Optimizing physical protection system using domain experienced exploration method

Assessing physical protection system efficiency is mostly done manually by security experts due to the complexity of the assessment process and lack of tools. Computer aided numerical vulnerability analysis has been developed to quantitatively assess physical protection systems. A variety of methods have been proposed to optimize physical protection systems, where one of the most advanced approaches entails precisely defining which security components should be selected and where they should be placed at protected facilities, taking into consideration adversary type, to maximize the probability that an adversary will be stopped at minimum system cost. The most computationally intensive part of the optimization process is the evaluation. The evaluation involves recreating search space and finding optimal adversary’s attack paths from each entry point. We present the domain experienced exploration method that optimizes evaluation process during the search for optimum solutions, considering results from previous evaluations. Performed experiments show that using the presented method, in real-world domains, results in a reduction of evaluation iterations

Optimization of security elements selection and placement in physical security system.

U procesu projektiranja sustava tehničke zaštite, na osnovu definiranih potencijalnih ciljeva napada i očekivanih tipova napadača, projektant odabire zaštitne elemente, određuje njihovu količinu i raspored u prostoru. Elementima zaštite želi se čim ranije detektirati napadača, a zatim ga usporiti u daljnjem kretanju prema cilju, kako bi ga tjelesna zaštita presrela i zaustavila napad. Cilj projektiranja je postići minimalno ulaganje u sustav uz postizanje dovoljne razine zaštite. Ručni odabir zaštitnih elemenata i subjektivna procjena postignute razine zaštite glavni su nedostaci današnjeg pristupa projektiranju sustava zaštite. Uvedena je metoda kojom se automatizirano provodi odabir i raspored zaštitnih elemenata u prostoru. Osnova metode je model koji opisuje napadača, tjelesnu zaštitu, prostor koji se štiti i dostupne zaštitne elemente. Iz njega se izvodi model koji opisuje moguće kretanje napadača prostorom te dostupne i odabrane elemente zaštite. Nad njime se provodi optimiranje odabira i pozicije zaštitnih elemenata. Predloženo je višekriterijsko optimiranje, zasnovano na evolucijskim algoritmima. Rezultat optimiranja je skup rješenja koja projektantu nude odabir onog koje zadovoljava minimalnu vjerojatnost presretanja napadača ili maksimalnu cijenu sustava. U proces optimiranja uvedena je hibridna metoda koja značajno ubrzava pronalazak kvalitetnih rješenja. Nad početnim grafom mogućeg kretanja napadača izvodi se algoritam koji izbacuje čvorove i pripadajuće veze koji sigurno ne mogu pripadati kritičnom putu napada. Primjenom algoritma znatno se smanjuje prostor pretraživanja. Drugi dio hibridne metode je stvaranje početne populacije jedinki, a koristeći domensko znanje, čime evolucijski algoritmi brže pronalaze kvalitetna rješenja. Drugi algoritam, nazvan D-EX2, implementiran je u proces evaluacije rješenja. Koristi znanje stečeno u ranijim evaluacijama i prema skupu pravila određuje postoji li ranije pronađeno rješenje koje predstavlja rezultat evaluacije predloženog rješenja, čime izbjegava nepotrebne izračune rješenja. Eksperimentima je dokazana učinkovitost izrađenih algoritama.The protection of a facility’s critical assets against theft or sabotage is commonly executed by implementing a physical protection system, usually consisting of intrusion detection, video surveillance, access control and other technical systems designed to detect and deter an adversary and trigger an appropriate physical response by security forces. In the process of designing a physical security system, the designer selects security elements, determines their quantity and arrangement. The goal of the design process is to achieve a minimum investment in the system, while achieving a sufficient level of protection. The manual selection of security elements and the subjective assessment of achieved protection levels are the main disadvantages of today's approach to the design of security systems. Although numerical threat analysis methods have been introduced in the last century, which are the basis for assessing the quality of a designed security solution, designers of physical security systems still most often use subjective methods to design these systems. The large selection of security elements and locations to which the selected element can be placed makes it highly likely that the project designer has not chosen a design solution that is close to optimal. An additional disadvantage is the subjective assessment of the effectiveness of the designed solution. Searching for possible solutions, suggesting approximately optimal solutions, and numerically determining the achieved level of protection requires a tool that will allow a designer to design significantly faster and with better quality. With today's development of machine learning algorithms and their application in various fields, users will expect the market to contain many software applications that can perform numerical analysis of security systems and propose optimal solutions. However, few such solutions are available today and those that do exist do provide only limited functionality or do not suggest optimal solutions at the level of selection and positioning of security elements. Therefore, the focus of this research is to develop a methodology that uses the definition of a protected facility in digital form, automates the optimization of the physical security system, and presents the security designer the set of possible solutions, where each solution provides a near-optimal level of protection in its price range. There are two main challenges in optimizing the physical protection system. The first challenge is that there are two Summary ii opposing goals of the optimization, the maximization of interruption probability coupled with the minimization of investment in the physical protection system. The second challenge is that search space is changed for each proposed solution, as security elements influence the optimal attack path, used for defining the solution quality. This doctoral dissertation consists of five chapters. The first chapter ("1. Introduction"), presents introductory considerations and motivation. Chapter two (" 2. Numerical methods for assessment of vulnerability to intrusion") defines methods to numerically assess the probability that an adversary will be detected and intercepted before reaching the target. The basis for numerical assessment is a probability function that an adversary would be detected and intercepted before reaching the target. The probability that an adversary will be detected during movement to the target depends on the skill of the adversary and the implemented security elements. The movements of an adversary and security forces can be described as the normal distribution so that interception probability depends on the location where an adversary is detected and can be expressed as a probability that the time it takes the adversary to reach the target, from the moment of detection, is higher than the reaction time of security forces. The adversary usually has a great number of possibilities for moving to the target. This chapter presents various methods to find the optimal path for the adversary, also known as the critical path, that gives the adversary the highest probability that his attack will be successful. Once the numerical assessment method is defined, chapter three (“3. Objective modeling of the physical protection system”) introduces a model that enables numerical assessment by describing the adversary, the security personnel, the facility that is being protected, and the available security devices. Currently, facilities are typically designed with software solutions that define all facility details in standardized digital form, so that each element of the building and surroundings is defined as an object which has a given position in space, shape, dimensions, build material, and interdependence with other elements in a three-dimensional space. The overview of the standards that describe indoor and outdoor building architecture as a data model is given. Such a definition makes it possible to automate the transformation of a description into a format suitable for optimization. Manually describing the protected facility is time-consuming, so the methodology for automated transfer from standardized geometric models to the proposed protected object model is presented. The host element model is presented to define properties of protected facility elements, such as geometry, Summary iii materials, and neighboring elements. It also defines if the host element may be used as a starting point of an attack or presents the attacking target. The adversary model defines a sneaking level, movement abilities, and available tools. Movement abilities are dependent on available tools and movement material and define the adversary’s movement speed. The security personnel model defines the security force's reaction time, neutralization capability, and communication probability. The security element model defines detection probability, blocking time, price, coverage measure, and security element placement. The next step, based on the above information, is to perform automatic geometric transformations that create a model of possible adversary movement. Different methods for creating a graph of possible attackers' movements are described. Graph nodes present elements of a facility that may be used for adversary movement and graph edges depict available paths between them. Such a representation of a protected facility and adversary may be used for automated optimization. Chapter four ("4. Optimization of security elements selection and placement in a physical security system") presents the method that automatically optimizes the design of a physical security system. Single-criteria and multi-criteria functions are compared, and due to multiple advantages, the multi-criteria method is chosen for further elaboration. The selection and placement of security elements are optimized by evolutionary algorithms that perform stochastic optimization methods by simulating evolutionary processes in nature. The standard evolution process is extended in this research with optimizations that speed up the search for quality solutions and avoid unnecessary evaluations of proposed solutions. Hybrid optimization reduces search space and proposes initial solutions that speed up the search for quality solutions. The automatic creation of an adversary's possible movements creates a graph with nodes that represent all possible movements. However, there are nodes among them that will not belong to any optimal path of adversary's movement for any proposed protection solution. Such nodes and associated edges can be removed from such a graph without affecting the quality of the solution and removing them reduces the search space. Graph elements that are unnecessary for optimization can be found by continuously finding the critical paths and placing all available security elements to nodes that belong to found critical paths. Such an algorithm can stop searching if there are no new nodes found in the last search for the optimal path. All nodes that have not been touched may be safely removed from the search space. Optimization of the proposed model can be performed using a genetic algorithm whereby the initial population is generated by random binary vectors. Summary iv Each bit represents if a certain security element is applied at a certain node. An understanding of the search domain allows for the creation of an initial population that gives the algorithm a greater probability of finding near-optimal Pareto front solutions for a given number of iterations. The placement of security elements affects their effectiveness. A detection element positioned closer to the start of the attack has greater efficiency than positioned closer to the attack target. Placing a blocking element closer to the target of an attack has a greater impact on the probability of an attack being stopped than a blocking element placed closer to the beginning of the critical path of attack. Based on this knowledge, the proposed optimization method adds a few individuals to the initial population that differ primarily in the price range of the proposed solution. This approach avoids that the proposed solutions cover a narrow segment of the search space. The method creates individuals with a focus on three sets of movement nodes: the initial, adjacent to the target node, and those that belong to multiple critical paths. Detection elements are placed at initial nodes and blocking elements are positioned at nodes adjacent to the target nodes. The protection of nodes that are members of multiple critical paths is effective because one security element affects multiple critical paths. Suggesting initial individuals reduces the number of iterations required to find quality, near-optimal solutions. Evolutionary algorithms propose solutions and require the evaluator to evaluate the quality of each of solution. The proposed solution contains a set of security elements that are placed at the construction elements of a protected facility and possibly affect the movement of the attacker. For each proposed solution, the evaluator modifies the search space, finds critical attack paths, and calculates the cost of proposed security elements and interruption probability. Such an optimization process requires a large number of changes to the search space and the search for critical attack paths. Introducing an algorithm that avoids unnecessary changes to the search space and calculates critical attack paths reduces the number of optimization iterations required and consequently shortens its execution time. The introduced method takes into consideration knowledge acquired during searches to avoid unnecessary calculations. Because of the way it works, this method is named Domain Experienced Exploration (D-EX2). The main concept is to check if the intersection of known solutions and the proposed solution is an empty set. If placing proposed security elements does not impact an already known critical path, then there is no need to calculate the critical path. An algorithm returns the previously found solution. If there is no knowledge about proposed security elements placement, then the algorithm will update search space, find critical paths, calculate solution cost and Summary v interruption quality, and add it to the list of found solutions. As the number of evaluations is increased, D-EX2 knowledge expands and the requirement for new calculations is reduced. The D-EX2 method can be used in parallel by different evolutionary algorithms to reduce the number of evaluations and shorten the time of the optimization. The experimental results of methods outlined in chapter four are presented in chapter five ("5. Experimental results"). Empirical experiments were carried out over real-world facilities representing a standard commercial building and a high-security facility thus employing optimization methods at different problem sizes and facility layouts. The first set of experiments has shown that the method for optimizing the graph of possible adversary movement, by removing facility elements that will never belong to the critical adversary path, significantly reduces the search space, up to 65%. The second set of experiments compares the number of evaluations carried out by evolutionary algorithms with and without the D-EX2 method. Multi-objective optimization was conducted using non-dominated sorting genetic algorithm NSGA-II. The optimization result is a spread of solutions near the true Pareto-optimal front. Numerous experiments were performed with different parameters of genetic algorithms to determine the dependence of the D-EX2 method optimization efficiency on the evolutionary algorithm population size, number of generations, and mutation probability. Experiments have shown that a higher number of generations increases D-EX2 efficiency as continuous algorithm execution builds-up D-EX2 experience while mutations slightly decrease method efficiency in some cases. Different facility layouts used for experiments had shown that the D-EX2 method results in better efficiency at facility layouts with a higher number of possible entries. For real-world facilities, the D-EX2 method avoided up to 75% unnecessary evaluation calculations. In the third set of experiments the initial population was populated using domain knowledge and the quality of results was compared to the standard implementation of evolutionary algorithms where the initial population is created randomly. Results have shown that populating the initial generation with few individuals, based on domain knowledge, produces better quality results no matter which genetic algorithm parameters are used. An additional advantage is that the results are uniformly dispersed on the Pareto front. The presented methods provide an automatic search for a set of solutions, where each solution presents a near-optimal security system for a given price range while avoiding Summary vi unnecessary calculations. Using domain knowledge allows for the discovery of near-optimal solutions with fewer evaluations compared to standard evolutionary algorithms

Numerical analysis of the object vulnerability to intrusion

U radu je razvijena metoda automatiziranog proračuna ugroženosti štićenog objekta temeljena na grafičkim alatima za projektiranje i modeliranje objekata. Iz grafičkog alata određuju se elementi štićenog objekta i njihova topološka struktura. Temeljem strukture elemenata određuje se kritični put napada, odnosno vjerojatnost prekida napada. Razrađena metoda za prosudbu ugroženosti zasniva se na algoritmima koji pronalaze moguće putove napada i odabiru kritičan put. Kao pomoć pri projektiranju sustava zaštite razvijen je algoritam koji pretražuje prostor mogućih rješenja i daje preporuku promjene i dodavanja sigurnosnih elemenata u svrhu smanjenja ugroženosti.Aim of this thesis is to develop a method of automatic numerical risk assessment calculations based on building design software. Building design software provides object elements and their topological structure. Using defined element structure method finds critical attack path, based on the probability of attack interruption. Defined vulnerability assessment method is based on algorithms for finding possible adversary attack paths and selecting the most critical path. To help design the security system, the algorithm is provided to search the acceptable solution space and to recommend security system changes and security elements adding to lower the security risk

Optimization of security elements selection and placement in physical security system.

U procesu projektiranja sustava tehničke zaštite, na osnovu definiranih potencijalnih ciljeva napada i očekivanih tipova napadača, projektant odabire zaštitne elemente, određuje njihovu količinu i raspored u prostoru. Elementima zaštite želi se čim ranije detektirati napadača, a zatim ga usporiti u daljnjem kretanju prema cilju, kako bi ga tjelesna zaštita presrela i zaustavila napad. Cilj projektiranja je postići minimalno ulaganje u sustav uz postizanje dovoljne razine zaštite. Ručni odabir zaštitnih elemenata i subjektivna procjena postignute razine zaštite glavni su nedostaci današnjeg pristupa projektiranju sustava zaštite. Uvedena je metoda kojom se automatizirano provodi odabir i raspored zaštitnih elemenata u prostoru. Osnova metode je model koji opisuje napadača, tjelesnu zaštitu, prostor koji se štiti i dostupne zaštitne elemente. Iz njega se izvodi model koji opisuje moguće kretanje napadača prostorom te dostupne i odabrane elemente zaštite. Nad njime se provodi optimiranje odabira i pozicije zaštitnih elemenata. Predloženo je višekriterijsko optimiranje, zasnovano na evolucijskim algoritmima. Rezultat optimiranja je skup rješenja koja projektantu nude odabir onog koje zadovoljava minimalnu vjerojatnost presretanja napadača ili maksimalnu cijenu sustava. U proces optimiranja uvedena je hibridna metoda koja značajno ubrzava pronalazak kvalitetnih rješenja. Nad početnim grafom mogućeg kretanja napadača izvodi se algoritam koji izbacuje čvorove i pripadajuće veze koji sigurno ne mogu pripadati kritičnom putu napada. Primjenom algoritma znatno se smanjuje prostor pretraživanja. Drugi dio hibridne metode je stvaranje početne populacije jedinki, a koristeći domensko znanje, čime evolucijski algoritmi brže pronalaze kvalitetna rješenja. Drugi algoritam, nazvan D-EX2, implementiran je u proces evaluacije rješenja. Koristi znanje stečeno u ranijim evaluacijama i prema skupu pravila određuje postoji li ranije pronađeno rješenje koje predstavlja rezultat evaluacije predloženog rješenja, čime izbjegava nepotrebne izračune rješenja. Eksperimentima je dokazana učinkovitost izrađenih algoritama.The protection of a facility’s critical assets against theft or sabotage is commonly executed by implementing a physical protection system, usually consisting of intrusion detection, video surveillance, access control and other technical systems designed to detect and deter an adversary and trigger an appropriate physical response by security forces. In the process of designing a physical security system, the designer selects security elements, determines their quantity and arrangement. The goal of the design process is to achieve a minimum investment in the system, while achieving a sufficient level of protection. The manual selection of security elements and the subjective assessment of achieved protection levels are the main disadvantages of today's approach to the design of security systems. Although numerical threat analysis methods have been introduced in the last century, which are the basis for assessing the quality of a designed security solution, designers of physical security systems still most often use subjective methods to design these systems. The large selection of security elements and locations to which the selected element can be placed makes it highly likely that the project designer has not chosen a design solution that is close to optimal. An additional disadvantage is the subjective assessment of the effectiveness of the designed solution. Searching for possible solutions, suggesting approximately optimal solutions, and numerically determining the achieved level of protection requires a tool that will allow a designer to design significantly faster and with better quality. With today's development of machine learning algorithms and their application in various fields, users will expect the market to contain many software applications that can perform numerical analysis of security systems and propose optimal solutions. However, few such solutions are available today and those that do exist do provide only limited functionality or do not suggest optimal solutions at the level of selection and positioning of security elements. Therefore, the focus of this research is to develop a methodology that uses the definition of a protected facility in digital form, automates the optimization of the physical security system, and presents the security designer the set of possible solutions, where each solution provides a near-optimal level of protection in its price range. There are two main challenges in optimizing the physical protection system. The first challenge is that there are two Summary ii opposing goals of the optimization, the maximization of interruption probability coupled with the minimization of investment in the physical protection system. The second challenge is that search space is changed for each proposed solution, as security elements influence the optimal attack path, used for defining the solution quality. This doctoral dissertation consists of five chapters. The first chapter ("1. Introduction"), presents introductory considerations and motivation. Chapter two (" 2. Numerical methods for assessment of vulnerability to intrusion") defines methods to numerically assess the probability that an adversary will be detected and intercepted before reaching the target. The basis for numerical assessment is a probability function that an adversary would be detected and intercepted before reaching the target. The probability that an adversary will be detected during movement to the target depends on the skill of the adversary and the implemented security elements. The movements of an adversary and security forces can be described as the normal distribution so that interception probability depends on the location where an adversary is detected and can be expressed as a probability that the time it takes the adversary to reach the target, from the moment of detection, is higher than the reaction time of security forces. The adversary usually has a great number of possibilities for moving to the target. This chapter presents various methods to find the optimal path for the adversary, also known as the critical path, that gives the adversary the highest probability that his attack will be successful. Once the numerical assessment method is defined, chapter three (“3. Objective modeling of the physical protection system”) introduces a model that enables numerical assessment by describing the adversary, the security personnel, the facility that is being protected, and the available security devices. Currently, facilities are typically designed with software solutions that define all facility details in standardized digital form, so that each element of the building and surroundings is defined as an object which has a given position in space, shape, dimensions, build material, and interdependence with other elements in a three-dimensional space. The overview of the standards that describe indoor and outdoor building architecture as a data model is given. Such a definition makes it possible to automate the transformation of a description into a format suitable for optimization. Manually describing the protected facility is time-consuming, so the methodology for automated transfer from standardized geometric models to the proposed protected object model is presented. The host element model is presented to define properties of protected facility elements, such as geometry, Summary iii materials, and neighboring elements. It also defines if the host element may be used as a starting point of an attack or presents the attacking target. The adversary model defines a sneaking level, movement abilities, and available tools. Movement abilities are dependent on available tools and movement material and define the adversary’s movement speed. The security personnel model defines the security force's reaction time, neutralization capability, and communication probability. The security element model defines detection probability, blocking time, price, coverage measure, and security element placement. The next step, based on the above information, is to perform automatic geometric transformations that create a model of possible adversary movement. Different methods for creating a graph of possible attackers' movements are described. Graph nodes present elements of a facility that may be used for adversary movement and graph edges depict available paths between them. Such a representation of a protected facility and adversary may be used for automated optimization. Chapter four ("4. Optimization of security elements selection and placement in a physical security system") presents the method that automatically optimizes the design of a physical security system. Single-criteria and multi-criteria functions are compared, and due to multiple advantages, the multi-criteria method is chosen for further elaboration. The selection and placement of security elements are optimized by evolutionary algorithms that perform stochastic optimization methods by simulating evolutionary processes in nature. The standard evolution process is extended in this research with optimizations that speed up the search for quality solutions and avoid unnecessary evaluations of proposed solutions. Hybrid optimization reduces search space and proposes initial solutions that speed up the search for quality solutions. The automatic creation of an adversary's possible movements creates a graph with nodes that represent all possible movements. However, there are nodes among them that will not belong to any optimal path of adversary's movement for any proposed protection solution. Such nodes and associated edges can be removed from such a graph without affecting the quality of the solution and removing them reduces the search space. Graph elements that are unnecessary for optimization can be found by continuously finding the critical paths and placing all available security elements to nodes that belong to found critical paths. Such an algorithm can stop searching if there are no new nodes found in the last search for the optimal path. All nodes that have not been touched may be safely removed from the search space. Optimization of the proposed model can be performed using a genetic algorithm whereby the initial population is generated by random binary vectors. Summary iv Each bit represents if a certain security element is applied at a certain node. An understanding of the search domain allows for the creation of an initial population that gives the algorithm a greater probability of finding near-optimal Pareto front solutions for a given number of iterations. The placement of security elements affects their effectiveness. A detection element positioned closer to the start of the attack has greater efficiency than positioned closer to the attack target. Placing a blocking element closer to the target of an attack has a greater impact on the probability of an attack being stopped than a blocking element placed closer to the beginning of the critical path of attack. Based on this knowledge, the proposed optimization method adds a few individuals to the initial population that differ primarily in the price range of the proposed solution. This approach avoids that the proposed solutions cover a narrow segment of the search space. The method creates individuals with a focus on three sets of movement nodes: the initial, adjacent to the target node, and those that belong to multiple critical paths. Detection elements are placed at initial nodes and blocking elements are positioned at nodes adjacent to the target nodes. The protection of nodes that are members of multiple critical paths is effective because one security element affects multiple critical paths. Suggesting initial individuals reduces the number of iterations required to find quality, near-optimal solutions. Evolutionary algorithms propose solutions and require the evaluator to evaluate the quality of each of solution. The proposed solution contains a set of security elements that are placed at the construction elements of a protected facility and possibly affect the movement of the attacker. For each proposed solution, the evaluator modifies the search space, finds critical attack paths, and calculates the cost of proposed security elements and interruption probability. Such an optimization process requires a large number of changes to the search space and the search for critical attack paths. Introducing an algorithm that avoids unnecessary changes to the search space and calculates critical attack paths reduces the number of optimization iterations required and consequently shortens its execution time. The introduced method takes into consideration knowledge acquired during searches to avoid unnecessary calculations. Because of the way it works, this method is named Domain Experienced Exploration (D-EX2). The main concept is to check if the intersection of known solutions and the proposed solution is an empty set. If placing proposed security elements does not impact an already known critical path, then there is no need to calculate the critical path. An algorithm returns the previously found solution. If there is no knowledge about proposed security elements placement, then the algorithm will update search space, find critical paths, calculate solution cost and Summary v interruption quality, and add it to the list of found solutions. As the number of evaluations is increased, D-EX2 knowledge expands and the requirement for new calculations is reduced. The D-EX2 method can be used in parallel by different evolutionary algorithms to reduce the number of evaluations and shorten the time of the optimization. The experimental results of methods outlined in chapter four are presented in chapter five ("5. Experimental results"). Empirical experiments were carried out over real-world facilities representing a standard commercial building and a high-security facility thus employing optimization methods at different problem sizes and facility layouts. The first set of experiments has shown that the method for optimizing the graph of possible adversary movement, by removing facility elements that will never belong to the critical adversary path, significantly reduces the search space, up to 65%. The second set of experiments compares the number of evaluations carried out by evolutionary algorithms with and without the D-EX2 method. Multi-objective optimization was conducted using non-dominated sorting genetic algorithm NSGA-II. The optimization result is a spread of solutions near the true Pareto-optimal front. Numerous experiments were performed with different parameters of genetic algorithms to determine the dependence of the D-EX2 method optimization efficiency on the evolutionary algorithm population size, number of generations, and mutation probability. Experiments have shown that a higher number of generations increases D-EX2 efficiency as continuous algorithm execution builds-up D-EX2 experience while mutations slightly decrease method efficiency in some cases. Different facility layouts used for experiments had shown that the D-EX2 method results in better efficiency at facility layouts with a higher number of possible entries. For real-world facilities, the D-EX2 method avoided up to 75% unnecessary evaluation calculations. In the third set of experiments the initial population was populated using domain knowledge and the quality of results was compared to the standard implementation of evolutionary algorithms where the initial population is created randomly. Results have shown that populating the initial generation with few individuals, based on domain knowledge, produces better quality results no matter which genetic algorithm parameters are used. An additional advantage is that the results are uniformly dispersed on the Pareto front. The presented methods provide an automatic search for a set of solutions, where each solution presents a near-optimal security system for a given price range while avoiding Summary vi unnecessary calculations. Using domain knowledge allows for the discovery of near-optimal solutions with fewer evaluations compared to standard evolutionary algorithms

Numerical analysis of the object vulnerability to intrusion

U radu je razvijena metoda automatiziranog proračuna ugroženosti štićenog objekta temeljena na grafičkim alatima za projektiranje i modeliranje objekata. Iz grafičkog alata određuju se elementi štićenog objekta i njihova topološka struktura. Temeljem strukture elemenata određuje se kritični put napada, odnosno vjerojatnost prekida napada. Razrađena metoda za prosudbu ugroženosti zasniva se na algoritmima koji pronalaze moguće putove napada i odabiru kritičan put. Kao pomoć pri projektiranju sustava zaštite razvijen je algoritam koji pretražuje prostor mogućih rješenja i daje preporuku promjene i dodavanja sigurnosnih elemenata u svrhu smanjenja ugroženosti.Aim of this thesis is to develop a method of automatic numerical risk assessment calculations based on building design software. Building design software provides object elements and their topological structure. Using defined element structure method finds critical attack path, based on the probability of attack interruption. Defined vulnerability assessment method is based on algorithms for finding possible adversary attack paths and selecting the most critical path. To help design the security system, the algorithm is provided to search the acceptable solution space and to recommend security system changes and security elements adding to lower the security risk

Optimization of security elements selection and placement in physical security system.

U procesu projektiranja sustava tehničke zaštite, na osnovu definiranih potencijalnih ciljeva napada i očekivanih tipova napadača, projektant odabire zaštitne elemente, određuje njihovu količinu i raspored u prostoru. Elementima zaštite želi se čim ranije detektirati napadača, a zatim ga usporiti u daljnjem kretanju prema cilju, kako bi ga tjelesna zaštita presrela i zaustavila napad. Cilj projektiranja je postići minimalno ulaganje u sustav uz postizanje dovoljne razine zaštite. Ručni odabir zaštitnih elemenata i subjektivna procjena postignute razine zaštite glavni su nedostaci današnjeg pristupa projektiranju sustava zaštite. Uvedena je metoda kojom se automatizirano provodi odabir i raspored zaštitnih elemenata u prostoru. Osnova metode je model koji opisuje napadača, tjelesnu zaštitu, prostor koji se štiti i dostupne zaštitne elemente. Iz njega se izvodi model koji opisuje moguće kretanje napadača prostorom te dostupne i odabrane elemente zaštite. Nad njime se provodi optimiranje odabira i pozicije zaštitnih elemenata. Predloženo je višekriterijsko optimiranje, zasnovano na evolucijskim algoritmima. Rezultat optimiranja je skup rješenja koja projektantu nude odabir onog koje zadovoljava minimalnu vjerojatnost presretanja napadača ili maksimalnu cijenu sustava. U proces optimiranja uvedena je hibridna metoda koja značajno ubrzava pronalazak kvalitetnih rješenja. Nad početnim grafom mogućeg kretanja napadača izvodi se algoritam koji izbacuje čvorove i pripadajuće veze koji sigurno ne mogu pripadati kritičnom putu napada. Primjenom algoritma znatno se smanjuje prostor pretraživanja. Drugi dio hibridne metode je stvaranje početne populacije jedinki, a koristeći domensko znanje, čime evolucijski algoritmi brže pronalaze kvalitetna rješenja. Drugi algoritam, nazvan D-EX2, implementiran je u proces evaluacije rješenja. Koristi znanje stečeno u ranijim evaluacijama i prema skupu pravila određuje postoji li ranije pronađeno rješenje koje predstavlja rezultat evaluacije predloženog rješenja, čime izbjegava nepotrebne izračune rješenja. Eksperimentima je dokazana učinkovitost izrađenih algoritama.The protection of a facility’s critical assets against theft or sabotage is commonly executed by implementing a physical protection system, usually consisting of intrusion detection, video surveillance, access control and other technical systems designed to detect and deter an adversary and trigger an appropriate physical response by security forces. In the process of designing a physical security system, the designer selects security elements, determines their quantity and arrangement. The goal of the design process is to achieve a minimum investment in the system, while achieving a sufficient level of protection. The manual selection of security elements and the subjective assessment of achieved protection levels are the main disadvantages of today's approach to the design of security systems. Although numerical threat analysis methods have been introduced in the last century, which are the basis for assessing the quality of a designed security solution, designers of physical security systems still most often use subjective methods to design these systems. The large selection of security elements and locations to which the selected element can be placed makes it highly likely that the project designer has not chosen a design solution that is close to optimal. An additional disadvantage is the subjective assessment of the effectiveness of the designed solution. Searching for possible solutions, suggesting approximately optimal solutions, and numerically determining the achieved level of protection requires a tool that will allow a designer to design significantly faster and with better quality. With today's development of machine learning algorithms and their application in various fields, users will expect the market to contain many software applications that can perform numerical analysis of security systems and propose optimal solutions. However, few such solutions are available today and those that do exist do provide only limited functionality or do not suggest optimal solutions at the level of selection and positioning of security elements. Therefore, the focus of this research is to develop a methodology that uses the definition of a protected facility in digital form, automates the optimization of the physical security system, and presents the security designer the set of possible solutions, where each solution provides a near-optimal level of protection in its price range. There are two main challenges in optimizing the physical protection system. The first challenge is that there are two Summary ii opposing goals of the optimization, the maximization of interruption probability coupled with the minimization of investment in the physical protection system. The second challenge is that search space is changed for each proposed solution, as security elements influence the optimal attack path, used for defining the solution quality. This doctoral dissertation consists of five chapters. The first chapter ("1. Introduction"), presents introductory considerations and motivation. Chapter two (" 2. Numerical methods for assessment of vulnerability to intrusion") defines methods to numerically assess the probability that an adversary will be detected and intercepted before reaching the target. The basis for numerical assessment is a probability function that an adversary would be detected and intercepted before reaching the target. The probability that an adversary will be detected during movement to the target depends on the skill of the adversary and the implemented security elements. The movements of an adversary and security forces can be described as the normal distribution so that interception probability depends on the location where an adversary is detected and can be expressed as a probability that the time it takes the adversary to reach the target, from the moment of detection, is higher than the reaction time of security forces. The adversary usually has a great number of possibilities for moving to the target. This chapter presents various methods to find the optimal path for the adversary, also known as the critical path, that gives the adversary the highest probability that his attack will be successful. Once the numerical assessment method is defined, chapter three (“3. Objective modeling of the physical protection system”) introduces a model that enables numerical assessment by describing the adversary, the security personnel, the facility that is being protected, and the available security devices. Currently, facilities are typically designed with software solutions that define all facility details in standardized digital form, so that each element of the building and surroundings is defined as an object which has a given position in space, shape, dimensions, build material, and interdependence with other elements in a three-dimensional space. The overview of the standards that describe indoor and outdoor building architecture as a data model is given. Such a definition makes it possible to automate the transformation of a description into a format suitable for optimization. Manually describing the protected facility is time-consuming, so the methodology for automated transfer from standardized geometric models to the proposed protected object model is presented. The host element model is presented to define properties of protected facility elements, such as geometry, Summary iii materials, and neighboring elements. It also defines if the host element may be used as a starting point of an attack or presents the attacking target. The adversary model defines a sneaking level, movement abilities, and available tools. Movement abilities are dependent on available tools and movement material and define the adversary’s movement speed. The security personnel model defines the security force's reaction time, neutralization capability, and communication probability. The security element model defines detection probability, blocking time, price, coverage measure, and security element placement. The next step, based on the above information, is to perform automatic geometric transformations that create a model of possible adversary movement. Different methods for creating a graph of possible attackers' movements are described. Graph nodes present elements of a facility that may be used for adversary movement and graph edges depict available paths between them. Such a representation of a protected facility and adversary may be used for automated optimization. Chapter four ("4. Optimization of security elements selection and placement in a physical security system") presents the method that automatically optimizes the design of a physical security system. Single-criteria and multi-criteria functions are compared, and due to multiple advantages, the multi-criteria method is chosen for further elaboration. The selection and placement of security elements are optimized by evolutionary algorithms that perform stochastic optimization methods by simulating evolutionary processes in nature. The standard evolution process is extended in this research with optimizations that speed up the search for quality solutions and avoid unnecessary evaluations of proposed solutions. Hybrid optimization reduces search space and proposes initial solutions that speed up the search for quality solutions. The automatic creation of an adversary's possible movements creates a graph with nodes that represent all possible movements. However, there are nodes among them that will not belong to any optimal path of adversary's movement for any proposed protection solution. Such nodes and associated edges can be removed from such a graph without affecting the quality of the solution and removing them reduces the search space. Graph elements that are unnecessary for optimization can be found by continuously finding the critical paths and placing all available security elements to nodes that belong to found critical paths. Such an algorithm can stop searching if there are no new nodes found in the last search for the optimal path. All nodes that have not been touched may be safely removed from the search space. Optimization of the proposed model can be performed using a genetic algorithm whereby the initial population is generated by random binary vectors. Summary iv Each bit represents if a certain security element is applied at a certain node. An understanding of the search domain allows for the creation of an initial population that gives the algorithm a greater probability of finding near-optimal Pareto front solutions for a given number of iterations. The placement of security elements affects their effectiveness. A detection element positioned closer to the start of the attack has greater efficiency than positioned closer to the attack target. Placing a blocking element closer to the target of an attack has a greater impact on the probability of an attack being stopped than a blocking element placed closer to the beginning of the critical path of attack. Based on this knowledge, the proposed optimization method adds a few individuals to the initial population that differ primarily in the price range of the proposed solution. This approach avoids that the proposed solutions cover a narrow segment of the search space. The method creates individuals with a focus on three sets of movement nodes: the initial, adjacent to the target node, and those that belong to multiple critical paths. Detection elements are placed at initial nodes and blocking elements are positioned at nodes adjacent to the target nodes. The protection of nodes that are members of multiple critical paths is effective because one security element affects multiple critical paths. Suggesting initial individuals reduces the number of iterations required to find quality, near-optimal solutions. Evolutionary algorithms propose solutions and require the evaluator to evaluate the quality of each of solution. The proposed solution contains a set of security elements that are placed at the construction elements of a protected facility and possibly affect the movement of the attacker. For each proposed solution, the evaluator modifies the search space, finds critical attack paths, and calculates the cost of proposed security elements and interruption probability. Such an optimization process requires a large number of changes to the search space and the search for critical attack paths. Introducing an algorithm that avoids unnecessary changes to the search space and calculates critical attack paths reduces the number of optimization iterations required and consequently shortens its execution time. The introduced method takes into consideration knowledge acquired during searches to avoid unnecessary calculations. Because of the way it works, this method is named Domain Experienced Exploration (D-EX2). The main concept is to check if the intersection of known solutions and the proposed solution is an empty set. If placing proposed security elements does not impact an already known critical path, then there is no need to calculate the critical path. An algorithm returns the previously found solution. If there is no knowledge about proposed security elements placement, then the algorithm will update search space, find critical paths, calculate solution cost and Summary v interruption quality, and add it to the list of found solutions. As the number of evaluations is increased, D-EX2 knowledge expands and the requirement for new calculations is reduced. The D-EX2 method can be used in parallel by different evolutionary algorithms to reduce the number of evaluations and shorten the time of the optimization. The experimental results of methods outlined in chapter four are presented in chapter five ("5. Experimental results"). Empirical experiments were carried out over real-world facilities representing a standard commercial building and a high-security facility thus employing optimization methods at different problem sizes and facility layouts. The first set of experiments has shown that the method for optimizing the graph of possible adversary movement, by removing facility elements that will never belong to the critical adversary path, significantly reduces the search space, up to 65%. The second set of experiments compares the number of evaluations carried out by evolutionary algorithms with and without the D-EX2 method. Multi-objective optimization was conducted using non-dominated sorting genetic algorithm NSGA-II. The optimization result is a spread of solutions near the true Pareto-optimal front. Numerous experiments were performed with different parameters of genetic algorithms to determine the dependence of the D-EX2 method optimization efficiency on the evolutionary algorithm population size, number of generations, and mutation probability. Experiments have shown that a higher number of generations increases D-EX2 efficiency as continuous algorithm execution builds-up D-EX2 experience while mutations slightly decrease method efficiency in some cases. Different facility layouts used for experiments had shown that the D-EX2 method results in better efficiency at facility layouts with a higher number of possible entries. For real-world facilities, the D-EX2 method avoided up to 75% unnecessary evaluation calculations. In the third set of experiments the initial population was populated using domain knowledge and the quality of results was compared to the standard implementation of evolutionary algorithms where the initial population is created randomly. Results have shown that populating the initial generation with few individuals, based on domain knowledge, produces better quality results no matter which genetic algorithm parameters are used. An additional advantage is that the results are uniformly dispersed on the Pareto front. The presented methods provide an automatic search for a set of solutions, where each solution presents a near-optimal security system for a given price range while avoiding Summary vi unnecessary calculations. Using domain knowledge allows for the discovery of near-optimal solutions with fewer evaluations compared to standard evolutionary algorithms