- CSB Makes Business Case for Safety
- Design Flaws Led to KS Toxic Chem Release
- Tank Blast: Pressure Boundary Failed
- Wecon Mitigates HMI Editor Holes
- Schneider Working on Modicon, SoMachine Holes
- Schneider Updates Controller Fix
- ICSJWG: New Reality for Safety, Security
- ICSJWG: Malware Having ICS Impact
Chemical Safety Incidents
Game Theory to Predict Voting Cyberattacks
Friday, March 10, 2017 @ 01:03 PM gHale
Rigged elections are top of mind across the United States after accusations have been flying since before and after the presidential election this past year.
How and why someone would want to tamper with an election remain questions that Vanderbilt University’s Yevgeniy Vorobeychik, assistant professor of computer science and computer engineering, spent much of last year researching. He then developed an algorithm to protect against those efforts. He and his international colleagues are improving the algorithm through a number of extensions and testing it on 2016 U.S. election data.
Vorobeychik said he ultimately wants to translate the best version into software available to public agencies.
His first inspiration came from Pakistan in 2013, where bombings by terrorists subverted the electoral process. Other nations may more likely face the cyberattack version of that violence — bloodless, but no less damaging to the democratic process.
Vorobeychik is a game theory expert who has applied that branch of mathematics to genomic data privacy, homeland security and emergency response, but he quickly saw connections between these fields and attacks on the voting process. He began reading the work of J. Alex Halderman, a computer science professor at the University of Michigan, on electronic voting machine flaws that attackers could use to compromise elections.
“With increased use of electronic voting machines, it’s more important to consider why someone would attack them, what it would accomplish and how to address that,” Vorobeychik said.
Game theory applies to this field by using the example of two diamonds in two vaults, one considerably more valuable than the other, he said. Do guards protect the most expensive one? Or is it the cheaper one, since the thief assumes the other is being watched? Game theory randomizes the process and increases the guards’ chances of duplicating the criminal mind and protecting the correct diamond.
The algorithm can end up used for monitoring machines in certain polling places during elections or for auditing polling places or districts after voting ends but before the certification of the election. People committing election fraud obviously don’t want to end up detected, so their interference will be subtle, Vorobeychik said, likely targeting individual machines or districts so that they’re effectively removed from the total votes – making the outcomes close to a tie in districts that are likely to support the candidate they want to fail.
“The new extension more realistically models the attacks on voting systems that would actually happen,” Vorobeychik said. “It’s easy enough for humans to just work with a list of districts in order of importance to, say, a presidential election. It’s harder to figure out how to randomize that list to best determine which districts would be targeted. Turns out it helps a tremendous deal to have a computer.”
His team tested the algorithm on both randomly generated data and results from the French presidential election of 2002 because it was readily available. (That test found nothing alarming.) Now, they’re using recently available 2016 presidential election results from Michigan because it was a state with a suspicious swing.
The problem of randomizing decisions for the defender protecting elections and the attacker seeking to infiltrate them is NP-hard, which means it’s computationally intractable. The team used a double-oracle framework and mixed-integer linear programming techniques to write an algorithm that can end up scaled up for large elections.
It will allow the computer to pull random districts likely to end up targeted and let auditors check for discrepancies in vote totals. Doing that by hand would be labor-intensive, and those tampering with machines could find out the selection system. The algorithm makes that process completely unpredictable. The new extension to the algorithm makes it better reflect whatever system election attackers are using to make their decisions.
“Would they have an algorithm like this? Our work assumes the worst case scenario — that they do,” Vorobeychik said. “We’re designing protection around that. If they design something not as intelligent, we only do better.
“With game theory, you can systematically address attacks and their consequences,” he said. “If there are a million people who voted illegally, you want to know that and mitigate it. How you deal with that is going to be up to the authorities, but they need to detect it first.”