BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Borzoo Rassouli

Borzoo Rassouli contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
Information Theorymath.ITCryptography and SecurityMachine Learning

Trust snapshot

Quick read

Trust 15 - UnverifiedVerification L1Unclaimed author
3works
0followers
4topics
3close collaborators

Actions

Decide how to stay connected

Follow researcher0

Identity and collaboration

How to connect with this researcher

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Log in to claim

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

3 published item(s)

preprint2022arXiv

Privacy Against Inference Attacks in Vertical Federated Learning

Vertical federated learning is considered, where an active party, having access to true class labels, wishes to build a classification model by utilizing more features from a passive party, which has no access to the labels, to improve the model accuracy. In the prediction phase, with logistic regression as the classification model, several inference attack techniques are proposed that the adversary, i.e., the active party, can employ to reconstruct the passive party's features, regarded as sensitive information. These attacks, which are mainly based on a classical notion of the center of a set, i.e., the Chebyshev center, are shown to be superior to those proposed in the literature. Moreover, several theoretical performance guarantees are provided for the aforementioned attacks. Subsequently, we consider the minimum amount of information that the adversary needs to fully reconstruct the passive party's features. In particular, it is shown that when the passive party holds one feature, and the adversary is only aware of the signs of the parameters involved, it can perfectly reconstruct that feature when the number of predictions is large enough. Next, as a defense mechanism, a privacy-preserving scheme is proposed that worsen the adversary's reconstruction attacks, while preserving the full benefits that VFL brings to the active party. Finally, experimental results demonstrate the effectiveness of the proposed attacks and the privacy-preserving scheme.

0 citations0 reviewsNo code linkedOpen access
preprint2021arXiv

On Perfect Privacy

The problem of private data disclosure is studied from an information theoretic perspective. Considering a pair of dependent random variables $(X,Y)$, where $X$ and $Y$ denote the private and useful data, respectively, the following problem is addressed: What is the maximum information that can be revealed about $Y$ (measured by mutual information $I(Y;U)$, in which $U$ is the revealed data), while disclosing no information about $X$ (captured by the condition of statistical independence, i.e., $X\independent U$, and henceforth, called \textit{perfect privacy})? We analyze the supremization of \textit{utility}, i.e., $I(Y;U)$ under the condition of perfect privacy for two scenarios: \textit{output perturbation} and \textit{full data observation} models, which correspond to the cases where a Markov kernel, called \textit{privacy-preserving mapping}, applies to $Y$ and the pair $(X,Y)$, respectively. When both $X$ and $Y$ have a finite alphabet, the linear algebraic analysis involved in the solution provides some interesting results, such as upper/lower bounds on the size of the released alphabet and the maximum utility. Afterwards, it is shown that for the jointly Gaussian $(X,Y)$, perfect privacy is not possible in the output perturbation model in contrast to the full data observation model. Finally, an asymptotic analysis is provided to obtain the rate of released information when a sufficiently small leakage is allowed. In particular, in the context of output perturbation model, it is shown that this rate is always finite when perfect privacy is not feasible, and two lower bounds are provided for it; When perfect privacy is feasible, it is shown that under mild conditions, this rate becomes unbounded.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

On Capacity-Achieving Distributions for Complex AWGN Channels Under Nonlinear Power Constraints and their Applications to SWIPT

The capacity of a complex and discrete-time memoryless additive white Gaussian noise (AWGN) channel under three constraints, namely, input average power, input amplitude and output delivered power is studied. The output delivered power constraint is modelled as the average of linear combination of even moments of the channel input being larger than a threshold. It is shown that the capacity of an AWGN channel under transmit average power and receiver delivered power constraints is the same as the capacity of an AWGN channel under an average power constraint. However, depending on the two constraints, the capacity can be either achieved by a Gaussian distribution or arbitrarily approached by using time-sharing between a Gaussian distribution and On-Off Keying. As an application, a simultaneous wireless information and power transfer (SWIPT) problem is studied, where an experimentally-validated nonlinear model of the harvester is used. It is shown that the delivered power depends on higher order moments of the channel input. Two inner bounds, one based on complex Gaussian inputs and the other based on further restricting the delivered power are obtained for the Rate-Power (RP) region. For Gaussian inputs, the optimal inputs are zero mean and a tradeoff between transmitted information and delivered power is recognized by considering asymmetric power allocations between inphase and quadrature subchannels. Through numerical algorithms, it is observed that input distributions (obtained by restricting the delivered power) attain larger RP region compared to Gaussian input counterparts.

0 citations0 reviewsNo code linkedOpen access