Deyun Zhou,Yongchuan Tang,Wen Jiang

DOI: https://doi.org/10.1155/2017/4359195

IF: 2.3

2017-01-01

Complexity

Abstract:Uncertainty measure in data fusion applications is a hot topic; quite a few methods have been proposed to measure the degree of uncertainty in Dempster-Shafer framework. However, the existing methods pay little attention to the scale of the frame of discernment (FOD), which means a loss of information. Due to this reason, the existing methods cannot measure the difference of uncertain degree among different FODs. In this paper, an improved belief entropy is proposed in Dempster-Shafer framework. The proposed belief entropy takes into consideration more available information in the body of evidence (BOE), including the uncertain information modeled by the mass function, the cardinality of the proposition, and the scale of the FOD. The improved belief entropy is a new method for uncertainty measure in Dempster-Shafer framework. Based on the new belief entropy, a decision-making approach is designed. The validity of the new belief entropy is verified according to some numerical examples and the proposed decision-making approach.

Deyun Zhou,Yongchuan Tang,Wen Jiang

DOI: https://doi.org/10.1371/journal.pone.0176832

IF: 3.7

2017-01-01

PLoS ONE

Abstract:How to quantify the uncertain information in the framework of Dempster-Shafer evidence theory is still an open issue. Quite a few uncertainty measures have been proposed in Dempster-Shafer framework, however, the existing studies mainly focus on the mass function itself, the available information represented by the scale of the frame of discernment (FOD) in the body of evidence is ignored. Without taking full advantage of the information in the body of evidence, the existing methods are somehow not that efficient. In this paper, a modified belief entropy is proposed by considering the scale of FOD and the relative scale of a focal element with respect to FOD. Inspired by Deng entropy, the new belief entropy is consistent with Shannon entropy in the sense of probability consistency. What's more, with less information loss, the new measure can overcome the shortage of some other uncertainty measures. A few numerical examples and a case study are presented to show the efficiency and superiority of the proposed method.

Philipp Schröer,Francesca Randone,Raúl Pardo,Andrzej Wąsowski

2024-12-02

Abstract:It is of utmost importance to ensure that modern data intensive systems do not leak sensitive information. In this paper, the authors, who met thanks to Joost-Pieter Katoen, discuss symbolic methods to compute information-theoretic measures of leakage: entropy, conditional entropy, Kullback-Leibler divergence, and mutual information. We build on two semantic frameworks for symbolic execution of probabilistic programs. For discrete programs, we use weakest pre-expectation calculus to compute exact symbolic expressions for the leakage measures. Using Second Order Gaussian Approximation (SOGA), we handle programs that combine discrete and continuous distributions. However, in the SOGA setting, we approximate the exact semantics using Gaussian mixtures and compute bounds for the measures. We demonstrate the use of our methods in two widely used mechanisms to ensure differential privacy: randomized response and the Gaussian mechanism.

Cryptography and Security

Jonathan Lawry,Ines Gonzalez-Rodr ´ õguez,Yongchuan Tang

2009-01-01

Abstract:A prototype theory interpretation of the label semantics framework is proposed as a possible model of imprecise descriptions of real numbers. It is shown that within this framework conditioning given imprecise descriptions of a real variable naturally results in imprecise probabilities. An inference method is proposed from data in the form of a set of imprecise descriptions, which naturally suggests an algorithm for estimating lower and upper probabilities given imprecise data values.

Fabrizio Biondi,Yusuke Kawamoto,Axel Legay,Louis-Marie Traonouez

DOI: https://doi.org/10.1007/s00165-018-0469-z

2018-09-08

Abstract:Analysis of a probabilistic system often requires to learn the joint probability distribution of its random variables. The computation of the exact distribution is usually an exhaustive precise analysis on all executions of the system. To avoid the high computational cost of such an exhaustive search, statistical analysis has been studied to efficiently obtain approximate estimates by analyzing only a small but representative subset of the system's behavior. In this paper we propose a hybrid statistical estimation method that combines precise and statistical analyses to estimate mutual information, Shannon entropy, and conditional entropy, together with their confidence intervals. We show how to combine the analyses on different components of a discrete system with different accuracy to obtain an estimate for the whole system. The new method performs weighted statistical analysis with different sample sizes over different components and dynamically finds their optimal sample sizes. Moreover, it can reduce sample sizes by using prior knowledge about systems and a new abstraction-then-sampling technique based on qualitative analysis. To apply the method to the source code of a system, we show how to decompose the code into components and to determine the analysis method for each component by overviewing the implementation of those techniques in the HyLeak tool. We demonstrate with case studies that the new method outperforms the state of the art in quantifying information leakage.

Information Theory,Cryptography and Security,Programming Languages

Sari Haj Hussein

DOI: https://doi.org/10.1109/NTMS.2012.6208689

2012-06-05

Abstract:We introduce a new perspective into the field of quantitative information flow (QIF) analysis that invites the community to bound the leakage, reported by QIF quantifiers, by a range consistent with the size of a program's secret input instead of by a mathematically sound (but counter-intuitive) upper bound of that leakage. To substantiate our position, we present a refinement of a recent QIF metric that appears in the literature. Our refinement is based on slight changes we bring into the design of that metric. These changes do not affect the theoretical premises onto which the original metric is laid. However, they enable the natural association between flow results and the exhaustive search effort needed to uncover a program's secret information (or the residual secret part of that information) to be clearly established. The refinement we discuss in this paper validates our perspective and demonstrates its importance in the future design of QIF quantifiers.

Cryptography and Security

Donghong Sun,Yunchuan Guo,Lihua Yin,Changzhen Hu

2012-01-01

Abstract:Quantifying implicit information leakage is important, especially for fully probabilistic systems (FPS). Although many quantitative methods have been proposed (including methods based on mutual information, on a-mutual information, on relative entropy and on pure probability, etc.), there has been little work analyzing their consistency and accuracy. In order to perform this analysis, these methods must be modeled with a uniform approach. In this paper, a light probabilistic process algebra (PPA-Lite) is presented, and some existing quantitative methods are uniformly characterized by using PPA-Lite. Further, their relationships are analyzed by proof and simulation, respectively. The results show that (1) most of methods concur in determining whether information is leaked; (2) the method based on (alpha-) mutual information is the most accurate if the distribution of the sent information is known. If not, the method based on relative entropy is the most accurate.

Pasquale Malacaria

DOI: https://doi.org/10.48550/arXiv.1101.3453

2011-01-18

Abstract:Several mathematical ideas have been investigated for Quantitative Information Flow. Information theory, probability, guessability are the main ideas in most proposals. They aim to quantify how much information is leaked, how likely is to guess the secret and how long does it take to guess the secret respectively. In this paper, we show how the Lattice of Information provides a valuable foundation for all these approaches; not only it provides an elegant algebraic framework for the ideas, but also to investigate their relationship. In particular we will use this lattice to prove some results establishing order relation correspondences between the different quantitative approaches. The implications of these results w.r.t. recent work in the community is also investigated. While this work concentrates on the foundational importance of the Lattice of Information its practical relevance has been recently proven, notably with the quantitative analysis of Linux kernel vulnerabilities. Overall we believe these works set the case for establishing the Lattice of Information as one of the main reference structure for Quantitative Information Flow.

Information Theory

Hirotoshi Yasuoka,Tachio Terauchi

DOI: https://doi.org/10.3233/jcs-2011-0437

2011-12-23

Journal of Computer Security

Abstract:Researchers have proposed formal definitions of quantitative information flow based on information theoretic notions such as the Shannon entropy, the min entropy, the guessing entropy, belief, and channel capacity. This paper investigates the hardness of precisely checking the quantitative information flow of a program according to such definitions. More precisely, we study the “bounding problem” of quantitative information flow, defined as follows: Given a program M and a positive real number q, decide if the quantitative information flow of M is less than or equal to q. We prove that the bounding problem is not a k-safety property for any k (even when q is fixed, for the Shannon-entropy-based definition with the uniform distribution), and therefore is not amenable to the self-composition technique that has been successfully applied to checking non-interference. We also prove complexity theoretic hardness results for the case when the program is restricted to loop-free Boolean programs. Specifically, we show that the problem is PP-hard for all definitions, showing a gap with non-interference which is coNP-complete for the same class of programs. The paper also compares the results with the recently proved results on the comparison problems of quantitative information flow.

Kesar Singh,Minge Xie,William E. Strawderman

DOI: https://doi.org/10.1214/009053604000001084

2005-04-25

Abstract:This paper develops new methodology, together with related theories, for combining information from independent studies through confidence distributions. A formal definition of a confidence distribution and its asymptotic counterpart (i.e., asymptotic confidence distribution) are given and illustrated in the context of combining information. Two general combination methods are developed: the first along the lines of combining p-values, with some notable differences in regard to optimality of Bahadur type efficiency; the second by multiplying and normalizing confidence densities. The latter approach is inspired by the common approach of multiplying likelihood functions for combining parametric information. The paper also develops adaptive combining methods, with supporting asymptotic theory which should be of practical interest. The key point of the adaptive development is that the methods attempt to combine only the correct information, downweighting or excluding studies containing little or wrong information about the true parameter of interest. The combination methodologies are illustrated in simulated and real data examples with a variety of applications.

Statistics Theory

Bao Trung Chu,Kenji Hashimoto,Hiroyuki Seki

DOI: https://doi.org/10.1587/transinf.2019EDP7132

2019-03-09

Abstract:A program is non-interferent if it leaks no secret information to an observable output. However, non-interference is too strict in many practical cases and quantitative information flow (QIF) has been proposed and studied in depth. Originally, QIF is defined as the average of leakage amount of secret information over all executions of a program. However, a vulnerable program that has executions leaking the whole secret but has the small average leakage could be considered as secure. This counter-intuition raises a need for a new definition of information leakage of a particular run, i.e., dynamic leakage. As discussed in [5], entropy-based definitions do not work well for quantifying information leakage dynamically; Belief-based definition on the other hand is appropriate for deterministic programs, however, it is not appropriate for probabilistic ones. In this paper, we propose new simple notions of dynamic leakage based on entropy which are compatible with existing QIF definitions for deterministic programs, and yet reasonable for probabilistic programs in the sense of [5]. We also investigated the complexity of computing the proposed dynamic leakage for three classes of Boolean programs. We also implemented a tool for QIF calculation using model counting tools for Boolean formulae. Experimental results on popular benchmarks of QIF research show the flexibility of our framework. Finally, we discuss the improvement of performance and scalability of the proposed method as well as an extension to more general cases.

Cryptography and Security

Gideon Samid

DOI: https://doi.org/10.48550/arXiv.1006.1055

2010-06-06

Abstract:Building on Shannon's lead, let's consider a more malleable expression for tracking uncertainty, and states of "knowledge available" vs. "knowledge missing," to better practice innovation, improve risk management, and successfully measure progress of intractable undertakings. Shannon's formula, and its common replacements (Renyi, Tsallis) compute to increased knowledge whenever two competing choices, however marginal, exchange probability measures. Such and other distortions are corrected by anchoring knowledge to a reference challenge. Entropy then expresses progress towards meeting that challenge. We introduce an 'interval of interest' outside which all probability changes should be ignored. The resultant formula for Missing Acquirable Relevant Knowledge (MARK) serves as a means to optimize intractable activities involving knowledge acquisition, such as research, development, risk management, and opportunity exploitation.

Information Theory

Jack Liell-Cock,Sam Staton

2024-10-30

Abstract:Imprecise probability is concerned with uncertainty about which probability distributions to use. It has applications in robust statistics and machine learning. We look at programming language models for imprecise probability. Our desiderata are that we would like our model to support all kinds of composition, categorical and monoidal; in other words, guided by dataflow diagrams. Another equivalent perspective is that we would like a model of synthetic probability in the sense of Markov categories. Imprecise probability can be modelled in various ways, with the leading monad-based approach using convex sets of probability distributions. This model is not fully compositional because the monad involved is not commutative, meaning it does not have a proper monoidal structure. In this work, we provide a new fully compositional account. The key idea is to name the non-deterministic choices. To manage the renamings and disjointness of names, we use graded monads. We show that the resulting compositional model is maximal and relate it with the earlier monadic approach, proving that we obtain tighter bounds on the uncertainty.

Programming Languages,Logic in Computer Science,Category Theory,Probability

Ryan Martin

2023-09-24

Abstract:Bayesian inference requires specification of a single, precise prior distribution, whereas frequentist inference only accommodates a vacuous prior. Since virtually every real-world application falls somewhere in between these two extremes, a new approach is needed. This series of papers develops a new framework that provides valid and efficient statistical inference, prediction, etc., while accommodating partial prior information and imprecisely-specified models more generally. This paper fleshes out a general inferential model construction that not only yields tests, confidence intervals, etc.~with desirable error rate control guarantees, but also facilitates valid probabilistic reasoning with de~Finetti-style no-sure-loss guarantees. The key technical novelty here is a so-called outer consonant approximation of a general imprecise probability which returns a data- and partial prior-dependent possibility measure to be used for inference and prediction. Despite some potentially unfamiliar imprecise-probabilistic concepts in the development, the result is an intuitive, likelihood-driven framework that will, as expected, agree with the familiar Bayesian and frequentist solutions in the respective extreme cases. More importantly, the proposed framework accommodates partial prior information where available and, therefore, leads to new solutions that were previously out of reach for both Bayesians and frequentists. Details are presented here for a wide range of examples, with more practical details to come in later installments.

Methodology,Statistics Theory

Xinyang Deng,Siyu Xue,Wen Jiang,Xiaoge Zhang

DOI: https://doi.org/10.1109/tsmc.2024.3444811

2024-10-19

IEEE Transactions on Systems Man and Cybernetics Systems

Abstract:Measuring the uncertainty of information is a crucial problem in many fields. Recent studies have found a new uncertainty measure for probabilities called "extropy" as a complementary dual function of classical Shannon entropy. In this article, the extropy measure of randomness is generalized to the case of information with epistemic uncertainty by means of a framework of Dempster-Shafer evidence theory. Specifically, a novel measure called plausibility extropy is proposed, which inherits the intriguing properties of original extropy. Moreover, the duality and complementarity between the proposed plausibility extropy and existing plausibility entropy are proved strictly, which constitutes an entropy-extropy combination for mass functions to measure the epistemic uncertainty. In addition, the maximum plausibility extropy is also studied in this article. Through comparing with existing extropy-like measures in Dempster-Shafer evidence theory, the rationality of proposed plausibility extropy is further demonstrated.

automation & control systems,computer science, cybernetics

Kajetan Schweighofer,Lukas Aichberger,Mykyta Ielanskyi,Sepp Hochreiter

2024-10-15

Abstract:Reliable estimation of predictive uncertainty is crucial for machine learning applications, particularly in high-stakes scenarios where hedging against risks is essential. Despite its significance, a consensus on the correct measurement of predictive uncertainty remains elusive. In this work, we return to first principles to develop a fundamental framework of information-theoretic predictive uncertainty measures. Our proposed framework categorizes predictive uncertainty measures according to two factors: (I) The predicting model (II) The approximation of the true predictive distribution. Examining all possible combinations of these two factors, we derive a set of predictive uncertainty measures that includes both known and newly introduced ones. We empirically evaluate these measures in typical uncertainty estimation settings, such as misclassification detection, selective prediction, and out-of-distribution detection. The results show that no single measure is universal, but the effectiveness depends on the specific setting. Thus, our work provides clarity about the suitability of predictive uncertainty measures by clarifying their implicit assumptions and relationships.

Machine Learning,Artificial Intelligence

Patrick Ah-Fat,Michael Huth

DOI: https://doi.org/10.48550/arXiv.1901.00798

2019-01-04

Abstract:Elaborate protocols in Secure Multi-party Computation enable several participants to compute a public function of their own private inputs while ensuring that no undesired information leaks about the private inputs, and without resorting to any trusted third party. However, the public output of the computation inevitably leaks some information about the private inputs. Recent works have introduced a framework and proposed some techniques for quantifying such information flow. Yet, owing to their complexity, those methods do not scale to practical situations that may involve large input spaces. The main contribution of the work reported here is to formally investigate the information flow captured by the min-entropy in the particular case of secure three-party computations of affine functions in order to make its quantification scalable to realistic scenarios. To this end, we mathematically derive an explicit formula for this entropy under uniform prior beliefs about the inputs. We show that this closed-form expression can be computed in time constant in the inputs sizes and logarithmic in the coefficients of the affine function. Finally, we formulate some theoretical bounds for this privacy leak in the presence of non-uniform prior beliefs.

Cryptography and Security,Information Theory

Mohammad Amin Zarrabian,Parastoo Sadeghi

2024-09-06

Abstract:In this paper, we extend the framework of quantitative information flow (QIF) to include adversaries that use Kolmogorov-Nagumo $f$-mean to infer secrets of a private system. Specifically, in our setting, an adversary uses Kolmogorov-Nagumo $f$-mean to compute its best actions before and after observing the system's randomized outputs. This leads to generalized notions of prior and posterior vulnerability and generalized axiomatic relations that we will derive to elucidate how these $f$-mean based vulnerabilities interact with each other. We demonstrate usefulness of this framework by showing how some notions of leakage that had been derived outside of the QIF framework and so far seemed incompatible with it are indeed explainable via such extension of QIF. These leakage measures include $\alpha$-leakage, which is the same as Arimoto mutual information of order $\alpha$, maximal $\alpha$-leakage which is the $\alpha$-leakage capacity, and $(\alpha,\beta)$ leakage, which is a generalization of the above and captures local differential privacy as a special case. We also propose a new pointwise notion of gain function, which we coin pointwise information gain. We show that this pointwise information gain can explain Réyni divergence and Sibson mutual information of order $\alpha \in [0,\infty]$ as the Kolmogorov-Nagumo average of the gain with a proper choice of function $f$.

Information Theory

Mário S. Alvim,Konstantinos Chatzikokolakis,Pierpaolo Degano,Catuscia Palamidessi

DOI: https://doi.org/10.48550/arXiv.1012.4250

2010-12-20

Abstract:Differential privacy is a notion of privacy that has become very popular in the database community. Roughly, the idea is that a randomized query mechanism provides sufficient privacy protection if the ratio between the probabilities of two different entries to originate a certain answer is bound by e^\epsilon. In the fields of anonymity and information flow there is a similar concern for controlling information leakage, i.e. limiting the possibility of inferring the secret information from the observables. In recent years, researchers have proposed to quantify the leakage in terms of the information-theoretic notion of mutual information. There are two main approaches that fall in this category: One based on Shannon entropy, and one based on Rényi's min entropy. The latter has connection with the so-called Bayes risk, which expresses the probability of guessing the secret. In this paper, we show how to model the query system in terms of an information-theoretic channel, and we compare the notion of differential privacy with that of mutual information. We show that the notion of differential privacy is strictly stronger, in the sense that it implies a bound on the mutual information, but not viceversa.

Information Theory,Cryptography and Security,Databases

Aobo Lyu,Andrew Clark,Netanel Raviv

2024-05-08

Abstract:Mutual information between two random variables is a well-studied notion, whose understanding is fairly complete. Mutual information between one random variable and a pair of other random variables, however, is a far more involved notion. Specifically, Shannon's mutual information does not capture fine-grained interactions between those three variables, resulting in limited insights in complex systems. To capture these fine-grained interactions, in 2010 Williams and Beer proposed to decompose this mutual information to information atoms, called unique, redundant, and synergistic, and proposed several operational axioms that these atoms must satisfy. In spite of numerous efforts, a general formula which satisfies these axioms has yet to be found. Inspired by Judea Pearl's do-calculus, we resolve this open problem by introducing the do-operation, an operation over the variable system which sets a certain marginal to a desired value, which is distinct from any existing approaches. Using this operation, we provide the first explicit formula for calculating the information atoms so that Williams and Beer's axioms are satisfied, as well as additional properties from subsequent studies in the field.

Information Theory,Probability