which lead citizens to feel confused and powerless. A decision-making algorithm essentially functions as a black-box , that consumes data collected from users (inputs), and produces decisions (outputs), while all intermediary steps remain hidden. Yet nowadays, these algorithms are executed at the service providers premises. Filter bubbles are a salient example of a problematic effect of a decision-making algorithm on users: those of recommender systems. Filter bubbles are a phenomenon where a recommendation algorithm locks the users into some narrow information bubbles with low entropy on information sources. Recommenders are then deciding which recommendations to display, while users have no understanding about the lack of diversity or the under/over-representation of particular groups of recommended items. Facing those concerns, a 2019 white paper entitled “Understanding algorithmic decision-making: Opportunities and challenges” from the European parliament, states that “Frameworks, composed of metrics, methodologies and tools that assess the impact of an Algorithmic Decision Systems and test its desired properties should be developed.” The proposed Audita associated team (Data auditing systems for recommendation decision-making algorithms) aims at tackling this challenge, by the proposal of a taxonomy of feasible audit tasks, and of specific audit algorithm for recommendation systems.

Partners: Ecole Polytechnique Fédérale de Lausanne, and Inria team WIDE. Coordinator: Anne-Marie Kermarrec. Inria contact: Erwan Le Merrer.

#### MLNS2 (2021-2022)

MLNS2 aims to adequately design and investigate efficient approaches to fight against simbox frauds (illegal bypass termination of international calls) and android malware proliferation. Addressing such challenges require multidisciplinary knowledge such as Machine Learning, Network, System, and Security (MLNS2). Having these four areas of expertise in the same research team is rare, and this is one of the strengths of this collaboration. Our scientific goal is to bridge the gap between each of these four areas of expertise while leveraging our ongoing joint works.

Partners: Université of Yaoundé I (Batchakui Bernabé), Inria teams WIDE, TRiBE (Aline Carneiro), ENS Lyon (Alain Tchana) (The coordination of this Associated Team was transferred from the Avalon Team to WIDE, following the departure of Alain Tchana from Avalon in Sep 2021.) Budget: 13 000€

## 9.2 European initiatives

### 9.2.1 FP7 & H2020 projects

#### SOTERIA (2021-2024)

Participants: Davide Frey, Mathieu Gestin.

SOTERIA is a 3-year interdisciplinary project from both user-centered and technology angles. Funded as an H2020 Innovation Action, SOTERIA will develop an innovative solution for personal data management based on: a secured access interface relying on high-level identification, a smart platform processing data to transmit only the minimum personal data required, a secured data storage platform (decentralized architecture) under the full control of the citizen, an educational tool to raise awareness of citizens developed using a citizen-driven and citizen-centric approach. Partners: Ariadnext (France), Audencia (France), KU Leuven (Belgium), Erdyn Atlantique (France), Centre De Visio Per Computador (Spain), Fondation De L'Institut De Recherche IDIAP (Switzerland), Asociatia Infocons (Romania), SCYTL Election Technologies SL (Spain), Stelar Security Technology Law Research UG (Haftungsbeschrankt) Gmbh (Germany), Inria (France), Noria Onlus (Italy), Ipcenter At Gmbh (Austria), Asociacion Instituto De Investigacion Sanitaria Biocruces Bizkaia (Spain). Budget (WIDE): 446 247€

## 9.3 National initiatives

#### ANR Project PAMELA (2016-2022)

Participants: Davide Frey, George Giakkoupis, François Taïani.

PAMELA is a collaborative ANR project involving Inria/IRISA, Inria Lille (MAGNET team), UMPC, Mediego and Snips. The project aims at developing machine learning theories and algorithms in order to learn local and personalized models from data distributed over networked infrastructures. This project seeks to provide fundamental answers to modern information systems built by interconnecting many personal devices holding private user data in the search of personalized suggestions and recommendations. A significant asset of the project is the quality of its industrial partners, Snips and Mediego, who bring in their expertise in privacy protection and distributed computing as well as use cases and datasets.

#### ANR Project OBrowser (2016-2021)

Participants: David Bromberg, Davide Frey, François Taïani.

OBrowser is a collaborative ANR project involving Inria, the University of Nantes, the University of South Brittany, and Orange. The project emerges from the vision of designing and deploying distributed applications on millions of machines using web-enabled technologies without relying on a cloud or a central authority. OBrowser proposes to build collaborative applications through a decentralized execution environment composed of users' browsers that autonomously manages issues such as communication, naming, heterogeneity, and scalability.

#### ANR Project DESCARTES (2016-2021)

Participants: George Giakkoupis, Michel Raynal, François Taïani.

DESCARTES is a collaborative ANR project involving Inria/IRISA, Labri (U. Bordeaux), IRIF (U. Paris Diderot), Inria Paris (GANG Team), Vérimag (Grenoble), LIF (Marseilles), and LS2N (former LINA, Nantes). The DESCARTES project aims at bridging the lack of a generic theoretical framework in order to unify the large body of fundamental knowledge on distributed computation that has been acquired over the last 40 years. In particular, the project's objective is to develop a systematic model of distributed computation that organizes the functionalities of a distributed computing system into reusable modular constructs assembled via well-defined mechanisms that maintain sound theoretical guarantees on the resulting system.

#### Collaboration with the Conseil Supérieur de l'Audiovisuel (CSA)

Participants: Erwan Le Merrer.

Collaborating with the CSA (the French regulator of audio-visual content) on the YouTube recommender system, in order to assess the presence or not of the so called rabbit-hole phenomenon.

#### ANR Project ByBloS (2021-2025)

Participants: George Giakkoupis, Michel Raynal, Davide Frey, David Bromberg, François Taïani, Timothé Albouy.

Many Blockchain-based applications to not require the strong guarantees that an agreement provides. Building on this insight, Byblos seeks to explore the design, analysis, and implementation of lightweight Byzantine decentralized mechanisms for the systematic construction of large-scale Byzantine-tolerant Privacy-Preserving distributed systems.

Partners: IRISA (coordinator, U. Rennes I) in Rennes, LIRIS (INSA Lyon) in Lyon, and LS2N (Université de Nantes) in Nantes. Budget: 252 220€

## 9.4 Regional initiatives

#### PriCLeSS (Labex CominLabs and Brittany Region) (2021-2024)

Participants: Michel Raynal, Davide Frey, François Taïani, Arthur Rauch.

The decentralized, fully-replicated and unalterable nature of the blockchain clashes with both French and European legal requirements on the storage of personal data. This project aims to establish a cross-disciplinary partnership between Computer Science and Law researchers to understand and address the legal and technical challenges associated with data storage in a blockchain context. Partners: Inria Rennes (WIDE), U. Rennes I (IODE, Law), Université of Nantes (LS2N). Budget: 125 000€.

# 10 Dissemination

## 10.1 Promoting scientific activities

### 10.1.1 Scientific events: organisation

#### Member of the organizing committees

Participants: Davide Frey, Francois Taiani.

• Francois Taiani and Davide Frey were part of the organization committee of the 10th Inria Workshop On Systems (WOS10), that took place at Inria Rennes on Oct 12 2021.

### 10.1.2 Scientific events: selection

#### Member of the conference program committees

Participants: Davide Frey, Francois Taiani, Erwan Le Merrer, George Giakkoupis, Barbe Thystere Mvondo Djob.

• Erwan Le Merrer served on the PC of the 19th Symposium on Experimental Algorithms (SEA), Nice, France, Jun 7-9 2021.
• George Giakkoupis served on the PC of the 41st IEEE International Conference on Distributed Computing Systems (ICDCS), Washington DC, USA, Jul 7-10 2021.
• George Giakkoupis served on the PC of the 40th ACM Symposium on Principles of Distributed Computing (PODC), Virtual Event, Italy, Jul 26-30 2021.
• Barbe Thystere Mvondo Djob served on the Artifact Evaluation Committee of the 28th Symposium on Operating Systems Principles (SOSP), Virtual Event, Oct 26-29 2021
• Francois Taiani served on the programme committee of SRDS 2021, the 40th IEEE Symposium on Reliable Distributed Systems, held virtually on Sep 20-23 2021.
• Francois Taiani served on the programme committee of FAB 2021, the 4th International Symposium on Foundations and Applications of Blockchain, held virtually on May 7 2021.
• Francois Taiani served on the programme committee of DSN 2021, the 51st IFIP/IEEE International Conference on Dependable Sys. and Networks, held virtually on Jun 21-24 2021.
• Francois Taiani served on the programme committee of MW 2021, the 22nd ACM/IFIP International Conference on Middleware, held virtually on Dec 6-10 2021.
• Davide Frey served on the program committee of DAIS 2021, the 21st International Conference on Distributed Applications and Interoperable Systems, held virtually on Jun 14-18 2021.
• Davide Frey served on the program committee of BlockDM 2021, the Third International Workshop on Blockchain and Data Management held virtually on Apr 19 2021.

#### Reviewer - reviewing activities

Participants: Davide Frey, George Giakkoupis, Barbe Thystere Mvondo Djob.

• George Giakkoupis was a reviewer for Information Processing Letters (IPL).
• George Giakkoupis was a reviewer for Algorithmica (ALGO).
• Barbe Thystere Mvondo Djob was a reviewer for ACM Transactions on Computer Systems (TOCS).
• Davide Frey was a reviewer for Peer-to-Peer Networking and Applications (PPNA).

### 10.1.3 Invited talks

Participants: George Giakkoupis, Barbe Thystere Mvondo Djob.

• Barbe Thystere Mvondo Djob. Cloud Computing (virtualisation) Evoluer avec les nouveaux paradigmes. 4th edition of the Computer Science Research Days (JRI), Virtual, Burkina Faso, Nov 11 2021.
• Barbe Thystere Mvondo Djob. Virtualisation et Cloud Computing : Des technologies utiles pour l'enseignement et la recherche. RECIF SEMINAR, Virtual, University of, Oct 22 2021.
• Barbe Thystere Mvondo Djob. Heterogeneity across system layers. DiverSE Team, Rennes, Oct 14 2021.
• George Giakkoupis. Self-stabilizing clock synchronization with 1-bit messages. Algorithms, Dynamics, and Information Flow in Networks (ADYN-Seminar), Virtual, Germany, Mar 1 2021.
• George Giakkoupis. An optimal leader election population protocol. 2nd Workshop on Distributed Algorithms for Low-Functional Robots (WDALFR), Virtual, Nara, Japan, Jan 8 2021.

### 10.1.4 Scientific expertise

Participants: Davide Frey, Francois Taiani.

• Francois Taiani served as scientific expert for the call for proposals organized by IDEX Université Grenoble Alpes.
• Davide Frey served as scientific expert for CIFRE PhD Grants.
• Davide Frey served as scientific expert for the call for proposal in the context of the Flemish action plan on Cybersecurity organized by Flanders Innovation & Entrepreneurship (VLAIO).

Participants: Erwan Le Merrer, Francois Taiani.

• Erwan Le Merrer serves on the scientific board of Inria's REGALIA since 2021.
• Erwan Le Merrer serves on the administrative board of the Société Informatique de France since 2019.
• Francois Taiani has served as Career Advice Person, (Référent conseil-parcours professionel chercheurs) for IRISA/Inria Rennes Bretagne Atlantique since 2019.

## 10.2 Teaching - Supervision - Juries

### 10.2.1 Teaching

• Master: Barbe Thystere Mvondo Djob, Network and Security for IOT, 30h, ESIR M1, Rennes, France
• Master: Barbe Thystere Mvondo Djob, Cloud Computing for IOT, 26h, ESIR M2, Rennes, France
• Bachelor: George Giakkoupis, Distributed Algorithms, 9h, L3 parcours SI, ISTIC, ENS Rennes, France.
• Master: George Giakkoupis, Distributed Systems (Systèmes Répartis), 9h, ENSAI Rennes, France.
• Master: Erwan Le Merrer, Network Science, 12h, ESIR Rennes, France.
• Engineering School: Francois Taiani, Synchronization and Parallel Programming, 30h, 2nd year of Engineering School (M1), ESIR / U. Rennes I, France.
• Engineering School: Francois Taiani, Distributed Systems, 12h, 3rd year of Engineering School (M2), ESIR / U. Rennes I, France.
• Engineering School: François Taiani, Introduction to Operating Systems, 24h, 1st year of Engineering School (L3), ESIR / U. Rennes I, France.
• Master: Davide Frey, Scalable Distributed Systems, 10h, M1, EIT/ICT Labs Master School, U. Rennes I, France.
• ENS L3 : Davide Frey, Distributed Algorithms, 12h, ENS Rennes, France.
• Master: Davide Frey, Cloud Computing, 6h, M2-MIAGE, U. Rennes I, France.
• Master: Davide Frey, Distributed Systems/Systèmes Répartis, 12h, ENSAI, France.
• Master: Davide Frey, Apprentice Tutoring, 16h ETD, M2 Alternance U. Rennes I, France.

### 10.2.2 Supervision

• PhD: Loïck Bonniot, Distributed Troubleshooting of Edge-Compute Functions, U. Rennes I, supervised by François Taïani and Christoph Neumann (Interdigital, CIFRE), defended on Jun 10 2021 37.
• PhD: Hayk Saribekyan, Information Dissemination via Random Walks, University of Cambridge, UK, Sep 24 2021, supervised by George Giakkoupis and Thomas Sauerwald (U. Cambridge)  70.
• PhD: Amaury Bouchra Pilet, Robust and Lightweight Overlay Management for Decentralized Learning, U. Rennes I, supervised by Francois Taiani and Davide Frey, defended on Nov 10 2021.
• PhD: Alex Auvolat, Towards probabilistic decentralized systematic design for large-scale privacy-preserving collaborative systems, U. Rennes I, supervised by François Taïani and David Bromberg, defended on Dec 2 2021.
• PhD in progress: Thibault Maho, On the security of neural networks, since 2020, supervised by Erwan Le Merrer and Teddy Furon (Linkmedia team).
• PhD in progress: Timothé Albouy, Towards Lightweight Scalable and Open Byzantine-Fault-Tolerant Distributed Objects, U. Rennes I, supervised by Francois Taiani and Davide Frey, started on Oct 18 2021.
• PhD in progress: Mathieu Gestin, Private Authenticated Storage for Online Services, Inria Rennes, supervised by Davide Frey, started on Oct 1 2021.
• PhD in progress: Arthur Rauch, Frugal and Legal for Future Blockchain, Inria Rennes, supervised by Emmanuelle Anceaume and Davide Frey, started on Oct 1 2021.

### 10.2.3 Juries

• Francois Taiani was chairman for the PhD thesis of Loic Guegan: Scalable end-to-end models for the time and energy performance of Fog infrastructures, ENS Rennes, Jan 29 2021.
• Francois Taiani was external reviewer for the PhD thesis of Marinus Abraham De Vos: Decentralization and Disintermediation in Blockchain-based Marketplaces, TU Delft (NL), Jun 16 2021.
• Francois Taiani was external reviewer for the PhD thesis of Stefanos Peros: Software Services to Simplify Time Management for IoT Application Development, KU Leuven (Belgium), Sep 10 2021.
• Francois Taiani was chairman for the PhD thesis of Grégoire Bonnin: Structures des données pour environnements distribués à grande échelle, University of Nantes, Nov 17 2021.
• Francois Taiani was chairman for the PhD thesis of Hamidreza Arkian: Resource Management for Data Stream Processing in Geo-Distributed Environments, U. Rennes I, Dec 7 2021.
• Francois Taiani was reviewer for the HDR thesis of Claudia-Lavinia Ignat: Large-scale trustworthy distributed collaboration, Université de Lorraine, Apr 23 2021.
• Davide Frey is an external reviewer for the PhD thesis of Hayman Salih MOHAMMED, Università di Roma, La Sapienza.

## 10.3 Popularization

### 10.3.1 Articles and contents

• Erwan Le Merrer wrote an article in Interstices: "Le problème du videur : la crédibilité des explications de l’IA en question" 41.

### 10.3.2 Education

• Michel Raynal wrote an article entitled “Distributed Computability: A Few Results Masters Students Should Know” that appeared to the ACM SIGACT News 19.

# 11 Scientific production

## 11.1 Major publications

• 1 articleA.Alex Auvolat, D.Davide Frey, M.Michel Raynal and F.François Taïani. Byzantine-Tolerant Causal Broadcast.Theoretical Computer Science885September 2021, 55-68
• 2 inproceedingsP.Petra Berenbrink, G.George Giakkoupis and P.Peter Kling. Tight Bounds for Coalescing-Branching Random Walks on Regular Graphs.SODA 2018 - Proceedings of the 29th ACM-SIAM Symposium on Discrete AlgorithmsNew Orleans, United StatesACMJanuary 2018, 1715-1733
• 3 inproceedingsY.-D.Yérom-David Bromberg, Q.Quentin Dufour and D.Davide Frey. Multisource Rumor Spreading with Network Coding.INFOCOM 2019 - IEEE International Conference on Computer CommunicationsParis, FranceIEEEApril 2019, 1-10
• 4 articleK.Keren Censor-Hillel, M.Mohsen Ghaffari, G.George Giakkoupis, B.Bernhard Haeupler and F.Fabian Kuhn. Tight Bounds on Vertex Connectivity Under Sampling.ACM Transactions on Algorithms132May 2017, 19:1 - 19:26
• 5 articleF.Flavio Chierichetti, G.George Giakkoupis, S.Silvio Lattanzi and A.Alessandro Panconesi. Rumor Spreading and Conductance.Journal of the ACM (JACM)654August 2018, 17:1-17:21
• 6 inproceedingsG.Georgios Damaskinos, R.Rachid Guerraoui, A.-M.Anne-Marie Kermarrec, V.Vlad Nitu, R.Rhicheek Patra and F.François Taïani. FLeet: Online Federated Learning via Staleness Awareness and Performance Prediction.Middleware '20: Proceedings of the 21st International Middleware Conference21st International Middleware ConferenceDelft (virtual), NetherlandsDecember 2020
• 7 inproceedingsG.George Giakkoupis, M.Mehrdad Jafari Giv and P.Philipp Woelfel. Efficient Randomized DCAS.STOC 2021 - 53rd Annual ACM SIGACT Symposium on Theory of ComputingRome (Virtual), ItalyACMJune 2021, 1-64
• 8 inproceedingsR.Rachid Guerraoui, A.-M.Anne-Marie Kermarrec, O.Olivier Ruas and F.François Taïani. Smaller, Faster & Lighter KNN Graph Constructions.WWW '20 - The Web Conference 2020Taipei Taiwan, FranceACMApril 2020, 1060-1070
• 9 articleH.Hicham Lakhlef, M.Michel Raynal and F.François Taïani. Vertex Coloring with Communication Constraints in Synchronous Broadcast Networks.IEEE Transactions on Parallel and Distributed Systems307July 2019, 1672-1686
• 10 inproceedingsE.Erwan Le Merrer, B.Benoît Morgan and G.Gilles Trédan. Setting the Record Straighter on Shadow Banning.INFOCOM 2021 - IEEE International Conference on Computer CommunicationsVirtual, CanadaIEEEMay 2021, 1-10
• 11 articleE.Erwan Le Merrer and G.Gilles Trédan. Remote explainability faces the bouncer problem.Nature Machine Intelligence292020, 529-539
• 12 inproceedingsT.Thibault Maho, T.Teddy Furon and E. L.Erwan Le Merrer. SurFree: a fast surrogate-free black-box attack.CVPR 2021 - Conference on Computer Vision and Pattern RecognitionProc. of {IEEE} Conference on Computer Vision and Pattern Recognition, {CVPR}Virtual, FranceJune 2021, 10430--10439

## 11.2 Publications of the year

### International journals

• 13 articleA.Alex Auvolat, D.Davide Frey, M.Michel Raynal and F.François Taïani. Byzantine-Tolerant Causal Broadcast.Theoretical Computer Science885September 2021, 55-68
• 14 articleR.-A.Ronan-Alexandre Cherrueau, M.Marie Delavergne, A.Alexandre Van Kempen, A.Adrien Lebre, D.Dimitri Pertin, J.Javier Rojas Balderrama, A.Anthony Simonet and M.Matthieu Simonin. EnosLib: A Library for Experiment-Driven Research in Distributed Computing.IEEE Transactions on Parallel and Distributed SystemsSeptember 2021, 1-15
• 15 articleC.Carole Delporte-Gallet, H.Hugues Fauconnier and M.Michel Raynal. On the weakest information on failures to solve mutual exclusion and consensus in asynchronous crash-prone read/write systems.Journal of Parallel and Distributed Computing153July 2021, 110-118
• 16 articleD.Davide Frey, C.Carlos Baquero, P.Paolo Casari, A.Antonio Fernandez Anta, A.Amanda García-García, A.Augusto Garcia-Agundez, C.Chryssis Georgiou, B.Benjamin Girault, A.Antonio Ortega, M.Mathieu Goessens, H.Harold Hernández-Roig, N.Nicolas Nicolaou, E.Efstathios Stavrakis, O.Oluwasegun Ojo, J.Julian Roberts and I.Ignacio Sanchez. The CoronaSurveys System for COVID-19 Incidence Data Collection and Processing.Frontiers in Computer Science3June 2021
• 17 articleD.Davide Frey, A.Augusto Garcia-Agundez, O.Oluwasegun Ojo, H.Harold Hernández-Roig, C.Carlos Baquero, C.Chryssis Georgiou, M.Mathieu Goessens, R.Rosa Lillo, R.Raquel Menezes, N.Nicolas Nicolaou, A.Antonio Ortega, E.Efstathios Stavrakis and A.Antonio Fernandez Anta. Estimating the COVID-19 Prevalence in Spain With Indirect Reporting via Open Surveys.Frontiers in Public Health9April 2021
• 18 articleD.Damien Imbs, A.Achour Mostéfaoui, M.Matthieu Perrin and M.Michel Raynal. Set-constrained delivery broadcast: A communication abstraction for read/write implementable distributed objects.Theoretical Computer Science8862021, 49-68
• 19 articleM.Michel Raynal. Distributed Computability: A Few Results Masters Students Should Know.ACM SIGACT News522June 2021, 92-110
• 20 articleM.Michel Raynal. On the Versatility of Bracha’s Byzantine Reliable Broadcast Algorithm.Parallel Processing Letters3103September 2021, 1-7
• 21 articleJ.José Suárez-Varela, M.Miquel Ferriol-Galmés, A.Albert López, P.Paul Almasan, G.Guillermo Bernárdez, D.David Pujol-Perich, K.Krzysztof Rusek, L.Loïck Bonniot, C.Christoph Neumann, F.François Schnitzler, F.François Taïani, M.Martin Happ, C.Christian Maier, J. L.Jia Lei Du, M.Matthias Herlich, P.Peter Dorfinger, N. V.Nick Vincent Hainke, S.Stefan Venz, J.Johannes Wegener, H.Henrike Wissing, B.Bo Wu, S.Shihan Xiao, P.Pere Barlet-Ros and A.Albert Cabellos-Aparicio. The graph neural networking challenge: a worldwide competition for education in AI/ML for networks.Computer Communication Review513July 2021, 9-16

### International peer-reviewed conferences

• 22 inproceedingsP.Paul Bastide, G.George Giakkoupis and H.Hayk Saribekyan. Self-Stabilizing Clock Synchronization with 1-bit Messages.SODA 2021 - ACM-SIAM Symposium on Discrete AlgorithmsAlexandria, VA, United StatesACMJanuary 2021, 1-27
• 23 inproceedingsL.Loïck Bonniot, C.Christoph Neumann and F.François Taïani. Towards Internet-Scale Convolutional Root-Cause Analysis with DiagNet.IPDPS 2021 - The 35th IEEE International Parallel and Distributed Processing SymposiumPortland / Virtual, United StatesMay 2021
• 24 inproceedingsA.Amaury Bouchra Pilet, D.Davide Frey and F.François Taïani. AUCCCR: Agent Utility Centered Clustering for Cooperation Recommendation.NETYS 2021 - 9th International Conference on NETworked sYStems12754AUCCCR: Agent Utility Centered Clustering for Cooperation RecommendationMarrakech, MoroccoSpringerMay 2021
• 25 inproceedingsA.Amaury Bouchra Pilet, D.Davide Frey and F.François Taïani. Simple, Efficient and Convenient Decentralized Multi-Task Learning for Neural Networks.IDA 2021 - 19th Symposium on Intelligent Data Analysis12695Lecture Notes in Computer SciencePorto, PortugalSpringerApril 2021
• 26 inproceedingsA.Andrea Clementi, F.Francesco d'Amore, G.George Giakkoupis and E.Emanuele Natale. Search via Parallel Lévy Walks on ${}^{2}$.PODC 2021 - ACM Symposium on Principles of Distributed ComputingSalerno, ItalyInria & Université Cote d'Azur, CNRS, I3S, Sophia Antipolis, France; Università degli Studi di Roma "Tor Vergata"; Univ Rennes, Inria, CNRS, IRISA, FranceApril 2020, 81–91
• 27 inproceedingsD.Davide Frey, T.Timothé Albouy, M.Michel Raynal and F.François Taïani. Byzantine-Tolerant Reliable Broadcast in the Presence of Silent Churn.Stabilization, Safety, and Security of Distributed SystemsSSS 2021 - 23rd International Symposium on Stabilizing, Safety, and Security of Distributed Systems13046Lecture Notes in Computer ScienceVirtual, FranceSpringer International PublishingNovember 2021, 21-33
• 28 inproceedingsD.Davide Frey, L.Lucie Guillou, M.Michel Raynal and F.François Taïani. Consensus-Free Ledgers When Operations of Distinct Processes are Commutative.PaCT 2021 - 16th International Conference on Parallel Computing Technologies12942LNCSKaliningrad, RussiaSpringerSeptember 2021, 359-370
• 29 inproceedingsG.George Giakkoupis, M.Mehrdad Jafari Giv and P.Philipp Woelfel. Efficient Randomized DCAS.STOC 2021 - 53rd Annual ACM SIGACT Symposium on Theory of ComputingRome (Virtual), ItalyACMJune 2021, 1-64
• 30 inproceedingsG.George Giakkoupis, A.-M.Anne-Marie Kermarrec, O.Olivier Ruas and F.François Taïani. Cluster-and-Conquer: When Randomness Meets Graph Locality.ICDE 2021 - IEEE 37th International Conference on Data EngineeringChania, GreeceIEEEApril 2021, 2027-2032
• 31 inproceedingsA.Adel Jaouen and E.Erwan Le Merrer. zoNNscan: a boundary-entropy index for zone inspection of neural models.MCS 2020 - Monte Carlo Search workshopMonte Carlos Search (MCS) workshop at IJCAIVirtual, JapanJanuary 2021, 1-8
• 32 inproceedingsE.Erwan Le Merrer, B.Benoît Morgan and G.Gilles Trédan. Setting the Record Straighter on Shadow Banning.INFOCOM 2021 - IEEE International Conference on Computer CommunicationsVirtual, CanadaIEEEMay 2021, 1-10
• 33 inproceedingsT.Thibault Maho, B.Benoît Bonnet, T.Teddy Furon and E.Erwan Le Merrer. RoBIC: A benchmark suite for assessing classifiers robustness.ICIP 2021 - IEEE International Conference on Image ProcessingAnchorage, Alaska, United StatesIEEESeptember 2021, 1-5
• 34 inproceedingsT.Thibault Maho, T.Teddy Furon and E. L.Erwan Le Merrer. SurFree: a fast surrogate-free black-box attack.CVPR 2021 - Conference on Computer Vision and Pattern RecognitionProc. of {IEEE} Conference on Computer Vision and Pattern Recognition, {CVPR}Virtual, FranceJune 2021, 10430--10439
• 35 inproceedingsD.Djob Mvondo, A.Antonio Barbalace, A.Alain Tchana and G.Gilles Muller. Tell me when you are sleepy and what may wake you up!SoCC '21: ACM Symposium on Cloud ComputingSeattle WA USA, United StatesACMNovember 2021, 562-569

### Conferences without proceedings

• 36 inproceedingsA.Antonin Voyez, T.Tristan Allard, G.Gildas Avoine, P.Pierre Cauchois, E.Elisa Fromont and M.Matthieu Simonin. Attaque par inférence d'appartenance sur des séries temporelles agrégées en utilisant la programmation par contraintes.BDA 2021 - 37ème Conférence sur la Gestion de Données – Principes, Technologies et ApplicationsParis, FranceOctober 2021, 1

### Doctoral dissertations and habilitation theses

• 37 thesisL.Loïck Bonniot. Computer network modeling and root cause analysis with statistical learning.Université Rennes 1June 2021
• 38 thesisQ.Quentin Dufour. High-throughput real-time onion networks to protect everyone’s privacy.Université Rennes 1February 2021

### Reports & preprints

• 39 miscA.Alex Auvolat, Y.-D.Yérom-David Bromberg, D.Davide Frey and F.François Taïani. $BASALT$: A Rock-Solid Foundation for Epidemic Consensus Algorithms in Very Large, Very Open Networks.February 2021
• 40 miscO.Oluwasegun Ojo, A.Augusto García-Agundez, B.Benjamin Girault, H.Harold Hernández, E.Elisa Cabana, A.Amanda García-García, P.Payman Arabshahi, C.Carlos Baquero, P.Paolo Casari, E. J.Ednaldo José Ferreira, D.Davide Frey, C.Chryssis Georgiou, M.Mathieu Goessens, A.Anna Ishchenko, E.Ernesto Jiménez, O.Oleksiy Kebkal, R.Rosa Lillo, R.Raquel Menezes, N.Nicolas Nicolaou, A.Antonio Ortega, P.Paul Patras, J. C.Julian C Roberts, E.Efstathios Stavrakis, Y.Yuichi Tanaka and A. F.Antonio Fernández Anta. CoronaSurveys: Using Surveys with Indirect Reporting to Estimate the Incidence and Evolution of Epidemics.February 2021

## 11.3 Other

### Scientific popularization

• 41 articleE.Erwan Le Merrer and G.Gilles Trédan. Le problème du videur : la crédibilité des explications de l’IA en question.IntersticesJuly 2021

## 11.4 Cited publications

• 42 inproceedingsY.Yehuda Afek and E.Eli Gafni. Asynchrony from synchrony.ICDCN2013, 225--239
• 43 inproceedingsA.A. Ahmed and E.E. Ahmed. A survey on mobile edge computing.2016 10th International Conference on Intelligent Systems and Control (ISCO)Jan 2016, 1-8
• 44 inproceedingsT.Tristan Allard, D.Davide Frey, G.George Giakkoupis and J.Julien Lepiller. Lightweight Privacy-Preserving Averaging for the Internet of Things.M4IOT 2016 - 3rd Workshop on Middleware for Context-Aware Applications in the IoTTrento, ItalyACMDecember 2016, 19 - 22
• 45 articleE.Elliot Anshelevich, D.Deeparnab Chakrabarty, A.Ameya Hate and C.Chaitanya Swamy. Approximability of the Firefighter Problem: Computing Cuts over Time.Algorithmica621-22012, 520--536
• 46 articleD.D. Bernstein. Containers and Cloud: From LXC to Docker to Kubernetes.IEEE Cloud Computing13Sept 2014, 81-84
• 47 inproceedingsM.Marin Bertier, D.Davide Frey, R.Rachid Guerraoui, A.-M.Anne-Marie Kermarrec and V.Vincent Leroy. The Gossple Anonymous Social Network.ACM/IFIP/USENIX 11th International Middleware Conference (MIDDLEWARE)LNCS-6452Middleware 2010Bangalore, IndiaSpringerNovember 2010, 191-211
• 48 miscF.Flavio Bonomi. Connected vehicles, the internet of things, and fog computing. VANET 2011, 2011.2011
• 49 inproceedingsF.Flavio Bonomi, R.Rodolfo Milito, J.Jiang Zhu and S.Sateesh Addepalli. Fog Computing and Its Role in the Internet of Things.1${}^{s}t$ MCC Workshop on Mobile Cloud Computing2012,
• 50 articleA.Antoine Boutet, D.Davide Frey, R.Rachid Guerraoui, A.Arnaud Jégou and A.-M.Anne-Marie Kermarrec. Privacy-Preserving Distributed Collaborative Filtering.Computing988August 2016
• 51 inproceedingsA.Antoine Boutet, D.Davide Frey, R.Rachid Guerraoui, A.-M.Anne-Marie Kermarrec and R.Rhicheek Patra. HyRec: Leveraging Browsers for Scalable Recommenders.Middleware 2014Bordeaux, FranceDecember 2014
• 52 inproceedingsA.Antoine Boutet, D.Davide Frey, R.Rachid Guerraoui, A.-M.Anne-Marie Kermarrec, A.Antoine Rault, F.François Ta\"iani and J.Jingjing Wang. Hide & Share: Landmark-based Similarity for Private KNN Computation.45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)Rio de Janeiro, BrazilJune 2015, 263-274
• 53 articleA.Antoine Boutet, D.Davide Frey, A.Arnaud Jégou, A.-M.Anne-Marie Kermarrec and H.Heverson Ribeiro. FreeRec: an Anonymous and Distributed Personalization Architecture.ComputingDecember 2013
• 54 miscB.Bram Cohen. Incentives Build Robustness in BitTorrent.2003,
• 55 articleC.Carole Delporte-Gallet, H.Hugues Fauconnier, R.Rachid Guerraoui and A.Andreas Tielmann. The disagreement power of an adversary.Distributed Computing243-42011, 137--147
• 56 inproceedingsA. J.Alan J. Demers, D. H.Daniel H. Greene, C.Carl Hauser, W.Wes Irish, J.John Larson, S.Scott Shenker, H. E.Howard E. Sturgis, D. C.Daniel C. Swinehart and D. B.Douglas B. Terry. Epidemic Algorithms for Replicated Database Maintenance.PODC1987, 1--12
• 57 inproceedingsD.Davide Frey, R.Rachid Guerraoui, A.-M.Anne-Marie Kermarrec, M.Maxime Monod, K.Koldehofe Boris, M.Mogensen Martin and V.Vivien Quéma. Heterogeneous Gossip.Middleware 2009Urbana-Champaign, IL, United StatesDecember 2009
• 58 articleW. M.Wojciech M. Golab, V.Vassos Hadzilacos, D.Danny Hendler and P.Philipp Woelfel. RMR-efficient implementations of comparison primitives using read and write operations.Distributed Computing2522012, 109-162
• 59 inproceedingsR.Rachid Guerraoui, K.Kévin Huguenin, A.-M.Anne-Marie Kermarrec, M.Maxime Monod and S.Swagatika Prusty. LiFTinG: Lightweight Freerider-Tracking Protocol in Gossip.11th ACM/IFIP/USENIX International Middleware Conference (MIDDLEWARE)Bangalore, IndiaNovember 2010
• 60 articleR. A.Richard A. Holley and T. M.Thomas M. Liggett. Ergodic Theorems for Weakly Interacting Infinite Systems and the Voter Model.The Annals of Probability341975, 643-663
• 61 articleD.Damien Imbs and M.Michel Raynal. A liveness condition for concurrent objects: x-wait-freedom.Concurrency and Computation: Practice and experience23172011, 2154--2166
• 62 articleF.Flavio Junqueira and K.Keith Marzullo. A framework for the design of dependent-failure algorithms.Concurrency and Computation: Practice and Experience19172007, 2255--2269
• 63 inproceedingsD.David Kempe, J. M.Jon M. Kleinberg and É.Éva Tardos. Influential Nodes in a Diffusion Model for Social Networks.ICALP2005, 1127--1138
• 64 articleD.David Kempe, J. M.Jon M. Kleinberg and É.Éva Tardos. Maximizing the Spread of Influence through a Social Network.Theory of Computing112015, 105--147
• 65 inproceedingsD.David Kempe, J. M.Jon M. Kleinberg and É.Éva Tardos. Maximizing the spread of influence through a social network.KDD2003, 137--146
• 66 articleP.Petr Kuznetsov. Understanding non-uniform failure models.Bulletin of the EATCS1062012, 53--77
• 67 articleE.Erez Lieberman, C.Christoph Hauert and M. A.Martin A Nowak. Evolutionary dynamics on graphs.Nature43370232005, 312--316
• 68 inproceedingsM.Michel Raynal and J.Julien Stainer. Synchrony weakened by message adversaries vs asynchrony restricted by failure detectors.PODCProceedings of the 2013 ACM symposium on Principles of distributed computingMontréal, CanadaACMJuly 2013, 166-175
• 69 inproceedingsN.Nicola Santoro and P.Peter Widmayer. Time is not a healer.Annual Symposium on Theoretical Aspects of Computer ScienceSpringer1989, 304--313
• 70 phdthesisH.Hayk Saribekyan. Information dissemination via random walks.University of CambridgeNovember 2021,
• 71 inproceedingsA.Abhishek Verma, L.Luis Pedrosa, M.Madhukar Korupolu, D.David Oppenheimer, E.Eric Tune and J.John Wilkes. Large-scale cluster management at Google with Borg.Tenth European Conference on Computer Systems (Eurosys 2015)ACM2015, 18
• 72 inproceedingsL.Liang Zhang, F.Fangfei Zhou, A.Alan Mislove and R.Ravi Sundaram. Maygh: Building a CDN from Client Web Browsers.8th ACM European Conference on Computer SystemsEuroSys '13New York, NY, USAPrague, Czech RepublicACM2013, 281--294