Stackelberg Security Games for Security. Fernando Ordóñez Universidad de Chile

Stackelberg Security Games for Security Fernando Ordóñez Universidad de Chile

Stackelberg Games for Security Fernando Ordóñez Universidad de Chile

Stackelberg Games for Security Fernando Ordóñez Milind Tambe, P. Paruchuri, C. Kiekintveld, B. An, J. Pita, M. Jain, J. Tsai, R. Yang, A. Jiang, M. Brown, E. Shieh and others

Stackelberg Security Game 4

Stackelberg Security Game 5

Stackelberg Security Game Monday Tuesday 6

Stackelberg Security Game Wednesday 7

Outline Stackelberg Games Deployed Applications Challenges in Stackelberg Security Games Problem Size Uncertainty/rationality Model Inputs (data, game definition) Ongoing work

Game Theory: Stackelberg Game Stackelberg: defender goes first, attacker second Non zero sum utilities A mixed strategy is optimal for the leader Adversary Police Target #1 Target #2 Patrol #1 7, -4-2, 3 Patrol #2-7, 7 4, -3

Game Theory: Stackelberg Game

Deployed Security Game Applications ARMOR: LAX (27) IRIS: FAMS (29) GUARDS: TSA (21) PROTECT: USCG (211)

Optimization Model (Rational Adversary) max x,a s.t d U ik ik ( x, q) x Total_Resources (1) x= A a A ( 2) i i T Constraint on x to enforce a feasible marginal coverage on targets j A a j j k j 1 a j 1, j (3) feasible assignment A j qk 1 qk,1 q arg max q ik U ika ( x, q ) ( 4) (5) ( 6) (7 )

USCG Patrols Port of Boston (Not actual areas)

Challenges in SSG Problem Size Uncertainty/rationality Model Inputs (data, game definition) Evaluation

Federal Air Marshals (FAMS) Strategy 1 Strategy 2 Strategy 3 Strategy 1 Strategy 2 Strategy 3 Strategy 4 Strategy 5 Strategy 6 Strategy 1 Strategy 1 Strategy 2 Strategy 3 Strategy 4 Strategy 5 Strategy 6 Strategy 2 Strategy 3

Multiple Defense Resources Pure strategies are joint schedules: Each air marshal assigned to a tour 4 Flights 2 Air Marshals 6 Schedules 1 Flights 1 Air Marshals 17,,,, Schedules

Speedup: Compact Representation ARMOR: 1 tours, 3 defenders ARMOR Actions Tour combos Prob 1 2 3 12 1,2,3 1,2,4 1,2,5 8,9,1 x1 x2 x3 x12 Compact Action Tour Prob 1 2 3 1 1 2 3 1 y1 y2 y3 y1 Payoff duplicates: Depends on target covered 1,2,3 1,2,4 1,3,5 Attack 1 Attack 2 Attack Attack 6 5,-1 5,-1 5,-1-2,9-2,9-2,9 4,-8 4,-8 4,-8 MILP similar to ARMOR 1 instead of 12 variables y1+y2+y3 +y1 = 3

Algorithm Development Tight formulations Decomposition Methods Column generation Constraint generation Heuristic Methods

Uncertainty/Rationality

Uncertainty/Rationality

Optimization Model (Partially Rational Adversary) Fractional and Non-Convex F ( x ) i max x,a s.t e U ia ( x ) k e d U i ( x) U a ( x ) k x Total_Resources (1) x= A a A ( 2) i T i j A a j j j j 1 a j 1, (3) feasible assignment A j ( 4)

Playing against Human Adversaries

Experimental Results PT = Prospect theory QRE = Quantal Response Equilibrium

Model Inputs

Steps to build SSG 1. 2. 3. 4. 5. Gather representative data Define targets to protect Define time periods to protect Types of Attackers Defender and Attacker utilities

1: Relevant Data 2 year crime event data Horizon: annual averages of crime No daily variation No seasons Baseline patrol strategy

2: Targets Clustering, nodes with > 1 events in 2 meters

3/4: Periods/Attacker types 8 attacker types (clustering crime data) 7 Periods (cross police shifts with crime types) Prob. de un tipo de atacante en un periodo Cluster 1 2 3 4 5 6 7 8 Total S1 S2 S3 S4 S5 S6 S7,234,78,32,253,23,381,516,57,18,91,27,291,624,48,18,63,22,225,142,47,26,79,48,63,49,12,66,33,238,562,79,27,93,16,223,395,97,5,15,24,285 727 457 1892 1217 939 881 612 Total 1815 679 545 369 45 88 419 575 111

5: Utilities Crime events have a value information Cluster Promedio de Utilidad Días Reclusión Cluster Avalúo ($) $ 91.175 1 2 3 4 5 6 7 $ 14.448 $ 67.976 $ 225.985 $ 87.65 $ 18.717 $ 69.481 $ 69.246 8 $ 19.174 Tasa Descuento Costo ($) 1 2 3 4 5 6 7 91175 14448 67976 22561 8765 18717 69481 69246 61 1752 63 1746 1747 1686 74 1757 4% 4% 4% 4% 4% 4% 4% 4% 319113 365568 237916 789636 36776 38511 243184 242362 8 19174 1739 4% 38219

Results A frequency with which each node should be protected to maximize utilities

Evaluation Computer Anectdote Tests on field

Robustness Results: Observation Noise -,2 -,4 -,6 PASAQ(λ=1.5) -,8 DOBSS(λ= ) -1 PASAQ(noise high) -1,2 DOBSS(noise high) -1,4-1,6,5 1 1,5 2 2,5 3 3,5 4 4,5 5 5,5 6 Defender's Expected Utility Attacker λ value

Patrol Schedules before/after PROTECT From the Port of Boston 3 25 2 15 Count Pre-PROTECT 1 5 Day 1 Day 2 Day 3 Day 4 Day 5 Day 6 Day 7 14 12 1 8 Count Post-PROTECT Base Patrol Area 6 4 2 Day 1 Day 2 Day 3 Day 4 Day 5 Day 6 Day 7

Adversarial Perspective Team (APT) Conduct pre- and post-protect assessment Effectiveness (tactical deterrence) increased from pre- to postprotect observations

On going work: protecting the border

Sampled patrols from optimal solution

Research Questions Efficient algorithms to solve real instances (patrolling on a network) Automatically determine payoff values Multiple types of security resources Validation