Slide 1

The Effect of Decentralized Behavioral Decision Making on System-Level Risk Kim Kaivanto Department of Economics Lancaster University TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A A AAA Slide 2 In computer networks, system-level risk depends on the actions and choices of a collection of lay users. How should we model the decision making of these lay users ? Does it matter whether our modeling assumptions reflect normative rationality or heuristics & biases? Slide 3 Outline Classical SDT under normative rationality Behavioral factors From the decision-making literature: CPT From the phishing & deception literatures Re-derivation of optimal cutoff threshold under CPT-SDT Using T&K92 probability weighting function Using neo-additive probability weighting function Incorporating the psychology of deception Beyond comparative statics: comparative simulation results Implications Spam filtering Education & training End Slide 4 Classical SDT Elements: - a score variable, - known distributions of the score under and - as the cutoff threshold is varied, traces out the Receiver Operating Characteristics (ROC) curve Slide 5 FP% + TN% = 100% FN% + TP% = 100% rate; frequency; likelihood + (1) = 1 + (1) = 1 For the healthy: For the diseased: ROC curve: Slide 6 Classical SDT Slide 7 Binormal ROC curves d' = 1.7-1 = 0.7 Low-AUC ROC curve: d' = 2.7-1 = 1.7 High-AUC ROC curve: Slide 8 Classical SDT Elements: - a score variable, - known distributions of the score under and - as the cutoff threshold is varied, traces out the Receiver Operating Characteristics (ROC) curve Task: identify optimal cutoff threshold such that the observed score is either in the acceptance interval or in the rejection interval where the null hypothesis and the alt. hypothesis Problem: choose the optimal cutoff threshold by solving Slide 9 Classical SDT The expected cost of using the SDT mechanism is: Setting the total differential of expected cost to zero it follows that the slope of each iso-E(C) line is the probability weighted ratio of the incremental cost of misclassifying a non-malicious email to the incremental cost of misclassifying a malicious email Slide 10 Classical SDT The optimal cutoff threshold is a function of - a misclassification cost matrix - the baserate odds of (email) being non-malicious - risk preferences n.b. There is no reason for the misclassification costs to be the same for the user as for the organization n.b. Classical SDT admits that costs can be replaced by their utilities, but in fact proceeds (exclusively) with mini- mizing expected cost, i.e. assuming risk neutrality. n.b. In the literature, the optimal classifier is computed under risk neutrality (!) Slide 11 Classical SDT Only the difference between the misclassification and the correct classification matters for optimal cutoff placement Slide 12 Behavioral factors Descriptively, behavioral decision makers display -reference dependence, framing effects -non-linear probability weighting -loss aversion -ambiguity aversion -four-fold pattern of risk aversion All incorporated in Cumulative Prospect Theory (CPT) Deception deploys employ -peripheral-route persuasion -authority, scarcity, similarity & identification, reciprocation, consistency, social proof -visceral emotions -urgency -contextual cues Slide 13 CPT extension of SDT Using a conventional CPT specification Slide 14 CPT extension of SDT (1-p)p (1-) (1-) C TN C FP C FN C TP Slide 15 CPT extension of SDT Assume Further, wlog - this becomes the CPT reference point Then the CPT value function, in terms of and : Slide 16 CPT extension of SDT We form the total differential of, set it to zero, and solve for the slope of the iso- contours in ROC space. Slide 17 CPT extension of SDT Where the baserate probability term Slide 18 CPT extension of SDT Iso- contours in ROC space Slide 19 CPT extension of SDT Implication of non-linearity of iso- contours: Optimal operating point possibly non-unique. Uniqueness cannot be ensured with the T&K92 pwf. Slide 20 CPT extension of SDT Let there be a set of constants so Whereby Slide 21 CPT extension of SDT The implication of Is that the CPT extension of SDT also creates a bias relative to the benchmark calculated under risk neutrality, which is consistent (in directionality) with the experimental psychology sense of conservative cutoff placement. Slide 22 CPT extension of SDT with neo-additive pwf Consider the piece-wise linear neo-additive pwf among the most promising candidates regarding the optimal tradeoff of parsimony and fit (Wakker, 2010). Captures the possibility effect, the certainty effect, the overweighting of small probabilities, and the underweighting of large probabililties. Slide 23 CPT extension of SDT with neo-additive pwf Slide 24 Solving for the slope of the iso- contours in ROC space The iso- contours are staight lines, just as in classical SDT. This ensures uniqueness of the optimal cutoff threshold. Slide 25 CPT-SDT with psychology of deception Successful deception deploys: -peripheral-route persuasion -visceral emotions -urgency -contextual cues The deception-perpetrators skill and effort. Mark is ploy-specific discriminability at time t: Slide 26 CPT-SDT comparative statics The difference between classical SDT and CPT-SDT optimal trade-offs entails that the bias of incorrectly assuming normative rationality is larger for agents with a lower d, i.e. a lower ROC curvature and AUC. CPT-SDT shifts the optimal cutoff and the optimal operating point more for agents with a lower ROC curvature and AUC. The psychology of deception magnifies the effect of be- havioral decision making under risk and uncertainty. Slide 27 Comparative simulation results Are the individual-level behavioral effects quantitatively consequential at the level of the whole network? M1Classical SDT model M2CPT-SDT model M3CPT-SDT with psych of deception, We simulate (ABM, NetLogo) a 3-week spear-phishing attack on an organization with 100 users. Each user receives 250 emails per working week. 1/250=0.004 of emails are malicious. During an attack, a user may be fooled at most once. The users learn from their mistakes. Slide 28 Comparative simulation results Are the individual-level behavioral effects quantitatively consequential at the level of the whole network? M1Classical SDT model M2CPT-SDT model M3CPT-SDT with psych of deception with probability Slide 29 Comparative simulation results Distribution of security breaches in 10,000 repetitions Slide 30 Comparative simulation results Distribution of security breaches in 10,000 repetitions Slide 31 Comparative simulation results Distribution of security breaches in 10,000 repetitions Slide 32 Comparative simulation results Distribution of security breaches in 10,000 repetitions Slide 33 Comparative simulation results Distribution of security breaches in 10,000 repetitions Slide 34 Comparative simulation results Slide 35 Slide 36 Slide 37 Implications for education and training Target: discriminability prior probability susceptibility to deception Note: good spam filtering lowers p ! Slide 38 Conclusion Individual-level behavioral effects matter for system-level risk!