Browsing by Author "Saha, Sudip"

Now showing 1 - 2 of 2
  • Thumbnail Image
    Containing Cascading Failures in Networks: Applications to Epidemics and Cybersecurity
    Saha, Sudip (Virginia Tech, 2016-10-05)
    Many real word networks exhibit cascading phenomena, e.g., disease outbreaks in social contact networks, malware propagation in computer networks, failures in cyber-physical systems such as power grids. As they grow in size and complexity, their security becomes increasingly important. In this thesis, we address the problems of controlling cascading failures in various network settings. We address the cascading phenomena which are either natural (e.g., disease outbreaks) or malicious (e.g., cyber attacks). We consider the nodes of a network as being individually or collectively controlled by self-interested autonomous agents and study their strategic decisions in the presence of these failure cascades. There are many models of cascading failures which specify how a node would fail when some neighbors have failed, such as: (i) epidemic spread models in which the cascading can be viewed as a natural and stochastic process and (ii) cyber attack models where the cascade is driven by malicious intents. We present our analyses and algorithms for these models in two parts. Part I focuses on problems of controlling epidemic spread. Epidemic outbreaks are generally modeled as stochastic diffusion processes. In particular, we consider the SIS model on networks. There exist heuristic centralized approaches in the literature for containing epidemic spread in SIS/SIR models; however no rigorous performance bounds are known for these approaches. We develop algorithms with provable approximation guarantees that involve either protective intervention (e.g., vaccination) or link removal (e.g., unfriending). Our approach relies on the characterization of the SIS model in terms of the spectral radius of the network. The centralized approaches, however, are sometimes not feasible in practice. For example, targeted vaccination is often not feasible because of limited compliance to directives. This issue has been addressed in the literature by formulating game theoretic models for the containment of epidemic spread. However they generally assume simplistic propagation models or homogeneous network structures. We develop novel game formulations which rely on the spectral characterization of the SIS model. In these formulations, the failures start from a random set of nodes and propagate through the network links. Each node acts as a self-interested agent and makes strategic intervention decisions (e.g., taking vaccination). Each agent decides its strategy to optimize its payoff (modeled by some payoff function). We analyze the complexity of finding Nash equilibria (NE) and study the structure of NE for different networks in these game settings. Part II focuses on malware spread in networks. In cybersecurity literature malware spreads are often studied in the framework of ``attack graph" models. In these models, a node represents either a physical computing unit or a network configuration and an edge represents a physical or logical vulnerability dependency. A node gets compromised if a certain set of its neighbors are compromised. Attack graphs describe explicit scenarios in which a single vulnerability exploitation cascades further into the network exploiting inherent dependencies among the network components. Attack graphs are used for studying cascading effects in many cybersecurity applications, e.g., component failure in enterprise networks, botnet spreads, advanced persistent attacks. One distinct feature of cyber attack cascades is the stealthy nature of the attack moves. Also, cyber attacks are generally repeated. How to control stealthy and repeated attack cascades is an interesting problem. Dijk et. al.~cite{van2013flipit} first proposed a game framework called ``FlipIt" for reasoning about the stealthy interaction between a defender and an attacker over the control of a system resource. However, in cybersecurity applications, systems generally consists of multiple resources connected by a network. Therefore it is imperative to study the stealthy attack and defense in networked systems. We develop a generalized framework called ``FlipNet" which extends the work of Dijk et. al.~cite{van2013flipit} for network. We present analyses and algorithms for different problems in this framework. On the other hand, if the security of a system is limited to the vulnerabilities and exploitations that are known to the security community, often the objective of the system owner is to take cost-effective steps to minimize potential damage in the network. This problem has been formulated in the cybersecurity literature as hardening attack graphs. Several heuristic approaches have been shown in the litrature so far but no algorithmic analysis have been shown. We analyze the inherent vulnerability of the network and present approximation hardening algorithms.
  • Thumbnail Image
    Human Initiated Cascading Failures in Societal Infrastructures
    Barrett, Christopher L.; Channakeshava, Karthik; Huang, Fei; Marathe, Achla; Marathe, Madhav V.; Pei, Guanhong; Saha, Sudip; Vullikanti, Anil Kumar S.; Kim, Junwhan; Subbiah, Balaaji S. P. (Public Library of Science, 2012-10-31)
    In this paper, we conduct a systematic study of human-initiated cascading failures in three critical inter-dependent societal infrastructures due to behavioral adaptations in response to a crisis. We focus on three closely coupled socio-technical networks here: (i) cellular and mesh networks, (ii) transportation networks and (iii) mobile call networks. In crises, changes in individual behaviors lead to altered travel, activity and calling patterns, which influence the transport network and the loads on wireless networks. The interaction between these systems and their co-evolution poses significant technical challenges for representing and reasoning about these systems. In contrast to system dynamics models for studying these interacting infrastructures, we develop interaction-based models in which individuals and infrastructure elements are represented in detail and are placed in a common geographic coordinate system. Using the detailed representation, we study the impact of a chemical plume that has been released in a densely populated urban region. Authorities order evacuation of the affected area, and this leads to individual behavioral adaptation wherein individuals drop their scheduled activities and drive to home or pre-specified evacuation shelters as appropriate. They also revise their calling behavior to communicate and coordinate among family members. These two behavioral adaptations cause flash-congestion in the urban transport network and the wireless network. The problem is exacerbated with a few, already occurring, road closures. We analyze how extended periods of unanticipated road congestion can result in failure of infrastructures, starting with the servicing base stations in the congested area. A sensitivity analysis on the compliance rate of evacuees shows non-intuitive effect on the spatial distribution of people and on the loading of the base stations. For example, an evacuation compliance rate of 70% results in higher number of overloaded base stations than the evacuation compliance rate of 90%.