A Distortion Based Approach for Protecting Inferences
Chi-Yo Tsai, Gaurav Kumar Agarwal, Christina Fragouli, Suhas Diggavi
TL;DR
This paper introduces a distortion-based security framework for inference systems, providing a more precise measure of security that surpasses traditional information-theoretic approaches, and offers efficient algorithms leveraging shared randomness.
Contribution
It proposes a novel distortion-based security model for inference systems and develops algorithms that efficiently utilize shared randomness for enhanced security.
Findings
Perfect distortion-based security can be achieved with less resource than perfect secrecy.
Each bit of shared randomness exponentially increases security.
The framework enables more precise security guarantees in inference systems.
Abstract
Eavesdropping attacks in inference systems aim to learn not the raw data, but the system inferences to predict and manipulate system actions. We argue that conventional information security measures can be ambiguous on the adversary's estimation abilities, and adopt instead a distortion based framework that enables to operate over a metric space. We show that requiring perfect distortion-based security is more frugal than requiring perfect information-theoretic secrecy even for block length one codes, offering in some cases unbounded gains. Within this framework, we design algorithms that enable to efficiently use shared randomness, and show that each bit of shared random key is exponentially useful in security.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsWireless Communication Security Techniques · Adversarial Robustness in Machine Learning · Wireless Signal Modulation Classification