My first foray into cyber security was a study of how to control virus outbreaks within a network. There has been a considerable amount of work done on how contagion spreads through a network; however, there is been much less work on how to design control strategies based on a network’s topology. One of my former Ph.D. students and I developed a compact integer programming formulation along with several heuristics for determining the links to block in a social network in order to minimize the number of connections between susceptible and infected persons.
I have also performed research on modeling cyber networks using a concept called an attack graph along with approaches for optimizing the allocation of resources to protect the graph. Our team has developed an approach that models a two-player game on the graph as a bi-level integer program with a binary inner problem. To overcome the non-convexity in the inner problem, we developed a customized solution approach. We have continued this work by including the concepts of bounded rationality; in addition, another Ph.D. student has incorporated conditional value-at-risk into the model.
In addition, I have also begun to develop big data analytic approaches for cyber security, focus on large-scale graph analytics. This work has been funded by the Pacific Northwest National Laboratory.
Selected Publications
-
A stochastic programming model with endogenous uncertainty for proactive supplier risk mitigation of low-volume-high-value manufacturers considering decision-dependent supplier performance
Rui Zhou, Bhuiyan, Tanveer Hossain, Michael Sherwin, and Medal, H.. Zhou, Rui, Tanveer Hossain Bhuiyan, Hugh R. Medal, Michael D. Sherwin, and Dong Yang. "A stochastic programming model with endogenous uncertainty for selecting supplier development programs to proactively mitigate supplier risk." Omega 107 (2022): 102542.
Publication Year: 2022
[Link to Article] Abstract -
Identifying and mitigating supply chain risks using fault tree optimization
Sherwin, M., Brown, K. J., Medal, H., and Mackenzie, C.. Michael D. Sherwin, Hugh R. Medal, Cameron A. MacKenzie & Kennedy J. Brown (2020) Identifying and mitigating supply chain risks using fault tree optimization, IISE Transactions, 52:2, 236-254
Publication Year: 2020
[Link to Article] Abstract -
A stochastic programming model with endogenous and exogenous uncertainty for reliable network design under random disruption
Bhuiyan, T. H. and Medal H.. Bhuiyan, T. H., Medal, H. R., & Harun, S. (2020). A stochastic programming model with endogenous and exogenous uncertainty for reliable network design under random disruption. European Journal of Operational Research, 285(2), 670-694.
Publication Year: 2020
[Link to Article] Abstract -
A Model-Based Systems Engineering Approach to Critical Infrastructure Vulnerability Assessment and Decision Analysis
Huff, J. D., Medal, H., and K. A. Griendling. Submitted to Systems Engineering 22(2), 114–133.
Publication Year: 2019
[Link to Article] Abstract -
NATO Human View Executable Architectures for Critical Infrastructure Analysis
Huff, J. D., Leonard, W., B. Smith, K. Griendling, and Medal, H.. Engineering Management Journal. 31:4, 224-245.
Publication Year: 2019
[Link to Article] Abstract -
Proactive Cost-Effective Risk Mitigation in a Low Volume High Value Supply Chain Using Fault-Tree Analysis
Michael D. Sherwin, Hugh Medal, Steven A. Lapp. International Journal of Production Economics, Volume 175, Pages 153–163
Publication Year: 2016
[PDF] [Link to Article] Abstract -
A Bi-objective Analysis of the R-All-Neighbor P-Center Problem
Hugh R. Medal, Chase E. Rainwater, Edward A. Pohl, Manuel D. Rossetti. Computers & Industrial Engineering, Volume 72, Pages 114–128
Publication Year: 2014
[PDF] [Link to Article] Abstract -
A Multi-objective Integrated Facility Location-Hardening Model: Analyzing the Pre- and Post-Disruption Tradeoff
Hugh R. Medal, Edward A. Pohl, Manuel D. Rossetti. European Journal of Operational Research, Volume 237, 257– 270
Publication Year: 2014
[PDF] [Link to Article] Abstract -
Robust Facility Location: Hedging Against Failures
Ivan Hernandez, Jose Emmanuel Ramirez-Marquez, Chase Rainwater, Edward Pohl, Hugh Medal. Reliability Engineering & System Safety, Volume 123, Pages 73–80
Publication Year: 2014
[PDF] [Link to Article] Abstract -
Vulnerability Assessment and Re-routing of Freight Trains Under Disruptions: A Coal Supply Chain Network Application
Ridvan Gedik, Hugh Medal, Chase Rainwater, Ed A. Pohl, Scott J. Mason. Transportation Research Part E, Volume 71, 45–57
Publication Year: 2014
[PDF] [Link to Article] Abstract -
Models for reducing the risk of critical networked infrastructures
Hugh Medal, Stevenson J. Sharp, Ed Pohl, Chase Rainwater, Scott J. Mason. International Journal of Risk Assessment and Management, Volume 15 (No. 2/3), Pages 99-127
Publication Year: 2011
[PDF] [Link to Article] Abstract
Large-Scale graph analytics for cyber network vulnerability analysis
/0 Comments/in Funding - Cyber and Information Security /by Academic Web PagesAgency: Pacific Northwest National Laboratory (via the Distributed Analytics and Security Institute)
Researchers: Medal, H.R. (PI), Bian, L., Hu, M., Marufuzzaman, M., Zhang, S.
Amount: $600,000
Abstract
Graph Simulation for Large-Scale NetFlow Analysis
/0 Comments/in Funding - Cyber and Information Security /by Academic Web PagesAgency: Pacific Northwest National Laboratory
Researchers: Medal, H.R. (PI), Bian, L., Zhang, S.
Amount: $400,000 ($200,000 Medal share)