A risk-security tradeoff in graphical coordination games

A system relying on the collective behavior of decision-makers can be vulnerable to a variety of adversarial attacks. How well can a system operator protect performance in the face of these risks? We frame this question in the context of graphical coordination games, where the agents in a network choose among two conventions and derive benefits from coordinating neighbors, and system performance is measured in terms of the agents' welfare. In this paper, we assess an operator's ability to mitigate two types of adversarial attacks - 1) broad attacks, where the adversary incentivizes all agents in the network and 2) focused attacks, where the adversary can force a selected subset of the agents to commit to a prescribed convention. As a mitigation strategy, the system operator can implement a class of distributed algorithms that govern the agents' decision-making process. Our main contribution characterizes the operator's fundamental trade-off between security against worst-case broad attacks and vulnerability from focused attacks. We show that this tradeoff significantly improves when the operator selects a decision-making process at random. Our work highlights the design challenges a system operator faces in maintaining resilience of networked distributed systems.Comment: 13 pages, double column, 4 figures. Submitted for journal publicatio

Behavioral Advertising: From One-Sided Chicken to Informational Norms

When you download the free audio recording software from Audacity, you agree that Audacity may collect your information and use it to send you advertising. Billions of such pay-with-data exchanges feed information daily to a massive advertising ecosystem that tailors web site advertising as closely as possible to individual interests. The vast majority want considerably more control over our information. We nonetheless routinely enter pay-with-data exchanges when we visit CNN.com, use Gmail, or visit any of a vast number of other websites. Why? And, what, if anything, should we do about it? We answer both questions by describing pay-with-data exchanges as a game of Chicken that we play over and over with sellers under conditions that guarantee we will always lose. Chicken is traditionally played with cars. Two drivers at opposite ends of a road drive toward each other at high speed. The first to swerve loses. We play a similar game with advertisers—with one crucial difference: we know in advance that the advertisers will never “swerve.” In classic Chicken with cars, the players’ preferences are mirror images of each other. When Phil and Phoebe face each other in their cars, Phil’s first choice is that Phoebe swerve first. His second choice is that they swerve simultaneously. Mutual cowardice is better than a collision. Unilateral cowardice is too, so third place goes to his swerving before Phoebe does. Collision ranks last. Phoebe’s preferences are the same except that she is in Phil’s place and Phil in hers. Change the preferences a bit, and we have the game we play in pay-with-data exchanges. Phil’s preferences are the same, but Phoebe’s differ. She still prefers that Phil swerve first, but collision is in second place. Given these preferences, Phoebe will never swerve. Phil knows Phoebe has these preferences, so he knows he has only two options: he swerves, and she does not; and, neither swerves. Since he prefers the first, he will swerve. Call this One-Sided Chicken. We play One-Sided Chicken when in our website visits we enter pay-with-data exchanges. We argue that buyers’ preferences parallel Phil’s while the sellers’ parallel “collision second” Phoebe’s. We name the players’ choices in this pay-with-data game “Give In,” (the “swerve” equivalent) and “Demand” (the “don’t swerve” equivalent). For buyers, “Demand” means refusing to use the website unless the seller’s data collection practices conform to the buyer’s informational privacy preferences. “Give in” means permitting the seller to collect and process information in accord with whatever information processing policy it pursues. For sellers, “Demand” means refusing to alter their information processing practices even when they conflict with a buyer’s preferences. “Give in” means conforming information processing to a buyer’s preferences. We contend that sellers’ first preference is to demand while buyers to give in and that their second is the collision equivalent in which both sides demand. Such demanding sellers leave buyers only two options: give in and use the site, or demand and do not. Since buyers prefer the first option, they always give in. It would be better if we were not locked into One-Sided Chicken. Ideally, informational norms should regulate the flow of personal information. Informational norms are norms that constrain the collection, use, and distribution of personal information. We contend that such norms would ensure free and informed consent to businesses’ use of consumer data. Unfortunately, pay-with-data exchanges are one of a number of situations in which rapid advances in information processing technology have outrun the slow evolution of norms. We argue that, in a sufficiently competitive market, the needed norms would arise if we had adequate tracking prevention technologies

Blocks, liquidity and corporate control

corporate ownership;control;liquidity;free riding

An exploratory study of the growth of the Accountable Care Organization and its impact on physician groups’ profit: a complex adaptive system approach

The emergence of Accountable Care Organizations (ACOs) in the landscape of the U.S. healthcare system marks a paradigm shift in healthcare operations. The potential impact of ACOs has been a topic of intense debate. Traditional analytical approaches do not lend themselves to examining the complex phenomenon of the emergence and growth of ACOs in the healthcare network. We adopt a complex adaptive system lens to examine the growth of ACOs among physician groups and explore factors that influence this growth. We also discuss the impact of ACOs on the profit of physician groups. An agent-based model was built to simulate physician groups' ACO entrance and exit based on a set of simple rules and their complex interactions with other agents. Based on the simulation results, we derive patterns of ACO expansion and contraction, following four stages of wait-and-see, rollercoaster, fast growth, and stabilizing. Findings suggest that the growth of ACOs is sensitive to the initial state of ACO membership. When the initial size of ACO membership increases, it helps to eliminate the rollercoaster stage. In addition, the growth of the ACO varies depending on the cost–quality tradeoff. When both cost and quality objectives can be met simultaneously, the growth of ACO membership follows wait-and-see and fast growth stages followed by a different stage that we term sticky state. The impact of ACOs on physician groups’ cumulative profit varies by the service quality level of the physician group. Physician groups affiliated with insurance companies charging the lowest or the highest level of health insurance premiums are worse off with the ACO option. However, the ACO benefits physician groups affiliated with an insurance company charging a moderate level of premiums.Ye

Automation and robotics for the Space Exploration Initiative: Results from Project Outreach

A total of 52 submissions were received in the Automation and Robotics (A&R) area during Project Outreach. About half of the submissions (24) contained concepts that were judged to have high utility for the Space Exploration Initiative (SEI) and were analyzed further by the robotics panel. These 24 submissions are analyzed here. Three types of robots were proposed in the high scoring submissions: structured task robots (STRs), teleoperated robots (TORs), and surface exploration robots. Several advanced TOR control interface technologies were proposed in the submissions. Many A&R concepts or potential standards were presented or alluded to by the submitters, but few specific technologies or systems were suggested

Security, trust and cooperation in wireless sensor networks

Wireless sensor networks are a promising technology for many real-world applications such as critical infrastructure monitoring, scientific data gathering, smart buildings, etc.. However, given the typically unattended and potentially unsecured operation environment, there has been an increased number of security threats to sensor networks. In addition, sensor networks have very constrained resources, such as limited energy, memory, computational power, and communication bandwidth. These unique challenges call for new security mechanisms and algorithms. In this dissertation, we propose novel algorithms and models to address some important and challenging security problems in wireless sensor networks. The first part of the dissertation focuses on data trust in sensor networks. Since sensor networks are mainly deployed to monitor events and report data, the quality of received data must be ensured in order to make meaningful inferences from sensor data. We first study a false data injection attack in the distributed state estimation problem and propose a distributed Bayesian detection algorithm, which could maintain correct estimation results when less than one half of the sensors are compromised. To deal with the situation where more than one half of the sensors may be compromised, we introduce a special class of sensor nodes called \textit{trusted cores}. We then design a secure distributed trust aggregation algorithm that can utilize the trusted cores to improve network robustness. We show that as long as there exist some paths that can connect each regular node to one of these trusted cores, the network can not be subverted by attackers. The second part of the dissertation focuses on sensor network monitoring and anomaly detection. A sensor network may suffer from system failures due to loss of links and nodes, or malicious intrusions. Therefore, it is critical to continuously monitor the overall state of the network and locate performance anomalies. The network monitoring and probe selection problem is formulated as a budgeted coverage problem and a Markov decision process. Efficient probing strategies are designed to achieve a flexible tradeoff between inference accuracy and probing overhead. Based on the probing results on traffic measurements, anomaly detection can be conducted. To capture the highly dynamic network traffic, we develop a detection scheme based on multi-scale analysis of the traffic using wavelet transforms and hidden Markov models. The performance of the probing strategy and of the detection scheme are extensively evaluated in malicious scenarios using the NS-2 network simulator. Lastly, to better understand the role of trust in sensor networks, a game theoretic model is formulated to mathematically analyze the relation between trust and cooperation. Given the trust relations, the interactions among nodes are modeled as a network game on a trust-weighted graph. We then propose an efficient heuristic method that explores network heterogeneity to improve Nash equilibrium efficiency

Strategic investment in protection in networked systems

We study the incentives that agents have to invest in costly protection against cascading failures in networked systems. Applications include vaccination, computer security and airport security. Agents are connected through a network and can fail either intrinsically or as a result of the failure of a subset of their neighbors. We characterize the equilibrium based on an agent's failure probability and derive conditions under which equilibrium strategies are monotone in degree (i.e. in how connected an agent is on the network). We show that different kinds of applications (e.g. vaccination, airport security) lead to very different equilibrium patterns of investments in protection, with important welfare and risk implications. Our equilibrium concept is flexible enough to allow for comparative statics in terms of network properties and we show that it is also robust to the introduction of global externalities (e.g. price feedback, congestion)