115 research outputs found
Weisfeiler and Lehman Go Measurement Modeling: Probing the Validity of the WL Test
The expressive power of graph neural networks is usually measured by
comparing how many pairs of graphs or nodes an architecture can possibly
distinguish as non-isomorphic to those distinguishable by the -dimensional
Weisfeiler-Lehman (-WL) test. In this paper, we uncover misalignments
between graph machine learning practitioners' conceptualizations of expressive
power and -WL through a systematic analysis of the reliability and validity
of -WL. We conduct a survey () of practitioners to surface their
conceptualizations of expressive power and their assumptions about -WL. In
contrast to practitioners' opinions, our analysis (which draws from graph
theory and benchmark auditing) reveals that -WL does not guarantee isometry,
can be irrelevant to real-world graph tasks, and may not promote generalization
or trustworthiness. We argue for extensional definitions and measurement of
expressive power based on benchmarks. We further contribute guiding questions
for constructing such benchmarks, which is critical for graph machine learning
practitioners to develop and transparently communicate our understandings of
expressive power
Cryptanalysis of Random Affine Transformations for Encrypted Control
Cloud-based and distributed computations are of growing interest in modern
control systems. However, these technologies require performing computations on
not necessarily trustworthy platforms and, thus, put the confidentiality of
sensitive control-related data at risk. Encrypted control has dealt with this
issue by utilizing modern cryptosystems with homomorphic properties, which
allow a secure evaluation at the cost of an increased computation or
communication effort (among others). Recently, a cipher based on a random
affine transformation gained attention in the encrypted control community. Its
appeal stems from the possibility to construct security providing homomorphisms
that do not suffer from the restrictions of ``conventional'' approaches.
This paper provides a cryptanalysis of random affine transformations in the
context of encrypted control. To this end, a deterministic and probabilistic
variant of the cipher over real numbers are analyzed in a generalized setup,
where we use cryptographic definitions for security and attacker models. It is
shown that the deterministic cipher breaks under a known-plaintext attack, and
unavoidably leaks information of the closed-loop, which opens another angle of
attack. For the probabilistic variant, statistical indistinguishability of
ciphertexts can be achieved, which makes successful attacks unlikely. We
complete our analysis by investigating a floating point realization of the
probabilistic random affine transformation cipher, which unfortunately suggests
the impracticality of the scheme if a security guarantee is needed.Comment: 8 pages, 2 figures, to be published in the proceedings of the 22nd
World Congress of the International Federation of Automatic Control (2023
Privacy Against Adversarial Classification in Cyber-Physical Systems
For a class of Cyber-Physical Systems (CPSs), we address the problem of
performing computations over the cloud without revealing private information
about the structure and operation of the system. We model CPSs as a collection
of input-output dynamical systems (the system operation modes). Depending on
the mode the system is operating on, the output trajectory is generated by one
of these systems in response to driving inputs. Output measurements and driving
inputs are sent to the cloud for processing purposes. We capture this
"processing" through some function (of the input-output trajectory) that we
require the cloud to compute accurately - referred here as the trajectory
utility. However, for privacy reasons, we would like to keep the mode private,
i.e., we do not want the cloud to correctly identify what mode of the CPS
produced a given trajectory. To this end, we distort trajectories before
transmission and send the corrupted data to the cloud. We provide mathematical
tools (based on output-regulation techniques) to properly design distorting
mechanisms so that: 1) the original and distorted trajectories lead to the same
utility; and the distorted data leads the cloud to misclassify the mode
Private Computation of Polynomials over Networks
This study concentrates on preserving privacy in a network of agents where
each agent seeks to evaluate a general polynomial function over the private
values of her immediate neighbors. We provide an algorithm for the exact
evaluation of such functions while preserving privacy of the involved agents.
The solution is based on a reformulation of polynomials and adoption of two
cryptographic primitives: Paillier as a Partially Homomorphic Encryption scheme
and multiplicative-additive secret sharing. The provided algorithm is fully
distributed, lightweight in communication, robust to dropout of agents, and can
accommodate a wide class of functions. Moreover, system theoretic and secure
multi-party conditions guaranteeing the privacy preservation of an agent's
private values against a set of colluding agents are established. The
theoretical developments are complemented by numerical investigations
illustrating the accuracy of the algorithm and the resulting computational
cost.Comment: 12 pages, 4 figure
- …