Optimal Escape Interdiction on Transportation Networks

Zhang, Youzhi; An, Bo; Tran-Thanh, Long; Wang, Zhen; Gan, Jiarui; Jennings, Nicholas R.

doi:10.24963/ijcai.2017/550

Cited by 23 publications

(22 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…, mu. The adversary cannot see the defender until he gets caught (Jain et al 2011;Zhang et al 2017). Motivated by the fact that new pursuit technology can be used to provide real-time information about the adversary's whereabouts, the defender can observe the adversary's locations in real time.…”

Section: Problem Descriptionmentioning

confidence: 99%

“…By default, L " W " 5, pp, qq " p0.5, 0.1q, horizon t max " L, |V e | " 10, and m " 4. Solution Quality: We compare the solution quality of our approach (represented by IGRS++) with one baseline, the algorithm for the discussed network security game model (Jain et al 2011;Zhang et al 2017) considering timedependent strategies, denoted as NSG. Figures 2(a) and 2(b) vary parameters: (1) the number of intersections, denoted by LˆW , and (2) edge generation probabilities.…”

Section: Experimental Evaluationmentioning

confidence: 99%

“…independent strategy without considering the dynamic relocation of security resources (Jain et al 2011). Although a time-dependent policy is discussed in (Zhang et al 2017), they do not take the real-time adversarial information into consideration, which can cause a huge loss of effectiveness as we will show later. Other branches of related work also suffer from similar myopia, including pursuit-evasion games (Parsons 1978) and patrolling security games (Vorobeychik et al 2014) (see the next section).…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Optimal Interdiction of Urban Criminals with the Aid of Real-Time Information

Zhang

Guo

et al. 2019

AAAI

Self Cite

View full text Add to dashboard Cite

Most violent crimes happen in urban and suburban cities. With emerging tracking techniques, law enforcement officers can have real-time location information of the escaping criminals and dynamically adjust the security resource allocation to interdict them. Unfortunately, existing work on urban network security games largely ignores such information. This paper addresses this omission. First, we show that ignoring the real-time information can cause an arbitrarily large loss of efficiency. To mitigate this loss, we propose a novel NEtwork purSuiT game (NEST) model that captures the interaction between an escaping adversary and a defender with multiple resources and real-time information available. Second, solving NEST is proven to be NP-hard. Third, after transforming the non-convex program of solving NEST to a linear program, we propose our incremental strategy generation algorithm, including: (i) novel pruning techniques in our best response oracle; and (ii) novel techniques for mapping strategies between subgames and adding multiple best response strategies at one iteration to solve extremely large problems. Finally, extensive experiments show the effectiveness of our approach, which scales up to realistic problem sizes with hundreds of nodes on networks including the real network of Manhattan.

show abstract

Section: Problem Descriptionmentioning

confidence: 99%

Section: Experimental Evaluationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Optimal Interdiction of Urban Criminals with the Aid of Real-Time Information

Zhang

Guo

et al. 2019

AAAI

Self Cite

View full text Add to dashboard Cite

show abstract

“…The solution concept of various equilibriums, such as the Nash equilibrium and strong Stackelberg equilibrium, can provide randomized mixed strategies to further increase the uncertainty the attacker faces. Our interdiction model is most similar to that of security games [40], where the defender allocates security resources strategically to protect targets against the adversary. Jain et al [41] presented a scalable optimal solution technique for network-based security domains based on a double-oracle frame.…”

Section: Related Workmentioning

confidence: 99%

A Decomposition Approach for Stochastic Shortest-Path Network Interdiction with Goal Threshold

Wei

Jiao

et al. 2019

Symmetry

View full text Add to dashboard Cite

Shortest-path network interdiction, where a defender strategically allocates interdiction resource on the arcs or nodes in a network and an attacker traverses the capacitated network along a shortest s-t path from a source to a terminus, is an important research problem with potential real-world impact. In this paper, based on game-theoretic methodologies, we consider a novel stochastic extension of the shortest-path network interdiction problem with goal threshold, abbreviated as SSPIT. The attacker attempts to minimize the length of the shortest path, while the defender attempts to force it to exceed a specific threshold with the least resource consumption. In our model, threshold constraint is introduced as a trade-off between utility maximization and resource consumption, and stochastic cases with some known probability p of successful interdiction are considered. Existing algorithms do not perform well when dealing with threshold and stochastic constraints. To address the NP-hard problem, SSPIT-D, a decomposition approach based on Benders decomposition, was adopted. To optimize the master problem and subproblem iteration, an efficient dual subgraph interdiction algorithm SSPIT-S and a local research based better-response algorithm SSPIT-DL were designed, adding to the SSPIT-D. Numerical experiments on networks of different sizes and attributes were used to illustrate and validate the decomposition approach. The results showed that the dual subgraph and better-response procedure can significantly improve the efficiency and scalability of the decomposition algorithm. In addition, the improved enhancement algorithms are less sensitive and robust to parameters. Furthermore, the application in a real-world road network demonstrates the scalability of our decomposition approach.

show abstract

“…Resource management, which is the efficient and effective management of an organization's resources and has been widely applied to different research topics such as defense of terrorist attacks [6], trust data sharing in edge computing [7], green services of content-centric IoT [8] and efficient job scheduling and energy-aware resource management in data center networks [9], [10], provides the cloud defender the inspiration to the development of an effective security resources allocation strategy that mitigates his total loss. As the APT campaign is time-continuous, the cloud defender also needs to take continuous actions.…”

Section: Figurementioning

confidence: 99%

On Dynamic Recovery of Cloud Storage System Under Advanced Persistent Threats

Yang

2019

IEEE Access

View full text Add to dashboard Cite

Advanced persistent threat (APT) for data theft poses a severe threat to cloud storage systems (CSSs). An APT actor may steal valuable data from the target CSS even in a strategic fashion. To protect a CSS from APT, the cloud defender has to dynamically allocate the limited security resources to recover the compromised storage servers, aiming at mitigating his total loss. This paper addresses this dynamic cloud storage recovery (DCSR) problem by employing differential game theory. First, by introducing an expected state evolution model capturing the CSS's expected state evolution process under a combination of attack strategy and recovery strategy, we measure the APT attacker's net benefit and the cloud defender's total loss. On this basis and in the worst-case situation where the cloud defender assumes that the APT attacker has full knowledge of his expected loss, we reduce the DCSR problem to a differential game-theoretic problem (the DCSR * problem) to characterize the strategic interactions between the two parties. Second, we derive a necessary condition for Nash equilibrium of the DCSR * problem and thereby introduce the concept of competitive strategy profile. Next, we study the structural properties of the competitive strategy profile, followed by some numerical examples. Then, we conduct extensive comparative experiments to exhibit that the competitive strategy profile is superior to a large number of randomly generated strategy profiles in the sense of Nash equilibrium solution concept. Finally, we briefly analyze the practicability (scalability and feasibility) of this paper. Our findings will be helpful to enhance the APT defense capabilities of the cloud defender. INDEX TERMS Advanced persistent threat, cloud storage recovery, state evolution model, differential game, Nash equilibrium, necessity system, competitive strategy profile. using social engineering attacks, an APT attacker can always infiltrate the CSS, leading to severe data leakage. Due to the fast rate at which the APTs are evolving, it is almost impossible to perfectly protect a CSS from APTs only by employing traditional defense mechanisms such as Intrusion Detection System (IDS) and firewall. A. MOTIVATION Consider a CSS consisting of multiple storage servers. The cloud defender as the owner of the CSS is responsible for the decision-making of the whole system. Every day a substantial amount of data will be uploaded to or downloaded from the CSS by individual devices or organizations [4]. See Fig. 1 for the diagram of such a CSS. In this setting, an APT attacker can apply social engineering attacks to the cloud defender to compromise the storage servers and establish footholds. Once having footholds in the target CSS, the APT attacker will be able to encrypt and exfiltrate the valuable data to his remote command-and-control (C&C) server through an established communication channel which applies mainstream protocols such as HTTP, HTTPS, FTP, P2P, and others. See Fig. 2 for the diagram of the APT for data theft on the CSS shown in Fig. 1....

show abstract

Optimal Escape Interdiction on Transportation Networks

Cited by 23 publications

References 13 publications

Optimal Interdiction of Urban Criminals with the Aid of Real-Time Information

Optimal Interdiction of Urban Criminals with the Aid of Real-Time Information

A Decomposition Approach for Stochastic Shortest-Path Network Interdiction with Goal Threshold

On Dynamic Recovery of Cloud Storage System Under Advanced Persistent Threats

Contact Info

Product

Resources

About