Skip to main content
Springer Nature Link
Log in

Learning to Signal in the Goldilocks Zone: Improving Adversary Compliance in Security Games

  • Conference paper
  • First Online:
Machine Learning and Knowledge Discovery in Databases (ECML PKDD 2019)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 11906))

  • 2447 Accesses

Abstract

Many real-world security scenarios can be modeled via a game-theoretic framework known as a security game in which there is a defender trying to protect potential targets from an attacker. Recent work in security games has shown that deceptive signaling by the defender can convince an attacker to withdraw his attack. For instance, a warning message to commuters indicating speed enforcement is in progress ahead might lead to them driving more slowly, even if it turns out no enforcement is in progress. However, the results of this work are limited by the unrealistic assumption that the attackers will behave with perfect rationality, meaning they always choose an action that gives them the best expected reward. We address the problem of training boundedly rational (human) attackers to comply with signals via repeated interaction with signaling without incurring a loss to the defender, and offer the four following contributions: (i) We learn new decision tree and neural network-based models of attacker compliance with signaling. (ii) Based on these machine learning models of a boundedly rational attacker’s response to signaling, we develop a theory of signaling in the Goldilocks zone, a balance of signaling and deception that increases attacker compliance and improves defender utility. (iii) We present game-theoretic algorithms to solve for signaling schemes based on the learned models of attacker compliance with signaling. (iv) We conduct extensive human subject experiments using an online game. The game simulates the scenario of an inside attacker trying to steal sensitive information from company computers, and results show that our algorithms based on learned models of attacker behavior lead to better attacker compliance and improved defender utility compared to the state-of-the-art algorithm for rational attackers with signaling.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Link: https://www.dropbox.com/s/uum5tpnb4h1gmym/ECML_Supplement.pdf?dl=0.

  2. 2.

    https://keras.io.

  3. 3.

    https://scikit-learn.org/stable/.

References

  1. An, B., Tambe, M., Ordonez, F., Shieh, E., Kiekintveld, C.: Refinement of strong Stackelberg equilibria in security games. In: Twenty-Fifth AAAI (2011)

    Google Scholar 

  2. Basilico, N., Gatti, N.: Strategic guard placement for optimal response to alarms in security games. In: Proceedings of the 2014 AAMAS, pp. 1481–1482 (2014)

    Google Scholar 

  3. Cranford, E.A., Gonzalez, C., Aggarwal, P., Cooney, S., Tambe, M., Lebiere, C.: towards personalized deceptive signaling for cyber defense using cognitive models. In: Proceedings of the Proceedings of the 17th ICCM (2019, in press)

    Google Scholar 

  4. Cranford, E.A., Lebiere, C., Gonzalez, C., Cooney, S., Vayanos, P., Tambe, M.: Learning about cyber deception through simulations: predictions of human decision making with deceptive signals in Stackelberg Security Games. In: CogSci 2018, pp. 25–28 (2018)

    Google Scholar 

  5. Delle Fave, F.M., et al.: Security games in the field: an initial study on a transit system. In: Proceedings of the 2014 AAMAS, pp. 1363–1364 (2014)

    Google Scholar 

  6. Ferguson-Walter, K., et al.: The Tularosa study: an experimental design and implementation to quantify the effectiveness of cyber deception. In: Proceedings of the 52nd Hawaii International Conference on System Sciences (2019)

    Google Scholar 

  7. Fraunholz, D., et al.: Demystifying deception technology: a survey. arXiv preprint arXiv:1804.06196 (2018)

  8. Gholami, S., et al.: Adversary models account for imperfect crime data: forecasting and planning against real-world poachers (2018)

    Google Scholar 

  9. Gholami, S., Yadav, A., Tran-Thanh, L., Dilkina, B., Tambe, M.: Don’t put all your strategies in one basket: playing green security games with imperfect prior knowledge. In: Proceedings of the 18th AAMAS, pp. 395–403 (2019)

    Google Scholar 

  10. Guo, Q., An, B., Bosanskỳ, B., Kiekintveld, C.: Comparing strategic secrecy and Stackelberg commitment in security games. In: IJCAI, pp. 3691–3699 (2017)

    Google Scholar 

  11. Hartford, J.S., Wright, J.R., Leyton-Brown, K.: Deep learning for predicting human strategic behavior. In: NIPS, pp. 2424–2432 (2016)

    Google Scholar 

  12. He, X., Islam, M.M., Jin, R., Dai, H.: Foresighted deception in dynamic security games. In: 2017 IEEE ICC, pp. 1–6 (2017)

    Google Scholar 

  13. Kar, D., et al.: Cloudy with a chance of poaching: adversary behavior modeling and forecasting with real-world poaching data. In: Proceedings of the 16th AAMAS, pp. 159–167 (2017)

    Google Scholar 

  14. Korzhyk, D., Conitzer, V., Parr, R.: Complexity of computing optimal Stackelberg strategies in security resource allocation games. In: Twenty-Fourth AAAI (2010)

    Google Scholar 

  15. Kraus, S.: Predicting human decision-making: from prediction to action. In: Proceedings of the 6th HAI, p. 1. ACM (2018)

    Google Scholar 

  16. Krol, K., Moroz, M., Sasse, M.A.: Don’t work. can’t work? Why it’s time to rethink security warnings. In: Risk and Security of Internet and Systems (CRiSIS), 2012, pp. 1–8. IEEE (2012)

    Google Scholar 

  17. Luber, S., Yin, Z., Delle Fave, F.M., Jiang, A.X., Tambe, M., Sullivan, J.P.: Game-theoretic patrol strategies for transit systems: the trusts system and its mobile app. In: AAMAS, pp. 1377–1378. Citeseer (2013)

    Google Scholar 

  18. Maimon, D., Alper, M., Sobesto, B., Cukier, M.: Restrictive deterrent effects of a warning banner in an attacked computer system. Criminology 52(1), 33–59 (2014)

    Article  Google Scholar 

  19. Nguyen, T.H., Wang, Y., Sinha, A., Wellman, M.P.: Deception in finitely repeated security games. In: 33th AAAI (2019)

    Google Scholar 

  20. Nguyen, T.H., Yang, R., Azaria, A., Kraus, S., Tambe, M.: Analyzing the effectiveness of adversary modeling in security games. In: AAAI (2013)

    Google Scholar 

  21. Okamoto, S., Hazon, N., Sycara, K.: Solving non-zero sum multiagent network flow security games with attack costs. In: Proceedings of the 11th AAMAS-Volume 2, pp. 879–888 (2012)

    Google Scholar 

  22. Pawlick, J., Zhu, Q.: Deception by design: evidence-based signaling games for network defense. arXiv preprint arXiv:1503.05458 (2015)

  23. Pita, J., Jain, M., Ordóñez, F., Tambe, M., Kraus, S., Magori-Cohen, R.: Effective solutions for real-world Stackelberg games: when agents must deal with human uncertainties. In: Proceedings of the 8th AAMAS-Volume 1, pp. 369–376 (2009)

    Google Scholar 

  24. Smith, S.W.: Security and cognitive bias: exploring the role of the mind. IEEE Secur. Priv. 10(5), 75–78 (2012)

    Article  Google Scholar 

  25. Sobel, J.: Signaling games. In: Meyers, R.A. (ed.) Encyclopedia of Complexity and Systems Science, vol. 19, pp. 8125–8139. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-27737-5

    Chapter  Google Scholar 

  26. Tambe, M.: Security and Game Theory: Algorithms, Deployed Systems, Lessons Learned. Cambridge University Press, Cambridge (2011)

    Book  Google Scholar 

  27. Timofeev, R.: Classification and Regression Trees (Cart) Theory and Applications. Humboldt University, Berlin (2004)

    Google Scholar 

  28. Wang, B., Zhang, Y., Zhou, Z.-H., Zhong, S.: On repeated stackelberg security game with the cooperative human behavior model for wildlife protection. Appl. Intell. 49(3), 1002–1015 (2018). https://doi.org/10.1007/s10489-018-1307-y

    Article  Google Scholar 

  29. Wilczyński, A., Jakóbik, A., Kołodziej, J.: Stackelberg security games: models, applications and computational aspects. J. Telecommun. Inf. Technol. 2016, 70–79 (2016)

    Google Scholar 

  30. Xu, H., Rabinovich, Z., Dughmi, S., Tambe, M.: Exploring information asymmetry in two-stage security games. In: AAAI, pp. 1057–1063 (2015)

    Google Scholar 

  31. Xu, H., Wang, K., Vayanos, P., Tambe, M.: Strategic coordination of human patrollers and mobile sensors with signaling for security games. In: Thirty-Second AAAI (2018)

    Google Scholar 

  32. Yang, R., Kiekintveld, C., Ordonez, F., Tambe, M., John, R.: Improving resource allocation strategy against human adversaries in security games. In: Twenty-Second IJCAI (2011)

    Google Scholar 

  33. Yang, R., Kiekintveld, C., OrdóñEz, F., Tambe, M., John, R.: Improving resource allocation strategies against human adversaries in security games: an extended study. Artif. Intell. 195, 440–469 (2013)

    Article  MathSciNet  Google Scholar 

  34. Zhang, C., Jiang, A.X., Short, M.B., Brantingham, P.J., Tambe, M.: Defending against opportunistic criminals: new game-theoretic frameworks and algorithms. In: Poovendran, R., Saad, W. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 3–22. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-12601-2_1

    Chapter  MATH  Google Scholar 

  35. Zhang, C., Sinha, A., Tambe, M.: Keeping pace with criminals: designing patrol allocation against adaptive opportunistic criminals. In: Proceedings of the 2015 AAMAS, pp. 1351–1359 (2015)

    Google Scholar 

  36. Zhuang, J., Bier, V.M., Alagoz, O.: Modeling secrecy and deception in a multiple-period attacker-defender signaling game. Eur. J. Oper. Res. 203(2), 409–418 (2010)

    Article  MathSciNet  Google Scholar 

Download references

Acknowledgments

This research was sponsored by the Army Research Office and accomplished under MURI Grant Number W911NF-17-1-0370.

Author information

Authors and Affiliations

  1. University of Southern California, Los Angeles, CA, 90089, USA

    Sarah Cooney, Kai Wang, Elizabeth Bondi, Phebe Vayanos, Hailey Winetrobe & Milind Tambe

  2. University of Oregon, Eugene, OR, 97403, USA

    Thanh Nguyen

  3. Carnegie Mellon University, Pittsburgh, PA, 15289, USA

    Edward A. Cranford, Cleotilde Gonzalez & Christian Lebiere

Authors
  1. Sarah Cooney
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kai Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Elizabeth Bondi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Thanh Nguyen
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Phebe Vayanos
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Hailey Winetrobe
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Edward A. Cranford
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Cleotilde Gonzalez
    View author publications

    You can also search for this author in PubMed Google Scholar

  9. Christian Lebiere
    View author publications

    You can also search for this author in PubMed Google Scholar

  10. Milind Tambe
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sarah Cooney .

Editor information

Editors and Affiliations

  1. Leuphana University, Lüneburg, Germany

    Ulf Brefeld

  2. IRISA/Inria, Rennes, France

    Elisa Fromont

  3. University of Würzburg, Würzburg, Germany

    Andreas Hotho

  4. Leiden University, Leiden, The Netherlands

    Arno Knobbe

  5. ETH Zurich, Zurich, Switzerland

    Marloes Maathuis

  6. Institut National des Sciences Appliquées, Villeurbanne, France

    Céline Robardet

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Cooney, S. et al. (2020). Learning to Signal in the Goldilocks Zone: Improving Adversary Compliance in Security Games. In: Brefeld, U., Fromont, E., Hotho, A., Knobbe, A., Maathuis, M., Robardet, C. (eds) Machine Learning and Knowledge Discovery in Databases. ECML PKDD 2019. Lecture Notes in Computer Science(), vol 11906. Springer, Cham. https://doi.org/10.1007/978-3-030-46150-8_42

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-46150-8_42

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-46149-2

  • Online ISBN: 978-3-030-46150-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships