Enhancing Network Resilience through Machine Learning-powered Graph Combinatorial Optimization: Applications in Cyber Defense and Information Diffusion

With the burgeoning advancements of computing and network communication technologies, network infrastructures and their application environments have become increasingly complex. Due to the increased complexity, networks are more prone to hardware faults and highly susceptible to cyber-attacks. Therefore, for rapidly growing network-centric applications, network resilience is essential to minimize the impact of attacks and to ensure that the network provides an acceptable level of services during attacks, faults or disruptions. In this regard, this thesis focuses on developing effective approaches for enhancing network resilience. Existing approaches for enhancing network resilience emphasize on determining bottleneck nodes and edges in the network and designing proactive responses to safeguard the network against attacks. However, existing solutions generally consider broader application domains and possess limited applicability when applied to specific application areas such as cyber defense and information diffusion, which are highly popular application domains among cyber attackers. These solutions often prioritize general security measures and may not be able to address the complex targeted cyberattacks [147, 149]. Cyber defense and information diffusion application domains usually consist of sensitive networks that attackers target to gain unauthorized access, potentially causing significant financial and reputational loss. This thesis aims to design effective, efficient and scalable techniques for discovering bottleneck nodes and edges in the network to enhance network resilience in cyber defense and information diffusion application domains. We first investigate a cyber defense graph optimization problem, i.e., hardening active directory systems by discovering bottleneck edges in the network. We then study the problem of identifying bottleneck structural hole spanner nodes, which are crucial for information diffusion in the network. We transform both problems into graph-combinatorial optimization problems and design machine learning based approaches for discovering bottleneck points vital for enhancing network resilience. This thesis makes the following four contributions. We first study defending active directories by discovering bottleneck edges in the network and make the following two contributions. (1) To defend active directories by discovering and blocking bottleneck edges in the graphs, we first prove that deriving an optimal defensive policy is #P-hard. We design a kernelization technique that reduces the active directory graph to a much smaller condensed graph. We propose an effective edge-blocking defensive policy by combining neural network-based dynamic program and evolutionary diversity optimization to defend active directory graphs. The key idea is to accurately train the attacking policy to obtain an effective defensive policy. The experimental evaluations on synthetic AD attack graphs demonstrate that our defensive policy generates effective defense. (2) To harden large-scale active directory graphs, we propose reinforcement learning based policy that uses evolutionary diversity optimization to generate edge-blocking defensive plans. The main idea is to train the attacker’s policy on multiple independent defensive plan environments simultaneously so as to obtain effective defensive policy. The experimental results on synthetic AD graphs show that the proposed defensive policy is highly effective, scales better and generates better defensive plans than our previously proposed neural network-based dynamic program and evolutionary diversity optimization approach. We then investigate discovering bottleneck structural hole spanner nodes in the network and make the following two contributions. (3) To discover bottleneck structural hole spanner nodes in large-scale and diverse networks, we propose two graph neural network models, GraphSHS and Meta-GraphSHS. The main idea is to transform the SHS identification problem into a learning problem and use the graph neural network models to learn the bottleneck nodes. Besides, the Meta-GraphSHS model learns generalizable knowledge from diverse training graphs to create a customized model that can be fine-tuned to discover SHSs in new unseen diverse graphs. Our experimental results show that the proposed models are highly effective and efficient. (4) To identify bottleneck structural hole spanner nodes in dynamic networks, we propose a decremental algorithm and graph neural network model. The key idea of our proposed algorithm is to reduce the re-computations by identifying affected nodes due to updates in the network and performing re-computations for affected nodes only. Our graph neural network model considers the dynamic network as a series of snapshots and learns to discover SHS nodes in these snapshots. Our experiments demonstrate that the proposed approaches achieve significant speedup over re-computations for dynamic graphs.Thesis (Ph.D.) -- University of Adelaide, School of Computer and Mathematical Sciences, 202

Grundy Distinguishes Treewidth from Pathwidth

Structural graph parameters, such as treewidth, pathwidth, and clique-width, are a central topic of study in parameterized complexity. A main aim of research in this area is to understand the "price of generality" of these widths: as we transition from more restrictive to more general notions, which are the problems that see their complexity status deteriorate from fixed-parameter tractable to intractable? This type of question is by now very well-studied, but, somewhat strikingly, the algorithmic frontier between the two (arguably) most central width notions, treewidth and pathwidth, is still not understood: currently, no natural graph problem is known to be W-hard for one but FPT for the other. Indeed, a surprising development of the last few years has been the observation that for many of the most paradigmatic problems, their complexities for the two parameters actually coincide exactly, despite the fact that treewidth is a much more general parameter. It would thus appear that the extra generality of treewidth over pathwidth often comes "for free". Our main contribution in this paper is to uncover the first natural example where this generality comes with a high price. We consider Grundy Coloring, a variation of coloring where one seeks to calculate the worst possible coloring that could be assigned to a graph by a greedy First-Fit algorithm. We show that this well-studied problem is FPT parameterized by pathwidth; however, it becomes significantly harder (W[1]-hard) when parameterized by treewidth. Furthermore, we show that Grundy Coloring makes a second complexity jump for more general widths, as it becomes para-NP-hard for clique-width. Hence, Grundy Coloring nicely captures the complexity trade-offs between the three most well-studied parameters. Completing the picture, we show that Grundy Coloring is FPT parameterized by modular-width.Comment: To be published in proceedings of ESA 202

Design and Analysis of Strategic Behavior in Networks

Networks permeate every aspect of our social and professional life.A networked system with strategic individuals can represent a variety of real-world scenarios with socioeconomic origins. In such a system, the individuals\u27 utilities are interdependent---one individual\u27s decision influences the decisions of others and vice versa. In order to gain insights into the system, the highly complicated interactions necessitate some level of abstraction. To capture the otherwise complex interactions, I use a game theoretic model called Networked Public Goods (NPG) game. I develop a computational framework based on NPGs to understand strategic individuals\u27 behavior in networked systems. The framework consists of three components that represent different but complementary angles to the understanding. The first part is learning, which aims to produce quantitative and interpretable models of individuals\u27 behavior. The second part focuses on analyzing the individuals\u27 equilibrium behavior, providing guidance on what a rational individual would do when facing other individuals\u27 strategic behavior. The individuals\u27 equilibrium behavior may not be socially preferable, motivating the third part to investigate designing their behavior through network modifications

Using MapReduce Streaming for Distributed Life Simulation on the Cloud

Distributed software simulations are indispensable in the study of large-scale life models but often require the use of technically complex lower-level distributed computing frameworks, such as MPI. We propose to overcome the complexity challenge by applying the emerging MapReduce (MR) model to distributed life simulations and by running such simulations on the cloud. Technically, we design optimized MR streaming algorithms for discrete and continuous versions of Conway’s life according to a general MR streaming pattern. We chose life because it is simple enough as a testbed for MR’s applicability to a-life simulations and general enough to make our results applicable to various lattice-based a-life models. We implement and empirically evaluate our algorithms’ performance on Amazon’s Elastic MR cloud. Our experiments demonstrate that a single MR optimization technique called strip partitioning can reduce the execution time of continuous life simulations by 64%. To the best of our knowledge, we are the first to propose and evaluate MR streaming algorithms for lattice-based simulations. Our algorithms can serve as prototypes in the development of novel MR simulation algorithms for large-scale lattice-based a-life models.https://digitalcommons.chapman.edu/scs_books/1014/thumbnail.jp