PoPETs 2024.1 Paper #54 Reviews and Comments =========================================================================== Paper #54 Privacy-Preserving Greedy Link Scheduling for Wireless Networks Review #54A =========================================================================== Overall merit ------------- 2. Reject and Resubmit Reviewer expertise ------------------ 3. Knowledgeable Reviewer confidence ------------------- 3. High Relevance to PETS ----------------- 2. Some relation to PETs, but not a core element of the paper (justifies R&R) Ethical considerations ---------------------- 4. I don't see any ethical implications for this paper. Paper summary ------------- This paper proposes an algorithm that can preserve the privacy information for link scheduling in wireless communication networks. specifically, the paper first introduces us a base algorithm that can achieve upper bound privacy performance by only revealing one link information that is highest-weighted link. However, it can only achieve lower bound throughput performance as it misses some links. as a result, the paper proposes an algorithm that can achieve almost same performance s prior works on throughput but sacrificing the privacy protection. Comments for author ------------------- 1. the paper mainly discusses about the privacy concerns during link scheduling in wireless communication networks. It makes sense when centralized link scheduling algorithm is used, if the central controller is compromised by the attacker. but, it is not convinced when the decentralized link scheduling algorithm is used, as the attacker may only know part of information about the network topology and link/node information. If the paper can provide more information about how to infer the whole network information in decentralized link scheduling algorithm is better. The paper starts with the discussion on privacy concerns of the centralized and decentralized link scheduling algorithms in wireless communication networks. however, suddenly in section4.1, it says all the rest of paper will focus on the centralized algorithm. It would be better to give more illustrations on why we just focus on centralized algorithm. I think we should also consider privacy concerns in decentralized algorithm. 2. machine learning based link scheduling algorithms are also proposed that are supposed to outperform the traditional mathematical model based link scheduling algorithms. However, the paper does not illustrate the privacy concerns of ml-based link scheduling algorithm. with these being said, the scope of the paper should be clear and consistent across the whole paper. the paper should also illustrate the impact of designing privacy-preserving link scheduling algorithms for only the centralized link scheduling algorithms. what kind of the algorithms are widely used in the wireless communication networks? are they ml-based, centralized, or decentralized? 3. the motivation application of privacy-preserving military networks is not convinced. as the military networks should be super secured, the proposed privacy-preserving link scheduling algorithm is a trade-off between the network throughput and privacy concerns. I don't buy that the military network will sacrifice their privacy for high throughput. actually, the general privacy concerns in ad hoc wireless networks should be fine, as the topology, nodes, and links of ad hoc network are very important and should be privacy preserved. 4. another concern related to the motivation of the paper is why not use differential privacy. either in the centralized or decentralized settings, intelligently adding noise to the data delivered to the another node or central controller should protect the private information of the entire network. more importantly, this differential privacy mechanism should also work for ml-based link scheduling in wireless communication networks. 5. it is not clear to me why the paper divides the simulation into small-scale network (50 devices) and large-scale network (250devices). it is better to apply the proposed algorithm on the real-world testbed and evaluate the performance of it, which will make the results more convinced. also, some emulation-based experiments of using the proposed algorithms should be provided. with this being said, this paper is more theory-based paper without any practical implications, meaning there are no real-world evaluation. and there are lots of assumptions to apply this algorithm. for example, only centralized link scheduling could work, we don't know how it performs on large ad hoc network with nodes more than 250 or small ad hoc network with nodes smaller than 50. there is no theoretical privacy guarantee of the proposed algorithm. so, it is better to provide mathematical analysis on the privacy-throughput of the proposed algorithm. Areas to address in response ---------------------------- 1. motivation of privacy-preserving for centralized link scheduling should be justified. what happens if we apply it to decentralized algorithm? 2. why not differential privacy? 3. only simulation-based evaluation is not enough. the proposed algorithm should be evaluated on the real-world testbed Review #54B =========================================================================== Overall merit ------------- 2. Reject and Resubmit Reviewer expertise ------------------ 2. Some familiarity Reviewer confidence ------------------- 2. Medium Relevance to PETS ----------------- 2. Some relation to PETs, but not a core element of the paper (justifies R&R) Ethical considerations ---------------------- 4. I don't see any ethical implications for this paper. Paper summary ------------- This paper proposes a wireless link scheduling algorithm that hides topology information of the wireless network from a centralized scheduling server. It's configurable in terms of the portion of the links to hide. Simulation results show that the algorithm runs fast enough, and can hide a large number of links without hurting the performance too much. Comments for author ------------------- The idea of PriLink sounds new and interesting from a graph information hiding perspective, but I'm not sure how useful it will be for real wireless systems. My biggest concern is on the so-called "link weight", which is never explained. The paper mentions "the choice of weight is determined based on the scheduling requirements of the network", but this doesn't tell much, and it's still unclear how each device figures out the weight of each link that connects it to other devices. Also, is it accurate enough to use a single weight for each link, without considering the performance/requirement difference for the two directions? Another major concern is on the evaluation. The setting is purely based on simulation, making it unclear if PriLink can be implemented on and beneficial for real wireless systems. Also, using sum link weight as performance evaluation metrics doesn't make much sense; the paper should use more relevant network performance metrics (e.g., overall data transfer throughput and energy efficiency) for evaluating wireless networks based on the use case of the network. The motivation could also be improved to be more convincing. The paper doesn't really demonstrate how the leak of topology information can cause bad consequences, and instead it just assumes so. For example, if a honest-but-curious entity knows the topology with link weights, which is just a graph without extra contextual information, what harm can the entity do? It's also not clear why existing wireless privacy protection techniques are not enough. I understand the prior arts in privacy protection don't focus on link scheduling, but could it be possible that with these techniques (e.g., the creation of fake sources and weights [29]) the network is already private enough making the benefits of further protection in link scheduling marginal? Areas to address in response ---------------------------- Explain with detail how "link weight" is calculated and what are examples of "scheduling requirements" for a wireless network.