Goto

Collaborating Authors

University of Texas at El Paso


Adapting Honeypot Configurations to Detect Evolving Exploits

AAAI Conferences

Honeypots are fake resources that gain value in being probed and attacked. They deceive network intruders into detailing the intruder's behavior and the nature of an intended attack. A honeypot's success relies on the quality of its deception and the perceived value to the attacker. In this paper, we emphasize the latter. We model a repeated game where a defender must select from a list of honeypot configurations to detect an adversary's attack. The adversary's attacks each contain their own unique value function and required features to execute an exploit. Each exploits "evolves" by having its value decreases with the number of detections and new attacks may be added to the adversary's arsenal as the game progresses. We show that this model demands the defender to act strategically, by showing the adversary can exploit naive defense strategies. To solve this problem, we leverage the Multi-Armed Bandit (MAB) framework, a class of machine learning problems that demand balance between exploration and exploitation.


Gutierrez

AAAI Conferences

Honeypots are fake resources that gain value in being probed and attacked. They deceive network intruders into detailing the intruder's behavior and the nature of an intended attack. A honeypot's success relies on the quality of its deception and the perceived value to the attacker. In this paper, we emphasize the latter. We model a repeated game where a defender must select from a list of honeypot configurations to detect an adversary's attack. The adversary's attacks each contain their own unique value function and required features to execute an exploit. Each exploits "evolves" by having its value decreases with the number of detections and new attacks may be added to the adversary's arsenal as the game progresses. We show that this model demands the defender to act strategically, by showing the adversary can exploit naive defense strategies. To solve this problem, we leverage the Multi-Armed Bandit (MAB) framework, a class of machine learning problems that demand balance between exploration and exploitation.


Challenges in Building Highly-Interactive Dialog Systems

AI Magazine

Spoken dialog researchers have recently demonstrated highly-interactive systems in several domains. This paper considers how to build on these advances to make systems more robust, easier to develop, and more scientifically significant. We identify key challenges whose solution would lead to improvements in dialog systems and beyond.


Preventing Illegal Logging: Simultaneous Optimization of Resource Teams and Tactics for Security

AAAI Conferences

Green security — protection of forests, fish and wildlife — is a critical problem in environmental sustainability. We focus on the problem  of  optimizing the defense of forests againstillegal logging, where often we are faced with the challenge of teaming up many different groups,  from national police to forest guards to NGOs, each with differing capabilities and costs. This paper introduces a new, yet fundamental problem: SimultaneousOptimization of Resource Teams and Tactics (SORT).  SORT contrasts with most previous game-theoretic research for green security — in particular based onsecurity games — that has solely focused on optimizing patrolling tactics, without consideration of team formation or coordination.  We develop new models and scalable algorithms to apply SORT towards illegal logging in large forest areas. We evaluate our methods on a variety of synthetic examples, as well as a real-world case study using data from our on-going collaboration in Madagascar .


Optimizing Personalized Email Filtering Thresholds to Mitigate Sequential Spear Phishing Attacks

AAAI Conferences

Highly targeted spear phishing attacks are increasingly common, and have been implicated in many major security breeches. Email filtering systems are the first line of defense against such attacks. These filters are typically configured with uniform thresholds for deciding whether or not to allow a message to be delivered to a user. However, users have very significant differences in both their susceptibility to phishing attacks as well as their access to critical information and credentials that can cause damage. Recent work has considered setting personalized thresholds for individual users based on a Stackelberg game model. We consider two important extensions of the previous model. First, in our model user values can be substitutable, modeling cases where multiple users provide access to the same information or credential. Second, we consider attackers who make sequential attack plans based on the outcome of previous attacks. Our analysis starts from scenarios where there is only one credential and then extends to more general scenarios with multiple credentials. For single-credential scenarios, we demonstrate that the optimal defense strategy can be found by solving a binary combinatorial optimization problem called PEDS. For multiple-credential scenarios, we formulate it as a bilevel optimization problem for finding the optimal defense strategy and then reduce it to a single level optimization problem called PEMS using complementary slackness conditions. Experimental results show that both PEDS and PEMS lead to significant higher defender utilities than two existing benchmarks in different parameter settings. Also, both PEDS and PEMS are more robust than the existing benchmarks considering uncertainties.


Veliz

AAAI Conferences

Courses in artificial intelligence and related topics often cover methods for reasoning under uncertainty, decision theory, and game theory. However, these methods can seem very abstract when students first encounter them, and they are often taught using simple "toy" problems. Our goal is to help students to operationalize this knowledge by designing sophisticated autonomous agents that must make complex decisions in games that capture their interest. We describe a tournament-based pedagogy that we have used in two different courses with two different games based on current research topics in artificial intelligence to engage students in designing agents that use strategic reasoning. Many students find this structure very engaging, and we find that students develop a deeper understanding of the abstract strategic reasoning concepts introduced in the courses.


Evaluating the Robustness of Game Theoretic Solutions When Using Abstraction

AAAI Conferences

Game theory is a tool for modeling multi-agent decision problems and has been used to analyze strategies in domains such as poker, security, and trading agents. One method for solving very large games is to use abstraction techniques to shrink the game by removing detail, solve the reduced game, and then translate the solution back to the original game. We present a methodology for evaluating the robustness of different game-theoretic solution concepts to the errors introduced by the abstraction process. We present an initial empirical study of the robustness of several solution methods when using abstracted games.


Teaching Automated Strategic Reasoning Using Capstone Tournaments

AAAI Conferences

Courses in artificial intelligence and related topics often cover methods for reasoning under uncertainty, decision theory, and game theory. However, these methods can seem very abstract when students first encounter them, and they are often taught using simple “toy” problems. Our goal is to help students to operationalize this knowledge by designing sophisticated autonomous agents that must make complex decisions in games that capture their interest. We describe a tournament-based pedagogy that we have used in two different courses with two different games based on current research topics in artificial intelligence to engage students in designing agents that use strategic reasoning. Many students find this structure very engaging, and we find that students develop a deeper understanding of the abstract strategic reasoning concepts introduced in the courses.


Veliz

AAAI Conferences

Game theory is a tool for modeling multi-agent decision problems and has been used to analyze strategies in domains such as poker, security, and trading agents. One method for solving very large games is to use abstraction techniques to shrink the game by removing detail, solve the reduced game, and then translate the solution back to the original game. We present a methodology for evaluating the robustness of different game-theoretic solution concepts to the errors introduced by the abstraction process. We present an initial empirical study of the robustness of several solution methods when using abstracted games.


A Feasibility Study of an Approach to Extend Research Footprints

AAAI Conferences

Funding agencies and the National Academies of Science, Engineering, and Medicine have been promoting the importance of interdisciplinary research (IDR). Supporting team-based IDR requires the ability to discover the expertise needed to solve complex problems. Many universities have adopted expertise systems, which includes the presentation of keywords or concepts to identify experts. The efforts at University of Texas at El Paso (UTEP) have focused on building “communities of practice” that support diverse faculty who have an affinity for a particular topic and facilitate the ability to identify researchers with diverse expertise, knowledge, and skills who can contribute to new initiatives on campus. Our premise is that the university can facilitate the identification of potential contributors to communities of practice by correlating their associated ontologies to the concepts associated with researchers’ publications and proposal submissions. This paper presents the results of a preliminary study to examine the feasibility of the approach.