Showing 1–7 of 7 results for author: Tsao, M

Catch Me If You Can: Combatting Fraud in Artificial Currency Based Government Benefits Programs

Authors: Devansh Jalota, Matthew Tsao, Marco Pavone

Abstract: Artificial currencies have grown in popularity in many real-world resource allocation settings, gaining traction in government benefits programs like food assistance and transit benefits programs. However, such programs are susceptible to misreporting fraud, wherein users can misreport their private attributes to gain access to more artificial currency (credits) than they are entitled to. To addre… ▽ More Artificial currencies have grown in popularity in many real-world resource allocation settings, gaining traction in government benefits programs like food assistance and transit benefits programs. However, such programs are susceptible to misreporting fraud, wherein users can misreport their private attributes to gain access to more artificial currency (credits) than they are entitled to. To address the problem of misreporting fraud in artificial currency based benefits programs, we introduce an audit mechanism that induces a two-stage game between an administrator and users. In our proposed mechanism, the administrator running the benefits program can audit users at some cost and levy fines against them for misreporting their information. For this audit game, we study the natural solution concept of a signaling game equilibrium and investigate conditions on the administrator budget to establish the existence of equilibria. The computation of equilibria can be done via linear programming in our problem setting through an appropriate design of the audit rules. Our analysis also provides upper bounds that hold in any signaling game equilibrium on the expected excess payments made by the administrator and the probability that users misreport their information. We further show that the decrease in misreporting fraud corresponding to our audit mechanism far outweighs the administrator spending to run it by establishing that its total costs are lower than that of the status quo with no audits. Finally, to highlight the practical viability of our audit mechanism in mitigating misreporting fraud, we present a case study based on the Washington D.C. federal transit benefits program. In this case study, the proposed audit mechanism achieves several orders of magnitude improvement in total cost compared to a no-audit strategy for some parameter ranges. △ Less

Submitted 25 February, 2024; originally announced February 2024.

Private Location Sharing for Decentralized Routing services

Authors: Matthew Tsao, Kaidi Yang, Karthik Gopalakrishnan, Marco Pavone

Abstract: Data-driven methodologies offer many exciting upsides, but they also introduce new challenges, particularly in the realm of user privacy. Specifically, the way data is collected can pose privacy risks to end users. In many routing services, a single entity (e.g., the routing service provider) collects and manages user trajectory data. When it comes to user privacy, these systems have a central poi… ▽ More Data-driven methodologies offer many exciting upsides, but they also introduce new challenges, particularly in the realm of user privacy. Specifically, the way data is collected can pose privacy risks to end users. In many routing services, a single entity (e.g., the routing service provider) collects and manages user trajectory data. When it comes to user privacy, these systems have a central point of failure since users have to trust that this entity will not sell or use their data to infer sensitive private information. Unfortunately, in practice many advertising companies offer to buy such data for the sake of targeted advertisements. With this as motivation, we study the problem of using location data for routing services in a privacy-preserving way. Rather than having users report their location to a central operator, we present a protocol in which users participate in a decentralized and privacy-preserving computation to estimate travel times for the roads in the network in a way that no individuals' location is ever observed by any other party. The protocol uses the Laplace mechanism in conjunction with secure multi-party computation to ensure that it is cryptogrpahically secure and that its output is differentially private. A natural question is if privacy necessitates degradation in accuracy or system performance. We show that if a road has sufficiently high capacity, then the travel time estimated by our protocol is provably close to the ground truth travel time. We validate the protocol through numerical experiments which show that using the protocol as a routing service provides privacy guarantees with minimal overhead to user travel time. △ Less

Submitted 14 March, 2022; v1 submitted 27 February, 2022; originally announced February 2022.

Trust but Verify: Cryptographic Data Privacy for Mobility Management

Authors: Matthew Tsao, Kaidi Yang, Stephen Zoepf, Marco Pavone

Abstract: The era of Big Data has brought with it a richer understanding of user behavior through massive data sets, which can help organizations optimize the quality of their services. In the context of transportation research, mobility data can provide Municipal Authorities (MA) with insights on how to operate, regulate, or improve the transportation network. Mobility data, however, may contain sensitive… ▽ More The era of Big Data has brought with it a richer understanding of user behavior through massive data sets, which can help organizations optimize the quality of their services. In the context of transportation research, mobility data can provide Municipal Authorities (MA) with insights on how to operate, regulate, or improve the transportation network. Mobility data, however, may contain sensitive information about end users and trade secrets of Mobility Providers (MP). Due to this data privacy concern, MPs may be reluctant to contribute their datasets to MA. Using ideas from cryptography, we propose an interactive protocol between a MA and a MP in which MA obtains insights from mobility data without MP having to reveal its trade secrets or sensitive data of its users. This is accomplished in two steps: a commitment step, and a computation step. In the first step, Merkle commitments and aggregated traffic measurements are used to generate a cryptographic commitment. In the second step, MP extracts insights from the data and sends them to MA. Using the commitment and zero-knowledge proofs, MA can certify that the information received from MP is accurate, without needing to directly inspect the mobility data. We also present a differentially private version of the protocol that is suitable for the large query regime. The protocol is verifiable for both MA and MP in the sense that dishonesty from one party can be detected by the other. The protocol can be readily extended to the more general setting with multiple MPs via secure multi-party computation. △ Less

Submitted 15 November, 2021; v1 submitted 15 April, 2021; originally announced April 2021.

Balancing Fairness and Efficiency in Traffic Routing via Interpolated Traffic Assignment

Authors: Devansh Jalota, Kiril Solovey, Matthew Tsao, Stephen Zoepf, Marco Pavone

Abstract: System optimum (SO) routing, wherein the total travel time of all users is minimized, is a holy grail for transportation authorities. However, SO routing may discriminate against users who incur much larger travel times than others to achieve high system efficiency, i.e., low total travel times. To address the inherent unfairness of SO routing, we study the $β$-fair SO problem whose goal is to min… ▽ More System optimum (SO) routing, wherein the total travel time of all users is minimized, is a holy grail for transportation authorities. However, SO routing may discriminate against users who incur much larger travel times than others to achieve high system efficiency, i.e., low total travel times. To address the inherent unfairness of SO routing, we study the $β$-fair SO problem whose goal is to minimize the total travel time while guaranteeing a ${β\geq 1}$ level of unfairness, which specifies the maximum possible ratio between the travel times of different users with shared origins and destinations. To obtain feasible solutions to the $β$-fair SO problem while achieving high system efficiency, we develop a new convex program, the Interpolated Traffic Assignment Problem (I-TAP), which interpolates between a fairness-promoting and an efficiency-promoting traffic-assignment objective. We evaluate the efficacy of I-TAP through theoretical bounds on the total system travel time and level of unfairness in terms of its interpolation parameter, as well as present a numerical comparison between I-TAP and a state-of-the-art algorithm on a range of transportation networks. The numerical results indicate that our approach is faster by several orders of magnitude as compared to the benchmark algorithm, while achieving higher system efficiency for all desirable levels of unfairness. We further leverage the structure of I-TAP to develop two pricing mechanisms to collectively enforce the I-TAP solution in the presence of selfish homogeneous and heterogeneous users, respectively, that independently choose routes to minimize their own travel costs. We mention that this is the first study of pricing in the context of fair routing for general road networks (as opposed to, e.g., parallel road networks). △ Less

Submitted 8 February, 2022; v1 submitted 31 March, 2021; originally announced April 2021.

Online Hypergraph Matching with Delays

Authors: Marco Pavone, Amin Saberi, Maximilian Schiffer, Matthew Tsao

Abstract: We study an online hypergraph matching problem with delays, motivated by ridesharing applications. In this model, users enter a marketplace sequentially, and are willing to wait up to $d$ timesteps to be matched, after which they will leave the system in favor of an outside option. A platform can match groups of up to $k$ users together, indicating that they will share a ride. Each group of users… ▽ More We study an online hypergraph matching problem with delays, motivated by ridesharing applications. In this model, users enter a marketplace sequentially, and are willing to wait up to $d$ timesteps to be matched, after which they will leave the system in favor of an outside option. A platform can match groups of up to $k$ users together, indicating that they will share a ride. Each group of users yields a match value depending on how compatible they are with one another. As an example, in ridesharing, $k$ is the capacity of the service vehicles, and $d$ is the amount of time a user is willing to wait for a driver to be matched to them. We present results for both the utility maximization and cost minimization variants of the problem. In the utility maximization setting, the optimal competitive ratio is $\frac{1}{d}$ whenever $k \geq 3$, and is achievable in polynomial-time for any fixed $k$. In the cost minimization variation, when $k = 2$, the optimal competitive ratio for deterministic algorithms is $\frac{3}{2}$ and is achieved by a polynomial-time thresholding algorithm. When $k>2$, we show that a polynomial-time randomized batching algorithm is $(2 - \frac{1}{d}) \log k$-competitive, and it is NP-hard to achieve a competitive ratio better than $\log k - O (\log \log k)$. △ Less

Submitted 25 September, 2020; originally announced September 2020.

Sample Complexity of Probabilistic Roadmaps via $ε$-nets

Authors: Matthew Tsao, Kiril Solovey, Marco Pavone

Abstract: We study fundamental theoretical aspects of probabilistic roadmaps (PRM) in the finite time (non-asymptotic) regime. In particular, we investigate how completeness and optimality guarantees of the approach are influenced by the underlying deterministic sampling distribution ${\mathcal{X}}$ and connection radius ${r>0}$. We develop the notion of ${(δ,ε)}$-completeness of the parameters… ▽ More We study fundamental theoretical aspects of probabilistic roadmaps (PRM) in the finite time (non-asymptotic) regime. In particular, we investigate how completeness and optimality guarantees of the approach are influenced by the underlying deterministic sampling distribution ${\mathcal{X}}$ and connection radius ${r>0}$. We develop the notion of ${(δ,ε)}$-completeness of the parameters ${\mathcal{X}, r}$, which indicates that for every motion-planning problem of clearance at least ${δ>0}$, PRM using ${\mathcal{X}, r}$ returns a solution no longer than ${1+ε}$ times the shortest $δ$-clear path. Leveraging the concept of $ε$-nets, we characterize in terms of lower and upper bounds the number of samples needed to guarantee ${(δ,ε)}$-completeness. This is in contrast with previous work which mostly considered the asymptotic regime in which the number of samples tends to infinity. In practice, we propose a sampling distribution inspired by $ε$-nets that achieves nearly the same coverage as grids while using significantly fewer samples. △ Less

Submitted 20 September, 2019; v1 submitted 13 September, 2019; originally announced September 2019.

Comments: 14 pages, 4 figures, submitted to International Conference of Robotics and Automation (ICRA) 2020

Robust and Adaptive Planning under Model Uncertainty

Authors: Apoorva Sharma, James Harrison, Matthew Tsao, Marco Pavone

Abstract: Planning under model uncertainty is a fundamental problem across many applications of decision making and learning. In this paper, we propose the Robust Adaptive Monte Carlo Planning (RAMCP) algorithm, which allows computation of risk-sensitive Bayes-adaptive policies that optimally trade off exploration, exploitation, and robustness. RAMCP formulates the risk-sensitive planning problem as a two-p… ▽ More Planning under model uncertainty is a fundamental problem across many applications of decision making and learning. In this paper, we propose the Robust Adaptive Monte Carlo Planning (RAMCP) algorithm, which allows computation of risk-sensitive Bayes-adaptive policies that optimally trade off exploration, exploitation, and robustness. RAMCP formulates the risk-sensitive planning problem as a two-player zero-sum game, in which an adversary perturbs the agent's belief over the models. We introduce two versions of the RAMCP algorithm. The first, RAMCP-F, converges to an optimal risk-sensitive policy without having to rebuild the search tree as the underlying belief over models is perturbed. The second version, RAMCP-I, improves computational efficiency at the cost of losing theoretical guarantees, but is shown to yield empirical results comparable to RAMCP-F. RAMCP is demonstrated on an n-pull multi-armed bandit problem, as well as a patient treatment scenario. △ Less

Submitted 8 January, 2019; originally announced January 2019.