Security via Strategic Randomization

Milind Tambe Fernando OrdonezPraveen ParuchuriSarit Kraus (Bar Ilan, Israel)Jonathan Pearce, Jansuz MareckiJames Pita, Christopher Portway

University of Southern CaliforniaLos AngelesNovember, 2007

Objective: Guarantee Randomness of Security Processes While Meeting Security Quality Requirements

• Limited /uncertain knowledge of opponent(s)• Opponent monitors defenses, exploits patterns• Examples: Aerial surveillance, patrolling,…

Research Problem Definition and Results

• Randomize under uncertain adversarial domains

• Research results:– Part 1: Plan randomization with quality constraints

• Information minimization, “no adversary model”• Decision theory

– Part 2: Strategy randomization with quality constraints• Probability distribution over “partial adversary

models”• Game theory

– Part 3: Application to Airport Security

Part I: No Adversary Model Example

• Intentional policy randomization for security– Information Minimization Game– MDP/POMDP: Planning or sequential decision

making under uncertainty ([Note: (PO)MDP is a (Partially Observable) Markov Decision Process]

– Difficult for adversary to predict even if knows policy

• Maintain policy quality constraints– Reward > Threshold– Example: Fuel

Part I: No Adversary Model: Solution Technique

• Single Agent: – Randomized policy with reward > threshold– Nonlinear program: Hard to solve (Exponential)– Convert to Linear Program “BRLP” : Efficient

(Polynomial time)

• Multi Agent Teams: – Randomized policies with reward > threshold

Developed New Algorithms for Plan Randomization

Multi Agent Teams

• Randomize policy for agent teams subject to reward threshold

• Agent teams:– Decentralized POMDPs– No communication possible between agents

• Adversary :– Knows policy of individual team members– Exploits any action predictability

Example Computational Results for Single AgentConclusion: Randomization Recommendation is Computationally Solvable

0123456789

10

50 60 70 80 90 100

Reward Threshold(%)

Ave.

Wei

ghte

d En

tropy BRLP

Hw(x)

Ha(x)

Max Entropy0

20

40

60

80

100

120

50 60 70 80 90 100

Reward Threshold(%)

Exec

utio

n Ti

me

(sec

)

BRLP

Hw(x)

Ha(x)

Part II: Security with Partial Adversary Models

Partial model of adversaries: Example, different adversary preferences

• Crowded terminals• Terminals with military personnel

• How would you allocate canine units?

Part II: Algorithms and Experiments

• “Bayesian Stackelberg Games”– DOBSS: Decomposed Optimal Bayesian Stackelberg Solver– ASAP: Agent Security by Approximate Policies

• Experiments: – Patrolling Domain: Security agent and robber– Security agent patrols houses– Robbers can attack any house– Uncertainty over robber types

Once again, computational solution feasible

• Problem: Setting checkpoints and allocating K9 units?

• Approach: Maximize security through mathematical randomization

• Goal: Create software assistants

PART III: Applications

ARMOR

• Assistant for Randomized Monitoring Over Routes

• DOBSS basis of ARMOR

• ARMOR-Checkpoints

• ARMOR-K9

Assistant for Randomized Monitoring Over Assistant for Randomized Monitoring Over Routes (ARMOR) ProjectRoutes (ARMOR) Project

An Interdisciplinary Counter-Terrorism Research Partnership:

Los Angeles World Airports & The University of Southern California

Deek

Ressam

Jamiiyyat Ul Islam Is Saheeh“The Assembly of Authentic Islam”

Levar Haney Washington

Islam convert

Hammad Riaz SamanaPakistani

Gregory Vernon Patterson - LAX

Mortar Attack

Sniper Attack

Control Tower Bomb

MANPADs Attack

Air Operations Attack

Public Grounds Attack

Curbside Car Bomb

Luggage Bomb

Large Truck Bomb

Uninspected Cargo Bomb

Insider Planted Bomb

Potential Fatalities

Major Threats

Lesser Threats

Terrorist Scenarios Examined (RAND) 12/05

ARMOR SystemARMOR System

DOBSS: GAMETHEORY

ALGORITHMS

Define constraints

RandomizedSchedule

generation

Weights forrandomization

Schedule evaluation

ARMOR Knowledge Base

Knowledge in ARMOR-checkpoint

• ARMOR-checkpoint base requires knowledge:– Numbers of possible checkpoints– Time of checkpoint operation– Traffic flow and its impact on catching adversary– Estimated target priority for adversary– Estimates of cost of getting caught to adversaries– Estimates if “different types” of adversaries and their

probabilities (e.g. differ in their capabilities)

• Converted into utilities

ARMOR Features

• Randomized schedules• Mathematical measure of randomness• Input constraints• Report generation

• Many other parameters to control…

The Element of SurpriseTo help combat the terrorism threat, officials at Los Angeles International Airport are introducing a bold new idea into their arsenal: random placement of security

checkpoints. Can game theory help keep us safe?

Security forces work the sidewalk at LAX

September 28, 2007

Conclusion• New algorithms: guarantee randomness while meeting

quality requirements• Computational techniques that allow practical applications• Initial demonstration with LAX working well, other clients

have expressed interest