Tackling Imitative Attacker Deception in Repeated Bayesian Stackelberg Security Games

Uncertainty is one of the key challenges in Stackelberg security games (SSGs) — a well known class of games which have been used to solve various real-world problems in security domains such as airport security and wildlife protection. In these domains, security agencies (defender) are generally uncertain about underlying characteristics of attackers such as the attackers’ preference or behavior. Previous work in SSGs has proposed different learning methods to reduce uncertainty about attackers based on historical attack data. However, since these learning algorithms depend on the attack data, a clever attacker can manipulate its attacks to influence the learning outcome. Such deception of the attacker could lead to ineffective defense strategies that favor the attacker. This work studies the strategic deception of the attacker with private type information in a repeated Bayesian Stackelberg security game (RBSSG) setting. We investigate a basic deception strategy, named imitative attacker deception — that is the attacker pretends to have a different type and consistently plays according to that deceptive type throughout the whole time horizon. We provide four main contributions. First, we present a detailed equilibrium computation and analysis of standard RBSSGs with a non-deceptive attacker. To our knowledge, our work is the first to present an exact algorithm to compute an RBSSG equilibrium. Second, we introduce a new counter-deception algorithm, built on our equilibrium computation of standard RBSSGs, to address the attacker’s deception. Third, we introduce two new heuristics to overcome the computational challenge of the exact algorithm: one heuristic limits the number of time steps to look ahead and the other limits the number of observational attack histories in consideration. Fourth, we conduct extensive experiments, showing the significant loss of the defender and benefit of the attacker as a result of the attacker deception. We also show that our counter-deception algorithm can help in substantially diminishing the impact of the attacker’s deception on the players’ utility.

[1]  Branislav Bosanský,et al.  Comparing Strategic Secrecy and Stackelberg Commitment in Security Games , 2017, IJCAI.

[2]  Oguzhan Alagöz,et al.  Modeling secrecy and deception in a multiple-period attacker-defender signaling game , 2010, Eur. J. Oper. Res..

[3]  Michael Wooldridge,et al.  Imitative Follower Deception in Stackelberg Games , 2019, EC.

[4]  Christopher Meek,et al.  Adversarial learning , 2005, KDD '05.

[5]  Haifeng Xu,et al.  Information Disclosure as a Means to Security , 2015, AAMAS.

[6]  Hans D. Schotten,et al.  Demystifying Deception Technology: A Survey , 2018, ArXiv.

[7]  Milind Tambe,et al.  Three Strategies to Success: Learning Adversary Models in Security Games , 2016, IJCAI.

[8]  Yongzhao Wang,et al.  Deception in Finitely Repeated Security Games , 2019, AAAI.

[9]  Haifeng Xu,et al.  Exploring Information Asymmetry in Two-Stage Security Games , 2015, AAAI.

[10]  Blaine Nelson,et al.  The security of machine learning , 2010, Machine Learning.

[11]  Ariel D. Procaccia,et al.  Learning Optimal Commitment to Overcome Insecurity , 2014, NIPS.

[12]  Maria-Florina Balcan,et al.  Commitment Without Regrets: Online Learning in Stackelberg Security Games , 2015, EC.

[13]  Pingzhong Tang,et al.  Learning Optimal Strategies to Commit To , 2019, AAAI.

[14]  Bo An,et al.  Stackelberg Security Games: Looking Beyond a Decade of Success , 2018, IJCAI.

[15]  Bo An,et al.  Manipulating a Learning Defender and Ways to Counteract , 2019, NeurIPS.

[16]  Milind Tambe,et al.  Cloudy with a Chance of Poaching: Adversary Behavior Modeling and Forecasting with Real-World Poaching Data , 2017, AAMAS.

[17]  Milind Tambe,et al.  Security and Game Theory - Algorithms, Deployed Systems, Lessons Learned , 2011 .

[18]  Gerald Tesauro,et al.  Playing repeated Stackelberg games with unknown opponents , 2012, AAMAS.

[19]  Bo An,et al.  Deploying PAWS: Field Optimization of the Protection Assistant for Wildlife Security , 2016, AAAI.

[20]  Tuomas Sandholm,et al.  Limited Lookahead in Imperfect-Information Games , 2015, IJCAI.

[21]  Vincent Conitzer,et al.  Learning and Approximating the Optimal Strategy to Commit To , 2009, SAGT.

[22]  Nicholas R. Jennings,et al.  Playing Repeated Security Games with No Prior Knowledge , 2016, AAMAS.

[23]  Milind Tambe,et al.  Taking It for a Test Drive: A Hybrid Spatio-Temporal Model for Wildlife Poaching Prediction Evaluated Through a Controlled Field Test , 2017, ECML/PKDD.

[24]  Haifeng Xu,et al.  Imitative Attacker Deception in Stackelberg Security Games , 2019, IJCAI.

[25]  Milind Tambe,et al.  CAPTURE: A New Predictive Anti-Poaching Tool for Wildlife Protection , 2016, AAMAS.