NATO Human View Executable Architectures for Critical Infrastructure Analysis

NATO Human View Executable Architectures for Critical Infrastructure Analysis

Engineering managers are responsible for the secure operation of critical infrastructure systems and need tools and methods to identify and mitigate potential insider threats such as physical damage to equipment, information leakage, malware, and identify theft. This research examines the benefit of development and analysis of the NATO Human View to aid engineering managers with this responsibility. In an illustrative case study, the NATO Human View is used to analyze electrical grid personnel; the results demonstrate that the NATO Human View can be used to enable engineering managers to make investment decisions that can mitigate security threats.

Wireless LAN transmitter location under the threat of jamming attacks

Wireless LAN transmitter location under the threat of jamming attacks

This paper studies the optimal placement of wireless access points in a network under the threat of jamming. We addressed this problem with a tri-level mixed-integer program. In the top level, the defender seeks to optimally place a set of capacity-limited access points to maximize total connectivity. In the middle level, an attacker seeks to optimally place a set of jammers that may be relocated between time periods to minimize total connectivity. In the bottom level, demand points seek to connect to capacitated access points such that their connections maximize their network utility. This model was examined from two viewpoints: a non-additive model in which connections were jammed if they fell within a jammer’s radius, and an additive model in which connections were jammed if enough jamming power was interfering with the connection. We proposed a solution methodology which solved a modified bi-level program efficiently via implicit enumeration and dynamic constraint generation. We showed that the addition of just one access point provided a significant increase to network connectivity, different topologies had different robustness when different utility functions were considered, and optimal jammer placement varied significantly across different topologies. Through our experiments on five topologies, we found the Spacious and Median topologies were closest to the optimal access point placement.

An attacker-defender model for analyzing the vulnerability of initial attack in wildfire suppression

Wildfire managers use initial attack (IA) to control wildfires before they grow large and become difficult to suppress. Although the majority of wildfire incidents are contained by IA, the small percentage of fires that escape IA causes most of the damage. Therefore, planning a successful IA is very important. In this article, we study the vulnerability of IA in wildfire suppression using an attacker-defender Stackelberg model. The attacker’s objective is to coordinate the simultaneous ignition of fires at various points in a landscape to maximize the number of fires that cannot be contained by IA. The defender’s objective is to optimally dispatch suppression resources from multiple fire stations located across the landscape to minimize the number of wildfires not contained by IA. We use a decomposition algorithm to solve the model and apply the model on a test case landscape. We also investigate the impact of delay in the response, the fire growth rate, the amount of suppression resources, and the locations of fire stations on the success of IA.

Analyzing the robustness of an array of wireless access points to mobile jammers

We present an approach for measuring the vulnerability of a wireless network. Our metric, n-Robustness, measures the change in a network’s total signal strength resulting from the optimal placement of n jammers by an attacker. Toward this end, we develop a multi-period mixed-integer programming interdiction model that determines the movement of n jammers over a time horizon so as to minimize the total signal strength of users during a sustained jamming attack. We compared several solution approaches for solving our model including a Lagrangian relaxation heuristic, a genetic algorithm, and a stage decomposition heuristic. We tested our approach on a wireless trace dataset developed as part of the Wireless Topology Discovery project at the University of California San Diego. We found that the Lagrangian approach, which performed best overall, finds a close-to-optimal solution while requiring much less time than solving the MIP directly. We then illustrate the behavior of our model on a small example taken from the dataset as well as a set of experiments. Through our experiments we conclude that the total signal power follows a sigmoid curve as we increase the number of jammers and access points. We also found that increasing access points only improves network robustness initially; after that the benefit levels off. In addition, we found that the problem instances we considered have an n-Robustness of between 39 and 69%, indicating that the value of the model parameters (e.g., number of jammers, number of time periods) has an effect on robustness.

A maximal covering location-based model for analyzing the vulnerability of landscapes to wildfires: Assessing the worst-case scenario

In this research, we study the vulnerability of landscapes to wildfires based on the impact of the worst-case scenario ignition locations. Using this scenario, we model wildfires that cause the largest damage to a landscape over a given time horizon. The landscape is modeled as a grid network, and the spread of wildfire is modeled using the minimum travel time model. To assess the impact of a wildfire in the worst-case scenario, we develop a mathematical programming model to optimally locate the ignition points so that the resulting wildfire results in the maximum damage. We compare the impacts of the worst-case wildfires (with optimally located ignition points) with the impacts of wildfires with randomly located ignition points on three landscape test cases clipped out from three national forests located in the western U.S. Our results indicate that the worst-case wildfires, on average, have more than twice the impact on landscapes than wildfires with randomly located ignition points.

Botnet Detection Using Graph-Based Feature Clustering

Detecting botnets in a network is crucial because bots impact numerous areas such as cyber security, finance, health care, law enforcement, and more. Botnets are becoming more sophisticated and dangerous day-by-day, and most of the existing rule based and flow based detection methods may not be capable of detecting bot activities in an efficient and effective manner. Hence, designing a robust and fast botnet detection method is of high significance. In this study, we propose a novel botnet detection methodology based on topological features of nodes within a graph: in degree, out degree, in degree weight, out degree weight, clustering coefficient, node betweenness, and eigenvector centrality. A self-organizing map clustering method is applied to establish clusters of nodes in the network based on these features. Our method is capable of isolating bots in clusters of small sizes while containing the majority of normal nodes in the same big cluster. Thus, bots can be detected by searching a limited number of nodes. A filtering procedure is also developed to further enhance the algorithm efficiency by removing inactive nodes from consideration. The methodology is verified using the CTU-13 datasets, and benchmarked against a classification-based detection method. The results show that our proposed method can efficiently detect the bots despite their varying behaviors.

Jamming Attacks on Wireless Networks: A Taxonomic Survey

Defense against jamming attacks has been an increasing concern for the military and disaster response authorities. The military uses jamming attacks as a tool to attack and disrupt terrorist׳s communications, because the open nature of wireless networks makes them vulnerable to various attacks. Many studies and a few survey papers are available in the literature, but none of these papers classify the attacks or the defense strategies by the type of wireless network affected, the attacker or defender׳s perspective, the type of game used to model the problem, such as Bayesian game, Stackelberg game, or the type of solution methodology, such as mathematical programming model and algorithm. This paper provides a comprehensive survey and a taxonomic classification to help interested researchers find the gaps in the literature and guide them to research areas that need to be explored.

Proactive Cost-Effective Risk Mitigation in a Low Volume High Value Supply Chain Using Fault-Tree Analysis

In this paper we use a well-accepted methodology, fault-tree analysis, to identify delay risks and proactively propose a cost-effective mitigation strategy within a low volume high value supply chain. The basis for the assessment is the bill of materials of the product being studied. The top-level event of interest represents the delay in delivering a product to a customer and lower-level events represent the probabilities associated with delays caused by quality and capability deficiencies within the supply chain of the product being studied. Supply chain risk mitigation strategies have been well documented in academic literature. However, much of what has been documented addresses such topics as facility location, inventory buffers, and is generally focused on response strategies once the risk has been realized. This paper presents a robust method to reduce the likelihood of delays in material flow by representing the system of suppliers within a supply chain as a fault-tree and proactively determining the optimum mitigation strategy for the portfolio. The approach is illustrated via real-world numerical scenarios based on hypothetical data sets and the results are presented.


Optimal traffic calming: A mixed-integer bi-level programming model for locating sidewalks and crosswalks in a multimodal transportation network to maximize pedestrians’ safety and network usability

We study the effect that installing sidewalks and crosswalks, as traffic calming facilities, has on the safety and usability of a transportation network with automobile, public transit and walking as modes of transportation. A mathematical programming model is proposed for this problem whose objective is to minimize the safety hazard for pedestrians and the total transportation cost of the network. We utilize a customized greedy heuristic and a simulated annealing algorithm for solving the problem. The computational results indicate that installing sidewalks and crosswalks at proper locations can reduce the overall transportation cost and improve pedestrians’ safety.

Interdicting Attack Graphs to Protect Organizations from Cyber Attacks: A Bi-Level Attacker-Defender Model

Today’s organizations are inherently open and connected, sharing knowledge and ideas in order to remain innovative. As a result, these organizations are also more vulnerable to information theft through different forms of security breaches caused by hackers and competitors. One way of understanding the vulnerability of an information system is to build and analyze the attack graph of that system. The attack graph of an information system contains all the paths that can be used to penetrate the system in order to breach critical assets. Although existing literature provides an abundance of attack graph generation algorithms, more methods are required to help analyze the attack graphs. In this paper, we study how best to deploy security countermeasures to protect an organization by analyzing the vulnerability of the organization through the use of its attack graph. In particular, we present an approach to find an optimal affordable subset of arcs, called an interdiction plan, on an attack graph that should be protected from attack to minimize the loss due to security breaches. We formulate this problem as a bi-level mixed-integer linear program and develop an exact algorithm to solve it. Experiments show that the algorithm is able to solve relatively large problems. Two heuristic methods, one with and the other without a heuristic to solve the master problem and both limiting the master problem branch-and-bound tree to only one node solve the large problems remarkably well. Experiments also reveal that the quality of an interdiction plan is relatively insensitive with respect to the error in the estimate of the attacker’s budget, and that the breach loss drops sharply at the beginning, then levels off before finally dropping sharply again with increases in the security budget.