11 research outputs found
Curvature and Optimal Algorithms for Learning and Minimizing Submodular Functions
We investigate three related and important problems connected to machine
learning: approximating a submodular function everywhere, learning a submodular
function (in a PAC-like setting [53]), and constrained minimization of
submodular functions. We show that the complexity of all three problems depends
on the 'curvature' of the submodular function, and provide lower and upper
bounds that refine and improve previous results [3, 16, 18, 52]. Our proof
techniques are fairly generic. We either use a black-box transformation of the
function (for approximation and learning), or a transformation of algorithms to
use an appropriate surrogate function (for minimization). Curiously, curvature
has been known to influence approximations for submodular maximization [7, 55],
but its effect on minimization, approximation and learning has hitherto been
open. We complete this picture, and also support our theoretical claims by
empirical results.Comment: 21 pages. A shorter version appeared in Advances of NIPS-201
Secluded Connectivity Problems
Consider a setting where possibly sensitive information sent over a path in a
network is visible to every {neighbor} of the path, i.e., every neighbor of
some node on the path, thus including the nodes on the path itself. The
exposure of a path can be measured as the number of nodes adjacent to it,
denoted by . A path is said to be secluded if its exposure is small. A
similar measure can be applied to other connected subgraphs, such as Steiner
trees connecting a given set of terminals. Such subgraphs may be relevant due
to considerations of privacy, security or revenue maximization. This paper
considers problems related to minimum exposure connectivity structures such as
paths and Steiner trees. It is shown that on unweighted undirected -node
graphs, the problem of finding the minimum exposure path connecting a given
pair of vertices is strongly inapproximable, i.e., hard to approximate within a
factor of for any (under an
appropriate complexity assumption), but is approximable with ratio
, where is the maximum degree in the graph. One of
our main results concerns the class of bounded-degree graphs, which is shown to
exhibit the following interesting dichotomy. On the one hand, the minimum
exposure path problem is NP-hard on node-weighted or directed bounded-degree
graphs (even when the maximum degree is 4). On the other hand, we present a
polynomial algorithm (based on a nontrivial dynamic program) for the problem on
unweighted undirected bounded-degree graphs. Likewise, the problem is shown to
be polynomial also for the class of (weighted or unweighted) bounded-treewidth
graphs
Combinatorial optimization in networks with Shared Risk Link Groups
International audienceThe notion of Shared Risk Link Groups (SRLG) captures survivability issues when a set of links of a network may fail simultaneously. The theory of survivable network design relies on basic combinatorial objects that are rather easy to compute in the classical graph models: shortest paths, minimum cuts, or pairs of disjoint paths. In the SRLG context, the optimization criterion for these objects is no longer the number of edges they use, but the number of SRLGs involved. Unfortunately, computing these combinatorial objects is NP-hard and hard to approximate with this objective in general. Nevertheless some objects can be computed in polynomial time when the SRLGs satisfy certain structural properties of locality which correspond to practical ones, namely the star property (all links affected by a given SRLG are incident to a unique node) and the span 1 property (the links affected by a given SRLG form a connected component of the network). The star property is defined in a multi-colored model where a link can be affected by several SRLGs while the span property is defined only in a mono-colored model where a link can be affected by at most one SRLG. In this paper, we extend these notions to characterize new cases in which these optimization problems can be solved in polynomial time. We also investigate the computational impact of the transformation from the multi-colored model to the mono-colored one. Experimental results are presented to validate the proposed algorithms and principles
A framework for Cybersecurity of Supervisory Control and Data Acquisition (SCADA) Systems and Industrial Control Systems (ICS)
The motivation behind this thesis is to provide an efficient and comprehensive solution to secure Supervisory Control and Data Acquisition (SCADA) systems and Industrial Control Systems (ICS). SCADA/ICS systems used to be on isolated networks. However, due to the increase in popularity and advancements of wireless networking and cloud technologies, SCADA/ICS systems have begun to expand their connectivity to the cloud; the extent of such connectivity can vary from system to system. Benefits of connecting to the internet/cloud are substantial, but such connectivity also makes those system vulnerable, for no longer being isolated.
Device recognition is useful first step in vulnerability identification and defense augmentation, but due to the lack of full traceability in case of legacy SCADA/ICS systems, the typical device recognition based on document inspection is not applicable. leading to the possibility of unaccounted security vulnerabilities in such systems. We propose a hybrid approach involving the mix of communication patterns and passive fingerprinting to identify unknown device types, manufacturers, and models. In addition, our ANDVI implementation maps the identified devices to their known vulnerabilities
To identify how interdependence among existing atomic vulnerabilities may be exploited by an adversary to stitch together an attack that can compromise the system, we propose a model-checking based Automated Attack-Graph Generator and Visualizer (A2G2V). The proposed A2G2V algorithm uses existing model-checking tools, an architecture description tool, and our own code to generate an attack-graph that enumerates the set of all possible sequences in which atomic-level vulnerabilities can be exploited to compromise system security.
Attack-graphs analysis enables security administrators to establish appropriate security measurements to secure their system but practical considerations on time and cost can pose limit on their ability to address all system-level vulnerabilities at once. In this thesis, we propose an approach that identifies label-cuts within an attack-graph to automatically identify a set of critical-attacks that, when blocked, renders the system secure. The identification of a minimal label-cut is in general NP-complete, and in order to deal with this computational complexity, we propose a linear complexity approximation utilizing the Strongly-Connected-Components (SCCs) to identify a cut possessing a minimum number of labels and representing a critical-attacks set. Also, we compare our proposed algorithm to an exact minimum label-cut algorithm and to an approximation algorithm, both taken from the literature and report the improvements.
The proposed approaches were tested on real-world case studies, including two IT network systems and a SCADA network for a water treatment cyber-physical system
approximation and hardness results for label cut and related problems
We investigate a natural combinatorial optimization problem called the Label Cut problem. Given an input graph G with a source s and a sink t, the edges of G are classified into different categories, represented by a set of labels. The labels may also have weights. We want to pick a subset of labels of minimum cardinality (or minimum total weight), such that the removal of all edges with these labels disconnects s and t. We give the first non-trivial approximation and hardness results for the Label Cut problem. Firstly, we present an O(m) -approximation algorithm for the Label Cut problem, where m is the number of edges in the input graph. Secondly, we show that it is NP-hard to approximate Label Cut within 2log 1-1 / log log cnn for any constant c<1/2, where n is the input length of the problem. Thirdly, our techniques can be applied to other previously considered optimization problems. In particular we show that the Minimum Label Path problem has the same approximation hardness as that of Label Cut, simultaneously improving and unifying two known hardness results for this problem which were previously the best (but incomparable due to different complexity assumptions). © 2009 Springer Science+Business Media, LLC
approximation and hardness results for label cut and related problems
South Central UniversityWe investigate a natural combinatorial optimization problem called the Label Cut problem. Given an input graph G with a source s and a sink t, the edges of G are classified into different categories, represented by a set of labels. The labels may also have weights. We want to pick a subset of labels of minimum cardinality (or minimum total weight), such that the removal of all edges with these labels disconnects s and t. We give the first non-trivial approximation and hardness results for the Label Cut problem. Firstly, we present an O(√m)-approximation algorithm for the Label Cut problem, where m is the number of edges in the input graph. Secondly, we show that it is NP-hard to approximate Label Cut within 2log1-1/log logc nn for any constant c < 1/2, where n is the input length of the problem. Thirdly, our techniques can be applied to other previously considered optimization problems. In particular we show that the Minimum Label Path problem has the same approximation hardness as that of Label Cut, simultaneously improving and unifying two known hardness results for this problem which were previously the best (but incomparable due to different complexity assumptions). © Springer-Verlag Berlin Heidelberg 2009