Locating and Protecting Facilities Subject to Random Disruptions and Attacks

Recent events such as the 2011 Tohoku earthquake and tsunami in Japan have revealed the vulnerability of networks such as supply chains to disruptive events. In particular, it has become apparent that the failure of a few elements of an infrastructure system can cause a system-wide disruption. Thus, it is important to learn more about which elements of infrastructure systems are most critical and how to protect an infrastructure system from the effects of a disruption. This dissertation seeks to enhance the understanding of how to design and protect networked infrastructure systems from disruptions by developing new mathematical models and solution techniques and using them to help decision-makers by discovering new decision-making insights. Several gaps exist in the body of knowledge concerning how to design and protect networks that are subject to disruptions. First, there is a lack of insights on how to make equitable decisions related to designing networks subject to disruptions. This is important in public-sector decision-making where it is important to generate solutions that are equitable across multiple stakeholders. Second, there is a lack of models that integrate system design and system protection decisions. These models are needed so that we can understand the benefit of integrating design and protection decisions. Finally, most of the literature makes several key assumptions: 1) protection of infrastructure elements is perfect, 2) an element is either fully protected or fully unprotected, and 3) after a disruption facilities are either completely operational or completely failed. While these may be reasonable assumptions in some contexts, there may exist contexts in which these assumptions are limiting. There are several difficulties with filling these gaps in the literature. This dissertation describes the discovery of mathematical formulations needed to fill these gaps as well as the identification of appropriate solution strategies

Synthesis, Interdiction, and Protection of Layered Networks

This research developed the foundation, theory, and framework for a set of analysis techniques to assist decision makers in analyzing questions regarding the synthesis, interdiction, and protection of infrastructure networks. This includes extension of traditional network interdiction to directly model nodal interdiction; new techniques to identify potential targets in social networks based on extensions of shortest path network interdiction; extension of traditional network interdiction to include layered network formulations; and develops models/techniques to design robust layered networks while considering trade-offs with cost. These approaches identify the maximum protection/disruption possible across layered networks with limited resources, find the most robust layered network design possible given the budget limitations while ensuring that the demands are met, include traditional social network analysis, and incorporate new techniques to model the interdiction of nodes and edges throughout the formulations. In addition, the importance and effects of multiple optimal solutions for these (and similar) models is investigated. All the models developed are demonstrated on notional examples and were tested on a range of sample problem sets

Network Survivability Analysis: Coarse-Graining And Graph-Theoretic Strategies

In this dissertation, the interplay between geographic information about the network and the principal properties and structure of the underlying graph are used to quantify the structural and functional survivability of the network. This work focuses on the local aspect of survivability by studying the propagation of loss in the network as a function of the distance of the fault from a given origin-destination node pair

Privacy-Friendly Collaboration for Cyber Threat Mitigation

Sharing of security data across organizational boundaries has often been advocated as a promising way to enhance cyber threat mitigation. However, collaborative security faces a number of important challenges, including privacy, trust, and liability concerns with the potential disclosure of sensitive data. In this paper, we focus on data sharing for predictive blacklisting, i.e., forecasting attack sources based on past attack information. We propose a novel privacy-enhanced data sharing approach in which organizations estimate collaboration benefits without disclosing their datasets, organize into coalitions of allied organizations, and securely share data within these coalitions. We study how different partner selection strategies affect prediction accuracy by experimenting on a real-world dataset of 2 billion IP addresses and observe up to a 105% prediction improvement.Comment: This paper has been withdrawn as it has been superseded by arXiv:1502.0533

Proposition of a Novel Multipath-Routing Protocol for Manets Connected Via Positioning of UAVS Using Ant Colony Optimization Meta-Algorithms

In the forthcoming operational theatre, combat radio nodes will be strategically positioned to facilitate a myriad of manoeuvres, constituting a dynamic mobile ad-hoc network (MANET), where communication among participating nodes is achieved collaboratively without fixed base stations. However, due to the nodes' mobility, the cohesive formation may fragment into smaller clusters, while conversely, multiple smaller groups might amalgamate into larger entities. In such a dynamic milieu, the integration of unmanned aerial vehicles (UAVs) emerges as a potent solution to enhance network coverage and connectivity among disparate groups. Sending of information all over the MANETs is dependent mostly on methodologies of routing, where the on-request unitary paths procedures to route like AODV and AOMDV (which stands for routing via multiple roads) play crucial roles. Leveraging authentic topographic data becomes imperative to ascertain precise connectivity metrics among nodes, while devising an efficient resource allocation strategy for reliable communication via UAVs warrants attention. Given the predominance of line-of-sight links between UAVs and ground nodes, substantial traffic is anticipated despite less amount of information sectional resources. Furthermore, diverse quality-of-service requirements of network traffic necessitate prioritization based on tactical imperatives. In these studies, formulations have been done for Unmanned Flying Vehicle localizing problems geared towards maximal connectivity inside groups along with information section allocating problems aimed at increasing utilities of GC to maximum levels, demonstrating superiority over conventional methodologies through numerical analysis validating the efficacy of our proposed scheme. Wireless connections implemented rapid growths in recent times essentially network of MANET, showcasing significant developments of science and technology

Modeling, analysis and defense strategies against Internet attacks.

Third, we have analyzed the tradeoff between delay caused by filtering of worms at routers, and the delay due to worms' excessive amount of network traffic. We have used the optimal control problem, to determine the appropriate tradeoffs between these two delays for a given rate of a worm spreading. Using our technique we can minimize the overall network delay by finding the number of routers that should perform filtering and the time at which they should start the filtering process.Many early Internet protocols were designed without a fundamentally secure infrastructure and hence vulnerable to attacks such as denial of service (DoS) attacks and worms. DoS attacks attempt to consume the resources of a remote host or network, thereby denying or degrading service to legitimate users. Network forensics is an emerging area wherein the source or the cause of the attacker is determined using IDS tools. The problem of finding the source(s) of attack(s) is called the "trace back problem". Lately, Internet worms have become a major problem for the security of computer networks, causing considerable amount of resources and time to be spent recovering from the disruption of systems. In addition to breaking down victims, these worms create large amounts of unnecessary network data traffic that results in network congestion, thereby affecting the entire network.In this dissertation, first we solve the trace back problem more efficiently in terms of the number of routers needed to complete the track back. We provide an efficient algorithm to decompose a network into connected components and construct a terminal network. We show that for a terminal network with n routers, the trace back can be completed in O(log n) steps.Second, we apply two classical epidemic SIS and SIR models to study the spread of Internet Worm. The analytical models that we provide are useful in determining the rate of spread and time required to infect a majority of the nodes in the network. Our simulation results on large Internet like topologies show that in a fairly small amount of time, 80% of the network nodes is infected

Quantifying Resiliency Risk Metrics through Facility Dispersion

During the last century, airbases were attacked at least 26 times in an effort to destroy the enemy at its base. Attacks on military airbases impose prohibitive losses to critical infrastructure, which in turn impacts the maintenance of air power projection. The primary enemy threat facing critical infrastructure today is the use of ballistic and land-attack cruise missiles to disrupt an airbase’s ability to launch and recover aircraft. Over the last decade, ballistic and cruise missile technology has grown to allow the world’s most powerful countries to achieve a nascent threat to forward operating bases used in theater security campaigns worldwide. Planners can reduce the impact of ballistic and cruise missile attacks on aircraft projection platforms by incorporating a number of resiliency measures, including dispersal of critical infrastructure assets, such as aircraft fuel containment and conveyance equipment. The integration of resiliency measures increases construction costs; therefore, planners need to identify an optimum balance between maximizing airbase resiliency and minimizing site costs. This research presents an airbase resiliency assessment capable of quantifying facility dispersal and risk tolerance levels in an environment threatened by missile attack. Model performance was evaluated using a case study from Osan AB, Republic of Korea. The model’s distinctive capabilities are expected to support planners in the critical task of analyzing and selecting the design strategy that maximizes airbase resiliency against the threat of ballistic and cruise missile attack