Hugh R. Medal

Robust facility location: Hedging against failures

While few companies would be willing to sacrifice day-to-day operations to hedge against disruptions, designing for robustness can yield solutions that perform well before and after failures have occurred. Through a multi-objective optimization approach this paper provides decision makers the option to trade-off total weighted distance before and after disruptions in the Facility Location Problem. Additionally, this approach allows decision makers to understand the impact on the opening of facilities on total distance and on system robustness (considering the system as the set of located facilities). This approach differs from previous studies in that hedging against failures is done without having to elicit facility failure probabilities concurrently without requiring the allocation of additional hardening/protections resources. The approach is applied to two datasets from the literature.

Methods for removing links in a network to minimize the spread of infections

Minimizing the spread of infections is a challenging problem, and it is the subject matter in many different fields such as epidemiology and cyber-security. In this paper, we investigate link removal as an intervention strategy and study the relative effectiveness of different link removal methods in minimizing the spread of infections in a network. With that in mind, we develop four connectivity-based network interdiction models and formulate these models as mixed integer linear programs. The first model minimizes the number of connections between infected and susceptible nodes; the second the number of susceptible nodes having one or more connections with infected nodes; the third the total number of paths between infected and susceptible nodes; and the fourth the total weight of the paths between infected and susceptible nodes. We also propose heuristic algorithms to solve the models. The network interdiction models act as link removal methods, i.e., each return a solution consisting of a set of links to remove in the network. We compare the effectiveness of these four methods with the effectiveness of an existing link removal method 25, a method based on link betweenness centrality 18, and random link removal method. Our results show that complete isolation of susceptible nodes from infected nodes is the most effective method in reducing the average number of new infections (reduce occurrence) under most scenarios, and the relative effectiveness of the complete isolation method increases with transmission probability. In contrast, removing the highest probability transmission paths is the most effective method in increasing the average time to infect half of the susceptible nodes (reduce speed) under most scenarios, and the relative effectiveness of this method decreases with transmission probability. HighlightsWe present four new network interdiction models to minimize spread in a network.We formulate the models as mixed-integer linear programs.We propose heuristic algorithms to solve the network interdiction models.We report run-times using CPLEX and also the run-times of the heuristic algorithms.We report the effectiveness of the network interdiction models in minimizing the spread of infections compared to several existing methods.

Interdicting attack graphs to protect organizations from cyber attacks

Todays organizations are inherently open and connected, sharing knowledge and ideas in order to remain innovative. As a result, these organizations are also more vulnerable to information theft through different forms of security breaches caused by hackers and competitors. One way of understanding the vulnerability of an information system is to build and analyze the attack graph of that system. The attack graph of an information system contains all the paths that can be used to penetrate the system in order to breach critical assets. Although existing literature provides an abundance of attack graph generation algorithms, more methods are required to help analyze the attack graphs. In this paper, we study how best to deploy security countermeasures to protect an organization by analyzing the vulnerability of the organization through the use of its attack graph. In particular, we present an approach to find an optimal affordable subset of arcs, called an interdiction plan, on an attack graph that should be protected from attack to minimize the loss due to security breaches. We formulate this problem as a bi-level mixed-integer linear program and develop an exact algorithm to solve it. Experiments show that the algorithm is able to solve relatively large problems. Two heuristic methods, one with and the other without a heuristic to solve the master problem and both limiting the master problem branch-and-bound tree to only one node solve the large problems remarkably well. Experiments also reveal that the quality of an interdiction plan is relatively insensitive with respect to the error in the estimate of the attackers budget, and that the breach loss drops sharply at the beginning, then levels off before finally dropping sharply again with increases in the security budget. HighlightsWe develop an attacker-defender bi-level network interdiction model to interdict attack graphs.We formulate the model using mixed-integer linear programming and provide two alternative formulations for the inner problem.We develop a customized algorithm to solve the formulation with binary variables in both levels.We show through computational results that our algorithm is capable of solving relatively large problems for different parameter combinations.We provide valuable insights about the computational performance of our algorithm and also about the behavior of the attacker and the defender.

A multi-objective integrated facility location-hardening model: Analyzing the pre- and post-disruption tradeoff

Two methods of reducing the risk of disruptions to distribution systems are (1) strategically locating facilities to mitigate against disruptions and (2) hardening facilities. These two activities have been treated separately in most of the academic literature. This article integrates facility location and facility hardening decisions by studying the minimax facility location and hardening problem (MFLHP), which seeks to minimize the maximum distance from a demand point to its closest located facility after facility disruptions. The formulation assumes that the decision maker is risk averse and thus interested in mitigating against the facility disruption scenario with the largest consequence, an objective that is appropriate for modeling facility interdiction. By taking advantage of the MFLHP’s structure, a natural three-stage formulation is reformulated as a single-stage mixed-integer program (MIP). Rather than solving the MIP directly, the MFLHP can be decomposed into sub-problems and solved using a binary search algorithm. This binary search algorithm is the basis for a multi-objective algorithm, which computes the Pareto-efficient set for the pre- and post-disruption maximum distance. The multi-objective algorithm is illustrated in a numerical example, and experimental results are presented that analyze the tradeoff between objectives.

Botnet detection using graph-based feature clustering

Detecting botnets in a network is crucial because bots impact numerous areas such as cyber security, finance, health care, law enforcement, and more. Botnets are becoming more sophisticated and dangerous day-by-day, and most of the existing rule based and flow based detection methods may not be capable of detecting bot activities in an efficient and effective manner. Hence, designing a robust and fast botnet detection method is of high significance. In this study, we propose a novel botnet detection methodology based on topological features of nodes within a graph: in degree, out degree, in degree weight, out degree weight, clustering coefficient, node betweenness, and eigenvector centrality. A self-organizing map clustering method is applied to establish clusters of nodes in the network based on these features. Our method is capable of isolating bots in clusters of small sizes while containing the majority of normal nodes in the same big cluster. Thus, bots can be detected by searching a limited number of nodes. A filtering procedure is also developed to further enhance the algorithm efficiency by removing inactive nodes from consideration. The methodology is verified using the CTU-13 datasets, and benchmarked against a classification-based detection method. The results show that our proposed method can efficiently detect the bots despite their varying behaviors.

A bi-objective analysis of the r-all-neighbor p-center problem

Abstract In this paper we consider a generalization of the p -center problem called the r -all-neighbor p -center problem (RANPCP). The objective of the RANPCP is to minimize the maximum distance from a demand point to its r th-closest located facility. The RANPCP is applicable to facility location with disruptions because it considers the maximum transportation distance after ( r - 1 ) facilities are disrupted. While this problem has been studied from a single-objective perspective, this paper studies two bi-objective versions. The main contributions of this paper are (1) algorithms for computing the Pareto-efficient sets for two pairs of objectives (closest distance vs r th-closest distance and cost vs. r th-closest distance) and (2) an empirical analysis that gives several useful insights into the RANPCP. Based on the empirical results, the RANPCP produces solutions that not only minimize vulnerability but also perform reasonably well when disruptions do not occur. In contrast, if disruptions are not considered when locating facilities, the consequence due to facility disruptions is much higher, on average, than if disruptions had been considered. Thus, our results show the importance of optimizing for vulnerability. Therefore, we recommend a bi-objective analysis.

Models for reducing the risk of critical networked infrastructures

In this paper, we review the literature studying how to reduce the disruption risk to critical networked infrastructures. This is an important area of research because huge consequences result from infrastructure disruptions. As a result, this research area has grown a lot in the last decade. In this review we discuss articles from the literature, place them into categories, and suggest topics for future research. Our review shows that although this area is growing in popularity, there are still many important opportunities for future work.

A maximal covering location-based model for analyzing the vulnerability of landscapes to wildfires: Assessing the worst-case scenario

In this research, we study the vulnerability of landscapes to wildfires based on the impact of the worst-case scenario ignition locations. Using this scenario, we model wildfires that cause the largest damage to a landscape over a given time horizon. The landscape is modeled as a grid network, and the spread of wildfire is modeled using the minimum travel time model. To assess the impact of a wildfire in the worst-case scenario, we develop a mathematical programming model to optimally locate the ignition points so that the resulting wildfire results in the maximum damage. We compare the impacts of the worst-case wildfires (with optimally located ignition points) with the impacts of wildfires with randomly located ignition points on three landscape test cases clipped out from three national forests located in the western U.S. Our results indicate that the worst-case wildfires, on average, have more than twice the impact on landscapes than wildfires with randomly located ignition points.

Allocating Protection Resources to Facilities When the Effect of Protection is Uncertain

We study a new facility protection problem in which one must allocate scarce protection resources to a set of facilities given that allocating resources to a facility only has a probabilistic effect on the facility’s post-disruption capacity. This study seeks to test three common assumptions made in the literature on modeling infrastructure systems subject to disruptions: 1) perfect protection, e.g., protecting an element makes it fail-proof, 2) binary protection, i.e., an element is either fully protected or unprotected, and 3) binary state, i.e., disrupted elements are fully operational or non-operational. We model this facility protection problem as a two-stage stochastic program with endogenous uncertainty. Because this stochastic program is non-convex we present a greedy algorithm and show that it has a worst-case performance of 0.63. However, empirical results indicate that the average performance is much better. In addition, experimental results indicate that the mean-value version of this model, in which parameters are set to their mean values, performs close to optimal. Results also indicate that the perfect and binary protection assumptions together significantly affect the performance of a model. On the other hand, the binary state assumption was found to have a smaller effect.

Mitigating a pyro-terror attack using fuel treatment

ABSTRACT We study a security problem in which an adversary seeks to attack a landscape by setting a wildfire in a strategic location, whereas wildfire managers wish to mitigate the damage of the attack by implementing a fuel treatment in the landscape. We model the problem as a min–max Stackelberg game with the goal of identifying an optimal fuel treatment plan that minimizes the impact of a pyro-terror attack. As the adversarys problem is discrete, we use a decomposition algorithm suitable for integer bi-level programs. We test our model on three test landscape cases located in the Western United States. The results indicate that fuel treatment can effectively mitigate the effects of an attack: implementing fuel treatment on 2, 5, and 10% of the landscape, on average, reduces the damage caused by a pyro-terror attack by 14, 27, and 43%, respectively. The resulting fuel treatment plan is also effective in mitigating natural wildfires with randomly placed ignition points. The pyro-terrorism mitigation problem studied in this article is equivalent to the b-interdiction-covering problem where the intermediate nodes are subject to interdiction. It can also be interpreted as the problem of identifying the b-most-vital nodes in a one-to-all shortest path problem.