CITI Seminar of Erwan Le Merrer / Gilles Tredan (Inria-Rennes / LAAS-CNRS) on October 9 at 3pm

Title: The Bouncer Problem: Challenges to Remote Explainability

Date and Place: 09 / 10 / 2019 3PM in 432 (Antenne Inria)

Host: Privatics

The concept of explainability is envisioned to satisfy society’s demands for transparency on machine learning decisions. The concept is simple: like humans, algorithms should explain the rationale behind their decisions so that their fairness can be assessed. While this approach is promising in a local context (e.g. to explain a model during debugging at training time), we argue that this reasoning cannot simply be transposed in a remote context, where a trained model by a service provider is only accessible through its API. This is problematic as it constitutes precisely the target use-case requiring transparency from a societal perspective. Through an analogy with a club bouncer (which may provide untruthful explanations upon customer reject), we show that providing explanations cannot prevent a remote service from lying about the true reasons leading to its decisions.

More precisely, we prove the impossibility of remote explainability for single explanations, by constructing an attack on explanations that hides discriminatory features to the querying user. We provide an example implementation of this attack. We then show that the probability that an observer spots the attack, using several explanations for attempting to find incoherences, is low in practical settings. This undermines the very concept of remote explainability in general.

Erwan is on an “advanced research position” at Inria, in the WIDE team, since Nov. 2018. He was previously senior research scientist at Technicolor R&I (2009-2018). Gilles is a “chargé de recherches” at CNRS since 2011.

CITI Seminar of Subhash Lakshminarayana (University of Warwick’s School of Engineering) on September 19 at 2pm

Title: On False Data Injection Attacks Against Power Grids and Countermeasures

Date and Place: 19 / 09 / 2019 2PM in TD-C

Host: Samir M. Perlaza

The power grid state estimation (SE) has been shown to be vulnerable to false data injection (FDI) attacks, which can lead to severe consequences, e.g., transmission line trips, unsafe frequency excursions and/or economic losses. In this talk, we will examine the security of power gird SE from both the attacker and the defender’s perspective. For the former, we examine data-driven FDI attacks, i.e., constructing FDI attacks that can bypass the grid’s bad-data detector (BDD) by accessing its measurement data over a period of time. We characterize important tradeoffs for the attacker in this context between the attack’s spatial and temporal efficiency. The results provide us with an understanding for designing defense mechanism to thwart such attacks. For defense, we propose a hardened-attack detector based on moving-target defense (MTD) that actively perturbs transmission line reactances to invalidate the attacker’s knowledge. We present novel formal design criteria to select MTD reactance perturbations that are truly effective. Moreover, based on a key optimal power flow formulation, we find that the effective MTD may incur a non-trivial operational cost. Accordingly, we characterize important tradeoffs between the MTD’s detection capability and its associated required cost. Extensive simulations, using the MATPOWER simulator and benchmark IEEE bus systems, verify and illustrate the proposed design approach.

Subhash Lakshminarayana is an assistant professor in the University of Warwick’s School of Engineering since September 2018. Prior to joining Warwick, he worked as a research scientist at the Advanced Digital Sciences Center (ADSC) in Singapore between 2015-2018. Before that, he held joint post-doctoral researcher appointment at Princeton University and the Singapore University of Technology and Design (SUTD) between 2013-2015. He received his PhD in the field of Wireless Communications at the Department of Telecommunications at Ecole Superieure d’Electricite (Supelec) Paris, France, M.S. degree from The Ohio State University, USA and B.S. from Bangalore University in India. His research interests include cyber-physical system security (power grids and urban transportation) and wireless communications. His works have been selected among the Best Conference Papers at the IEEE Power Energy Society General Meeting (PESGM) 2015 conference, and the Best 50 Papers at the IEEE Globecom 2014 conference.