![Page 1: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/1.jpg)
1
Audit Games
Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha
Carnegie Mellon University
![Page 2: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/2.jpg)
2
Motivation
![Page 3: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/3.jpg)
3
Auditing Permissive real time access control policy Inspect accesses after occurrence Find and punish policy violators
How does it help? Deter potential violators Take remedial measures to prevent future losses
![Page 4: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/4.jpg)
4
Auditing for Policy Enforcement
HIPAA
GLBA
EU Data Protection Directive
![Page 5: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/5.jpg)
5
Auditing in Practice FairWarning Audit Tool for hospitals
Flags all celebrity record accesses as suspicious Place traffic police at strategic locations
Intelligent heuristics, but, no mathematical model or guarantees
![Page 6: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/6.jpg)
6
Why study Audit Process? Optimize costs expended in auditing
Audits costs money
Prevent violations Decide appropriate punishment for deterrence
Efficiently computable audit strategies Enable cost-optimal prioritized inspections
![Page 7: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/7.jpg)
7
Outline Simple rational game model
Example
Main Algorithm for computing equilibrium Example
Future Work
![Page 8: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/8.jpg)
8
Simple Rational ModelSimple Rational Model
Adversary: violation, fined if detected Utility when target is attacked
targets
inspection๐1 ๐2 ๐3 ๐4
Utility when auditedUtility when unaudited
![Page 9: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/9.jpg)
9
Punishment as an Action
High Punishment: Hostile Work Environment
Low Punishment: No incentive to follow policy.
x
Simple Rational Model
![Page 10: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/10.jpg)
10
Stackelberg Equilibrium Concept Defender commits to a randomized resource
allocation strategy (โs and ) Adversary plays best response to that
strategy
For defender Stackelberg better than Nash eq.
Goal Compute optimal defender strategy
Simple Rational Model
![Page 11: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/11.jpg)
11
Small exampleExample
2 2 31 0.1 0.5
Utility audited ()Utility unaudited ()
0.25 0.5 0.251 1 1
Utility audited ()Utility unaudited ()
Defenderโs utility
Adversaryโs utility
๐๐๐๐ ,๐ท ( ๐ก๐ )+ (1โ๐๐)๐๐ข ,๐ท (๐ก๐ )โ๐0๐ฅ
๐๐(๐๐ , ๐ด(๐ก ๐) โ ๐ฅ )+ (1โ๐๐)๐๐ข , ๐ด(๐ก ๐)
= 0.5
![Page 12: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/12.jpg)
12
Example contd.Example
Defenderโs Stackelberg strategy (utility )
Adversaryโs strategy: Attack target
Fix , equivalent to security games (utility )
0.285 0.43 0.285
0.43 0.57 0 0.25
![Page 13: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/13.jpg)
13
Computing Optimal Defender StrategySolve optimization problems for all and pick the best solution
subject to
and โs lie on the probability simplexand
QuadraticNon-
convex
Simple Rational Model
![Page 14: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/14.jpg)
Properties of Optimal Point
14
Problem
๐ฅ
๐๐
TightConstraint
s
๐ถ1
๐ถ2๐ถ3
๐ถ41
1
Main Algorithm
![Page 15: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/15.jpg)
15
Main Idea in Algorithm
Iterate over regions, solve sub-problems Set probabilities to zero for curves that lie above & make other
constraints tight Pick best solution of all
๐ฅ
๐ฟ=โ3๐ฟ=โ2๐ฟ=โ1
๐ฟ=1โ ฮn 1
1
Main Algorithm
![Page 16: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/16.jpg)
16
Solving Sub-problem 1.Objective can reduced to a polynomial function of
2. Find potential points of maxima by finding roots
3. Take the maximum over all values from steps 2
Splitting circle method: approximate real roots with precision in time polynomial in input size and
Main Algorithm
![Page 17: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/17.jpg)
17
Main Theorem The problem can be approximated to an
additive ฯต factor in time using the splitting circle method, where K is the bit precision of inputs.
Main Algorithm
![Page 18: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/18.jpg)
18
0.285 0.43 0.285 0
Varying cost of punishment , medium cost of punishment
, high cost of punishment
, low cost of punishment
0.43 0.57 0 0.25
0.46 0.54 0 0.99
Example
![Page 19: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/19.jpg)
19
Future Work Studying security games variations in audit
games Budget-constrained defender Combinatorial constraints on use of defender
resources
Varying punishment with violation severity
Validation: Simulation: studying effect of various parameters Real world case study
Future Work
![Page 20: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/20.jpg)
20
Conclusion
First model of auditing and first step toward a computationally
feasible solution of audit games.
Research at the intersection of AI and security & privacy holds lot of promise, given the encouraging precedent set by the deployment of security games
algorithms
![Page 21: Audit Games Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, Arunesh Sinha 1 Carnegie Mellon University](https://reader036.vdocuments.us/reader036/viewer/2022062523/5a4d1afa7f8b9ab0599836eb/html5/thumbnails/21.jpg)
21
Extensions inspections performed by single resource
Probability sum to : Each inspectionโs probability distribution is Decompose using Birkhoff-von Neumann
decomposition
Zero violations by the adversary With no punishment Adds an additional non-convex constraint Handled in almost same way as the other
constraints
Extensions