Complexity of the Multilevel Critical Node Problem
aa r X i v : . [ c s . CC ] O c t C OMPLEXITY OF THE M ULTILEVEL C R ITIC AL N ODE P ROB LEM
Adel Nabli Margarida Carvalho
CIRRELT and Département d’Informatique et de Recherche OpérationnelleUniversité de Montréal [email protected]@iro.umontreal.ca
Pierre Hosteins
COSYS-ESTASUniversité Gustave Eiffel [email protected] A BSTRACT
In this work, we analyze a sequential game played in a graph called the Multilevel Critical Nodeproblem (MCN). A defender and an attacker are the players of this game. The defender starts bypreventively interdicting vertices (vaccination) from being attacked. Then, the attacker infects asubset of non-vaccinated vertices and, finally, the defender reacts with a protection strategy. We pro-vide the first computational complexity results associated with MCN and its subgames. Moreover,by considering unitary, weighted, undirected, and directed graphs, we clarify how the theoreticaltractability of those problems vary. Our findings contribute with new NP-complete, Σ p -completeand Σ p -complete problems. Furthermore, for the last level of the game, the protection stage, webuild polynomial time algorithms for certain graph classes. Multilevel Critical Node
Graphs are powerful mathematical structures that enable us to model real-world networks.The problem of breaking the connectivity of a graph has been extensively studied in combinatorial optimization sinceit can serve to measure the robustness of a network to disruptions. In this work, we will focus on the Multilevel CriticalNode problem (MCN) [5]. Let G = ( V, A ) be graph with a set V of vertices and a set A of arcs. In MCN there are twoplayers, designated by defender and attacker, whose individual strategies are given by a selection of subsets of V . Thegame goes as follows: first, the defender selects a subset of vertices D ⊆ V to vaccinate subject to a budget limit Ω and a cost { ˆ c v } v ∈ V ; second, the attacker observes the vaccination strategy, and selects a subset of vertices I ⊆ V \ D to(directly) infect subject to a budget limit Φ and a cost { h v } v ∈ V ; and third, the defender observes the infection strategy,and selects a subset of vertices P ⊆ V \ I to protect subject to a budget limit Λ and a cost { c v } v ∈ V . An infected vertex v propagates the infection to a vertex u , if ( v, u ) ∈ A and u is neither a vaccinated or a protected vertex. The goal ofthe defender is to maximize the benefit b v of saved vertices ( i.e. , not infected), while the attacker aims to minimize it.We assume that all parameters of the problem are non-negative integers. The game description can be succinctly givenby the following mixed integer trilevel program: ( M CN ) max z ∈{ , } | V | X v ∈ V ˆ c v z v ≤ Ω min y ∈{ , } | V | X v ∈ V h v y v ≤ Φ max x ∈{ , } | V | α ∈ [0 , | V | X v ∈ V b v α v s.t. X v ∈ V c v x v ≤ Λ α v ≤ z v − y v ∀ v ∈ V (1a) α v ≤ α u + x v + z v ∀ ( u, v ) ∈ A, (1b)where z , y , x and α are decision vectors which coordinates are z v , y v , x v and α v for each v ∈ V . In this optimizationmodel, z , y and x reflect the set of vaccinated vertices D = { v ∈ V : z v = 1 } , directly infected vertices I = { v ∈ V : y v = 1 } and protected vertices P = { v ∈ V : x v = 1 } , respectively. Finally, α mimics the propagationof the infection among the vertices in V , through Constraints (1a) and (1b), and it is necessarily binary due to themaximization in the last level (protection). Concretely, α v = 1 means that vertex v is saved and α v = 0 means thatvertex v is infected. In multilevel optimization, the first stage (in MCN, the vaccination stage) is called the upper levelomplexity of the Multilevel Critical Node Problem Instance Vaccinate 3 Infect 2 Protect 1
Figure 1: Example of an MCN game with unitary costs and benefits, and budgets
Ω = Φ = Λ = 1 . We removed thevaccinated and protected vertices as an infection cannot pass through them (see Property 3.1). Vertices { , , , } aresaved and { , } are infected.or first level, the second stage is called the second level, and so on, with the last stage being also designated by lowerlevel. See [5] for further details on this mathematical programming formulation and Figure 1 for an illustration of thegame. Contributions
To the best of our knowledge, this work is the first providing a computational complexity classifica-tion of the decision version of MCN, as well as, of its subgames. Namely, we investigate the subgames (i) P ROTECT ,where given D and I , the defender seeks the optimal protection strategy, (ii) A TTACK , where given D and no pro-tection budget, the attacker determines the optimal infection strategy, (iii) A TTACK -P ROTECT , where given D , theattacker computes the optimal infection strategy, and (iv) V ACCINATION -A TTACK , where given no budget for protec-tion, the defender finds the optimal vaccination strategy. This fundamental contribution sheds light on the practicaldifficulties dealt in [5]. Furthermore, it contributes to the understanding of sequential combinatorial games withinthe polynomial hierarchy and it motivates the focus on potentially
Ω(2 | V | ) algorithms, heuristic methods or novelsolution definitions. Table 1 summarizes our results for general graphs; unitary cases assume that all costs and benefitsare 1, and undirected graphs assume that infection can traverse an edge in both directions. We stress the incorrectnessof the following intuitive claim for multilevel optimization problems: if a subgame is C -hard for some complexityclass C , then the associated game is at least C -hard. Note that in a multilevel optimization problem, like the MCN,the ultimate goal is to find the optimal first level decision. Hence, if for example in the MCN, we had always Ω = | V | ,then we would know directly that all vertices are saved, even if the attack problem is theoretically intractable. Thissupports the interest of understanding the individual complexity of each subgame of MCN.We also contribute with an algorithmic analyzes of P ROTECT by exploring graph classes where it becomes polynomi-ally solvable.
Undirected Graphs Directed Graphs D ECISION V ERSIONS U NITARY C ASE W EIGHTED C ASE U NITARY C ASE W EIGHTED C ASE
Section 3 Section 4 Sections 5 & 6 P ROTECT [1] NP-complete [6] NP-complete [11] NP-complete [16] NP-completeA
TTACK [2] Polynomial [7] NP-complete [12] NP-complete [17] NP-completeA
TTACK -P ROTECT [3] NP-hard [8] Σ p -complete [13] NP-hard [18] Σ p -completeV ACCINATION -A TTACK [4] NP-complete [9] Σ p -complete [14] Σ p -complete [19] Σ p -completeMCN [5] NP-hard [10] Σ p -complete [15] Σ p -hard [20] Σ p -complete Table 1: Computational complexity of the decision versions of the subproblems in MCN. Entries in gray correspondto results that follow as corollaries. In increasing order, we have: [4] = ⇒ [5] , [1] = ⇒ [6] , [12] = ⇒ [13] , [14] = ⇒ [15] , and [6 -
10] = ⇒ [16 - . 2omplexity of the Multilevel Critical Node Problem Paper Organization
In Section 2, we revise the literature associated with MCN, allowing to position our con-tribution in the context of critical node problems, interdiction games and defender-attacker-defender problems. InSection 3, we focus on the case where graphs are undirected and each vertex benefit and cost is unitary. Section 4 addsthe possibility of having non-unitary parameters, while Section 5 generalizes the game to directed graphs. Finally,Section 6 investigates structural properties of special graph classes that can be explored to make at least P
ROTECTION polynomially solvable, both on directed and undirected graphs.
Assessing the vulnerability of complex infrastructures such as networks is of the utmost importance in practice. Oneway to measure the robustness of a given network is to study its connectivity properties, for which many metrics exist.With respect to a fixed metric, vertices often play different roles in the graph, with varying levels of importance. Themost important vertices are qualified as critical . Thus, the problem of detecting subsets of critical vertices with respectto some connectivity measure is of great interest, either for defensive or for offensive purposes, and with applicationsin domains ranging from network immunization [4, 20] to computational biology [8, 38].
Critical Node Detection Problems (CNDP)
The CNDPs have been extensively studied, with names varying withthe connectivity metric to optimize and the constraints of the problem. Many of its studied versions have been shown tobe NP-complete on general graphs; see Lalou et al. [27] for a recent survey. Indeed, many of these belong to the classof problems called
Node-Deletion Problems . They consist in deleting the smallest subset of vertices from a graph sothat the induced subgraph satisfies a certain property π . Lewis and Yannakakis [29] have shown that if π is nontrivial and hereditary , then the subsequent vertex deletion problem is NP-hard. In particular, MinMaxC , the problem offinding a set of vertices D from a graph G with a budget constraint | D |≤ Ω such that the removal of D minimizesthe size of the largest connected component in the remaining graph, has been shown to be NP-hard in the strongsense thanks to this argument [35]. Moreover, some CNDP problems remain NP-hard even on particular graph classes[1, 27]. For example, the original Critical Node Problem (CNP) [4] which seeks to minimize the pairwise connectivity of the graph by removing a limited number of vertices remains NP-hard on split or bipartite graphs [1]. Several workstry to clarify the frontier between polynomial and NP-hard instances for different variants of the CNDP. The versionbased on pairwise connectivity over trees is studied in [14] where it is found to be polynomial with unit connectioncosts and strongly NP-hard otherwise. Many other versions of the CNDP were studied in details over trees, such asthe versions based on the cardinality of the largest component (
MinMaxC ) and the number of connected components(
MaxNum ) [35], the largest pairwise connectivity among all components [26] or an extension of pairwise connectivitybased on the length of shortest paths in the remaining graph [2]. A stochastic version of the pairwise CNDP with nodeattack failure was studied over trees in [21] and found to be strongly NP-hard, even with unit connection costs. TheCNDP has also been studied on other specially structured graphs, such as series-parallel graphs [2, 35], graphs withbounded treewidth [1], proper interval graphs [26] or bipartite permutation graphs [25].
Interdiction Games
In several CNDP, although the optimization problem is formulated with a natural single objec-tive, the task is inherently constituted of several ones. In the CNP, minimizing the pairwise connectivity maximizesthe number of connected components in the residual graph, while simultaneously minimizing the variance in the com-ponent sizes [4]. Even though in this particular case, it has been shown that the multi-objective formulation is notequivalent to the original one [39], splitting the objective in two is sometimes possible. For example, Furini et al. [17]exhibited the hidden bilevel structure of the
Capacitated Vertex Separator problem by formulating it as a two playerStackelberg game in which a leader interdicts the network by removing some of its vertices and a follower determinesthe maximum connected component in the remaining graph, highlighting the link between CNDP problems and
In-terdiction Games . Interdiction games on networks are a special family of two-player zero-sum Stackelberg games inwhich a leader interdicts parts of the network (arcs or vertices) subject to a budget limitation in order to maximize thedisruption of the follower’s objective who solves an optimization problem on the remaining graph ( e.g. , the maximumflow or the maximum clique) . Whereas some interdiction games such as the network flow interdiction are NP-complete[40], others such as the binary knapsack interdiction problem [13, 10] or the maximum clique interdiction game [18]have been shown to be Σ p -complete, shading light on the intrinsic relationship between this class of problems and thesecond level of the polynomial hierarchy.However, the unitary undirected version of MCN, as originally introduced by Baggio et al. [5], is not an interdictionproblem per se but contains one. Indeed, the vaccination stage of the game focuses on identifying critical infrastruc-tures in the network to interdict them preventively to counter an intentional attack, which falls into the framework ofNetwork Interdiction problems. Nevertheless, the game does not finish with the attack: there is a third stage where thedefender tries to isolate the propagation of the infection to maximize the unharmed fraction of the network. Finding ablocking strategy to limit the diffusion of an infection is related to the Firefighter problem , which has been shown to3omplexity of the Multilevel Critical Node Problembe NP-complete, even for trees of maximum degree three [16] and was studied more recently in [6] where the problemwas shown to be NP-complete on split graphs and bipartite graphs but polynomial on graphs with bounded treewidth.Thus, the MCN problem combines two different paradigms in network protection, prevention and blocking , each beingrelated to provably hard problems. The overall contraction leads to a trilevel optimization formulation for the MCN,making it fall under the
Defender-Attacker-Defender (DAD) framework introduced by Brown et al. [9] to study thedefense of critical infrastructure against malicious attacks.
Defender-Attacker-Defender
Although the general DAD has been claimed to be NP-hard in [31], complexity re-sults for trilevel combinatorial optimization problems are scarce. In [23], a new proof that
Trilevel Linear Program-ming is Σ p -hard is provided, building upon the results in [7, 15, 22] showing that the Multilevel Linear Programming problem with L + 1 levels is Σ pL -hard. In fact, the decision version of MCN problem can be formulated as "given integer budgets Ω , Φ , Λ , a graph G and an integer K , is there a vaccination D such that for all attacks I there exists aprotection P saving at least K vertices?" Thus, there seems to be a link between the MCN and the -alternating quan-tified satisfiability problem which has been shown to be Σ p -complete by Meyer, Stockmeyer and Wrathall [32, 41],making one expect the MCN to be complete for this class.We stress that very few problems have been shown to be naturally Σ p -complete in the literature up to now, in additionto infinite families of problems which have been shown to be Σ pL -complete for any level L of the polynomial hierarchy(as, e.g. , Satisfiability Problems, or Multilevel Linear Programming). The compendium of [34], whose last updatedates back to 2008, describes eight Σ p -complete problems including graph theory problems, problems over sets aswell as number theory problems. Since this compendium was last updated, a handful of other problems have beendemonstrated to be Σ p -complete, in the domains of logic, knowledge representation and artificial intelligence. Wecan cite, e.g. , the problem of Binding Forms in First-Order Logic [33], deciding whether a propositional program hasepistemic FLP (Faber, Leone and Pfeifer) answer sets [36], or checking the existence of max optimal outcomes over m CP-nets to study the aggregation of preferences over combinatorial domains in artificial intelligence [30]. To the bestof our knowledge, there is approximately a dozen proven natural Σ p -complete problems in the literature, which makesit all the harder to derive Σ p -hardness for a given trilevel problem. In this work, we add two more problems to the listof Σ p -complete problems, the Trilevel Knapsack Interdiction Problem and the
Multilevel Critical Node Problem . Eventhough the set of proven Σ p -complete problems is larger by one order of magnitude, i.e. , a little more than roughly ahundred such problems are known, we also add several new Σ p -complete problems to this list. In this section, we focus on undirected graphs G = ( V, E ) , i.e. , for each couple of vertices ( u, v ) ∈ V × V , if the arc ( u, v ) is in G , then ( v, u ) is also in the graph. We thus call E the set of edges. Here, we also consider unit benefitsand costs, i.e. , ∀ v ∈ V, ˆ c v = h v = c v = b v = 1 . We introduce s , the function that, given a graph G , the vaccinationstrategy D , the attack strategy I and the protection strategy P , returns s ( G, D, I, P ) , the number of saved vertices inthe end of the game. Thus, in this setting, the trilevel formulation of the problem is simply: max D ⊆ V | D |≤ Ω min I ⊆ V \ D | I |≤ Φ max P ⊆ V \ ( I ∪ D ) | P |≤ Λ s ( G, D, I, P ) . (2)To ease our analysis, guided by the relationship between Critical Node Detection Problems and
Node-Deletion Prob-lems , we first write the immediate Property 3.1 stating that vaccinating or protecting vertices has the same effect as removing them from the graph with respect to s . Starting from G = ( V, E ) and a subset W ⊆ V , we denote by G [ V \ W ] the graph induced by the deletion of the vertices in W and its incident edges. Property 3.1.
Given
G, D, I, P , we have that s ( G, D, I, P ) = s ( G [ V \ ( D ∪ P )] , ∅ , I, ∅ ) + | D | + | P | . What Property 3.1 actually says is that the infected vertices in G are the ones in the connected components of G [ V \ ( D ∪ P )] where there is at least one attacked vertex in I .We will start by classifying the computational complexity of P ROTECT , followed by the one of A
TTACK -P ROTECT ,and, finally, V
ACCINATION -A TTACK . From the latter, we obtain the complexity of A
TTACK , and the minimum com-plexity of MCN. It is easy to see that Property 3.1 holds for general directed weighted versions with s ( G, D, I, P ) = s ( G [ V \ ( D ∪ P )] , ∅ , I, ∅ )+ P v ∈ D b v + P v ∈ P b v and s ( G, D, I, P ) equal to the benefit associated with the saved vertices in the end of the game. P ROTECTION problem
In P
ROTECT , the defender is given D and I and seeks to find an optimal P . Thus, thanks to Property 3.1, we canassume that the game takes place in G a = G [ V \ D ] for this last move: the defender wants to find at most Λ vertices P ⊆ V a \ I that will maximixe s ( G a , ∅ , I, P ) . For a given choice of P , we introduce C ( P ) , ..., C N ( P ) ( P ) , the N ( P ) connected components in the graph G a [ V a \ P ] . Hence, the objective of the defender being to find P minimizing thenumber of infected vertices f ( P ) , we can define it as: f ( P ) = N ( P ) X i =1 | C i ( P ) |× C i ( P ) ∩ I = ∅ . (3)We will show that finding such a P is NP-complete. We argue that it is a direct consequence of the results of [1]showing that the Critical Node Problem is NP-hard on split graphs.
The
Critical Node Problem (CNP) [4] is a related problem to ours. The setting is very similar to P
ROTECTION : wehave an undirected graph ¯ G = ( ¯ V , ¯ E ) , an integer budget B , and we want to find a subset ¯ P of vertices to remove thatminimizes the pairwise connectivity of the residual subgraph ¯ G [ ¯ V \ ¯ P ] under the constraint of having | ¯ P |≤ B . If wedenote by ¯ C ( ¯ P ) , ..., ¯ C N ( ¯ P ) ( ¯ P ) the N ( ¯ P ) connected components of ¯ G [ ¯ V \ ¯ P ] , the measure we want to minimize is: g ( ¯ P ) = N ( ¯ P ) X i =1 (cid:18) | ¯ C i ( ¯ P ) | (cid:19) (4)where each term in the sum is the pairwise connectivity of ¯ C i ( ¯ P ) . Here, we will focus more particularly on splitgraphs . A split graph is a graph ¯ G = ( ¯ V , ¯ E ) whose vertices ¯ V can be split in two sets ¯ V and ¯ V , ¯ V forming a cliqueand ¯ V an independent set. Thus, the decision problem for this particular case of the CNP is: CNP split : INSTANCE : A split graph ¯ G = ( ¯ V , ¯ V ; ¯ E ) , a non-negative integer budget B ≤ | ¯ V | and anon-negative integer ¯ K . QUESTION : Is there a subset ¯ P ⊆ ¯ V , ¯ P ≤ B such that g ( ¯ P ) ≤ ¯ K ?As [1] noted, in this setting there is at most one connected component of the residual subgraph ¯ G [ ¯ V \ ¯ P ] that containsmore than one vertex. Moreover, it is easy to see that if this nontrivial connected component exists, it necessarilycontains a subclique of ¯ G [ ¯ V ] . More than that, it is the only connected component of ¯ G [ ¯ V \ ¯ P ] containing verticesfrom ¯ V . Thus, we can name ¯ C the connected component containing vertices of ¯ V (in the case of ¯ P ⊇ ¯ V , then ¯ C iseither a singleton from ¯ V or is empty and our reasoning still holds) . Then, minimizing (4) is equivalent to minimize | ¯ C | . But finding the subset of vertices ¯ P to remove to do that has been shown to be NP-hard: Lemma 3.2. [1]
CNP split is NP-hard.
Next, we show that the decison version of P
ROTECT is NP-complete using a reduction from CNP split . The decisionproblem is the following: P ROTECT : INSTANCE : A graph G a = ( V a , E a ) , a set of attacked vertices I ⊆ V a , a non-negativeinteger budget Λ ≤ | V a |−| I | and a non-negative integer K . QUESTION : Is there a subset P ⊆ V a \ I , | P |≤ Λ such that the number of infected vertices f ( P ) ≤ K ?Note that the question can be equivalently re-written with the inequality s ( G a , ∅ , I, P ) ≥ | V a |− K . Theorem 3.3. P ROTECT is NP-complete.
Proof.
It is easy to see that P
ROTECT is NP as determining the objective value only requires finding the connectedcomponents of G a [ V a \ P ] which can be done in linear time using a depth-first search (DFS).To complete the proof, we exhibit an immediate reduction from CNP split . Let us take an instance of this problem, i.e. a split graph ¯ G = ( ¯ V , ¯ V ; ¯ E ) , a non-negative integer budget B and a non-negative integer ¯ K . Given that, we builda graph G a by growing by one the size of the clique ¯ G [ ¯ V ] with the addition of a vertex u . Thus, V a = ¯ V ∪ { u } ∪ ¯ V and E a is obtained by taking ¯ E and adding an edge ( u, ¯ v ) ∀ ¯ v ∈ ¯ V . In fact, the new graph is still a split graph G a = ( ¯ V ∪ { u } , ¯ V ; E a ) . Finally, the corresponding instance of P ROTECT is given by G a , I = { u } , Λ = B and K = ⌊ (3 + q K + 1) ⌋ (obtained by solving ¯ K = (cid:0) K − (cid:1) ). An example of such construction can be found inFigure 2. Then, as there is only one attacked vertex, minimizing (3) on this instance of P ROTECT corresponds tochoosing a P that minimizes the size of the unique connected component to which u belongs in G a [ V a \ P ] . Let’sname C this connected component. But as u belongs to the clique part of the split graph G a , C is also the uniqueconnected component of G a [ V a \ P ] containing vertices from V = ¯ V ∪ { u } . Thus, we have that C = ¯ C ∪ { u } and g ( P ) = (cid:18) f ( P ) − (cid:19) . Hence, finding P that minimizes f on G a is equivalent to finding P that minimizes g on ¯ G .This finishes the proof that P ROTECT is NP-hard. ¯ V ¯ V ¯ V ∪ { u } ¯ V u Figure 2: Example of construction of G a from ¯ G Remark 3.4.
In [6], it shown that the F IREBREAK problem is NP-complete. This problem is equivalent to P ROTECT when | I | = 1 . Hence, their result can be used to establish Theorem 3.3. Nevertheless, given that our reductions differsignificantly and were obtain independently, we decided to present our alternative reduction. A TTACK -P ROTECT problem
We showed that solving the last level of MCN is NP-complete, now we will prove that A
TTACK -P ROTECT is alsoNP-hard. In this bilevel problem, we are taking the side of the attacker: the aim is to find the attack that will maximizethe number of infected vertices after protection. The decision version of the problem is: A TTACK -P ROTECT : INSTANCE : A graph G a = ( V a , E a ) , two non-negative integer budgets Φ , Λ such that Φ + Λ ≤ | V a | and a non-negative integer K ≤ | V a | QUESTION : Is there a subset I ⊆ V a , | I | = Φ such that ∀ P ⊆ V a \ I , | P |≤ Λ , the numberof infected vertices f ( P ) ≥ K ?We will use a reduction from the Dominating Set problem, a known NP-complete problem [19], whose decisionversion is: D OMINATING S ET : INSTANCE : A graph ¯ G = ( ¯ V , ¯ E ) , a positive integer B ≤ | ¯ V | QUESTION : Is there a subset U ⊆ ¯ V , | U |≤ B , such that ∀ v ∈ ¯ V \ U , ∃ u ∈ U such that ( u, v ) ∈ ¯ E ? Theorem 3.5. A TTACK -P ROTECT is NP-hard.
Proof.
Let us take a graph ¯ G = ( ¯ V , ¯ E ) and a positive integer B ≤ | ¯ V | . The instance of A TTACK -P ROTECT is simplycreated by taking G a = ¯ G , Φ = B , Λ = | V a |− Φ − and K = Φ + 1 . In this configuration, we have a protectionbudget Λ which is exactly one less than the number of vertices that are not attacked. Thus, if all the protection budgetis spent, there is only one vertex u in the graph that is neither attacked nor protected. Therefore, if u becomes infectedafter protection (i.e f ( P ) = K = Φ + 1 ) , that means that the protection strategy did not manage to save one unit ofbudget while saving all the other vertices, meaning that the other vertices were all in direct contact with at least oneattacked one (if it was not the case, one unit of budget could have been saved by protecting all the neighbors of thevertex that is not in direct contact with I ) . As u also becomes infected, it also means that it is adjacent to one vertex in I . Thus, finding I such that ∀ P, f ( P ) ≥ K means that I is a dominating set of size B , which concludes the proof. V ACCINATION -A TTACK problem
In this part, we will ignore the fact that there is a protection stage at the end. This is a particular case of MCN since it isequivalent to studying it with protection budget
Λ = 0 . We will show that the bilevel problem V
ACCINATION -A TTACK is NP-complete. The decision problem is the following: V ACCINATION -A TTACK : INSTANCE : A graph G = ( V, E ) , two non-negative integer budgets Ω and Φ such that Ω + Φ ≤ | V | and a non-negative integer K . QUESTION : Is there a subset D ⊆ V , | D |≤ Ω such that ∀ I ⊆ V \ D with | I |≤ Φ , thenumber of infected vertices | V |− s ( G, D, I, ∅ ) ≤ K ?First, we argue that in this configuration, finding the optimal attack following a given vaccination can be done inpolynomial time. Lemma 3.6. V ACCINATION -A TTACK ∈ NP. Moreover, A TTACK can be solved in polynomial time.Proof.
Given a vaccinated set D , we want to verify that all the possible subsequent attacks cannot infect more than K vertices. To do that, it suffices to find the best attack, i.e. , solve the Attacker optimization problem, and check whetheror not it complies with the inequality. But, as we highlighted it with Property 3.1, the graph on which the attack phasetakes place is G a = G [ V \ D ] and the saved vertices in the end are exactly the ones in the connected components of G a that do not contain any attacked vertex. Thus, the best attack possible given G a and budget Φ is to infect onevertex in each of the Φ largest connected components of G a . This can be done in linear time using a DFS. Hence,V ACCINATION -A TTACK ∈ NP.In fact, this proof showed that V
ACCINATION -A TTACK is actually equivalent to another problem: finding a subset ofvertices D to remove from G that minimizes the sum of the sizes of the Φ largest connected components in the inducedsubgraph. Let’s call this problem M IN M AX Φ C: M IN M AX Φ C : INSTANCE : A graph G = ( V, E ) , two non-negative integer budgets Ω and Φ such that Ω + Φ ≤ | V | and a non-negative integer K . QUESTION : Is there a subset D ⊆ V , | D |≤ Ω such that the sum of the sizes of the Φ largest connected component in G [ V \ D ] is less than K ? Lemma 3.7. V ACCINATION -A TTACK and M IN M AX Φ C are equivalent problems. As Shen et al. [35] argued that M IN M AX C, the problem that only seeks to minimize the size of the largest connectedcomponent in the residual graph, is NP-hard, we have as a direct consequence that M IN M AX Φ C is also NP-hard,which leads to the following corollaries:
Corollary 3.8. V ACCINATION -A TTACK is NP-complete.
Corollary 3.9.
MCN is NP-hard.Proof.
Given an instance of V
ACCINATION -A TTACK , there is a corresponding instance of MCN by taking the same G, Ω , Φ , K and by setting Λ = 0 . 7omplexity of the Multilevel Critical Node Problem
In this section, we study the version of MCN presented in problem (1) restricted to undirected graphs. We will usethe subscript w to denote the weighted version, MCN w , as well as for its subgames. In this problem, given a graph G = ( V, E ) , each vertex v ∈ V is associated with a benefit b v and cost parameters ˆ c v , h v and c v , respectively the costof vaccinating, attacking and protecting vertex v . First, note that the NP-completeness of P ROTECT w is immediatefrom the previous section.Having introduced costs and benefits, our game and its subgames are intimately related to Knapsack problems , whichwe will use to demonstrate all of our complexity results in this part. We will start by highlighting the direct relationshipbetween A
TTACK w and K NAPSACK , which will get us the NP-completeness of this problem. Then, we will focus onthe two bilevel sub-problems V
ACCINATION -A TTACK w and A TTACK -P ROTECT w and prove they are Σ p -completethanks to a Knapsack Interdiction problem . To conclude, we show that MCN w is Σ p -complete. We will observe thatthe introduction of non-unitary parameters offers sufficient flexibility to go a level up in the polynomial hierarchy incomparison with the unitary undirected cases. A TTACK w problem In the attack phase, the vaccination already took place so we effectively work on G a , which is the result of the deletionof the vaccinated vertices from the original graph. We are given a non-negative attack budget Φ , and as there is noprotection phase afterwards, we set Λ = 0 . The goal is thus to harvest the most benefit possible by infecting verticessubject to a budget limit. The decision version of the problem is then: A TTACK w : INSTANCE : An undirected graph G a = ( V a , E a ) , a non-negative integer cost h v and value b v for each vertex v ∈ V , a non-negative integer budget Φ , and a non-negative integernumber K . QUESTION : Is there a subset of vertices I ⊆ V a to attack, with cost P v ∈ I h v ≤ Φ suchthat the sum of the benefits of the resulting infected vertices in G a is greater or equal to K ?To make evident the NP-completeness of the problem, we simply state the decision version of the Knapsack problem ,one of the Karp’s NP-complete problems [24]: K NAPSACK : INSTANCE : Finite set U , for each u ∈ U , a positive integer size a u ∈ N and a positiveinteger profit p u ∈ N , and two positive integers B and ¯ K . QUESTION : Is there a subset U ′ ⊆ U such that P u ∈ U ′ a u ≤ B verifying P u ∈ U ′ p u ≥ ¯ K ? Theorem 4.1. A TTACK w is equivalent to K NAPSACK .Proof.
First, we prove that each instance of A
TTACK w reduces to an instance of K NAPSACK . Given an instance ofA
TTACK w , it is straightforward to see that it is sufficient to infect the vertex v with lowest infection cost h v of agiven connected component to infect the whole component and collect the benefit b of each vertex included in thatcomponent. If N ( G a ) represents the set of connected components of G a , to each connected component C ∈ N ( G a ) we can assign a total profit b C = P v ∈ C b v and infection cost h C = min v ∈ C h v . We can then straightforwardly builda K NAPSACK instance where the set N ( G a ) is mapped to U , a u = h C and p u = b C for C ∈ N ( G a ) , and B = Φ and ¯ K = K .Conversely, if we start from an instance of K NAPSACK , we construct an instance of A
TTACK w by setting V a = U , E a = ∅ , K = ¯ K , Φ = B , and ∀ v ∈ V a , h v = a v , b v = p v . In this configuration, G a having no edges, the attackedvertices are exactly the infected ones in the end, and the goal of the attacker is equivalent to filling up a knapsack withlimited capacity by choosing which vertices to attack.Given that both A TTACK w and K NAPSACK can be reduced to each other, both problems are equivalent.8omplexity of the Multilevel Critical Node ProblemRemark that given an attack I , finding the subsequent infected vertices can be done in linear time thanks to a DFS.Then, it suffices to sum the cost of the vertices in I to verify the budget constraints and to sum the benefits associatedwith the infected vertices to verify that it is greater or equal to K . Hence, A TTACK w ∈ NP and thus:
Corollary 4.2. A TTACK w on undirected graphs in weakly NP-complete, even on trivial graphs.Proof. Since it well known that K
NAPSACK is weakly NP-complete, the result follows from the above theorem.Moreover, since any instance of K
NAPSACK reduces to an instance of A
TTACK w which has no edges, A TTACK w isNP-complete on trivial graphs. A TTACK -P ROTECT w problem In the proof of Theorem 4.1, we highlighted how a K
NAPSACK instance can be directly transformed into a weightedgraph with no edges. In this section, as well as in the next one, we will use a similar transformation, but add oneadditional root vertex to our construction in order to build a star graph: one root vertex connected with an edge toeach of the other vertices, each one representing an item u ∈ U of the knapsack. That way, the complexity resultswe devise hold for trees, a very particular class of graphs where frequently theoretically intractable problems becomepolynomially solvable.As before, the vaccination having already been done, we start from G a , the graph where the vaccinated vertices havebeen removed. A TTACK -P ROTECT w : INSTANCE : A graph G a = ( V a , E a ) , a non-negative integer K , two non-negative integerbudgets Φ and Λ , ∀ v ∈ V a two non-negative integer costs h v , c v and a non-negativeinteger benefit b v . QUESTION : Is there a subset I ⊆ V a , with cost P v ∈ I h v ≤ Φ such that ∀ P ⊆ V a \ I withcost P v ∈ P c v ≤ Λ , the sum of the benefit of the saved vertices is strictly less than K ?In order to show that A TTACK -P ROTECT w is Σ p -complete, we use the Bilevel Interdiction Knapsack Problem intro-duced by DeNegre [13] and proven to be Σ p -complete in [10]. In this problem, two players, a leader and a follower,can select items in the same set of objects O . First, the leader packs some items into her knapsack, then the followerchooses among the remaining ones. The aim of the leader is to interdict a subset of items, subject to a capacity con-straint, in order to minimize the total profit of the follower. The objective of the follower is to maximize her profit,subject to a constraint capping the maximum profit obtainable by her. The decision problem is then: B ILEVEL I NTERDICTION K NAPSACK (BIK) : INSTANCE : A set of items O such that each o ∈ O has a positive integer weight a o and apositive integer profit p o , a positive integer maximum weight capacity A for the leader, apositive integer maximum profit B for the follower, and a positive integer ¯ K ≤ B . QUESTION : Is there a subset O l ⊆ O of items for the leader to select, with P o ∈ O l a o ≤ A , such that every subset O f ⊆ O \ O l with P o ∈ O f p o ≤ B that the follower can createhas a total profit P o ∈ O f p o < ¯ K ? Theorem 4.3. A TTACK -P ROTECT w is strongly Σ p -complete, even if the graph is a tree.Proof. First, A
TTACK -P ROTECT w is in Σ p since this decision problem is exactly of the form ∃ I ∀ P Q ( I, P ) , where Q ( I, P ) is a proposition that can be evaluated in polynomial time ( i.e. , it verifies the attack and protection budgetconstraints, as well as, the benefit of the saved vertices).Next, we prove the problem Σ p -hardness. Let us begin by noting that we can restrict the instances of KIP to the oneswhere ¯ K and B are strictly inferior to P o ∈ O p o , otherwise, KIP reduces to K NAPSACK . This remark is used in thesecond part of this proof.Starting from an instance of BIK, we construct an instance of A
TTACK -P ROTECT w as follows. We first build a stargraph G a = ( V a , E a ) with a root vertex r and a vertex v o for each o ∈ O linked to r through an edge ( r, v o ) . We set9omplexity of the Multilevel Critical Node Problem b r = P o ∈ O p o + 1 and h r = c r = 1 . We also set b v o = c v o = p o and h v o = a o for each o ∈ O . See Figure 3. Finally,we set Φ = A + 1 , Λ = B and K = ¯ K . r v b r = P no =1 p o + 1 , h r = c r = 1 b v = c v = p , h v = a v b v = c v = p , h v = a . . .v n b v n = c v n = p n , h v n = a n Figure 3: Graph reduction from BIK to A
TTACK -P ROTECT w when O = { , . . . , n } .Suppose first that BIK is a Yes instance. Then, there is a set of items O l ⊆ O of total weight P o ∈ O l a o ≤ A suchthat for all O f ⊆ O \ O l feasible for the follower, it holds P o ∈ O f p o ≤ ¯ K − . Consequently, in the A TTACK -P ROTECT w , the attacker can select the subset of vertices I = { r } ∪ { v o : o ∈ O l } with a feasible attacking cost P v ∈ I h v = 1 + P o ∈ O l a o ≤ A + 1 = Φ . Now, the defender can only protect vertices in { v o : o / ∈ O l } andsince the central vertex of the star graph is infected, the saved vertices will be the protected ones. The aim of thedefender is therefore to select the subset of vertices of maximum total benefit with respect to the protection budget Λ . This is exactly the follower’s problem in BIK. Hence, since BIK is an Yes instance, the defender (follower inBIK) cannot attain a benefit (profit in BIK) equal or greater to K = ¯ K through a feasible action. Therefore, theA TTACK -P ROTECT w is a Yes instance.Now suppose that A
TTACK -P ROTECTION w is a Yes instance. Thus, there exists an attack strategy I ⊆ V a suchthat there is no feasible subset P ⊆ V a \ I of protected vertices leading to a total benefit greater or equal to K for the defender. As Φ ≥ , it is obvious that the attacker will attack at least the central vertex r , otherwise, thedefender would pick it and achieve a benefit superior to K (recall that K = ¯ K < P o ∈ O p o ), contradicting A TTACK -P ROTECTION w Yes instance. Hence, the attacker is left with budget Φ − h r = A . Once the central vertex is attacked,only the other vertices subsequently protected will not be infected. Therefore, the rest of the attack budget A isspent on a subset of vertices of { v o ∈ V a : o ∈ O } and it ensures that for any P = { v o ∈ V a : o ∈ O \ I } with P v ∈ P c v = P o : v o ∈ P p v ≤ Λ = B , the total benefit for the defender is P v ∈ P b v = P o : v o ∈ P p v ≤ ¯ K − .Consequently, BIK is also a Yes instance.This completes the proof that A
TTACK -P ROTECT w is Σ p -complete. Moreover, since the BIK was shown to be NP-complete even for unary encoding, we can conclude that no pseudopolynomial-time algorithm exists to solve theA TTACK -P ROTECT subgame. Since a star graph is a tree, the result stated in the theorem holds. V ACCINATION -A TTACK w problem Using a similar reduction to the one in the proof of Theorem 4.3, we show that the V
ACCINATION -A TTACK w onweighted graphs is Σ p -complete. As in the unitary case, this is equivalent to studying MCN w problems where we set Λ = 0 . The decision version of the problem is: V ACCINATION -A TTACK w : INSTANCE : A graph G = ( V, E ) , a non-negative integer K , two non-negative integerbudgets Ω and Φ , ∀ v ∈ V two non-negative integer costs ˆ c v , h v and a non-negativeinteger benefit b v . QUESTION : Is there a subset D ⊆ V , with cost P v ∈ D ˆ c v ≤ Ω such that ∀ I ⊆ V \ D withcost P v ∈ I h v ≤ Φ , the sum of the benefit of the infected vertices is strictly less than K ? Theorem 4.4. V ACCINATION -A TTACK w is strongly Σ p -complete, even if the graph is a tree.Proof. As before, V
ACCINATION -A TTACK w is in Σ p since this decision problem is exactly of the form ∃ D ∀ I Q ( D, I ) is a proposition that can be evaluated in polynomial time.Now, we establish the problem Σ p -hardness. We start from an instance of BIK, defined in the previous section, andwe then construct an instance of V ACCINATION -A TTACK w as follows. First, we build a star graph G = ( V, E ) with a10omplexity of the Multilevel Critical Node Problemcentral vertex r and | O | leaf vertices v o with o ∈ O . See Figure 4. We add an edge ( r, v o ) for each such leaf vertex.The central vertex has benefit b r = ¯ K and costs ˆ c r = h r = 1 . Each leaf vertex v o with o ∈ O has a benefit b v o = p o ,cost for the defender ˆ c v o = a o and cost for the attacker h v o = p o . Finally, we fix Ω = A + 1 , Φ = B and K = ¯ K . r v b r = ¯ K, ˆ c r = h r = 1 b v = h v = p , ˆ c v = a v b v = h v = p , ˆ c v = a . . .v n b v n = h v n = p n , ˆ c v n = a n Figure 4: Graph reduction from BIK to V
ACCINATION -A TTACK w when O = { , . . . , n } .This is exactly the setting of BIK and one can easily complete the proof of equivalence of the two decision instancesfollowing a path very similar to the proof of Theorem 4.3.Finally, the reduction used a star graph which is a particular case of a tree. Hence, the problem is Σ p -complete evenon trees. w problem In this section we show that the decision problem MCN w is Σ p -complete. MCN w : INSTANCE : A graph G = ( V, E ) , a non-negative integer K , three non-negative integerbudgets Ω , Φ and Λ , ∀ v ∈ V three non-negative integer costs ˆ c v , h v and c v , and a non-negative integer benefit b v . QUESTION : Is there a subset D ⊆ V , with cost P v ∈ D ˆ c v ≤ Ω such that ∀ I ⊆ V \ D withcost P v ∈ I h v ≤ Φ , there is P ⊆ V \ I with cost P v ∈ D c v ≤ Λ such that the sum of thebenefit of the saved vertices is greater or equal to K ?In order to achieve our ultimate goal, we take the problem ( B ∩ CN F ),known to be Σ p -complete problem [37, 41], in order to prove that the generalization of BIK to a trilevel, the TrilevelInterdiction Knapsack (TIK), is Σ p -complete. Then, TIK is used to demonstrate that MCN w is Σ p -complete. LTERNATING Q UANTIFIED S ATISFIABILITY ( B ∩ CN F ): INSTANCE : Disjoint non-empty sets of variables X , Y and Z , and a Boolean expression E over U = X ∪ Y ∪ Z in conjunctive normal form with at most 3 literals in each clause c ∈ C . QUESTION : Is there a 0-1 assignment for X so that for all 0-1 assignments of Y there isa 0-1 assignment of Z such that E is satisfied? T RILEVEL I NTERDICTION K NAPSACK (TIK) : INSTANCE : A set of items O such that each o ∈ O has two positive integer weights a ′ o and a o and a positive integer profit p o , two positive integer maximum weight capacities A ′ and A , a positive integer maximum profit B and a positive integer goal ¯ K ≤ B . QUESTION : Is there a subset O ⊆ O of items, with P o ∈ O a ′ o ≤ A ′ , such that ev-ery subset O ⊆ O \ O , with P o ∈ O a o ≤ A, there is a subset O ⊆ O \ O , with P o ∈ O p o ≤ B , such that P o ∈ O p o ≥ ¯ K holds? Theorem 4.5.
TIK is Σ p -complete. Proof.
The statement of TIK is of the form ∃ O ∀ O ∃ O Q ( O , O , O ) , directly implying that it is in Σ p .Next, we use a reduction from the B ∩ CN F which is very much in line with the reduction from 3-SAT to SubsetSum presented in [12, Theorem 34.15]:• For each variable u ∈ U , we create two items o u and o ¯ u , one for each possible 0-1 assignment of u . Wedesignate by O U = { o u : u ∈ U } and O ¯ U = { o ¯ u : u ∈ U } the two sets of items of size | U | .• For each clause c ∈ C , (i) if c has 1 literal, we create one item o c , (ii) if c has 2 literals, we create two items o c and o c , and (iii) if c has 3 literals, we create three items o c , o c and o c . We designate by O C the set of itemsassociated with C .• Weights, profits, maximum capacities, maximum profit and goal will be given by digits of size | X | + | Y | + | Z | + | C | +1 in base 10. Hence, each digit position is labeled by a variable or a clause: the first | C | positions (least significant numbers) are labeled by the clauses, then the next | X | positions are labeled by thevariables X , then the next | Y | positions are labeled by the variables Y , then the next | Z | positions are labeledby the variables Z , and, finally, the last position is labeled as forbidden . – For each u ∈ U , the two corresponding items o u and o ¯ u have weights and profits as described next. Theweights and profits a ′ o u , a o u , p o u , a ′ o ¯ u , a o ¯ u and p o ¯ u have digit 1 in the position labeled by the variable U and 0 in the positions labeled by other variables; the remaining digits are zero for a ′ o u , a o u , a ′ o ¯ u and a o ¯ u . In particular, for all o ∈ O U ∪ O ¯ U , it holds a ′ o u = a o u and a ′ o ¯ u = a o ¯ u .If the literal u appears in clause c ∈ C , then p o u has digit 1 in the position labeled as c , and 0 otherwise.Similarly, if the literal ¬ u appears in clause c ∈ C , p o ¯ u has digit 1 in the position labeled by c , and 0otherwise. Finally, for all o ∈ O U ∪ O ¯ U , p o u and p o ¯ u have digit 0 in the position labeled as forbidden. – For each c ∈ C , the associated items have weights and profits as follows. If c has one literal, a ′ o c and a o c have 1 in the position labeled as forbidden and 0 elsewhere; p o c has digit 3 in the position labeledas c and 0 elsewhere. If c has two literals, a ′ o c , a ′ o c , a o c and a o c have 1 in the position labeled asforbidden and 0 elsewhere; p o c and p o c have digit 3 and 2, respectively, in the position labeled as c and0 elsewhere. If c has three literals, a ′ o c , a ′ o c , a ′ o c , a o c , a o c and a o c have 1 in the position labeled asforbidden and 0 elsewhere; p o c , p o c and p o c have digit 3, 2 and 1, respectively, in the position labeled as c and 0 elsewhere. – The weight capacity A ′ has 1s for all digits with labels in X and 0s elsewhere. Hence, O cannot containitems from { o u , o ¯ u : u ∈ Z ∪ Y } ∪ O C . – The weight capacity A has 1s for all digits with labels in Y , 2s for all digits with labels in X and 0selsewhere. Hence, O cannot contain items from { o u , o ¯ u : u ∈ Z } ∪ O C . – The maximum profit B has 1s for all digits with labels in X ∪ Z , 2s for all digits with labels in Y , 4s forall digits with labels in C , and 0s elsewhere. Hence, O can take any item (as long as not interdicted by O ). – We make ¯ K is equal to B , except for the digits with labels Y , where it is 1.See Figure 5 for an illustration of our reduction.Let B ∩ CN F be a
Yes instance. Then, take in O the items o u such that u ∈ X is 1 and the items o ¯ u , otherwise.Clearly, this choice of O respects the maximum weight A ′ . By construction, given this O , the best O will take allitems associated with X and not taken by O , as it does not interfere with the budget left for the items associated with Y . Furthermore, the optimal O will also take exactly one of the items o u or o ¯ u for u ∈ Y :• The two items associated with the most significant digit whose label is in Y cannot be taken simultaneouslyin O as it would violate the weight capacity A . In fact, exactly one of these items must be taken, as otherwise O would select them both, making the achievement of the profit ¯ K only dependent on the items associatedwith the Z ; consequently, the goal would be achieved.• The two items associated with the second most significant digit whose label is in Y cannot be taken simulta-neously, since we already know that one of the items associated with the most significant digit in Y is takenwhich would result in a violation of the weight capacity A . Hence, reasoning as before, O will take exactlyof the items associated with the second most significant digit in Y .• The reasoning above propagates until the least significant digit labeled in Y . We conclude that the best O will have exactly one of the items o u or o ¯ u for u ∈ Y .12omplexity of the Multilevel Critical Node Problem O Z Y X C forbidden d c b a c c c o a a ′ o a = a o a p o a o ¯ a a ′ o ¯ a = a o ¯ a p o ¯ a o b a ′ o b = a o b p o b o ¯ b a ′ o ¯ b = a o ¯ b p o ¯ b o c a o c = a ′ o c p o c o ¯ c a o ¯ c = a ′ o ¯ c p o ¯ c o d a ′ o d = a o d p o d o ¯ d a ′ o ¯ d = a o ¯ d p o ¯ d o c a ′ o c a o c p o c o c a ′ o c a o c p o c o c a ′ o c a o c p o c o c a ′ o c a o c p o c o c a ′ o c a o c p o c o c a ′ o c a o c p o c o c a ′ o c a o c p o c o c a ′ o c a o c p o c o c a ′ o c a o c p o c A ′ A B ¯ K Figure 5: Example of construction of TIK from an instance B ∩ CN F with E = ( a ∨ b ∨¬ c ) ∧ ( ¬ a ∨¬ b ∨ d ) ∧ ( a ∨ c ∨ b ) ,where X = { a, b } , Y = { c } , Z = { d } and the clauses are labeled from left to right.13omplexity of the Multilevel Critical Node ProblemFinally, O will contain O and all the items associated with Y not in O . This makes the rest of the items selection for O completely equivalent to variable assignment in Z for B ∩ CN F (precisely, the standard reduction from 3-SATto Subset Sum). Therefore,
T IK is a
Yes instance.Next, suppose that TIK is a
Yes instance. Certainly, an optimal O must have exactly one of the items o u and o ¯ u for u ∈ X , otherwise, O could interdict some o u and o ¯ u , making the goal ¯ K impossible to be achieved. As arguedbefore, an optimal reaction O to O will select the items associated with X not in O .Assign 1 to u ∈ X such that o u ∈ O , and 0 otherwise. For any valid assignment of the variables in Y , thecorrespondence in TIK is the following: if u ∈ Y is 1, add o ¯ u to O , otherwise add o u . This forces O to select foreach u ∈ Y , o u if u is 1 and o ¯ u if u is 0; otherwise, the goal ¯ K is not attained. Since, by hypothesis, TIK is a Yes instance, for those O and O , there is O such that the profit ¯ K is exactly achieved which implies that there is anassignment of Z such that E is satisfied. Theorem 4.6.
MCN w is Σ p -complete, even on trees.Proof. MCN w is clearly in Σ p .Next, from an instance of TIK, we construct the following instance of MCN w :• Let Ω = A ′ , Φ = A + 1 , Λ = B and K = ¯ K .• For each item o ∈ O create three vertices v o , v o and v o with – ˆ c v o = Ω + 1 , h v o = Φ + 1 , c v o = p o and b v o = 0 ; this vertex is only available for the protection set P ; – ˆ c v o = Ω + 1 , h v o = Φ + 1 , c v o = Λ + 1 and b v o = p o ; this vertex cannot be vaccinated, directly infectedor protected; – ˆ c v o = a ′ o , h v o = a o , c v o = Λ + 1 and b v o = 0 ; this vertex is only available for the vaccination set D and for the direct infection set I ;• Create a vertex r with ˆ c r = Φ + 1 , h r = 1 , c r = 1 and b r = K .• For each item o ∈ O , add the edges ( r, v o ) , ( v o , v o ) and ( v o , v o ) .See Figure 6 for an illustration of our reduction. rv v ... v v v v v n v n v n ˆ c r = Ω + 1 , h r = c r = 1 , b r = K ˆ c v = Ω + 1 , h v = Φ + 1 , c v = p , b v = 0ˆ c v = Ω + 1 , h v = Φ + 1 , c v = Λ + 1 , b v = p ˆ c v = a ′ , h v = a , c v = Λ + 1 , b v = 0 ˆ c v n = Ω + 1 , h v n = Φ + 1 , c v n = p n , b v n = 0ˆ c v n = Ω + 1 , h v n = Φ + 1 , c v n = Λ + 1 , b v n = p n ˆ c v n = a ′ n , h v n = a n , c v n = Λ + 1 , b v n = 0 Figure 6: Graph reduction from TIK to MCN w when O = { , . . . , n } . The only vertices resulting in positive benefitare the ones in white. The vertices in gray can be vaccinated and directly attacked. The vertices in green can beprotected. The vertex in black can be attacked (and protected).The key ingredients of this reduction are the following: (i) independently of the vaccination strategy, an optimal attackwill always include the vertex r , (ii) hence, the only way to collect a positive benefit p o is by ensuring that vertex v o issaved, (iii) the latter is only possible if v o is vaccinated and v o is protected or if v o is not attacked and v o is protected.These observations allow to show that TIK is a Yes instance if and only if MCN w is a Yes instance. The remainder ofthe proof follows a similar reasoning to the previous proofs for the weighted games.14omplexity of the Multilevel Critical Node Problem
In this section, we consider directed graphs G = ( V, A ) and restrict costs and benefits to be unitary. We use thesubscript dir for these problem versions. Clearly, these problems inherit the complexity of their unitary undirectedversions, as they are more general. In fact, we were able to go a level up in the polynomial hierarchy for some ofits subgames in comparison with the unitary undirected cases. In this section, we first prove that the A TTACK dir isNP-complete, and then demonstrate that V
ACCINATION -A TTACK dir is Σ p -complete. Later, in Section 6, we presentspecial properties of P ROTECT dir that allow us to easily prove NP-completeness for directed acyclic graphs and poly-nomiality for arborescences.It should be remarked that we do not address A
TTACK -P ROTECT dir and thus, it remains open whether it is Σ p -complete. The difficulty on dealing with this subgame is related to the lack of Σ p -hard problems involving unitaryparameters or a division on the two players decision variables: in A TTACK -P ROTECT dir all parameters are 1 andall vertices can be subject to infection or protection. On the other hand, as an example, non-trivial instances ofKIP (presented in Section 4.2) should have weights not all 1, otherwise it becomes polynomially solvable as it can bereduced to its continuous version and, consequently, efficiently solved [11]. Another example, 2-CNF-A
LTERNATING Q UANTIFIED S ATISFIABILITY , to be introduced in Section 5.2, and which is Σ p -complete, demands each playerto control distinct sets of variables. For V ACCINATION -A TTACK dir , we were able to bypass this challenge but ananalogous trick does not seem easily adaptable for A
TTACK -P ROTECT dir . A TTACK dir problem
First, we study the
Attack problem on directed graphs, A
TTACK dir . We are given a directed graph G a resulting fromthe deletion of the vaccinated vertices from the original graph, and an integer budget Φ . In this setting, there is noprotection phase, i.e. Λ = 0 . The decision version of the problem is: A TTACK dir : INSTANCE : A directed graph G a = ( V a , A a ) , a non-negative integer budget Φ ≤ | V a | ,and a non-negative integer K . QUESTION : Is there a subset of vertices I ⊆ V a , | I |≤ Φ such that the number of infectedvertices in G a is greater or equal to K ?We saw that in the undirected case, this problem is solvable in linear time, the best strategy being to infect the Φ largestconnected components of G a . But in the directed case, the infection is only allowed to propagate itself according tothe direction of the arcs, which makes the problem of choosing the right set of vertices to attack NP-complete. We willuse a reduction from the -Satisfiability problem , which is one of the Karp’s NP-complete problems [24]. SATISFIABILITY (3-SAT):
INSTANCE : Set U of variables, Boolean expression E over U in conjunctive normal formwith exactly literals in each clause c ∈ C . QUESTION : Is there a - assignment for the variables in U that satisfies E ? Theorem 5.1. A TTACK dir is NP-complete, even on directed acyclic graphs.Proof. A TTACK dir ∈ NP as, given a set of attacked vertices I , checking whether the set of infected vertices is greaterthan K is easily done using a DFS.To prove that A TTACK dir is NP-hard, we take an instance of -SAT. We build a directed acyclic graph G a as follows:• For each variable u ∈ U , we create two vertices v u and v ¯ u , one for each possible - assignment of u . We call V U = { v u ; u ∈ U } and V ¯ U = { v ¯ u ; u ∈ U } the two sets of vertices of size | U | . For each variable u , we alsocreate a directed path p u of length | C | + | U |− , with an in-going arc from both v u and v ¯ u at the beginning ofthe path.• For each clause c ∈ C , we create a vertex v c ∈ V C .15omplexity of the Multilevel Critical Node Problem• From each vertex v u ∈ V U , we draw an arc ( v u , v c ) to every clause in which the positive literal u appears.Similarly, we draw an arc ( v ¯ u , v c ) from each v ¯ u ∈ V ¯ U to every clause in which the negative literal ¬ u appears.An example of this construction can be found in Figure 7. We set Φ = | U | , K = | U |× ( | U | + | C | ) + | C | and argue thatanswering A TTACK dir on this instance is the same as answering -SAT.Indeed, suppose that -SAT is a Yes instance, i.e. there is a 0-1 assignment to the variables in U such that every clausein E is true. Taking this assignment, by attacking v u if u is set to be and v ¯ u otherwise, we attack exactly Φ verticesin G a . Moreover, each path p u is infected, and for each pair ( v u , v ¯ u ) , there is exactly one vertex infected due to thedirection of the arcs. Finally, as E is true, each clause c is true, which translates into the fact that each v c in the graph G a is infected. Overall, there are exactly | U | + | U |×| p u | + | C | = | U |× ( | U | + | C | ) + | C | vertices infected in the graph.Conversely, we prove that if A TTACK dir is a
Yes instance, i.e. , there is a feasible attack I ∗ on G a leading to at least K = | U |× ( | U | + | C | )+ | C | vertices infected, then E is satisfiable and the corresponding 0-1 assignment can be read in I . Let I ∗ be such an attack strategy. First, we remark that the largest possible set of infected vertices should contain allthe vertices V p u of each path p u : it is possible to infect them all as Φ = | U | and due to their size equal to | C | + | U |− ,we can prove that not infecting all of them results in a sub-optimal solution. Indeed, suppose that for one u ′ we donot infect any of the vertices V p u ′ of the path p u ′ . Let α ∗ be the maximum number of vertices we can infect withoutinfecting p u ′ . As p u ′ is not infected, v u ′ and v ¯ u ′ cannot be either. Thus, an easy upper bound α up on α ∗ is obtainedby saying that every vertex of the graph is infected, except for the ones in { v u ′ , v ¯ u ′ } ∪ V p u ′ . Then, α ∗ ≤ α up = ( | U |− × | p u | +2( | U |−
1) + | C | = ( | U |− × ( | U | + | C |−
1) + 2 | U |− | C | = | U | + | U |×| C |− | U |−| C | +1 + 2 | U |− | C | = | U |× ( | U | + | C | ) − . As we assumed that the optimal attack I ∗ infected at least K = | U |× ( | U | + | C | )+ | C | vertices, which is strictly greaterthan α up , we proved that no strategy not infecting all the paths can infect K vertices.Thus, as there is exactly Φ different paths, we should attack exactly one element in each set of vertices { v u , v ¯ u } ∪ V p u : if we attacked more than one, then the remaining budget would not allow to attack all the paths. As attacking v u or v ¯ u leads to a strictly greater number of infected vertices than infecting a vertex in p u , there is no harm inassuming that no vertex inside the p u is in I ∗ . This implies that I ∗ ⊂ V U ∪ V ¯ U . At this point, there are at least | p u |×| U | + | U | = | U |× ( | U | + | C | ) vertices infected. Since we supposed that we had a Yes instance to A
TTACK dir , theremust be K = | U |× ( | U | + | C | ) + | C | infected vertices, which implies that all vertices in V C are infected. Thus, -SATis a Yes instance and I ∗ is a 0-1 assignment of U that makes E true, concluding the proof. Remark 5.2.
Note that the proof of Theorem 5.1 holds if p u is replaced by a complete graph with | C | + | U |− vertices(the length of the path). This observation will be useful for the reduction used in V ACCINATION -A TTACK dir v a v ¬ a v c v b v ¬ b v c v c v ¬ c v c Figure 7: Example of construction of G a from the boolean expression in CNF with 3 literals in each clause E =( a ∨ b ∨ ¬ c ) ∧ ( ¬ a ∨ b ∨ c ) ∧ ( a ∨ ¬ b ∨ c ) . We have U = { a, b, c } and | C | = 3 . Taking I = { v a , v b , v c } is optimal. V ACCINATION -A TTACK dir problem
Our demonstration of NP-completeness for A
TTACK dir inspires our proof for the Σ p -completeness of V ACCINATION -A TTACK dir . The formulation of this decision problem is 16omplexity of the Multilevel Critical Node Problem V ACCINATION -A TTACK dir : INSTANCE : A graph G = ( V, A ) , two non-negative integer budgets Ω and Φ such that Ω + Φ ≤ | V | and a non-negative integer K . QUESTION : Is there a subset D ⊆ V , | D |≤ Ω such that ∀ I ⊆ V \ D with | I |≤ Φ , thenumber of infected vertices | V |− s ( G, D, I, ∅ ) ≤ K ?We will use a reduction from a variant of the ( B ). Historically, B was the first problem shown to be Σ p -complete [32]. If the Boolean formula studied in B is in DNF with literalsper clause, then the problem is still Σ p -complete [41]. Thus, if we consider expressions in CNF with literals perclause, instead of seeking to satisfy the Boolean formula, we should state the question as formulated in [23]: LTERNATING Q UANTIFIED S ATISFIABILITY ( B CNF ): INSTANCE : Disjoint non-empty sets of variables X and Y , Boolean expression E over U = X ∪ Y in conjunctive normal form with exactly 3 literals in each clause. QUESTION : Is there a 0-1 assignment for X so that there is no 0-1 assignment for Y suchthat E is satisfied? Theorem 5.3. V ACCINATION -A TTACK dir is Σ p -complete.Proof. From the formulation in the form of ∃ D ∀ I Q ( D, I ) , we deduce that V ACCINATION -A TTACK dir ∈ Σ p .To show that it is Σ p -hard, we take an instance of B CNF . We build G in a similar fashion to how G a was built in theproof of the Theorem 5.1, the main difference being the use of cliques instead of paths. However, to differentiate thevariables in X from the ones in Y , we slightly change the construction:• For each variable x ∈ X , we create two vertices v x and v ¯ x , one for each possible - assignment of x . Wecall V X and V ¯ X the sets of v x and v ¯ x . We also create two cliques k x and k ¯ x of | C | + | Y |− vertices V k x and V k ¯ x .• For each variable y ∈ Y , we create two vertices v y and v ¯ y , one for each possible - assignment of y . Let V Y and V ¯ Y be these two sets of vertices, and V U = V X ∪ V Y , V ¯ U = V ¯ X ∪ V ¯ Y . We also create a clique k y ofsize | C | + | Y |− .• For each clause c ∈ C , we create a vertex v c ∈ V C .• From each vertex v u ∈ V U , we draw an arc ( v u , v c ) to every clause in which the positive literal u appears.Similarly, we draw an arc ( v ¯ u , v c ) from each v ¯ u ∈ V ¯ U to every clause in which the negative literal ¬ u appears.• From every v x , we draw an arc to one node in k x , and do the same thing with v ¯ x and k ¯ x . We also draw anundirected edge between each v x and v ¯ x .• Finally, from each v y and each v ¯ y , we draw an arc to one node in k y .An example of this construction can be found in Figure 8. We set Ω = | X | , Φ = | X | + | Y | , K = ( | X | + | Y | ) × ( | Y | + | C | ) + | C |− and argue that answering V ACCINATION -A TTACK dir on this instance is the same as answering B CNF .Indeed, if we are a given a solution to a Yes instance of B CNF , then by vaccinating the vertices corresponding to theopposite of the 0-1 assignment of X , we oblige the attacker to infect the vertices corresponding to the truth values for X . From there, by following the same reasoning as before, it is easy to see that the Yes instance of B CNF leads to a Yes instance of V
ACCINATION -A TTACK dir , i.e. the attacker cannot infect more than K vertices.Conversely, we show that a set D ∗ corresponding to a solution of a Yes instance of V
ACCINATION -A TTACK dir is asolution to a
Yes instance of B CNF . The first thing to notice is that given that the vaccination budget is Ω = | X | ,that the size of the cliques k x and k ¯ x is equal to | C | + | Y |− and that each clique can be disconnected from thegraph by spending only one unit of vaccination budget, we necessarily have that the best vaccination strategy D ∗ ⊂∪ x ∈ X { v x , v ¯ x } . Next, we show that the defender would be worse off is she decides to vaccinate both v x ′ and v ¯ x ′ forsome x ′ ∈ X instead of vaccinating exactly one of each member of { v x , v ¯ x } . In the best case scenario, in addition tothe vertices already vaccinated, deciding to vaccinate the two members of a pair will allow her to protect | C |− nodes17omplexity of the Multilevel Critical Node Problemin V C (it is not possible to remove all the arcs between the V U ∪ V ¯ U and the V C as we suppose that Y = ∅ , thus atleast one clause contains a variable from Y ) . But by doing so, as Ω = | X | , the defender will also not protect at alla group of vertices { v x ′′ , v ¯ x ′′ } ∪ V k x ′′ ∪ V k ¯ x ′′ . Thus, the attacker can then spend only one unit of her own budget toattack all of this group, a quantity of infected vertices that otherwise would have been obtained by spending two unitsof his budget Φ . Thus, defending the two members of { v x ′ , v ¯ x ′ } spared one unit of budget for the attacker, which shecan then use to attack one of the disconnected cliques of size | C | + | Y |− > | C |− . Thus, making such a move forthe defender is strictly worse than not doing it and D ∗ contains exactly one vertex from each { v x , v ¯ x } .After this stage, it is easy to see that the best move for the attacker is to attack all of the D ∗ \ ( V x ∪ V ¯ x ) , and forthe variables in Y , the situation reduces to the one we already discussed with A TTACK dir (note that it is alwaysmore interesting for the attacker to spend her budget on attacking the v y and v ¯ y than the disconnected cliques asit will always infect more vertices) . Hence, in the end, if the attacker did not manage to infect strictly more than ( | Y | + | X | ) × ( | Y | + | C | ) + | C |− vertices, it means that at least one clause is false, which concludes the proof. v a v ¬ a v b v ¬ b v c v ¬ c v d v ¬ d v c v c v c Figure 8: Example of construction of G from the boolean expression in CNF with 3 literals in each clause E =( a ∨ b ∨ ¬ c ) ∧ ( ¬ a ∨ ¬ b ∨ d ) ∧ ( a ∨ c ∨ b ) . Here, X = { a, b } and Y = { c, d } . Taking D = { v a , v b } , i.e. , obligingboth a and b to be False makes it impossible to satisfy E . Corollary 5.4.
MCN dir is Σ p -hard. P ROTECTION : tractability limits
In this section, we will concentrate on optimal protection strategies given I (directly infected vertices). Without lossof generality, in what follows, we restrict our attention to the induced graph obtained by considering only non-savedvertices when there is no protection (the remaining are already saved, even without no protected vertices).The motivation to provide a closer look to the protection problem in the unitary cases (undirected and directed graphs)is based on the fact that their NP-hardness was established for split graphs, while for the weighted case it was proveneven for trivial graphs. Such results do not clarify the problem complexity for trees, or even graphs of boundedtreewidth, neither for directed acyclic graphs (DAGs), polytrees and arborescences. Frequently, NP-complete prob-lems on graphs become polynomially solvable on such graph classes. In section 6.1, we describe a dynamic program-ming approach for trees to determine the optimal protection solution in polynomial time. We also connect our problemcomplexity with the results in monadic second-order logic for tree-decomposable graphs [28, 6]. In section 6.2, we de-scribe the problem properties for DAGs, making it simple to show that P ROTECTION dir is NP-complete. We terminatethis section by showing that the optimal protection strategy can be determined in polynomial time for arborescences. P ROTECT over trees
We next focus on P
ROTECT ; recall that it is the case of undirected graphs with unitary costs and benefits. Results fora special version of this problem where only one vertex is infected, aka the F
IREFIGHTER P ROBLEM , already exist inthe literature. The recent work of [6] establishes that for this special version of P
ROTECT , the decision version of theproblem can be solved in linear time over graphs of bounded treewidth, through the use of a reformulation in
ExtendedMonadic Second Order (EMSO) logic. We first extend this result to the case of an arbitrary number of infected verticesto show that P
ROTECT is solvable in polynomial time over graphs of bounded treewidth.18omplexity of the Multilevel Critical Node Problem
Lemma 6.1. P ROTECT can be solved in polynomial time over graphs with constant bounded treewidth.Proof.
The key factor is to reformulate our problem in terms of an MSO-formula ϕ based on set variables, whichcaptures the graph structure of the problem, and an evaluation relation ψ over a set of integer variables, which capturesthe “number” aspect of the problem. In order to do so, we will define as in [6] two sets P and X where P is the set ofprotected vertices that separate the infected vertices of set I from the saved vertices which are not protected X . Apartfrom the classic universal quantifier and logical connectives, we need to make use of a binary relation adj ( x, y ) toassess the adjacency of two vertices x and y ∈ V : adj ( x, y ) true if ( x, y ) ∈ E , and false otherwise. The definitions of ϕ and ψ for P ROTECT are the following: ϕ = ( ∀ v ( v ∈ I ⇒ ( v / ∈ P ) ∧ ( v / ∈ X ))) ∧ ( ∀ x ( x ∈ P ) ⇒ ( x / ∈ X )) ∧ ( ∀ x ∀ y (( x ∈ X ) ∧ ( adj ( x, y )) ∧ ( y / ∈ P )) ⇒ ( y ∈ X )) .ψ = ( | P |≤ Λ) ∧ ( | X | + | P |≥ K ) , where the aim is to save at least K vertices. Through the above expression for ϕ , it is established that the sets P and X have an empty intersection and that any neighbour of a vertex in X must be either in P or X itself, i.e. , the set P is a separator for the sets I and X . Since the above definitions respect the limitations of MSO logic formulations,a theorem due to [3] implies that the problem can be solved in O ( f ( w ) · | V | ) where f is a function of the treewidth w of the graph. Consequently, we can conclude that P ROTECT can be solved in polynomial time for graphs whosetreewidth is bounded by a constant.Even though the above theorem is powerful from a theoretical perspective, it is of little practical use, as underlined in[28]. Indeed, the function f ( w ) in the worst case complexity formula grows extremely fast with w and the algorithmsuffers from space problems in practical implementations. Therefore, Dynamic Programming (DP) is often used toprovide more efficient algorithms. In this section we propose a DP algorithm to solve the optimization problemassociated with P
ROTECT on trees. We consider a recursion scheme that works with growing subtrees, starting fromthe leaves and climbing up to the root vertex, solving the optimization problem on each subtree recursively and mergingthem as needed at each step of the recursion. This recursion scheme bears similarities with the scheme proposed in[14] for the pairwise CNDP over trees. In the following, we label a vertex as attacked when it has been directlyinfected by the attacker while the term infected is used both for directly attacked vertices and indirectly infected ones,and secondary infected vertices is used only for vertices indirectly infected after the initial attack.For further analysis, we denote by T a the subtree of tree T rooted at vertex a ∈ V , and by a i with i ∈ { , ..., s } the children of a . We define as T a i → s the subtree constituted by { a } ∪ j = i,...,s T a j . An example of a tree T rooted atvertex a is depicted in Figure 9 where subtree T a is represented by diamond shaped vertices while subtree T a → isrepresented by round shaped vertices. All recursions in our dynamic programming approaches are based on traversingthe tree in postorder ( i.e. from the leaves to the root) and from the right part of each tree level to the left one. Forexample in Figure 9, once the recursive functions are computed and saved for subtrees T a and T a , we will computethe recursion functions associated to T a → by merging the results for both subtrees in both situations when a isvaccinated, infected, protected or neither of these possibilities. We consider that tree T is rooted at vertex r . aa a a a Figure 9: Example of a tree with subtree T a represented by diamond shaped vertices and subtree T a → representedby round shaped vertices.We introduce the following recursion functions: 19omplexity of the Multilevel Critical Node Problem F a ( c, m, σ ) := maximum number of saved vertices in subtree T a when c vertices have been protected, m unprotected vertices in T a are linked to a by an unprotected but non-infected path (includ-ing a itself) and σ = 1 if an attacked vertex in T a is linked to a by an unprotected path(including a ) and σ = 0 otherwise. G a i ( c, m, σ ) := maximum number of saved vertices in subtree T a i → s when c vertices have been protected, m unprotected vertices in T a i → s are linked to a by an unprotected but non-infected path(including a itself) and σ = 1 if an attacked vertex in T a i → s is linked to a by an unprotectedpath (including a ) and σ = 0 otherwise.Using the previously described functions, we can define the following recursions. The initial conditions for each leafvertex a and rightmost subtree T a s are as follows: F a ( c, m, σ ) = if ( c = 0 ∧ m = 0 ∧ σ = 1)1 if ( c = 1 ∧ m = 0 ∧ σ = 0) ∨ ( c = 0 ∧ m = 1 ∧ σ = 0) −∞ otherwise ( i.e. , infeasible configurations) ; (5) G a s ( c, m, σ ) = max { F a s ( c − , m ′ , σ ′ ) + m ′ (1 − σ ′ ) : m ′ = 0 , . . . , |T a s | ; σ ′ = 0 , } if a is protected ( m = σ = 0 ) max { F a s ( c, m ′ , σ ′ ) + m ′ (1 − σ ′ )(1 − σ ) : m ′ = 0 , . . . , |T a s | ; σ ′ = 0 , } if a is vaccinated ( m = σ = 0 ) or attacked ( m = 0 , σ = 1 ) F a s ( c, m − , σ ) if a is neither vaccinated, protected or attacked . (6)In Eq. (6), the first case deals with a protected a vertex and all m ′ unprotected vertices below a s are saved if a s is notlinked to an attacked vertex inside T a s ( σ ′ = 0 ). The second case deals with either a vaccinated or attacked a vertexso that the budget c needs not be updated going from T a s to T a s ∪ { a } . The last case deals with an unattacked andunprotected a vertex and parameter m is incremented as the subtree is enlarged by vertex a .The following equations handle the general case, for vertices which are neither leaf vertices or the root of rightmostsubtrees: F a ( c, m, σ ) = G a ( c, m, σ ) for a non-leaf vertex a ∈ V . (7)For each non-leaf vertex a ∈ V and i < s : if a is attacked (8a) G a i ( c, ,
1) = max (cid:8) F a i ( c ′ , m ′ , σ ′ ) + G a i +1 ( c − c ′ , ,
1) : c ′ = 0 , . . . , |T a i | ; m ′ = 0 , . . . , |T a i | ; σ ′ = 0 , (cid:9) , if a is protected (either from vaccination or protection) (8b) G a i ( c, ,
0) = max (cid:8) F a i ( c ′ , m ′ , σ ′ ) + G a i +1 ( c − c ′ , ,
0) + m ′ (1 − σ ′ ) : c ′ = 0 , . . . , |T a i | ; m ′ = 0 , . . . , |T a i | ; σ ′ = 0 , (cid:9) , otherwise, if a is neither protected nor infected (8c) G a i ( c, m, σ ) = max (cid:8) F a i ( c ′ , m ′ , σ ′ ) + G a i +1 ( c − c ′ , m − m ′ , σ ′′ ) + m ′ (1 − σ ) δ ar : c ′ = 0 , . . . , |T a i | ; m ′ = 0 , . . . , |T a i | ; σ ′ , σ ′′ = 0 , σ = max { σ ′ , σ ′′ } (cid:9) . Equation (8a) focuses on the case where vertex a is infected. In this case, no additional vertex is saved as all verticesbelow a which were not infected in T a and with an unprotected path to a will be infected themselves, therefore the totalnumber of saved vertices is the sum of already saved vertices from the two merged subtrees. Equation (8b) regards thecase of a protected a vertex, either through earlier vaccination or through protection. In this case, the vertices under a i who were unprotected, linked to a i by an unprotected path and who are not in contact with an infected vertex throughan unprotected path are confirmed saved and added to the cost function, additionally to the already saved vertices fromboth subtrees. Finally, Equation (8c) deals with the last case where a is neither infected nor protected in any way.In this case, the cost of the objective function is updated by the number of unprotected vertices linked to a i by anunprotected path, but only in the case that a is the root vertex r ( δ ar = 1 if a = r and 0 otherwise) and a is not linked20omplexity of the Multilevel Critical Node Problemto an infected vertex through an unprotected path ( σ = 0 ). Otherwise, we cannot ensure that the unprotected verticesbelow a will be saved in the optimal solution.The optimal value for the problem is given by the quantity max { F r ( c, m, σ ) : c = 0 , . . . , Λ; m = 0 , . . . , n ; σ = 0 , } where r is the root vertex of the tree, since it represents the maximum number of saved vertices for each protectionbudget and the solution can be recovered by backtracking. Considering the proposed dynamic program, we can statethe following proposition. Theorem 6.2. P ROTECT over trees admits a polynomial time algorithm with time complexity O ( n ) .Proof. The number of functions F a ( · ) and G a ( · ) to compute for each value of c , m and σ is bounded by n . Therecursion steps involved in Equation (8c) are bounded by n operations at most. Considering all vertices n , therunning time of the dynamic programming algorithm is thus bounded by O ( n ) .Since the lower level of the problem over trees is polynomial, the MCN over trees cannot be Σ p -hard. Followinga classic trick for DP algorithm, see e.g. [14], a similar algorithm can be devised when vertices have protectioncosts and unit benefits, which remains polynomial. When both types of weights are integer, the algorithms becomepseudo-polynomial and the problem becomes weakly NP-hard. P ROTECTION dir over directed acyclic graphs
We will show that an optimal protection strategy can be restricted to candidate vertices.
Definition 6.1.
In a directed graph G = ( V, A ) , a vertex v ∈ V \ I that can be reached from a vertex of I by a directedpath and whose isolated protection results in a maximal set of saved vertices, is called candidate. Denote by C the setof candidate vertices. In other words, a candidate vertex v has no predecessor whose protection implies saving v . See Figure 10 for anillustration on popular graph sub-classes of DAGs. In the case of Figure 10a, C = { , , , } ; e.g. , vertex 5 is not acandidate, since its protection saves vertices { , , } , but this is also guaranteed by saving vertex 2 instead, resultingin the maximal set of saved vertices { , , , , , , } . In Figure 10b, protecting vertex 1 suffices to save all theremaining non attacked vertices. Finally, in Figure 10c, the successors of the attacked vertices are exactly the set ofcandidates. Lemma 6.3.
Let G = ( V, A ) be a directed graph. Given I and Λ , there is an optimal protection strategy P ⊆ C .Proof. Let P ⊆ V \ I be an optimal protection strategy such that exists v ∈ P \C . Then, by the definition of candidate,there is a vertex u ∈ C whose isolated protection implies saving v , as well as, all the vertices that v alone was saving.Hence, a feasible protection strategy can be obtained by removing v from P and adding u to P : note that either theused budget is maintained, if u / ∈ P , or decreased, if u ∈ P . Let this strategy be denoted by ˜ P = ( P − { v } ) ∪ { u } .By contradiction, suppose that ˜ P is not optimal: there is some vertex r that was saved in P but not in ˜ P . In fact, wecan conclude that under P , r was saved due to v being saved (protected) and possibly due to some other vertices in P \ { v } ⊆ ˜ P . However, under ˜ P , v is also saved, as well, as the vertices in P \ { v } . Consequently, r is saved in ˜ P ,resulting in a contradiction.Furthermore, we can compute the value of candidate vertices. Definition 6.2.
For each v ∈ C , the value of v is denoted by p v and it corresponds to the number of saved vertices if v is the only protected vertex. In the example of Figure 10a, p = 1 , p = 6 , p = 1 and p = 1 . However, note that this analysis does not make theproblem trivial: in Figure 10a, if Λ = 2 , the optimal protection cannot be computed in a greedy way, i.e. , protectingvertices 1 and 2 is not optimal; the only optimal solution is to protect vertices 1 and 3.
Theorem 6.4. P ROTECT dir is NP-complete, even for directed acyclic graphs.Proof.
The statement of P
ROTECT dir is exactly the one of P
ROTECT in Section 3, except that the graph is directed.For sake of simplicity, we drop the subscript a from G a . 21omplexity of the Multilevel Critical Node Problem
121 10324567 8911 (a) Graph induced by V \ I is a polytree.
012 435 (b) Graph induced by V \ I is a DAG. (c) Graph induced by V \ I is an arborescence. Figure 10: The set I is represented by black vertices and candidate vertices are dashed.The problem is clearly in NP as given the protection P , the number of infected can be determined in polynomial timethrough a DFS.Next, we reduce CNP split to P ROTECT dir , showing its NP-hardness. Given an instance of CNP split , we build thefollowing graph G = ( V, A ) :• For each v ∈ ¯ V , we create the set of vertices T v = { t v , t v } in G , and the arc ( t v , t v ) .• For each v ∈ ¯ V , we replicate it in G , and for each edge ( r, v ) ∈ ¯ E with v ∈ ¯ V , the arc ( t r , v ) is added in G .• Finally, we add the only attacked vertex u to G and connect it with each t v for v ∈ ¯ V , through the arc ( u, t v ) .To complete the reduction it remains to set Λ = B and K = ⌊ q K + 1 ⌋ (obtained by solving ¯ K = (cid:0) K − (cid:1) ). SeeFigure 11 for an illustration of the reduction. ¯ V ¯ V S v ∈ ¯ V T v ∪ { u } ¯ V u Figure 11: Example of construction of G from ¯ G .First, note that C of G is { t v : v ∈ ¯ V } ∪ ¯ V , where the vertices in the first set have value at least , and the ones in thesecond have value 1. Hence, it is clear that the best protection strategy will prioritize the vertices t v . In fact, we can22omplexity of the Multilevel Critical Node Problemargue than only those vertices can be in an optimal protection strategy. If Λ = B ≥ ¯ V , then the instance of CNP split is trivial. Therefore, we can assume Λ =
B < ¯ V and thus, it holds P ∗ ⊂ { t v : v ∈ ¯ V } . Consequently, choosingthe optimal P ∗ means to minimize the vertices in T v , for v ∈ ¯ V , and in ¯ V that are connected to u . By construction,those vertices connected with u correspond to a connected component ¯ C in ¯ G . Thus, P ∗ minimizes the size of [ v ∈ ¯ C { t v } ∪ { u } ∪ ¯ C . The remaining of the proof follows an analogous reasoning to the proof of Theorem 3.3. In this section we restrict the protection problem to the case where the graph induced by V \ I is an arborescence. Definition 6.3.
A directed acyclic graph G = ( V, A ) is an arborescence if its underlying undirected graph is a treeand there is a single vertex (root) that has a unique directed path from it to all other vertices. In arborescence, the determination of C is straightforward. Since all vertices in V \ I have in-degree 1, either they areprotected by their predecessor, and thus are not a candidate, or they are direct successors of vertices in I . Therefore, C is the set of all successors of vertices in I . For an illustration see Figure 10c, where the vertices in C = { , } havein-degree 1. We can prove that in this case a greedy approach leads to optimality. Lemma 6.5.
Given G = ( V, A ) , I and Λ , if the graph induced by V \ I is an arborescence, then an optimal protec-tion can be determined in polynomial time, specifically, O ( | V | log( | V | )) . Moreover, if the induced graph is a set ofarborescences, the result also holds.Proof. We start by showing that a greedy procedure runs in time O ( | V | log( | V | )) .As previously observed, for arborescences, the set of candidate vertices is easy to compute: it is the set of all successorsof I .Next, the calculation of p v for each v ∈ C can be performed through a depth-first-search that records the saved verticesby candidates. This requires O ( | V | ) since the graph is an arborescence.Finally, the Λ candidate vertices of largest values are protected. This requires to order the vertices accordingly with { p v } v ∈C . Thus, the greedy method runs in O ( | V | log( | V | )) .Next, we show that the described method provides an optimal protection. Let P be the obtained protection throughthe greedy method. The key idea to prove the optimality of P is essentialy due to the fact that in an arborescence, C is simply the set of all successors of I , otherwise, if we have a vertex of in-degree at least 2, we do not have anarborescence. Thus, the protection strategy P cannot imply the protection of some candidate not in P . This shows theoptimality of P .Note that in trees (undirected graphs), it does not hold that C is the set of successors of the vertices in I . Hence,Lemma 6.5 does not extend to the undirected case. Remark 6.6.
Note that in Lemmata 6.3 and 6.5, we did not use the fact that b v = 1 ∀ v ∈ V . Thus, it also holds whenvertices’ benefits are not unitary. Acknowledgements
The authors wish to thank the support of the Institut de valorisation des données and Fonds de Recherche du Québecthrough the FRQ–IVADO Research Chair in Data Science for Combinatorial Game Theory, and the Natural Sciencesand Engineering Research Council of Canada through the discovery grant 2019-04557.
References [1] Bernardetta Addis, Marco Di Summa, and Andrea Grosso. Identifying critical nodes in undirected graphs:Complexity results and polynomial algorithms for the case of bounded treewidth.
Discrete Applied Mathematics ,161(16):2349–2360, Nov 2013.[2] Roberto Aringhieri, Andrea Grosso, Pierre Hosteins, and Rosario Scatamacchia. Polynomial and pseudo-polynomial time algorithms for different classes of the Distance Critical Node Problem.
Discrete Applied Math-ematics , 253:103–121, 2019. 23omplexity of the Multilevel Critical Node Problem[3] Stefan Arnborg, Jens Lagergren, and Detlef Seese. Easy problems for tree-decomposable graphs.
Journal ofAlgorithms , 12(2):308 – 340, 1991.[4] Ashwin Arulselvan, Clayton W. Commander, Lily Elefteriadou, and Panos M. Pardalos. Detecting critical nodesin sparse graphs.
Computers & Operations Research , 36(7):2193 – 2200, 2009.[5] Andrea Baggio, Margarida Carvalho, Andrea Lodi, and Andrea Tramontani. Multilevel approaches for the criticalnode problem.
Operations Research , To appear, 2020.[6] Kathleen D. Barnetson, Andrea C. Burgess, Jessica Enright, Jared Howell, David A. Pike, and Brady Ryan. Thefirebreak problem.
Networks , To appear, 2020.[7] Charles Blair. The computational complexity of multi-level linear programs.
Annals of Operations Research ,34(1):13–19, Dec 1992.[8] Vladimir Boginski and Clayton W. Commander.
Identifying Critical Nodes in Protein-Protein Interaction Net-works , pages 153–167. Clustering Challenges in Biological Networks. World Scientific, Feb 2009.[9] Gerald Brown, Matt Carlyle, Javier Salmerón, and R. Wood. Defending critical infrastructure.
Interfaces ,36:530–544, 12 2006.[10] Alberto Caprara, Margarida Carvalho, Andrea Lodi, and Gerhard J. Woeginger. A study on the computationalcomplexity of the bilevel knapsack problem.
SIAM Journal of Optimization , 24:823–838, 2014.[11] Margarida Carvalho, Andrea Lodi, and Patrice Marcotte. A polynomial algorithm for a continuous bilevel knap-sack problem.
Operations Research Letters , 46(2):185 – 188, 2018.[12] Thomas H. Cormen, Charles E. Leiserson, Ronald L. Rivest, and Clifford Stein.
Introduction to Algorithms,Third Edition . The MIT Press, 3rd edition, 2009.[13] Scott DeNegre.
Interdiction and Discrete Bilevel Linear Programming . PhD thesis, Lehigh University, 2011.[14] Marco Di Summa, Andrea Grosso, and Marco Locatelli. Complexity of the critical node problem over trees.
Computers and Operations Research , 38:1766–1774, 2011.[15] Tibor Dudás, Bettina Klinz, and Gerhard J. Woeginger. The computational complexity of multi-level bottleneckprogramming problems. In Athanasios Migdalas, Panos M. Pardalos, and Peter Värbrand, editors,
MultilevelOptimization: Algorithms and Application , pages 165–179, Boston, MA, 1998. Springer US.[16] Stephen Finbow, Andrew King, Gary MacGillivray, and Romeo Rizzi. The firefighter problem for graphs ofmaximum degree three.
Discrete Mathematics , 307(16):2094–2105, Jul 2007.[17] Fabio Furini, Ivana Ljubic, Enrico Malaguti, and Paolo Paronuzzi. Casting light on the hidden bilevel combina-torial structure of the k-vertex separator problem. In
OR-19-6, DEI, University of Bologna , 2019.[18] Fabio Furini, Ivana Ljubic, Sebastien Martin, and Pablo San Segundo. The maximum clique interdiction problem.
European Journal of Operational Research , 277:112–127, 02 2019.[19] Michael R. Garey and David S. Johnson.
Computers and Intractability; A Guide to the Theory of NP-Completeness . W. H. Freeman & Co., USA, 1990.[20] Jing He, Hongyu Liang, and Hao Yuan. Controlling infection by blocking nodes and links simultaneously. InNing Chen, Edith Elkind, and Elias Koutsoupias, editors,
Internet and Network Economics , pages 206–217,Berlin, Heidelberg, 2011. Springer Berlin Heidelberg.[21] Pierre Hosteins and Rosario Scatamacchia. The Stochastic Critical Node Problem over trees.
Networks ,76(3):381–401, 2020.[22] Robert G. Jeroslow. The polynomial hierarchy and a simple model for competitive analysis.
MathematicalProgramming , 32(2):146–164, Jun 1985.[23] Berit Johannes.
New Classes of Complete Problems for the Second Level of the Polynomial Hierarchy . PhDthesis, Technischen Universitat Berlin, 2011.[24] Richard M. Karp.
Reducibility among Combinatorial Problems , pages 85–103. Springer US, Boston, MA, 1972.[25] Mohammed Lalou and Hamamache Kheddouci. A polynomial-time algorithm for finding critical nodes in bipar-tite permutation graphs.
Optimization Letters , 13:1345–1364, 2019.[26] Mohammed Lalou, Mohammed Amin Tahraoui, and Hamamache Kheddouci. Component-cardinality-constrained critical node problem in graphs.
Discrete Applied Mathematics , 210:150–163, 2016.[27] Mohammed Lalou, Mohammed Amin Tahraoui, and Hamamache Kheddouci. The critical node detection prob-lem in networks: A survey.
Computer Science Review , 28:92 – 117, 2018.24omplexity of the Multilevel Critical Node Problem[28] Alexander Langer, Felix Reidl, Peter Rossmanith, and Somnath Sikdar. Practical algorithms for mso model-checking on tree-decomposable graphs.
Computer Science Review , 13(C):39–74, November 2014.[29] John M. Lewis and Mihalis Yannakakis. The node-deletion problem for hereditary properties is np-complete.
Journal of Computer and System Sciences , 20(2):219–230, Apr 1980.[30] Enrico Malizia. More complexity results about reasoning over (m)cp-nets. In
Proc. of the 17th InternationalConference on Autonomous Agents and Multiagent Systems (AAMAS 2018) , 2018.[31] P.A. Martin. Tri-level optimization models to defend critical infrastructure. Master’s thesis, Naval PostgraduateSchool, Monterey, 01 2007.[32] A. R. Meyer and L. J. Stockmeyer. The equivalence problem for regular expressions with squaring requiresexponential space. In , pages 125–129,1972.[33] Fabio Mogavero and Giuseppe Perelli. Binding Forms in First-Order Logic. In Stephan Kreutzer, editor, , volume 41 of
Leibniz International Pro-ceedings in Informatics (LIPIcs) , pages 648–665, Dagstuhl, Germany, 2015. Schloss Dagstuhl–Leibniz-Zentrumfuer Informatik.[34] Marcus Schaefer and Christopher Umans. Completeness in the polynomial-time hierarchy a compendium.
SigactNews - SIGACT , 33, 01 2002.[35] Siqian Shen, J. Cole Smith, and Roshan Goli. Exact interdiction models and algorithms for disconnecting net-works via node deletions.
Discrete Optimization , 9(3):172–188, Aug 2012.[36] Yi-Dong Shen and Thomas Eiter. Evaluating epistemic negation in answer set programming.
Artificial Intelli-gence , 237:115 – 135, 2016.[37] L. J. Stockmeyer and A. R. Meyer. Word problems requiring exponential time (preliminary report). In
Proceed-ings of the Fifth Annual ACM Symposium on Theory of Computing , STOC ’73, page 1–9, New York, NY, USA,1973. Association for Computing Machinery.[38] Vera Tomaino, Ashwin Arulselvan, Pierangelo Veltri, and Panos M. Pardalos.
Studying Connectivity Propertiesin Human Protein–Protein Interaction Network in Cancer Pathway , pages 187–197. Springer US, Boston, MA,2012.[39] Mario Ventresca, Kyle Robert Harrison, and Beatrice M. Ombuki-Berman. The bi-objective critical node detec-tion problem.
European Journal of Operational Research , 265(3):895–908, Mar 2018.[40] R.Kevin Wood. Deterministic network interdiction.
Mathematical and Computer Modelling , 17(2):1–18, Jan1993.[41] Celia Wrathall. Complete sets and the polynomial-time hierarchy.