Attacking Shortest Paths by Cutting Edges

Identifying shortest paths between nodes in a network is a common graph analysis problem that is important for many applications involving routing of resources. An adversary that can manipulate the graph structure could alter traffic patterns to gain some benefit (e.g., make more money by directing traffic to a toll road). This paper presents the Force Path Cut problem, in which an adversary removes edges from a graph to make a particular path the shortest between its terminal nodes. We prove that this problem is APX-hard, but introduce PATHATTACK, a polynomial-time approximation algorithm that guarantees a solution within a logarithmic factor of the optimal value. In addition, we introduce the Force Edge Cut and Force Node Cut problems, in which the adversary targets a particular edge or node, respectively, rather than an entire path. We derive a nonconvex optimization formulation for these problems, and derive a heuristic algorithm that uses PATHATTACK as a subroutine. We demonstrate all of these algorithms on a diverse set of real and synthetic networks, illustrating the network types that benefit most from the proposed algorithms.Comment: 37 pages, 11 figures; Extended version of arXiv:2104.0376

Optimal Interdiction of Attack Plans

ABSTRACT We present a Stackelberg game model of security in which the defender chooses a mitigation strategy that interdicts potential attack actions, and the attacker responds by computing an optimal attack plan that circumvents the deployed mitigations. First, we offer a general formulation for deterministic plan interdiction as a mixed-integer program, and use constraint generation to compute optimal solutions, leveraging state-of-the-art partial satisfaction planning techniques. We also present a greedy heuristic for this problem, and compare its performance with the optimal MILP-based approach. We then extend our framework to incorporate uncertainty about attacker's capabilities, costs, goals, and action execution uncertainty, and show that these extensions retain the basic structure of the deterministic plan interdiction problem. Introduction of more general models of planning uncertainty require us to model the attacker's problem as a general MDP, and demonstrate that the MDP interdiction problem can still be solved using the basic constraint generation framework