BEGIN:VCALENDAR BEGIN:VEVENT SUMMARY:CS Colloquium: Arunesh Sinha (CMU) - Audit Games DESCRIPTION:Speaker: Arunesh Sinha , Carnegie Mellon University Talk Title: Audit Games Series: CS Colloquium Abstract: Audits complement real time access control in enforcement of policies (e.g., security and privacy policies). It is the primary tool for policy enforcement in scenarios where threats arise from authorized insiders. Considering the lack of provable guarantees of audit mechanisms in real world, there is a pressing need to develop mathematical models to study the audit process and design effective audit mechanisms. Our work aims to provide foundational work in the area of auditing by developing models that capture the essential characteristics of the audit process.Our approach is to model the audit interaction as a game between the organization and the auditees. As a first cut, we proposed an audit mechanism Regret Minimizing Audits, that provably optimizes cost for the organization, when the auditees’ incentives to violate are unknown. This is useful in scenarios like outsourced work, etc., where the auditee behavior cannot be modeled.\n \n A natural intuition is that costs can be further optimized if assumptions are made about the auditee behavior. Following this intuition, we model a simple audit scenario with rational auditees as a Stackelberg game [2]. The main modeling novelty is the inclusion of different levels of punishment in the organization’s action space. The organization chooses a punishment level that maximizes its utility. The model is simple as it allows only one audit inspection. However, even the simple model results in a non-convex optimization problem for computing the equilibrium. Non-convex optimization problems are hard in general; we present a fully polynomial time approx. scheme (FPTAS) for our problem. Biography: Arunesh Sinha is a graduate student at Carnegie Mellon University in the Electrical and Computer Engineering Department, where he is pursuing a PhD. He completed his undergraduate studies at IIT Kharagpur, where he majored in Electrical Engineering. Arunesh worked for four years as a software engineer in Trilogy Software, Bangalore, India, before deciding to do a Ph.D. Arunesh is fortunate to be advised by Prof. Anupam Datta. Arunesh's research interests lie at the intersection of security/privacy, game theory and machine learning. Host: Teamcore Group DTSTART:20140305T110000 LOCATION:RTH 306 URL;VALUE=URI: DTEND:20140305T120000 END:VEVENT END:VCALENDAR