Presentation is loading. Please wait.

Presentation is loading. Please wait.

‘Crowds’ through a PRISM

Published byJussi Nieminen Modified over 5 years ago

Similar presentations

Presentation on theme: "‘Crowds’ through a PRISM"— Presentation transcript:

1 ‘Crowds’ through a PRISM
CS 259 ‘Crowds’ through a PRISM

2 Overview Most slides stolen from Vitaly Shmatikov Crowds
Probabilistic model checking PRISM PCTL logic Analyzing Crowds with PRISM

3 Crowds C C C4 C C3 C C C1 C C2 C0 C C [Reiter,Rubin ‘98] pf 1-pf
sender recipient After receiving a message, honest router flips a biased coin With probability Pf randomly selects next router and forwards msg With probability 1-Pf sends directly to the recipient

4 Probabilistic Notions of Anonymity
Beyond suspicion The observed source of the message is no more likely to be the true sender than anybody else Probable innocence Probability that the observed source of the message is the true sender is less than 50% Possible innocence Non-trivial probability that the observed source of the message is not the true sender

5 Probabilistic Model Checking
Participants are finite-state machines Same as Mur State transitions are probabilistic Transitions in Mur are nondeterministic Standard intruder model Same as Mur: model cryptography with abstract data types Mur question: Is bad state reachable? Probabilistic model checking question: What’s the probability of reaching bad state? 0.2 0.3 0.5 ... ... “bad state”

6 Discrete-Time Markov Chains
(S, s0, T, L) S is a finite set of states s0 S is an initial state T :SS[0,1] is the transition relation s,s’S s’ T(s,s’)=1 L is a labeling function

7 Markov Chain: Simple Example
Probabilities of outgoing transitions sum up to 1.0 for every state C 0.2 0.5 A 0.1 E s0 0.5 0.8 D 1.0 B 0.9 1.0 Probability of reaching E from s0 is 0.2 0.10.5=0.14 The chain has infinite paths if state graph has loops Need to solve a system of linear equations to compute probabilities

8 PRISM Probabilistic model checker System specified as a Markov chain
[Kwiatkowska et al., U. of Birmingham] Probabilistic model checker System specified as a Markov chain Parties are finite-state machines w/ local variables State transitions are associated with probabilities Can also have nondeterminism (Markov decision processes) All parameters must be finite Correctness condition specified as PCTL formula Computes probabilities for each reachable state Enumerates reachable states Solves system of linear equations to find probabilities

9 PRISM Syntax C A E s0 D B module Simple state: [1..5] init 1;
0.2 0.5 A 0.1 E s0 0.5 0.8 D 1.0 B 0.9 1.0 module Simple state: [1..5] init 1; [] state=1 -> 0.8: state’= : state’=3; [] state=2 -> 0.1: state’= : state’=4; [] state=3 -> 0.5: state’= : state’=5; endmodule IF state=3 THEN with prob. 50% assign 4 to state, with prob. 50% assign 5 to state

10 Modeling Crowds with PRISM
Model probabilistic path construction Each state of the model corresponds to a particular stage of path construction 1 router chosen, 2 routers chosen, … Three probabilistic transitions Honest router chooses next router with probability pf, terminates the path with probability 1-pf Next router is probabilistically chosen from N candidates Chosen router is hostile with certain probability Run path construction protocol several times and look at accumulated observations of the intruder

11 PRISM: Path Construction in Crowds
module crowds . . . // N = total # of routers, C = # of corrupt routers // badC = C/N, goodC = 1-badC [] (!good & !bad) -> goodC: (good’=true) & (revealAppSender’=true) + badC: (badObserve’=true); // Forward with probability PF, else deliver [] (good & !deliver) -> PF: (pIndex’=pIndex+1) & (forward’=true) + notPF: (deliver’=true); endmodule Next router is corrupt with certain probability Route with probability PF, else deliver

12 PRISM: Intruder Model module crowds . . . // Record the apparent sender and deliver [] (badObserve & appSender=0) -> (observe0’=observe0+1) & (deliver’=true); [] (badObserve & appSender=15) -> (observe15’=observe15+1) & (deliver’=true); endmodule For each observed path, bad routers record apparent sender Bad routers collaborate, so treat them as a single attacker No cryptography, only probabilistic inference

13 PCTL Logic Probabilistic Computation Tree Logic
[Hansson, Jonsson ‘94] Probabilistic Computation Tree Logic Used for reasoning about probabilistic temporal properties of probabilistic finite state spaces Can express properties of the form “under any scheduling of processes, the probability that event E occurs is at least p’’ By contrast, Mur can express only properties of the form “does event E ever occur?’’

14 PCTL Syntax State formulas Path formulas
First-order propositions over a single state  ::= True | a |    |    |  | P>p[] Path formulas Properties of chains of states  ::= X  |  Uk  |  U  Predicate over state variables (just like a Mur invariant) Path formula holds with probability > p State formula holds for every next state in the chain First state formula holds for every state in the chain until second becomes true

15 PCTL: State Formulas A state formula is a first-order state predicate
Just like non-probabilistic logic True False X=1 y=2 1.0 True X=2 y=0 0.2 X=1 y=1 0.5 1.0 X=3 y=0 s0 0.5 0.8 False  = (y>1) | (x=1)

16 PCTL: Path Formulas A path formula is a temporal property of a chain of states 1U2 = “1 is true until 2 becomes and stays true” X=1 y=2 1.0 X=2 y=0 0.2 X=1 y=1 0.5 1.0 X=3 y=0 s0 0.5 0.8  = (y>0) U (x>y) holds for this chain

17 PCTL: Probabilistic State Formulas
Specify that a certain predicate or path formula holds with probability no less than some bound True True X=1 y=2 1.0 False X=2 y=0 0.2 X=1 y=1 0.5 1.0 X=3 y=0 s0 0.5 0.8 False  = P>0.5[(y>0) U (x=2)]

18 Intruder Model Every time a hostile crowd member receives a message
module crowds . . . // Record the apparent sender and deliver [] (badObserve & appSender=0) -> (observe0’=observe0+1) & (deliver’=true); [] (badObserve & appSender=15) -> (observe15’=observe15+1) & (deliver’=true); endmodule Every time a hostile crowd member receives a message from some honest member, he records his observation (increases the count for that honest member)

19 Negation of Probable Innocence
P >0.5 [true U (observe0>observe1) & done] P>0.5[true U (observe0>observe9) & done] “The probability of reaching a state in which hostile crowd members completed their observations and observed the true sender (crowd member #0) more often than any of the other crowd members (#1 … #9) is greater than 0.5”

20 Dynamic Paths What happens when originator sends new message?
Use same path Or construct new path Intruder can correlate messages using content Originator appears on all paths! Paths need to be static otherwise probable innocence is broken

21 Path Reformulations Same problem as dynamic paths
When members leave the crowd, paths are reformulated New paths can be correlated with old paths based on path content Shmatikov analyzes the effect of path reformulations and crowd size: See case study on PRISM site

Download ppt "‘Crowds’ through a PRISM"

Similar presentations

1 Reasoning with Promela Safety properties bad things do not happen can check by inspecting finite behaviours Liveness properties good things do eventually.

1 Reasoning with Promela Safety properties bad things do not happen can check by inspecting finite behaviours Liveness properties good things do eventually.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
Distributed Markov Chains P S Thiagarajan School of Computing, National University of Singapore Joint work with Madhavan Mukund, Sumit K Jha and Ratul.

Distributed Markov Chains P S Thiagarajan School of Computing, National University of Singapore Joint work with Madhavan Mukund, Sumit K Jha and Ratul.
PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,

PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,
CS6133 Software Specification and Verification

CS6133 Software Specification and Verification
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 11.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 11.
UPPAAL Introduction Chien-Liang Chen.

UPPAAL Introduction Chien-Liang Chen.
Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?

Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?
Timed Automata.

Timed Automata.
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.

1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
Probabilistic Model Checking CS 395T. Overview uCrowds redux uProbabilistic model checking PRISM model checker PCTL logic Analyzing Crowds with PRISM.

Probabilistic Model Checking CS 395T. Overview uCrowds redux uProbabilistic model checking PRISM model checker PCTL logic Analyzing Crowds with PRISM.
Statistical Probabilistic Model Checking Håkan L. S. Younes Carnegie Mellon University.

Statistical Probabilistic Model Checking Håkan L. S. Younes Carnegie Mellon University.
Model Checking for Probabilistic Timed Systems Jeremy Sproston Università di Torino VOSS Dagstuhl seminar 9th December 2002.

Model Checking for Probabilistic Timed Systems Jeremy Sproston Università di Torino VOSS Dagstuhl seminar 9th December 2002.
Ymer: A Statistical Model Checker Håkan L. S. Younes Carnegie Mellon University.

Ymer: A Statistical Model Checker Håkan L. S. Younes Carnegie Mellon University.
SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:

SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:
GS 540 week 6. HMM basics Given a sequence, and state parameters: – Each possible path through the states has a certain probability of emitting the sequence.

GS 540 week 6. HMM basics Given a sequence, and state parameters: – Each possible path through the states has a certain probability of emitting the sequence.
CPSC 668Set 3: Leader Election in Rings1 CPSC 668 Distributed Algorithms and Systems Spring 2008 Prof. Jennifer Welch.

CPSC 668Set 3: Leader Election in Rings1 CPSC 668 Distributed Algorithms and Systems Spring 2008 Prof. Jennifer Welch.
1 Carnegie Mellon UniversitySPINFlavio Lerda SPIN An explicit state model checker.

1 Carnegie Mellon UniversitySPINFlavio Lerda SPIN An explicit state model checker.
Lecture 4&5: Model Checking: A quick introduction Professor Aditya Ghose Director, Decision Systems Lab School of IT and Computer Science University of.

Lecture 4&5: Model Checking: A quick introduction Professor Aditya Ghose Director, Decision Systems Lab School of IT and Computer Science University of.
Witness and Counterexample Li Tan Oct. 15, 2002.

Witness and Counterexample Li Tan Oct. 15, 2002.

Similar presentations

Ads by Google