Abstract
We propose and analyze a recipient-anonymous stochastic routing model to study a fundamental trade-off between anonymity and routing delay. An agent wants to quickly reach a goal vertex in a network through a sequence of routing actions, whereas an overseeing adversary observes the agent’s entire trajectory and tries to identify the agent’s goal among those vertices traversed. We are interested in understanding the probability that the adversary can correctly identify the agent’s goal (anonymity) as a function of the time it takes the agent to reach it (delay). A key feature of our model is the presence of intrinsic uncertainty in the environment, so that each of the agent’s intended steps is subject to random perturbation and thus may not materialize as planned. Using large-network asymptotics, our main results provide near-optimal characterization of the anonymity–delay trade-off under a number of network topologies. Our main technical contributions are centered on a new class of “noise-harnessing” routing strategies that adaptively combine intrinsic uncertainty from the environment with additional artificial randomization to achieve provably efficient obfuscation.
Highlights
The advancement in machine learning and data collection infrastructure has made it increasingly effortless for companies and governmental entities to collect and analyze the behaviors and actions of individuals or competitors (De Montjoye et al 2013, Mayer et al 2016, Valentino-DeVries et al 2018)
We propose and analyze a recipient-anonymous stochastic routing model to study a fundamental trade-off between anonymity and routing delay
Motivated by privacy concerns in applications arising in networking and secure logistics, and inspired by an anonymous path-planning problem studied in Tsitsiklis and Xu (2018), we propose and analyze in this paper a stochastic routing problem that protects the anonymity of the recipient
Summary
The advancement in machine learning and data collection infrastructure has made it increasingly effortless for companies and governmental entities to collect and analyze the behaviors and actions of individuals or competitors (De Montjoye et al 2013, Mayer et al 2016, Valentino-DeVries et al 2018) Such analysis enables the entity to make powerful predictions on sensitive information that an individual under monitoring would like to keep private. These emerging trends have spurred in recent years a growing literature on designing privacy-aware decision-making policies, whereby the decision maker would deliberately employ randomization in order to obfuscate certain sensitive information from an adversary (see Fanti et al (2015), Luo et al (2016), Tossou and Dimitrakakis (2016), Tsitsiklis and Xu (2018), and Tang et al (2020)). To the best of our knowledge, our work is the first to provide formal performance and anonymity guarantees in a decision-making problem under intrinsic uncertainty
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
