CREATE Research Archive Research Project Summaries 2010 Developing Algorithms and Software Assistants for Security Domains Milind Tambe University of Southern California, tambe@usc.edu Follow this and additional works at: http://research.create.usc.edu/project_summaries Recommended Citation Tambe, Milind, "Developing Algorithms and Software Assistants for Security Domains" (2010). Research Project Summaries. Paper 6. http://research.create.usc.edu/project_summaries/6 This Article is brought to you for free and open access by CREATE Research Archive. It has been accepted for inclusion in Research Project Summaries by an authorized administrator of CREATE Research Archive. For more information, please contact gribben@usc.edu.
Developing Algorithms and Software Assistants for Security Domains Milind Tambe, University of Southern California tambe@usc.edu 1. Executive Summary... 1 2. Research Accomplishments... 2 Algorithms For Efficient Scalable Algorithms... 2 Algorithms for Robust Algorithms and Handling Human Biases... 4 Evaluation with Human Subjects... 4 3. Applied Relevance: Real world Deployments... 4 4 Collaborative Projects... 7 5 Research Products... 7 5.1 Publications and Reports... 9 5.2 Presentations... 11 5.1 Software Tools and Products... 12 6 Education and Outreach Products... 12 1. Executive Summary This research has been at the forefront of applying computational game theory techniques for security. It has led to a wide range of actual deployed applications of game theory for security. Our first application, Assistant for Randomized Monitoring Over Routes (ARMOR), successfully deployed game theory in practice at the Los Angeles International Airport (LAX) in 2007, and has been in use since. In particular, ARMOR uses game theory to randomize allocation of police checkpoints and canine units. Our second application, Intelligent Randomization in Scheduling (IRIS), is in use by the US Federal Air Marshal Service since 2009 to deploy air marshals on US air carriers. A third application, Game-theoretic Unpredictable And Randomly Deployed Security (GUARDS), for the US Transportation Security Administration is getting evaluated for a national deployment across over 400 United States airports. A fourth application, Port Resilience Operational / Tactical Enforcement to Combat Terrorism (PROTECT), for the United States Coast Guard, is under development for a demonstration at the Port of Boston for evaluation; and many other agencies around the globe are now looking to deploy these techniques. These systems focus on the game-theoretic method of providing efficient randomization of security plans and processes. Casting the problem as a Bayesian Stackelberg game, they obtain randomized strategies for security agents; one of the fundamental advances in all these systems then is to provide the fastest algorithms known-to-date to solve such games. The strength of this research is the marriage of strong theoretical game-theoretic foundations with practical applications, and the virtuous cycle of theory and practice to benefit from each other. These deployments of applications in the real-world has led to significant interest from the media and other potential users/customers, and substantial research. This research was supported by the United States Department of Homeland Security through the National Center for Risk and Economic Analysis of Terrorism Events (CREATE) under award number 2010-ST-061-RE0001. However, any opinions, findings, and conclusions or recommendations in this document are those of the authors and do not necessarily reflect views of the United States Department of Homeland Security, or the University of Southern California, or CREATE.
Figure 1 A checkpoint scheduled by ARMOR at the LAX International Airport. Figure 2 IRIS schedules air marshals on board commercial planes. Keywords related to the project: Keyword 1: Game Theory, Bayesian Stackelberg games Keyword 2: Security domains Keyword 3: Software scheduling assistants 2. Research Accomplishments At the heart of our applications are the efficient algorithms created to solve the very large games to provide optimal strategies for the defender in the Stackelberg games that are deployed. This challenge of fast Stackelberg game solvers is the primary research challenge we have addressed to this point, but this remains a daunting challenge. Furthermore, the presence of uncertainty and human biases further complicate the problem. These algorithms combine computational techniques from Computer Science with the insights from Operations Research literature, and thus are at the cutting edge of both these fields. The advances reported here were necessary for the deployed application; list of key publications is available in the appendix. Algorithms For Efficient Scalable Algorithms Scale-up challenges arise in these games due to at least three different reasons: 1. Growth in the number of defender strategies: There may be a very large number of ways in which the limited defender resources may be allocated to targets. For example, in the IRIS system, with just 100 flights, and 10 air marshals, we have C 100 10, i.e. 1.73 10 13 different ways of allocating air marshals to flights. 2. Growth in the number of attacker strategies: The growth in attacker strategies may arise because the attacker may have multiple different ways of evading defender actions and then attack particular targets. This explosion of attacker strategies is seen to arise in the GUARDS system. Indeed, such growth in attacker strategies is also seen in other applications where the defender s actions involve protecting targets embedded in a network, e.g. protecting important locations in a city that are embedded in the city s road network. In such situations, the attacker can follow many different paths to get to the targets of interest. Page 2 of 13
3. Growth in the number of attacker types: The security forces may be facing many types of attackers. For example, the LAX police need to protect the airport not only from terrorists but also from local LA gangs and even disgruntled employees. When there is an increase in the number of these attacker types, each attacker type increases the computational complexity by an exponential factor. To address these complexities, we have created a range of different algorithms described in the table below. The first game-theoretic algorithms were designed in 2007, and newer algorithms continue to be designed to address on-going challenges. Further improvements are required, and we anticipate that newer algorithms providing additional speedup techniques will continue to emerge. Example Scale-up: Defender Scale-up: Attacker Scale-up: Algorithm Solution Type Domain Actions Actions Attacker Types (Year) LAX Low Low Medium Approximate ASAP (2007) LAX Low Low Medium Exact DOBSS (2007) FAMS High Low Low Approximate ORIGAMI (2009) FAMS High Low Low Approximate ERASER-C (2009) FAMS High Low Low Exact ASPEN (2010) Urban RANGER High High Low Approximate Security (2010) Urban RUGGED High High Low Exact Security (2011) LAX Low Low High Exact HBGS (2011) FAMS High Low High Exact HBSA (2011) Table 1 List of Algorithms Addressing Scalability in Real-world Security Domains (Most recent work in green) Page 3 of 13
Algorithms for Robust Algorithms and Handling Human Biases Real-world domains present different sorts of uncertainties: there are uncertainties in the preferences of the attackers (Bayesian Games); in their abilities to compute (bounded rationality) and whether human biases affect their decision making. We have developed algorithms geared to handle such uncertainties of the real-world, and plan to continue to develop even more robust algorithms in the future. Example Domain Addressed Issue Algorithm (Year) LAX LAX FAMS TSA Activities Table 2 List of Algorithms Addressing Robustness Issues in Real-world Security Domains (Most recent work in green) Evaluation with Human Subjects Rationality / Robustness in Attacker s Observations Attacker Preferences (Bayesian Games) Attacker Preferences (Bayesian Games) Attacker Capability (attacker circumvents security measures) Tambe et. al, University of Southern California COBRA (2009) HBGS (2011) HBSA (2011) GUARDS (2011) We have also evaluated the performance of our algorithms against human subjects. We developed a Pirates and Treasure game modeling the real-security problem at LAX, and compare different approaches, involving 158 human subjects playing 3160 instances of the games in total. The final conclusion clusion was that a model that incorporates both the ideas of robustness and human behavior achieves statistically significant better rewards and also maintains equivalent or faster solution speeds compared to existing approaches. Figure 3 A Screenshot of the "Pirates and Treasure" Game Modeling the Security Problem at LAX. 3. Applied Relevance: Real world Deployments Page 4 of 13
Real-world applications are the result of a unique collaboration where university researchers work directly with a security agency for the purpose of creating a useful product to potentially deploy outcomes of research on a national scale. These collaborations to transition research to large-scale real-world deployments have presented valuable lessons. They have taught us how to bridge the culture gap between academic researchers and real-world operators. This section briefly describes our different applications. 3.1 ARMOR Our first application of security games was ARMOR (Assistant for Randomized Monitoring Over Routes). This application emerged in 2007 after police at the Los Angeles International Airport (LAX) approached us with the question of how to randomize deployment of their limited security resources. For example, they have six inbound roads into LAX, and they wished to set up checkpoints. There are not enough police to set up checkpoints on all roads at all times. So the question is where and when to set up these checkpoints. Similarly, they have eight terminals but not enough explosive-detecting canine units to patrol all terminals at all times of the day (a canine unit is limited by the number of hours a dog can work per day). Given that LAX may be under surveillance by adversaries, the question is where and when to have the canine units patrol the different terminals. The police approached us in April 2007 after we had designed our first set of algorithms. While the algorithms were ready, we needed to spend several months acquiring knowledge, understanding how different police units performed their duties, constraints on their operations in terms of shifts of operations, obtaining detailed data on passenger loads at different times of the day at different terminals and so on. The passenger data, for example, influences how payoffs are determined in our underlying game representation --- our adversaries would want to cause maximum harm to civilians and the higher the passenger load, the higher the payoff to the adversaries. By August of 2007, after multiple iterations, the police started using ARMOR for setting up checkpoints and later for canine patrols. The backbone of ARMOR are algorithms for solving Bayesian Stackelberg games as discussed in the following; they recommend a randomized pattern for setting up checkpoints and canine unit patrols. Police provide inputs like the number of available canine units; ARMOR then provides to the police an hour-by-hour schedule for where to set up canine patrols. ARMOR continues to be in use at LAX since 2007 and has undergone periodic updates to its software. The ARMOR system has received numerous accolades for its use. 3.2 IRIS After ARMOR, we were contacted by the Federal Air Marshals Service (FAMS). Their challenge is to randomize allocations of air marshals to flights to avoid predictability by Page 5 of 13
adversaries conducting surveillance (e.g. these might be part of an insider threat), yet provide adequate protection to more important flights. We are focused in particular on some sectors of international flights. Even within that domain, there are a very large number of flights over a month, and not enough air marshals to cover all the flights. To accomplish the goal of randomized allocation of air marshals to flight, we constructed a system called IRIS (Intelligent Randomization In Scheduling). We delivered the system to the FAMS in Spring 2009. After extensive testing, the FAMS started using this system in October 2009. At its backend, IRIS casts the problem it solves as a Stackelberg game and in particular as a security game. We have focused in particular on the special nature of the security game framework to build fast algorithms for IRIS. 3.3 GUARDS After IRIS, our next focus was GUARDS. GUARDS (Game-theoretic Unpredictable and Randomly Deployed Security) was developed in collaboration with the United States Transportation Security Administration (TSA) to assist in resource allocation tasks for airport protection at over four hundred United States airports. In contrast with ARMOR and IRIS, which focus on one installation/applications and one security activity (e.g. canine patrol or checkpoints) per application, GUARDS reasons with multiple security activities, diverse potential threats and also hundreds of end users. The goal for GUARDS is to allocate TSA personnel to security activities conducted to protect the airport infrastructure; GUARDS does not focus on checking passengers. GUARDS again utilizes a Stackelberg game, but generalizes beyond security games and develops a novel solution algorithm for these games. GUARDS has been delivered to the TSA and is currently under evaluation and testing for scheduling practices at an undisclosed airport. If successful, the TSA intends to incorporate the system into their unpredictable scheduling practices nationwide. 3.4 Beyond ARMOR/IRIS/GUARDS Beyond ARMOR, IRIS and GUARDS, more recently, we have started a pilot project with the United States Coast Guard to build a new system called PROTECT (Port Resilience Operational / Tactical Enforcement to Combat Terrorism). The goal in PROTECT is to recommend randomized patrolling strategies for the coast guard while taking into account weights of different targets protected in their area of operation and adversary reaction to any patrolling strategy. We will begin with a demonstration and evaluation in the port of Boston and depending on our results there, proceed to other ports. Page 6 of 13
There are many other security agencies in the United States and beyond that have expressed an interest in using the Stackelberg game model for improving their operations. One application might be protecting important locations in a city by setting up randomized checkpoints throughout the city, e.g following the devastating attacks in November 2008, Police in Mumbai set up randomized checkpoints throughout the road networks in the city to try to protect the city. Furthermore, while counter-terrorism has remained a key focus of the work so far, the new projects are now extending the application arena to include crime suppression and other objectives. For example, one such application might be improved randomized checking of ticketless travelers on trains; yet another one might be randomized checking to support food distribution networks of charity organizations. Other such applications are being discussed. 4 Collaborative Projects From the very beginning, all of our projects, ARMOR, IRIS, GUARDS, PROTECT required extensive collaboration with security agencies. Indeed, we have deployed the ARMOR- Checkpoints and ARMOR-K9 in collaboration with the Los Angeles World Airport (LAWA) police. This collaboration has involved extensive meetings with LAWA police personnel to calibrate the data and include specific constraints of each problem to the DOBSS model. We have provided LAWA police with alternative schedules of vehicle checkpoints and K-9 patrols obtained from the ARMOR software and have received feedback on the ease of use and effectiveness of the recommendations. We have had a close collaboration with Federal Air Marshals (FAMs) for IRIS, and with the TSA for GUARDS. We have continued to visit TSA headquarters, and hosted their visits to USC. We are also in constant discussion with the United States Coast Guard for development of the PROTECT model. 5 Research Products Research Products (Please detail below) # 5a # of peer-reviewed journal reports published 12 5a # of peer-reviewed journal reports accepted for publication 5a # of non-peer reviewed publications and reports 5a # of scholarly journal citations of published reports >350 5b # of scholarly presentations (conferences, workshops, seminars) 5b # of outreach presentations (non-technical groups, general public) 5c # of products delivered to DHS, other Federal agencies, or State/Local 4 5c # of patents filed 2 5c # of patents issued 5c # of products in commercialization pipeline (products not yet to market) Page 7 of 13
5c # of products introduced to market Tambe et. al, University of Southern California Page 8 of 13
5.1 Publications and Reports CREATE PUBLICATIONS Research Area Referred Not Referred PDF Available for DHS 1. J. Pita, M. Jain, F. Ordonez, M. Tambe, S. Kraus Solving Stackelberg Games in the Real-World: Addressing Bounded Rationality and Limited Observations in Human Cognition Artificial Intelligence Journal, 174(15):1142-1171, 2010. 2. M. Jain, J. Pita, J. Tsai, C. Kiekintveld, S. Rathi, F. Ordonez, M. Tambe Software Assistants for patrol planning at LAX and Federal Air Marshals Service. Interfaces, 40(4):267-290, 2010.Finalist, EURO Excellence in Practice Award EEPA 2010 3. M. Taylor, C. Kiekintveld, C. Western, M. Tambe A Framework for Evaluating Deployed Security Systems: Is There a Chink in your ARMOR? In Informatica, 34:129-139, 2010. 4. C. Kiekintveld, J. Marecki, M. Tambe Approximation Methods for Infinite Bayesian Stackelberg Games: Modeling Distributional Uncertainty In Proceedings of the International Conference on Autonomous Agents and Multiagent Systems (AAMAS), May 2011 5. M.Jain, C. Kiekintveld, M. Tambe Quality-bounded Solutions for Finite Bayesian Stackelberg Games: Scaling up In Proceedings of the International Conference on Autonomous Agents and Multiagent Systems (AAMAS), May 2011 6. M.Jain, D. Korzhyk, O. Vanek, M. Pechoucek, V. Conitzer, M. Tambe A Double Oracle Algorithm for Zero-Sum Security Games on Graphs In Proceedings of the International Conference on Autonomous Agents and Multiagent Systems (AAMAS), May 2011 7. J. Pita, C. Kiekintveld, M. Tambe, E. Steigerwald, S. Cullen GUARDS - Game Theoretic Security Allocation on a National Scale In Proceedings of the International Conference on Autonomous Agents and Multiagent Systems (AAMAS) Finalist, Best Paper Award, Innovative Applications, May 2011 8. M. Jain, C. Kiekintveld, E. Kardes, F. Ordonez, M. Tambe Security games with arbitrary schedules: A branch and price approach Proceedings of the National Conference on Artificial Intelligence (AAAI), July 2010 9. J. Tsai, J. Kwak, Z. Yin, C. Kiekintveld, D. Kempe, M. Tambe Urban Security: Game-Theoretic Resource Allocation in Networked Physical Domains Proceedings of the National Conference on Artificial Intelligence (AAAI), July 2010 10. Z. Yin, D. Korzhyk, C. Kiekintveld, V. Conitzer, M. Tambe Stackelberg vs. Nash in Security Games: Interchangeability, Equivalence, and Uniqueness In Proceedings of the International Conference on Autonomous Agents and Multiagent Systems (AAMAS), May 2010 11. J. Tsai, J. Kwak, Z. Yin, C. Kiektinveld, D. Kempe, M. Tambe How to Protect a City: Strategic Security Placement in Graph-Based Domains In Proceedings of the International Joint Conference on Autonomous Agents and Multiagent Systems (AAMAS), May 2010 Page 9 of 13
CREATE PUBLICATIONS Research Area Referred Not Referred PDF Available for DHS 12. C. Kiekintveld, J. Marecki, M. Tambe Methods and Algorithms for Infinite Bayesian Stackelberg Security Games In Decision and Game Theory for Security (GameSec 2010), May 2010 Page 10 of 13
5.2 Presentations 1. M. Jain, J. Pita, J. Tsai, C. Kiekintveld, S. Rathi, F. Ordonez, M. Tambe Software Assistants for patrol planning at LAX and Federal Air Marshals Service. Interfaces, 40(4):267-290, 2010.Finalist, EURO Excellence in Practice Award EEPA 2010 2. C. Kiekintveld, J. Marecki, M. Tambe Approximation Methods for Infinite Bayesian Stackelberg Games: Modeling Distributional Uncertainty In Proceedings of the International Conference on Autonomous Agents and Multiagent Systems (AAMAS), May 2011 3. M.Jain, C. Kiekintveld, M. Tambe Quality-bounded Solutions for Finite Bayesian Stackelberg Games: Scaling up In Proceedings of the International Conference on Autonomous Agents and Multiagent Systems (AAMAS), May 2011 4. M.Jain, D. Korzhyk, O. Vanek, M. Pechoucek, V. Conitzer, M. Tambe A Double Oracle Algorithm for Zero-Sum Security Games on Graphs In Proceedings of the International Conference on Autonomous Agents and Multiagent Systems (AAMAS), May 2011 5. J. Pita, C. Kiekintveld, M. Tambe, E. Steigerwald, S. Cullen GUARDS - Game Theoretic Security Allocation on a National Scale In Proceedings of the International Conference on Autonomous Agents and Multiagent Systems (AAMAS) Finalist, Best Paper Award, Innovative Applications, May 2011 6. M. Jain, C. Kiekintveld, E. Kardes, F. Ordonez, M. Tambe Security games with arbitrary schedules: A branch and price approach Proceedings of the National Conference on Artificial Intelligence (AAAI), July 2010 7. J. Tsai, J. Kwak, Z. Yin, C. Kiekintveld, D. Kempe, M. Tambe Urban Security: Game- Theoretic Resource Allocation in Networked Physical Domains Proceedings of the National Conference on Artificial Intelligence (AAAI), July 2010 8. Z. Yin, D. Korzhyk, C. Kiekintveld, V. Conitzer, M. Tambe Stackelberg vs. Nash in Security Games: Interchangeability, Equivalence, and Uniqueness In Proceedings of the International Conference on Autonomous Agents and Multiagent Systems (AAMAS), May 2010 Page 11 of 13
5.1 Software Tools and Products Tambe et. al, University of Southern California The following softwares have been delivered; updates to the softwares continue to be made. SOFTWARE PRODUCTS Project Leader(s) Date Delivered Item Agency Receiving Product Agency POC Commercialization Status Tambe 3-2011 PROTECT Coast Guard Craig Baldwin Under development Tambe 5-2010 GUARDS TSA Erin Steigerwald delivered Tambe 8-2009 IRIS FAMS James Curren delivered; pipeline Tambe 2-2008 ARMOR LAWA Police Ernest Cruz delivered; pipeline Tambe 8-2007 ARMOR LAWA Police James Butts delivered; pipeline 6 Education and Outreach Products Education and Outreach Initiatives (Please detail below) # # of students supported (funded by CREATE) 5 # of students involved (funded by CREATE + any other programs) # of students graduated # of contacts with DHS, other Federal agencies, or State/Local (committees) # of existing courses modified with new material # of new courses developed # of new certificate programs developed # of new degree programs developed All students/postdoctoral researchers involved: Postdoctoral researchers: Bo An PhD students: Manish Jain Zhengyu Yin Eric Sheih Graduate Fellows: Scott Alfeld Jason Tsai James Pita Page 12 of 13
Undergraduate students: Andrew Ogden Page 13 of 13