A Constrained, Possibilistic Logical Approach for Software System Survivability Evaluation

In this paper, we present a logical framework to facilitate users in assessing a software system in terms of the required survivability features. Survivability evaluation is essential in linking foreign software components to an existing system or obtaining software systems from external sources. It is important to make sure that any foreign components/systems will not compromise the current system’s survivability properties. Given the increasing large scope and complexity of modern software systems, there is a need for an evaluation framework to accommodate uncertain, vague, or even ill-known knowledge for a robust evaluation based on multi-dimensional criteria. Our framework incorporates user-defined constrains on survivability requirements. Necessity-based possibilistic uncertainty and user survivability requirement constraints are effectively linked to logic reasoning. A proof-of-concept system has been developed to validate the proposed approach. To our best knowledge, our work is the first attempt to incorporate vague, imprecise information into software system survivability evaluation

A Taxonomy for and Analysis of Anonymous Communications Networks

Any entity operating in cyberspace is susceptible to debilitating attacks. With cyber attacks intended to gather intelligence and disrupt communications rapidly replacing the threat of conventional and nuclear attacks, a new age of warfare is at hand. In 2003, the United States acknowledged that the speed and anonymity of cyber attacks makes distinguishing among the actions of terrorists, criminals, and nation states difficult. Even President Obama’s Cybersecurity Chief-elect recognizes the challenge of increasingly sophisticated cyber attacks. Now through April 2009, the White House is reviewing federal cyber initiatives to protect US citizen privacy rights. Indeed, the rising quantity and ubiquity of new surveillance technologies in cyberspace enables instant, undetectable, and unsolicited information collection about entities. Hence, anonymity and privacy are becoming increasingly important issues. Anonymization enables entities to protect their data and systems from a diverse set of cyber attacks and preserves privacy. This research provides a systematic analysis of anonymity degradation, preservation and elimination in cyberspace to enhance the security of information assets. This includes discovery/obfuscation of identities and actions of/from potential adversaries. First, novel taxonomies are developed for classifying and comparing well-established anonymous networking protocols. These expand the classical definition of anonymity and capture the peer-to-peer and mobile ad hoc anonymous protocol family relationships. Second, a unique synthesis of state-of-the-art anonymity metrics is provided. This significantly aids an entity’s ability to reliably measure changing anonymity levels; thereby, increasing their ability to defend against cyber attacks. Finally, a novel epistemic-based mathematical model is created to characterize how an adversary reasons with knowledge to degrade anonymity. This offers multiple anonymity property representations and well-defined logical proofs to ensure the accuracy and correctness of current and future anonymous network protocol design

Proceedings of the 9th MIT/ONR workshop on C3 Systems, held at Naval Postgraduate School and Hilton Inn Resort Hotel, Monterey, California June 2 through June 5, 1986

GRSN 627729"December 1986."Includes bibliographical references and index.Sponsored by Massachusetts Institute of Technology, Laboratory for Information and Decision Systems, Cambridge, Mass., with support from the Office of Naval Research. ONR/N00014-77-C-0532(NR041-519) Sponsored in cooperation with IEEE Control Systems Society, Technical Committee on C.edited by Michael Athans, Alexander H. Levis

Proceedings of the 5th MIT/ONR Workshop on C[3] Systems, held at Naval Postgraduate School, Monterey, California, August 23 to 27, 1982

"December 1982."Includes bibliographies and index.Office of Naval Research Contract no. ONR/N00014-77-C-0532 NR041-519edited by Michael Athans ... [et al.]

Risk-based framework for ballast water safety management

Ballast water has been identified as a major vector for the translocation of Non- Indigenous Invasive Species (NIS) and pathogens across zoogeographical regions and subsequent discharged into recipient port states/regions. This is bound to increase given factors like the globalization of trade and the economy of scale of the ship size. Established NIS has posed significant threat to the human health, economy, finances and marine bio-diversity of recipient regions and port states. The risks associated with the discharged NIS are uncertain and difficult to assess due to the stochastic nature of species assemblages and dispersal mechanism. The safest control measure advocated by the IMO is the conduct of ballast water exchange at sea while appropriate and effective proto-type treatment technologies are being developed and approved for future application. This study has been conducted while recognizing the inability of probabilistic approaches applied in ballast water risk management to addressing uncertainty and inadequacy of data. A qualitative approach using powerful multi-criteria decision making techniques and the safety principles of the Formal Safety Assessment framework have been utilized in this research to develop three generic models for ballast water hazard estimation, risk evaluation and decision-making analysis respectively. The models are capable of being modified and utilized in the industry to address the problems of uncertainty and inadequacy of data in ballast water management. This is particularly useful as an interim measure for port states in developing economies (with insufficient data and technology) to developed robust ballast water management plans. While recognising the huge impact of ballast water pollution in recipient regions this study recommends that ballast water management programmes be given due recognition as an important element of sustainable development programmes at national and international levels. The non-availability of a benchmark based on previous research on which to fully validate the research outcome was identified as a major limitation of this research study. The models developed will therefore be subject to modifications as new data become available

Optimization Approaches for Improving Mitigation and Response Operations in Disaster Management

Disasters are calamitous events that severely affect the life conditions of an entire community, being the disasters either nature-based (e.g., earthquake) or man-made (e.g., terroristic attack). Disaster-related issues are usually dealt with according to the Disaster Operations Management (DOM) framework, which is composed of four phases: mitigation and preparedness, which address pre-disaster issues, and response and recovery, which tackle problems arising after the occurrence of a disaster. The ultimate scope of this dissertation is to present novel optimization models and algorithms aimed at improving operations belonging to the mitigation and response phases of the DOM. On the mitigation side, this thesis focuses on the protection of Critical Information Infrastructures (CII), which are commonly deemed to include communication and information networks. The majority of all the other Critical Infrastructures (CI), such as electricity, fuel and water supply as well as transportation systems, are crucially dependent on CII. Therefore, problems associated with CII that disrupt the services they are able to provide (whether to a single end-user or to another CI) are of increasing interest. This dissertation reviews several issues emerging in the Critical Information Infrastructures Protection (CIIP), field such as: how to identify the most critical components of a communication network whose disruption would affect the overall system functioning; how to mitigate the consequences of such calamitous events through protection strategies; and how to design a system which is intrinsically able to hedge against disruptions. To this end, this thesis provides a description of the seminal optimization models that have been developed to address the aforementioned issues in the general field of Critical Infrastructures Protection (CIP). Models are grouped in three categories which address the aforementioned issues: survivability-oriented interdiction, resource allocation strategy, and survivable design models; existing models are reviewed and possible extensions are proposed. In fact, some models have already been developed for CII (i.e., survivability-interdiction and design models), while others have been adapted from the literature on other CI (i.e., resource allocation strategy models). The main gap emerging in the CII field is that CII protection has been quite overlooked which has led to review optimization models that have been developed for the protection of other CI. Hence, this dissertation contributes to the literature in the field by also providing a survey of the multi-level programs that have been developed for protecting supply chains, transportation systems (e.g., railway infrastructures), and utility networks (e.g., power and water supply systems), in order to adapt them for CII protection. Based on the review outcomes, this thesis proposes a novel linear bi-level program for CIIP to mitigate worst-case disruptions through protection investments entailing network design operations, namely the Critical Node Detection Problem with Fortification (CNDPF), which integrates network survivability assessment, resource allocation strategies and design operations. To the best of my knowledge, this is the first bi-level program developed for CIIP. The model is solved through a Super Valid Inequalities (SVI) decomposition approach and a Greedy Constructive and Local Search (GCLS) heuristic. Computational results are reported for real communication networks and for different levels of both disaster magnitude and protection resources. On the response side, this thesis identifies the current challenges in devising realistic and applicable optimization models in the shelter location and evacuation routing context and outlines a roadmap for future research in this topical area. A shelter is a facility where people belonging to a community hit by a disaster are provided with different kinds of services (e.g., medical assistance, food). The role of a shelter is fundamental for two categories of people: those who are unable to make arrangements to other safe places (e.g., family or friends are too far), and those who belong to special-needs populations (e.g., disabled, elderly). People move towards shelter sites, or alternative safe destinations, when they either face or are going to face perilous circumstances. The process of leaving their own houses to seek refuge in safe zones goes under the name of evacuation. Two main types of evacuation can be identified: self-evacuation (or car-based evacuation) where individuals move towards safe sites autonomously, without receiving any kind of assistance from the responder community, and supported evacuation where special-needs populations (e.g., disabled, elderly) require support from emergency services and public authorities to reach some shelter facilities. This dissertation aims at identifying the central issues that should be addressed in a comprehensive shelter location/evacuation routing model. This is achieved by a novel meta-analysis that entail: (1) analysing existing disaster management surveys, (2) reviewing optimization models tackling shelter location and evacuation routing operations, either separately or in an integrated manner, (3) performing a critical analysis of existing papers combining shelter location and evacuation routing, concurrently with the responses of their authors, and (4) comparing the findings of the analysis of the papers with the findings of the existing disaster management surveys. The thesis also provides a discussion on the emergent challenges of shelter location and evacuation routing in optimization such as the need for future optimization models to involve stakeholders, include evacuee as well as system behaviour, be application-oriented rather than theoretical or model-driven, and interdisciplinary and, eventually, outlines a roadmap for future research. Based on the identified challenges, this thesis presents a novel scenario-based mixed-integer program which integrates shelter location, self-evacuation and supported-evacuation decisions, namely the Scenario-Indexed Shelter Location and Evacuation Routing (SISLER) problem. To the best of my knowledges, this is the second model including shelter location, self-evacuation and supported-evacuation however, SISLER deals with them based on the provided meta-analysis. The model is solved through a Branch-and-Cut algorithm of an off-the-shelf software, enriched with valid inequalities adapted from the literature. Computational results are reported for both testbed instances and a realistic case study

Proceedings of the 8th MIT/ONR Workshop on C[3] Systems, held at Massachusetts Institute of Technology, Cambridge, Massachusetts, June 24 to 28, 1985

"December 1985."Includes bibliographies and index.Office of Naval Research Contract no. ONR/N00014-77-C-0532 NR-041-519edited by Michael Athans and Alexander H. Levis

Operational Decision Making under Uncertainty: Inferential, Sequential, and Adversarial Approaches

Modern security threats are characterized by a stochastic, dynamic, partially observable, and ambiguous operational environment. This dissertation addresses such complex security threats using operations research techniques for decision making under uncertainty in operations planning, analysis, and assessment. First, this research develops a new method for robust queue inference with partially observable, stochastic arrival and departure times, motivated by cybersecurity and terrorism applications. In the dynamic setting, this work develops a new variant of Markov decision processes and an algorithm for robust information collection in dynamic, partially observable and ambiguous environments, with an application to a cybersecurity detection problem. In the adversarial setting, this work presents a new application of counterfactual regret minimization and robust optimization to a multi-domain cyber and air defense problem in a partially observable environment