Skip to main content
SpringerLink
Log in

Optimizing Affine Maximizer Auctions via Linear Programming: An Application to Revenue Maximizing Mechanism Design for Zero-Day Exploits Markets

  • Conference paper
  • First Online:
PRIMA 2017: Principles and Practice of Multi-Agent Systems (PRIMA 2017)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 10621))

Abstract

Optimizing within the affine maximizer auctions (AMA) is an effective approach for revenue maximizing mechanism design. The AMA mechanisms are strategy-proof and individually rational (if the agents’ valuations for the outcomes are nonnegative). Every AMA mechanism is characterized by a list of parameters. By focusing on the AMA mechanisms, we turn mechanism design into a value optimization problem, where we only need to adjust the parameters. We propose a linear programming based heuristic for optimizing within the AMA family. We apply our technique to revenue maximizing mechanism design for zero-day exploit markets. We show that due to the nature of the zero-day exploit markets, if there are only two agents (one offender and one defender), then our technique generally produces a near optimal mechanism: the mechanism’s expected revenue is close to the optimal revenue achieved by the optimal strategy-proof and individually rational mechanism (not necessarily an AMA mechanism).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The authors also proposed a restricted version of AMA called the VVCA mechanisms. A VVCA mechanism is only characterized by 2n parameters, which makes it much easier to optimize over. On the other hand, due to the fact that the VVCA family is only a tiny subset of the whole AMA family, we lose revenue by focusing only on it.

  2. 2.

    In our model, we allow payments. After all, the objective is to maximize revenue.

  3. 3.

    If we allow randomized mechanisms, then an outcome is a nonincreasing function o(t), with \(o(0)=1\) and \(o(1)=0\). o(t) represents the probability for the exploit to be alive at time t.

  4. 4.

    We have to emphasize that this is not an uncommon constraint when it comes to using numerical methods for maximizing mechanism revenue.

References

  1. Algarni, A.M., Malaiya, Y.K.: Software vulnerability markets: discoverers and buyers. Int. J. Comput. Electr. Autom. Control Inf. Eng. 8(3), 71–81 (2014)

    Google Scholar 

  2. Bilge, L., Dumitras, T.: Before we knew it: an empirical study of zero-day attacks in the real world. In: Proceedings of 2012 ACM Conference on Computer and Communications Security, CCS 2012, pp. 833–844. ACM, New York (2012). http://doi.acm.org/10.1145/2382196.2382284

  3. Brams, S.J., Jones, M.A., Klamler, C.: Better ways to cut a cake - revisited. In: Brams, S., Pruhs, K., Woeginger, G. (eds.) Fair Division. Dagstuhl Seminar Proceedings, No. 07261. Internationales Begegnungs- und Forschungszentrum fĂĽr Informatik (IBFI), Schloss Dagstuhl, Germany (2007)

    Google Scholar 

  4. Chen, Y., Lai, J., Parkes, D., Procaccia, A.: Truth, justice, and cake cutting. In: Proceedings of the National Conference on Artificial Intelligence (AAAI), Atlanta, GA, USA (2010)

    Google Scholar 

  5. Egelman, S., Herley, C., van Oorschot, P.C.: Markets for zero-day exploits: ethics and implications. In: Proceedings of 2013 Workshop on New Security Paradigms Workshop, NSPW 2013, pp. 41–46. ACM, New York (2013). http://doi.acm.org/10.1145/2535813.2535818

  6. Emek, Y., Feldman, M., Gamzu, I., Paes Leme, R., Tennenholtz, M.: Signaling schemes for revenue maximization. In: Proceedings of the ACM Conference on Electronic Commerce (EC), Valencia, Spain (2012)

    Google Scholar 

  7. Fisher, D.: Vupen founder launches new zero-day acquisition firm zerodium (2015). https://threatpost.com/vupen-launches-new-zero-day-acquisition-firm-zerodium/113933/. Accessed 25 July 2012

  8. Goemans, M., Skutella, M.: Cooperative facility location games. J. Algorithms 50, 194–214 (2004). Early version: SODA 2000, pp. 76–85

    Article  MathSciNet  MATH  Google Scholar 

  9. Greenberg, A.: Shopping for zero-days: a price list for hackers’ secret software exploits (2012). http://www.forbes.com/sites/andygreenberg/2012/03/23/shopping-for-zero-days-an-price-list-for-hackers-secret-software-exploits/. Accessed 23 Mar 2012

  10. Guo, M., Deligkas, A.: Revenue maximization via hiding item attributes. In: Proceedings of the Twenty-Third International Joint Conference on Artificial Intelligence (IJCAI), Beijing, China (2013)

    Google Scholar 

  11. Guo, M., Deligkas, A., Savani, R.: Increasing VCG revenue by decreasing the quality of items. In: Proceedings of the National Conference on Artificial Intelligence (AAAI), Quebec, Canada (2014)

    Google Scholar 

  12. Guo, M., Hata, H., Babar, A.: Revenue maximizing markets for zero-day exploits. In: Baldoni, M., Chopra, A.K., Son, T.C., Hirayama, K., Torroni, P. (eds.) PRIMA 2016. LNCS (LNAI), vol. 9862, pp. 247–260. Springer, Cham (2016). doi:10.1007/978-3-319-44832-9_15

    Chapter  Google Scholar 

  13. Lahaie, S., Pennock, D.M., Saberi, A., Vohra, R.V.: Sponsored search auctions. In: Nisan, N., Roughgarden, T., Tardos, E., Vazirani, V. (eds.) Algorithmic Game Theory, Chap. 28. Cambridge University Press, Cambridge (2007)

    Google Scholar 

  14. Lavi, R., Mu’alem, A., Nisan, N.: Towards a characterization of truthful combinatorial auctions. In: Proceedings of the Annual Symposium on Foundations of Computer Science (FOCS), pp. 574–583 (2003)

    Google Scholar 

  15. Likhodedov, A., Sandholm, T.: Methods for boosting revenue in combinatorial auctions. In: Proceedings of the National Conference on Artificial Intelligence (AAAI), San Jose, CA, USA, pp. 232–237 (2004)

    Google Scholar 

  16. Likhodedov, A., Sandholm, T.: Approximating revenue-maximizing combinatorial auctions. In: Proceedings of the National Conference on Artificial Intelligence (AAAI), Pittsburgh, PA, USA (2005)

    Google Scholar 

  17. Myerson, R.: Optimal auction design. Math. Oper. Res. 6, 58–73 (1981)

    Article  MathSciNet  MATH  Google Scholar 

  18. Procaccia, A.D., Tennenholtz, M.: Approximate mechanism design without money. In: Proceedings of the ACM Conference on Electronic Commerce (EC), Stanford, CA, USA, pp. 177–186 (2009)

    Google Scholar 

  19. TC Projects: Severity guidelines for security issues (2015). https://www.chromium.org/developers/severity-guidelines. Accessed 15 Sept 2015

  20. Vickrey, W.: Counterspeculation, auctions, and competitive sealed tenders. J. Financ. 16, 8–37 (1961)

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, University of Adelaide, Adelaide, Australia

    Mingyu Guo & Ali Babar

  2. Graduate School of Information Science, Nara Institute of Science and Technology, Ikoma, Japan

    Hideaki Hata

Authors
  1. Mingyu Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hideaki Hata
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ali Babar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mingyu Guo .

Editor information

Editors and Affiliations

  1. Nanyang Technological University, Singapore, Singapore

    Bo An

  2. Universidade Federal Rio Grande do Sul, Porto Alegre, Rio Grande do Sul, Brazil

    Ana Bazzan

  3. Universidade Nova de Lisboa, Caparica, Portugal

    JoĂŁo Leite

  4. Université Côte d’Azur, Sophia Antipolis, France

    Serena Villata

  5. University of Luxembourg, Esch-sur-Alzette, Luxembourg

    Leendert van der Torre

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Guo, M., Hata, H., Babar, A. (2017). Optimizing Affine Maximizer Auctions via Linear Programming: An Application to Revenue Maximizing Mechanism Design for Zero-Day Exploits Markets. In: An, B., Bazzan, A., Leite, J., Villata, S., van der Torre, L. (eds) PRIMA 2017: Principles and Practice of Multi-Agent Systems. PRIMA 2017. Lecture Notes in Computer Science(), vol 10621. Springer, Cham. https://doi.org/10.1007/978-3-319-69131-2_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-69131-2_17

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-69130-5

  • Online ISBN: 978-3-319-69131-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation