CyberSec Research

This study explores the application of Quadratic Voting (QV) and its generalization to improve decentralization and effectiveness in blockchain governance systems. The conducted research identified three main types of quadratic (square root) voting. Two of them pertain to voting with a split stake, and one involves voting without splitting. In split stakes, Type 1 QV applies the square root to the total stake before distributing it among preferences, while Type 2 QV distributes the stake first and then applies the square root. In unsplit stakes (Type 3 QV), the square root of the total stake is allocated entirely to each preference. The presented formal proofs confirm that Types 2 and 3 QV, along with generalized models, enhance decentralization as measured by the Gini and Nakamoto coefficients. A pivotal discovery is the existence of a threshold stakeholder whose relative voting ratio increases under QV compared to linear voting, while smaller stakeholders also gain influence. The generalized QV model allows flexible adjustment of this threshold, enabling tailored decentralization levels. Maintaining fairness, QV ensures that stakeholders with higher stakes retain a proportionally greater voting ratio while redistributing influence to prevent excessive concentration. It is shown that to preserve fairness and robustness, QV must be implemented alongside privacy-preserving cryptographic voting protocols, as voters casting their ballots last could otherwise manipulate outcomes. The generalized QV model, proposed in this paper, enables algorithmic parametrization to achieve desired levels of decentralization for specific use cases. This flexibility makes it applicable across diverse domains, including user interaction with cryptocurrency platforms, facilitating community events and educational initiatives, and supporting charitable activities through decentralized decision-making.

Effective risk management in cybersecurity requires a thorough understanding of the interplay between attacker capabilities and defense strategies. Attack-Defense Trees (ADTs) are a commonly used methodology for representing this interplay; however, previous work in this domain has only focused on analyzing metrics such as cost, damage, or time from the perspective of the attacker. This approach provides an incomplete view of the system, as it neglects to model defender attributes: in real-world scenarios, defenders have finite resources for countermeasures and are similarly constrained. In this paper, we propose a novel framework that incorporates defense metrics into ADTs, and we present efficient algorithms for computing the Pareto front between defense and attack metrics. Our methods encode both attacker and defender metrics as semirings, allowing our methods to be used for many metrics such as cost, damage, and skill. We analyze tree-structured ADTs using a bottom-up approach and general ADTs by translating them into binary decision diagrams. Experiments on randomly generated ADTS demonstrate that both approaches effectively handle ADTs with several hundred nodes.

With the rise of smart contracts, decentralized autonomous organizations (DAOs) have emerged in public good auctions, allowing "small" bidders to gather together and enlarge their influence in high-valued auctions. However, models and mechanisms in the existing research literature do not guarantee non-excludability, which is a main property of public goods. As such, some members of the winning DAO may be explicitly prevented from accessing the public good. This side effect leads to regrouping of small bidders within the DAO to have a larger say in the final outcome. In particular, we provide a polynomial-time algorithm to compute the best regrouping of bidders that maximizes the total bidding power of a DAO. We also prove that such a regrouping is less-excludable, better aligning the needs of the entire DAO and the nature of public goods. Next, notice that members of a DAO in public good auctions often have a positive externality among themselves. Thus we introduce a collective factor into the members' utility functions. We further extend the mechanism's allocation for each member to allow for partial access to the public good. Under the new model, we propose a mechanism that is incentive compatible in generic games and achieves higher social welfare as well as less-excludable allocations.

Natural and political disasters, including earthquakes, hurricanes, and tsunamis, but also migration and refugees crisis, need quick and coordinated responses in order to support vulnerable populations. In such disasters, nongovernmental organizations compete with each other for financial donations, while people who need assistance suffer a lack of coordination, congestion in terms of logistics, and duplication of services. From a theoretical point of view, this problem can be formalized as a Generalized Nash Equilibrium (GNE) problem. This is a generalization of the Nash equilibrium problem, where the agents' strategies are not fixed but depend on the other agents' strategies. In this paper, we show that Membrane Computing can model humanitarian relief as a GNE problem. We propose a family of P systems that compute GNE in this context, and we illustrate their capabilities with Hurricane Katrina in 2005 as a case study.

Nearly all living systems, especially humans, depend on collective cooperation for survival and prosperity. However, the mechanisms driving the evolution of cooperative behavior remain poorly understood, particularly in the context of simultaneous interactions involving multiple individuals, repeated encounters, and complex interaction structures. Here, we introduce a novel framework for studying repeated multi-player interactions in structured populations -- repeated multi-player games on hypergraphs -- where multiple individuals within each hyperedge engage in a repeated game, and each player can simultaneously participate in many games. We focus on public goods games, where individuals differ in their initial endowments, their allocation of endowments across games, and their productivity, which determines the impact of their contributions. Through Nash equilibrium analysis, we reveal the intricate interplay between full cooperation (all individuals contribute their entire endowments, maximizing collective benefits) and key factors such as initial endowments, productivity, contribution strategies, and interaction structure. Notably, while equal endowments are most effective in promoting full cooperation in homogeneous hypergraphs, they can hinder cooperation in heterogeneous hypergraphs, suggesting that equal endowments are not universally optimal. To address this, we propose two optimization strategies: one for policymakers to adjust endowment distributions and another for players to modify their contribution strategies. Both approaches successfully promote full cooperation across all studied hypergraphs. Our findings provide novel insights into the emergence of full cooperation, offering valuable guidance for both players and policymakers in fostering collective cooperation.

Recent account allocation studies in sharded blockchains are typically miner-driven, requiring miners to perform global optimizations for all accounts to enhance system-wide performance. This forces each miner to maintain a complete copy of the entire ledger, resulting in significant storage, communication, and computation overhead. In this work, we explore an alternative research direction by proposing Mosaic, the first client-driven framework for distributed, lightweight local optimization. Rather than relying on miners to allocate all accounts, Mosaic enables clients to independently execute a local algorithm to determine their residing shards. Clients can submit migration requests to a beacon chain when relocation is necessary. Mosaic naturally addresses key limitations of miner-driven approaches, including the lack of miner incentives and the significant overhead. While clients are flexible to adopt any algorithm for shard allocation, we design and implement a reference algorithm, Pilot, to guide them. Clients execute Pilot to maximize their own benefits, such as reduced transaction fees and confirmation latency. On a real-world Ethereum dataset, we implement and evaluate Pilot against state-of-the-art miner-driven global optimization solutions. The results demonstrate that Mosaic significantly enhances computational efficiency, achieving a four-order-of-magnitude reduction in computation time, with the reduced input data size from 1.44 GB to an average of 228.66 bytes per account. Despite these efficiency gains, Pilot introduces only about a 5% increase in the cross-shard ratio and maintains approximately 98% of the system throughput, demonstrating a minimal trade-off in overall effectiveness.

The shortest-time route recommendations offered by modern navigation systems fuel selfish routing in urban vehicular traffic networks and are therefore one of the main reasons for the growth of congestion. In contrast, intelligent transportation systems (ITS) prefer to steer driver-vehicle systems (DVS) toward system-optimal route recommendations, which are primarily designed to mitigate network congestion. However, due to the misalignment in motives, drivers exhibit a lack of trust in the ITS. This paper models the interaction between a DVS and an ITS as a novel, multi-stage routing game where the DVS exhibits dynamics in its trust towards the recommendations of ITS based on counterfactual and observed game outcomes. Specifically, DVS and ITS are respectively modeled as a travel-time minimizer and network congestion minimizer, each having nonidentical prior beliefs about the network state. A novel approximate algorithm to compute the Bayesian Nash equilibrium, called ROSTER(Recommendation Outcome Sampling with Trust Estimation and Re-evaluation), is proposed based on Monte Carlo sampling with trust belief updating to determine the best response route recommendations of the ITS at each stage of the game. Simulation results demonstrate that the trust prediction error in the proposed algorithm converges to zero with a growing number of multi-stage DVS-ITS interactions and is effectively able to both mitigate congestion and reduce driver travel times when compared to alternative route recommendation strategies.

In many decision-making scenarios, individuals strategically choose what information to disclose to optimize their own outcomes. It is unclear whether such strategic information disclosure can lead to good societal outcomes. To address this question, we consider a competitive Bayesian persuasion model in which multiple agents selectively disclose information about their qualities to a principal, who aims to choose the candidates with the highest qualities. Using the price-of-anarchy framework, we quantify the inefficiency of such strategic disclosure. We show that the price of anarchy is at most a constant when the agents have independent quality distributions, even if their utility functions are heterogeneous. This result provides the first theoretical guarantee on the limits of inefficiency in Bayesian persuasion with competitive information disclosure.

We propose a new fairness notion, motivated by the practical challenge of allocating teaching assistants (TAs) to courses in a department. Each course requires a certain number of TAs and each TA has preferences over the courses they want to assist. Similarly, each course instructor has preferences over the TAs who applied for their course. We demand fairness and efficiency for both sides separately, giving rise to the following criteria: (i) every course gets the required number of TAs and the average utility of the assigned TAs meets a threshold; (ii) the allocation of courses to TAs is envy-free, where a TA envies another TA if the former prefers the latter's course and has a higher or equal grade in that course. Note that the definition of envy-freeness here differs from the one in the literature, and we call it merit-based envy-freeness. We show that the problem of finding a merit-based envy-free and efficient matching is NP-hard even for very restricted settings, such as two courses and uniform valuations; constant degree, constant capacity of TAs for every course, valuations in the range {0,1,2,3}, identical valuations from TAs, and even more. To find tractable results, we consider some restricted instances, such as, strict valuation of TAs for courses, the difference between the number of positively valued TAs for a course and the capacity, the number of positively valued TAs/courses, types of valuation functions, and obtained some polynomial-time solvable cases, showing the contrast with intractable results. We further studied the problem in the paradigm of parameterized algorithms and designed some exact and approximation algorithms.

Dominance is a fundamental concept in game theory. In strategic-form games dominated strategies can be identified in polynomial time. As a consequence, iterative removal of dominated strategies can be performed efficiently as a preprocessing step for reducing the size of a game before computing a Nash equilibrium. For imperfect-information games in extensive form, we could convert the game to strategic form and then iteratively remove dominated strategies in the same way; however, this conversion may cause an exponential blowup in game size. In this paper we define and study the concept of dominated actions in imperfect-information games. Our main result is a polynomial-time algorithm for determining whether an action is dominated (strictly or weakly) by any mixed strategy in n-player games, which can be extended to an algorithm for iteratively removing dominated actions. This allows us to efficiently reduce the size of the game tree as a preprocessing step for Nash equilibrium computation. We explore the role of dominated actions empirically in the "All In or Fold" No-Limit Texas Hold'em poker variant.

We study the problem of allocating items to agents such that the (un)weighted Nash social welfare (NSW) is maximized under submodular valuations. The best-known results for unweighted and weighted problems are the $(4+\epsilon)$ approximation given by Garg, Husic, Li, Vega, and Vondrak~\cite{stoc/GargHLVV23} and the $(233+\epsilon)$ approximation given by Feng, Hu, Li, and Zhang~\cite{stoc/FHLZ25}, respectively. For the weighted NSW problem, we present a $(5.18+\epsilon)$-approximation algorithm, significantly improving the previous approximation ratio and simplifying the analysis. Our algorithm is based on the same configuration LP in~\cite{stoc/FHLZ25}, but with a modified rounding algorithm. For the unweighted NSW problem, we show that the local search-based algorithm in~\cite{stoc/GargHLVV23} is an approximation of $(3.914+\epsilon)$ by more careful analysis. On the negative side, we prove that the configuration LP for weighted NSW with submodular valuations has an integrality gap at least $2^{\ln 2}-\epsilon \approx 1.617 - \epsilon$, which is slightly larger than the current best-known $e/(e-1)-\epsilon \approx 1.582-\epsilon$ hardness of approximation~\cite{talg/GargKK23}. For the additive valuation case, we show an integrality gap of $(e^{1/e}-\epsilon)$, which proves that the ratio of $(e^{1/e}+\epsilon)$~\cite{icalp/FengLi24} is tight for algorithms based on the configuration LP. For unweighted NSW with additive valuations, we show a gap of $(2^{1/4}-\epsilon) \approx 1.189-\epsilon$, slightly larger than the current best-known $\sqrt{8/7} \approx 1.069$-hardness for the problem~\cite{mor/Garg0M24}.

In electronic consumer Internet of Things (IoT), consumer electronic devices as edge devices require less computational overhead and the remote state estimation (RSE) of consumer electronic devices is always at risk of denial-of-service (DoS) attacks. Therefore, the adversarial strategy between consumer electronic devices and DoS attackers is critical. This paper focuses on the adversarial strategy between consumer electronic devices and DoS attackers in IoT-enabled RSE Systems. We first propose a remote joint estimation model for distributed measurements to effectively reduce consumer electronic device workload and minimize data leakage risks. The Kalman filter is deployed on the remote estimator, and the DoS attacks with open-loop as well as closed-loop are considered. We further introduce advanced reinforcement learning techniques, including centralized and distributed Minimax-DQN, to address high-dimensional decision-making challenges in both open-loop and closed-loop scenarios. Especially, the Q-network instead of the Q-table is used in the proposed approaches, which effectively solves the challenge of Q-learning. Moreover, the proposed distributed Minimax-DQN reduces the action space to expedite the search for Nash Equilibrium (NE). The experimental results validate that the proposed model can expeditiously restore the RSE error covariance to a stable state in the presence of DoS attacks, exhibiting notable attack robustness. The proposed centralized and distributed Minimax-DQN effectively resolves the NE in both open and closed-loop case, showcasing remarkable performance in terms of convergence. It reveals that substantial advantages in both efficiency and stability are achieved compared with the state-of-the-art methods.

In online (sequential) calibration, a forecaster predicts probability distributions over a finite outcome space $[d]$ over a sequence of $T$ days, with the goal of being calibrated. While asymptotically calibrated strategies are known to exist, they suffer from the curse of dimensionality: the best known algorithms require $\exp(d)$ days to achieve non-trivial calibration. In this work, we present the first asymptotically calibrated strategy that guarantees non-trivial calibration after a polynomial number of rounds. Specifically, for any desired accuracy $\epsilon > 0$, our forecaster becomes $\epsilon$-calibrated after $T = d^{O(1/\epsilon^2)}$ days. We complement this result with a lower bound, proving that at least $T = d^{\Omega(\log(1/\epsilon))}$ rounds are necessary to achieve $\epsilon$-calibration. Our results resolve the open questions posed by [Abernethy-Mannor'11, Hazan-Kakade'12]. Our algorithm is inspired by recent breakthroughs in swap regret minimization [Peng-Rubinstein'24, Dagan et al.'24]. Despite its strong theoretical guarantees, the approach is remarkably simple and intuitive: it randomly selects among a set of sub-forecasters, each of which predicts the empirical outcome frequency over recent time windows.

We study structured Stackelberg games, in which both players (the leader and the follower) observe information about the state of the world at time of play. Importantly, this information may contain information about the follower, which the leader may use when deciding her strategy. Under this setting, we show that no-regret learning is possible if and only if the set of mappings from contexts to follower types that the leader uses to learn is not ``too complex''. Specifically, we find that standard learning theoretic measures of complexity do not characterize learnability in our setting and we give a new dimension which does, which we term the Stackelberg-Littlestone dimension. In the distributional setting, we give analogous results by showing that standard complexity measures do not characterize the sample complexity of learning, but a new dimension called the Stackelberg-Natarajan dimension does. We then show that an appropriate empirical risk minimization procedure achieves the corresponding sample complexity.

There is general agreement that fostering trust and cooperation within the AI development ecosystem is essential to promote the adoption of trustworthy AI systems. By embedding Large Language Model (LLM) agents within an evolutionary game-theoretic framework, this paper investigates the complex interplay between AI developers, regulators and users, modelling their strategic choices under different regulatory scenarios. Evolutionary game theory (EGT) is used to quantitatively model the dilemmas faced by each actor, and LLMs provide additional degrees of complexity and nuances and enable repeated games and incorporation of personality traits. Our research identifies emerging behaviours of strategic AI agents, which tend to adopt more "pessimistic" (not trusting and defective) stances than pure game-theoretic agents. We observe that, in case of full trust by users, incentives are effective to promote effective regulation; however, conditional trust may deteriorate the "social pact". Establishing a virtuous feedback between users' trust and regulators' reputation thus appears to be key to nudge developers towards creating safe AI. However, the level at which this trust emerges may depend on the specific LLM used for testing. Our results thus provide guidance for AI regulation systems, and help predict the outcome of strategic LLM agents, should they be used to aid regulation itself.

This paper introduces a game-theoretic model tailored for reward distribution on crowd-sourced computing platforms. It explores a repeated game framework where miners, as computation providers, decide their computation power contribution in each round, guided by the platform's designed reward distribution mechanism. The reward for each miner in every round is based on the platform's randomized task payments and the miners' computation transcripts. Specifically, it defines Opportunity-Cost-Driven Incentive Compatibility (OCD-IC) and Dynamic OCD-IC (DOCD-IC) for scenarios where strategic miners might allocate some computation power to more profitable activities, such as Bitcoin mining. The platform must also achieve Budget Balance (BB), aiming for a non-negative total income over the long term. This paper demonstrates that traditional Pay-Per-Share (PPS) reward schemes require assumptions about task demand and miners' opportunity costs to ensure OCD-IC and BB, yet they fail to satisfy DOCD-IC. The paper then introduces Pay-Per-Share with Subsidy (PPSS), a new reward mechanism that allows the platform to provide subsidies to miners, thus eliminating the need for assumptions on opportunity cost to achieve OCD-IC, DOCD-IC, and long-term BB.

Natural and human-made common goods present key challenges due to their susceptibility to degradation, overuse, or congestion. We explore the self-organisation of their usage when individuals have access to several available commons but limited information on them. We propose an extension of the Win-Stay, Lose-Shift (WSLS) strategy for such systems, under which individuals use a resource iteratively until they are unsuccessful and then shift randomly. This simple strategy leads to a distribution of the use of commons with an improvement against random shifting. Selective individuals who retain information on their usage and accordingly adapt their tolerance to failure in each common good improve the average experienced quality for an entire population. Hybrid systems of selective and non-selective individuals can lead to an equilibrium with equalised experienced quality akin to the ideal free distribution. We show that these results can be applied to the server selection problem faced by mobile users accessing Internet services and we perform realistic simulations to test their validity. Furthermore, these findings can be used to understand other real systems such as animal dispersal on grazing and foraging land, and to propose solutions to operators of systems of public transport or other technological commons.

I consider the problem of classifying individual behavior in a simple setting of outcome performativity where the behavior the algorithm seeks to classify is itself dependent on the algorithm. I show in this context that the most accurate classifier is either a threshold or a negative threshold rule. A threshold rule offers the "good" classification to those individuals whose outcome likelihoods are greater than some cutpoint, while a negative threshold rule offers the "good" outcome to those whose outcome likelihoods are less than some cutpoint. While seemingly pathological, I show that a negative threshold rule can be the most accurate classifier when outcomes are performative. I provide an example of such a classifier, and extend the analysis to more general algorithm objectives, allowing the algorithm to differentially weigh false negatives and false positives, for example.