Enhancing Network Resilience through Machine Learning-powered Graph Combinatorial Optimization: Applications in Cyber Defense and Information Diffusion

With the burgeoning advancements of computing and network communication technologies, network infrastructures and their application environments have become increasingly complex. Due to the increased complexity, networks are more prone to hardware faults and highly susceptible to cyber-attacks. Therefore, for rapidly growing network-centric applications, network resilience is essential to minimize the impact of attacks and to ensure that the network provides an acceptable level of services during attacks, faults or disruptions. In this regard, this thesis focuses on developing effective approaches for enhancing network resilience. Existing approaches for enhancing network resilience emphasize on determining bottleneck nodes and edges in the network and designing proactive responses to safeguard the network against attacks. However, existing solutions generally consider broader application domains and possess limited applicability when applied to specific application areas such as cyber defense and information diffusion, which are highly popular application domains among cyber attackers. These solutions often prioritize general security measures and may not be able to address the complex targeted cyberattacks [147, 149]. Cyber defense and information diffusion application domains usually consist of sensitive networks that attackers target to gain unauthorized access, potentially causing significant financial and reputational loss. This thesis aims to design effective, efficient and scalable techniques for discovering bottleneck nodes and edges in the network to enhance network resilience in cyber defense and information diffusion application domains. We first investigate a cyber defense graph optimization problem, i.e., hardening active directory systems by discovering bottleneck edges in the network. We then study the problem of identifying bottleneck structural hole spanner nodes, which are crucial for information diffusion in the network. We transform both problems into graph-combinatorial optimization problems and design machine learning based approaches for discovering bottleneck points vital for enhancing network resilience. This thesis makes the following four contributions. We first study defending active directories by discovering bottleneck edges in the network and make the following two contributions. (1) To defend active directories by discovering and blocking bottleneck edges in the graphs, we first prove that deriving an optimal defensive policy is #P-hard. We design a kernelization technique that reduces the active directory graph to a much smaller condensed graph. We propose an effective edge-blocking defensive policy by combining neural network-based dynamic program and evolutionary diversity optimization to defend active directory graphs. The key idea is to accurately train the attacking policy to obtain an effective defensive policy. The experimental evaluations on synthetic AD attack graphs demonstrate that our defensive policy generates effective defense. (2) To harden large-scale active directory graphs, we propose reinforcement learning based policy that uses evolutionary diversity optimization to generate edge-blocking defensive plans. The main idea is to train the attacker’s policy on multiple independent defensive plan environments simultaneously so as to obtain effective defensive policy. The experimental results on synthetic AD graphs show that the proposed defensive policy is highly effective, scales better and generates better defensive plans than our previously proposed neural network-based dynamic program and evolutionary diversity optimization approach. We then investigate discovering bottleneck structural hole spanner nodes in the network and make the following two contributions. (3) To discover bottleneck structural hole spanner nodes in large-scale and diverse networks, we propose two graph neural network models, GraphSHS and Meta-GraphSHS. The main idea is to transform the SHS identification problem into a learning problem and use the graph neural network models to learn the bottleneck nodes. Besides, the Meta-GraphSHS model learns generalizable knowledge from diverse training graphs to create a customized model that can be fine-tuned to discover SHSs in new unseen diverse graphs. Our experimental results show that the proposed models are highly effective and efficient. (4) To identify bottleneck structural hole spanner nodes in dynamic networks, we propose a decremental algorithm and graph neural network model. The key idea of our proposed algorithm is to reduce the re-computations by identifying affected nodes due to updates in the network and performing re-computations for affected nodes only. Our graph neural network model considers the dynamic network as a series of snapshots and learns to discover SHS nodes in these snapshots. Our experiments demonstrate that the proposed approaches achieve significant speedup over re-computations for dynamic graphs.Thesis (Ph.D.) -- University of Adelaide, School of Computer and Mathematical Sciences, 202

Evolving Reinforcement Learning Environment to Minimize Learner's Achievable Reward: An Application on Hardening Active Directory Systems

We study a Stackelberg game between one attacker and one defender in a configurable environment. The defender picks a specific environment configuration. The attacker observes the configuration and attacks via Reinforcement Learning (RL trained against the observed environment). The defender's goal is to find the environment with minimum achievable reward for the attacker. We apply Evolutionary Diversity Optimization (EDO) to generate diverse population of environments for training. Environments with clearly high rewards are killed off and replaced by new offsprings to avoid wasting training time. Diversity not only improves training quality but also fits well with our RL scenario: RL agents tend to improve gradually, so a slightly worse environment earlier on may become better later. We demonstrate the effectiveness of our approach by focusing on a specific application, Active Directory (AD). AD is the default security management system for Windows domain networks. AD environment describes an attack graph, where nodes represent computers/accounts/etc., and edges represent accesses. The attacker aims to find the best attack path to reach the highest-privilege node. The defender can change the graph by removing a limited number of edges (revoke accesses). Our approach generates better defensive plans than the existing approach and scales better

Defending Active Directory by Combining Neural Network based Dynamic Program and Evolutionary Diversity Optimisation

Active Directory (AD) is the default security management system for Windows domain networks. We study a Stackelberg game model between one attacker and one defender on an AD attack graph. The attacker initially has access to a set of entry nodes. The attacker can expand this set by strategically exploring edges. Every edge has a detection rate and a failure rate. The attacker aims to maximize their chance of successfully reaching the destination before getting detected. The defender's task is to block a constant number of edges to decrease the attacker's chance of success. We show that the problem is #P-hard and, therefore, intractable to solve exactly. We convert the attacker's problem to an exponential sized Dynamic Program that is approximated by a Neural Network (NN). Once trained, the NN provides an efficient fitness function for the defender's Evolutionary Diversity Optimisation (EDO). The diversity emphasis on the defender's solution provides a diverse set of training samples, which improves the training accuracy of our NN for modelling the attacker. We go back and forth between NN training and EDO. Experimental results show that for R500 graph, our proposed EDO based defense is less than 1% away from the optimal defense

Musculoskeletal disorders among doctors and nursing officers : an occupational hazard of overstrained healthcare delivery system in western Rajasthan, India

Abstract Background The present study was conducted to estimate the prevalence and distribution of MSDs in different anatomical regions among Doctors and NO and to determine their ergonomic risk factors and predictors. Methods This cross-sectional study was conducted in an apex institution in Western India. The socio-demographic information, medical and occupational history, and other personal and work-related attributes were captured using a semi-structured questionnaire, which was developed and finalized by piloting on 32 participants (who were not part of the study). Nordic Musculoskeletal and International Physical Activity Questionnaires were used to assess MSDs and Physical activity. Data were analyzed using SPSS v.23. Prevalence of Musculoskeletal Symptoms (M.S.), Multisite Musculoskeletal Symptoms (MMS), and Widespread Musculoskeletal Symptoms (WMS) were calculated. A comparison was made to estimate the burden and distribution of MSD among Doctors and Nursing officers. Logistic regression was applied to identify the predictors of MSDs and pinpoint the risk factors associated with MSDs. Results A total of 310 participants, of which 38.7% were doctors, and 61.3% were Nursing Officers (NOs) were included in the study. The mean age of the respondents was 31.63 ± 4.9 years. Almost 73% (95%CI: 67.9–78.1) of participants had MSD in the last 12 months, with approximately 41.6% (95%CI: 36.1–47.3) suffering from MSDs in the previous seven days of the survey. The lower back (49.7%) and the neck (36.5%) were the most affected sites. Working in the same position for a long time (43.5%) and not taking adequate breaks (31.3%) were the highest self-reported risk factors. Females had significantly higher odds of having pain in the upper back [aOR:2.49(1.27–4.85)], neck [aOR:2.15(1.22–3.77)], shoulder [aOR:2.8 (1.54–5.11)], hips [aOR:9.46 (3.95–22.68)] and knee [aOR:3.8(1.99–7.26)]. Conclusions Females, who are NOs, work for > 48 h per week, and fall in the obese category were significantly at more risk of developing MSDs. Working in an awkward position, treating an excessive number of patients in a day, working in the same position for a long period, performing repeated tasks, and not having enough rest breaks were significant risk factors for MSDs

Heating and lighting: understanding overlooked energy-consumption activities in the Indian residential sector

Understanding the climate impact of residential emissions starts with determining the fuel consumption of various household activities. While cooking emissions have been widely studied, non-cooking energy-consumption activities in the residential sector such as heating and lighting, have been overlooked owing to the unavailability of data at national levels. The present study uses data from the Carbonaceous Aerosol Emissions, Source Apportionment and Climate Impacts (COALESCE) project, which consists of residential surveys over 6000 households across 49 districts of India, to understand the energy consumed by non-cooking residential activities. Regression models are developed to estimate information in non-surveyed districts using demographic, housing, and meteorological data as predictors. Energy demand is further quantified and distributed nationally at a 4 × 4 km resolution. Results show that the annual energy consumption from non-cooking activities is 1106 [201] PJ, which is equal to one-fourth of the cooking energy demand. Freely available biomass is widely used to heat water on traditional stoves, even in the warmer regions of western and southern India across all seasons. Space heating (51%) and water heating (42%) dominate non-cooking energy consumption. In comparison, nighttime heating for security personnel (5%), partly-residential personal heating by guards, dominant in urban centers and kerosene lighting (2%) utilize minimal energy. Biomass fuels account for over 90% of the non-cooking consumption, while charcoal and kerosene make up the rest. Half of the energy consumption occurs during winter months (DJF), while 10% of the consumption occurs during monsoon, when kerosene lighting is the highest. Firewood is the most heavily used fuel source in western India, charcoal in the northern hilly regions, agricultural residues and dung cake in the Indo-Gangetic plains, and kerosene in eastern India. The study shows that ∼20% of residential energy consumption is on account of biomass-based heating and kerosene lighting activities