Physical Security and Vulnerability Modeling for Infrastructure Facilities

Size: px
Start display at page:

Download "Physical Security and Vulnerability Modeling for Infrastructure Facilities"

Transcription

1 Proceedngs of the 39th Hawa Internatonal Conference on System Scences Physcal Securty and Vulnerablty Modelng for Infrastructure Facltes Dean A. Jones Chad E. Davs Sanda Natonal Laboratores Albuquerque, NM Mark A. Turnqust Lnda K. Nozck Cornell Unversty Ithaca, NY Abstract A model of malcous ntrusons n nfrastructure facltes s developed, usng a network representaton of the system structure together wth Markov models of ntruder progress and strategy. Ths structure provdes an explct mechansm to estmate the probablty of successful breaches of physcal securty, and to evaluate potental mprovements. An example of an ntruder attemptng to place an explosve devce on an arplane at an arport gate llustrates the structure and potental applcaton of the model. 1. Introducton There s wdespread nterest n protecton of crtcal nfrastructures from malcous attack. The attacks mght be ether physcal ntrusons (e.g., to steal vtal materal, plant a bomb, etc.) or cyber ntrusons (e.g., to dsrupt nformaton systems, steal data, etc.). The attackers may be nternatonal terrorsts, home-grown hackers, or ordnary crmnals. In 1997, the report of the U.S. Presdent s Commsson on Crtcal Infrastructure Protecton dentfed eght crtcal nfrastructures whose ncapacty or destructon would have a debltatng mpact on our defense and economc securty [11]. In subsequent years, ths lst of crtcal nfrastructures was expanded and a set of 13 crtcal nfrastructure sectors are ncluded n the Natonal Strategy for Homeland Securty [3]. These 13 are: agrculture, food processng, water, publc health, government, emergency servces, bankng and fnance, telecommuncatons, energy, transportaton, the chemcal ndustry, postal and shppng servces, and the defense ndustral base. In ths analyss, we focus prmarly on transportaton facltes, but the approach we suggest could also be used n other nfrastructure contexts. For example, a smlar type of analyss has been appled to nformaton systems [2]. The objectve of the analyss presented here s to provde gudance to system owners and operators regardng effectve ways to reduce vulnerabltes of specfc facltes. To accomplsh ths, we develop a Markov Decson Process (MDP) model of how an ntruder mght try to penetrate the varous barrers desgned to protect the faclty. Ths ntruder model provdes the bass for consderaton of possble strateges to reduce the probablty of a successful attack on the faclty. We represent the system of nterest as a network of nodes and arcs. Nodes represent barrers that an ntruder must penetrate, and arcs represent movements between barrers that an ntruder can make wthn the system. The adversares frst must penetrate entry ponts to the system, and f an attempted penetraton at a partcular entry node s successful, they can traverse edges from the successfully breached node to other nodes n the network that are connected to the one breached. Traversng an edge entals a rsk of detecton. The adversary s assumed to make the decson that maxmzes the probablty of successful attack. Several prevous authors have used graph-based methods to represent attackers or defenders n securty analyses. Phllps and Swler [10] ntroduced the concept of an attack graph to represent sets of system states and paths for an attacker to pursue an objectve n dsruptng an nformaton system. Several subsequent papers (e.g., [4], [13], [15]) have extended these ntal deas. A number of authors have used Markov models /06/$20.00 (C) 2006 IEEE 1

2 Proceedngs of the 39th Hawa Internatonal Conference on System Scences to represent uncertantes n system state n the face of attacks, especally n computer systems (e.g., [4], [7], [13], [14]). In partcular, Hdden Markov Models (HMM) focus on ntruder detecton usng ndcators that ndrectly reflect potental attacker actvtes (see, for example, [8], [14], [16]). Jha et al. [4] ntroduced the dea of usng Markov Decson Processes (MDP) for stuatons n whch the ntruder s path s probablstc. By nterpretng attack graphs as Markov Decson Processes they computed a probablty of ntruder success for each attack represented by the graph. In the current work, we also use the dea of computng the probablty of a successful attack by characterzng the problem as an MDP. However, our graph structure s dfferent from the normal attack graph structure used n nformaton systems, and thus the underlyng network over whch the MDP s formulated s dfferent from that used n [4]. Our prmary attenton s on a class of adversares that s ratonal and well nformed. By ratonal, we mean that the adversares follow a strategy that maxmzes the probablty of ther attack beng successful. By well nformed, we mean that the adversares know the probabltes of detecton, success, etc. at varous stages of the attack, so they can effectvely optmze ther attacks. Our focus on well-nformed adversares s useful because t leads to an estmate of the probablty of successful ntruson that s lkely to be an upper bound on the actual value. Ths, n turn, leads us to be conservatve n estmatng how well-protected the system s. Less well-nformed ntruders mght also be successful, but ther probabltes of success wll be smaller. Further exploraton of the lkely strateges of less nformed ntruders s, however, an mportant area for addtonal work. We frst construct an HMM to represent an ntruder s actons at a sngle node (barrer) n a system. Then we develop an aggregated representaton of that sngle-node model for ncluson n an MDP model of ntruder strategy wthn a network representaton of the entre system. 2. Intruson attempts at a node An attempt to penetrate a system barrer (node) and the nteracton between the ntruder and the ntrusondetecton system s modeled usng a Hdden Markov Model (HMM). The general concept of such a model s represented n Fgure 1. The ntruder s actons (the lower porton of the dagram) are assumed to progress through a set of states as a Markov process. The dagram n Fgure 1 shows a smplfed representaton n whch transtons are only to sequental states, but the transton matrx used can be more general. Occupancy of varous states may result n emanatons that are observable by the system operator (represented by the sgnals n Fgure 1). For example, the ntruder may be attemptng to pck the lock of a door where there s vdeo survellance. Pckng the lock requres an uncertan amount of tme, represented by transton through a seres of Markov states. Whle the ntruder occupes those states (.e., durng the tme that the ntruder s attemptng to pck the lock), there s a probablty that hs/her presence wll be detected by the vdeo survellance system. The general structure of the HMM allows consderable flexblty n defnng varous types of sgnals and resultng actons by the system operator. For example, some sgnals may cause an ncreased level of survellance wthout an alarm beng rased. For our current purposes, we use a straghtforward defnton that a recognzed sgnal from any state consttutes detecton and the end of the attempted ntruson. If the ntruder reaches a breach state wthout beng detected, we say that the node (barrer) has been breached, and no further emanatons wll cause the system to detect the ntruder at that node. We also nclude a retreat state that corresponds to an unsuccessful, but undetected, attempt to penetrate the barrer. In that outcome, the ntruder can wthdraw wthout rasng an alarm. Sgnals a b c Intruder States k Breach Retreat Fgure 1. A hdden Markov model characterzng an attack at a system node. We use a dscrete-tme, dscrete-state HMM characterzed by the followng equatons: X = A X T n+1 n (1) Y n = BX n (2) for transton steps n = 1, 2,,. The state of the system (.e., presence of the ntruder n some node n 2

3 Proceedngs of the 39th Hawa Internatonal Conference on System Scences the lower porton of Fgure 1) s represented by the (column) probablty vector, X. The dynamcs of the system are governed by (1), where A s a transton matrx (.e., t satsfes the propertes aj 0 and j a j 1.) The states of the system are not observed drectly. The process Y s observed, whch s a functon of the state of the underlyng Markov process, X. Each column of B specfes a condtonal probablty dstrbuton over the possble observatons, gven that the underlyng (hdden) system s n a partcular state. The estmated values for B n a gven applcaton should reflect any efforts that mght be taken by an ntruder to reduce the lkelhood of detecton (e.g., attemptng to defeat sensors, create dversons, etc.). For our purposes, we assume that A and B are known (or have been estmated). We want to use the estmated HMMs at varous nodes as the bass for a network-level model of ntruder strategy. In large networks, t s useful to abstract the HMM at node v to a smpler representaton, as shown n Fgure 2. An ntruder enters an Attempt state for that barrer (node). The ntruder contnues to occupy that state untl the attempted penetraton s detected (and an alarm s rased), the penetraton s successful and the barrer s breached, or the ntruder retreats. penetraton n the orgnal HMM. In the nterests of space, the detals are not gven here, but they are provded n [5]. The value of the aggregated representaton s that t allows us to construct a Markov Decson Process (MDP) of the ntruder s strategy at the system level, wthout carryng along all the detal of states wthn each node. Ths s the focus of the followng secton. 3. Expandng to the system level At the system level, we represent a network of barrers and potental movements as shown n the smple example n Fgure 3. Each node can be expanded usng a representaton lke the one n Fgure 2. If the ntruder s successful at breachng a partcular barrer, he/she has choces about where to go next (whch arc to cross). Crossng arc j entals a probablty of detecton j, and ths s represented n the transton matrx. Fgure 3. Smple system-level network. Fgure 2. Aggregated abstracton of the HMM at a node. To make the abstracton n Fgure 2 useful, we must be able to derve the transton probabltes p, s, d and r from the underlyng A and B matrces of the HMM. The transton probabltes s, d and r are specfed so that the probabltes of detecton, successful breach and retreat match those from the orgnal HMM. The transton probablty p s specfed so the expected length of resdence n the attempt state matches the duraton of the attempted We can pose the problem of fndng the ntruder s optmal strategy as an MDP over an nfnte horzon. We defne the expected reward to the ntruder as a value assocated wth reachng the success state of a goal node (such as node 8 n the example n Fgure 3), whch represents an undetected ext from the system after accomplshng a desred acton (such as placng a bomb, etc.). If we defne ths reward value as 1, then the expected rewards calculated at all earler nodes n the network can be nterpreted as probabltes of success, gven that the ntruder has reached that node. We assume that the objectve of the ntruder s to maxmze hs/her expected reward (probablty of successful attack), and we examne the problem of fndng the optmal strategy for ths objectve. Solvng ths problem postons us to adopt the perspectve of the system operator and consder the actons that can have the largest mpact on reducng the probablty of successful ntrusons. 3

4 Proceedngs of the 39th Hawa Internatonal Conference on System Scences If the ntruder s n state and chooses acton a, we denote the expected value of the future stream of rewards by w(,a ). Each possble acton a mples a change n the transton probabltes that govern the process. We denote the elements of the transton matrx resultng from choosng acton a as P j (a ). The MDP we defne for ths problem s postve bounded, and we can fnd the optmal polcy through ether polcy teraton or lnear programmng. From a computatonal standpont, polcy teraton s generally preferable to lnear programmng for fndng solutons, but the lnear programmng formulaton can yeld nsghts that are sgnfcant for our current purposes. Puterman [12] descrbes the lnear programmng formulaton for postve bounded expected total reward models. The formulaton seeks the decson polcy (choce of a ) that maxmzes the expected value of the reward stream, w(,a ). We denote the resultng optmal expected value as w*(). As [12] descrbes n detal, the set of w*() s the smallest set of values of w() for whch the followng nequaltes hold for all states, : w ( ) R ( a ) + Pj ( a ) w( j) (3) j where R ( a ) s the mmedate reward for selectng acton a when the system state s. In our applcaton, R ( a ) = 0 for all states other than the goal state, g, and R ( a g g ) = 1 for the dummy acton, a g, after achevng the goal state. If we then ntroduce an arbtrary set of postve scalars, β, wth the requrement that β = 1, the lnear program can be wrtten as follows: subject to: mn β w ( ) (4) x( a) Pj( a) x( a) β (8) a j a x ( a ) 0, a (9) In our case, because all but one of the R ( a ) values are zero, the dual objectve functon can be smplfed to: max x ( a ) (7 ) g g The prmal lnear program has many more constrants than varables, so t s more effectve to solve the dual problem. In addton, t can be shown (see [12]) that n an optmal soluton to the dual problem (7) (9), there s no more than one non-zero x (a ) for each state. The a for whch x (a ) s non-zero ndcates the optmal acton a for each. The shadow prces on * the dual constrants (8) are the values of w*(), ndcatng the probablty of successful attack, gven that the ntruder has reached state. 4. An llustratve applcaton As an example of system-level analyss for a specfc nfrastructure faclty, consder an ntruder who s attemptng to place an explosve devce aboard an arcraft whle t s sttng at an arport gate, wth the ntent that t wll explode later after the arcraft s n flght. A smplfed representaton of the barrer network and possble ntruder actons s shown n Fgure 4 (the network structure s the same as n Fgure 3, but the nodes and lnks have now been labeled as specfc barrers and movements). w ( ) P ( a ) w( j) R ( a ), a (5) j j w( ) 0 (6) Ths lnear program has a dual that can be expressed as follows: subject to: max R( a) x( a) (7) a 4

5 Proceedngs of the 39th Hawa Internatonal Conference on System Scences Fgure 4. Illustratve network for analyzng an attempted placement of an explosve devce on an arcraft. The ntruder must frst gan access to the apron area of the termnal. We postulate that ths can occur ether by ganng llct access through the employee gate (e.g., by stealng an employee ID and usng t to enter the area), or by enterng n a servce vehcle at a gate (e.g., n a caterng truck). If the ntruder s successful n gettng access to the area, he/she must then mpersonate a legtmate worker n the arcraft gate area ether an arlne employee or a servce contractor. The cross-over arcs between entry and mpersonaton n Fgure 4 ndcate that even f the ntruder gans access to the apron area usng an employee ID, he/she may swtch ID s and mpersonate a servce contractor wthn the area (or vce versa). Ths mpersonaton must be successful for the perod of tme requred to get from the entrance to the arcraft tself. Approachng the arcraft carres a rsk of detecton, and the approachable areas on the arcraft f the ntruder s mpersonatng an employee may be dfferent from those that are approachable f he/she s mpersonatng a servce contractor. For example, a person who appears to be an arlne mantenance employee mght not attract attenton approachng the under-wng area around the landng gear, whereas a person who appears to be a caterng contractor would. For purposes of ths example, we consder n Fgure 4 three areas of the arcraft where an explosve devce mght be hdden nsde the wng around the landng gear, n the cargo hold, or n the caterng supples delvered to the galley. If access to the arcraft s ganed, the devce must be placed wthout arousng suspcon. Ths s represented by the arcs connectng the arcraft area nodes to the ext node. Each of these arcs has a probablty of detecton. Fnally, f the ntruder succeeds n ganng access to the arcraft and placng the devce, he/she must ext wthout detecton, and ths represents the last barrer. Our modelng premse s that f the ntruder s detected after placng the devce, t wll trgger a thorough search of the arcraft and the devce wll be dscovered, so that the attempted attack wll be foled. Table 1 summarzes the node data used for the example analyss, and Table 2 shows the probabltes of detecton used for the arcs n the example network. These data are all nputs to the analyss and the values shown n Tables 1 and 2 are strctly hypothetcal. In practce, these nput values would lkely be a mxture of estmates based on testng specfc elements of the system and subjectve estmates (.e., expert judgment). Table 1. Example data for network nodes. Node (see Fgure 4) Expected Tme for Attempted Breach (mn) Prob. of Success Prob. of Detecton Prob. of Retreat Employee Gate Servce Vehcle Impersonate Employee Impersonate Contractor Landng Gear Cargo Hold Galley Undetected Ext Table 2. Probablty of detecton for possble moves. Arc Prob. of Detecton Empl. Gate Impersonate Employee 0 Empl. Gate Impersonate Contractor 0 Servce Vehcle Impersonate Empl. 0 Servce Vehcle Impersonate Contr. 0 Impersonate Empl. Landng Gear 0.3 Impersonate Empl. Cargo Hold 0.2 Impersonate Contr. Cargo Hold 0.5 Impersonate Contr. Galley 0.1 Landng Gear Ext 0.4 Cargo Hold Ext 0.2 Galley Ext 0.3 5

6 Proceedngs of the 39th Hawa Internatonal Conference on System Scences In the example data, we assume there s no retreat at the stage of extng after placng the devce at that stage ether the attack s successful or t s detected. Also note that the probablty of detecton on the arcs leadng to the mpersonaton nodes s zero. Ths s because we are treatng mpersonaton process (and tme) as a barrer (node), so the probablty of detecton s lumped at the nodes, rather than on the arcs. For ths set of nput data, the soluton for the optmal ntruder strategy can be summarzed as shown n Fgure 5. To the left of each node s the probablty of successful attack, gven that the ntruder s arrvng at that barrer. To the rght of each node s the probablty of success, gven that the ntruder has successfully negotated that barrer. There s only one value shown for the ext node (.e., the approachng probablty), because once that node s successfully negotated, the attack has been a success, by defnton. Fgure 5. Summary of ntruder strategy and probablty of success. The dashed lne ndcates the optmal path for an ntruder (.e., the path that maxmzes the probablty of success). Ths s the path of greatest vulnerablty to the system. In our smple example, we would compute a probablty of successful attack of 0.11 for an ntruder whose strategy s to gan entry to the apron area through the employee gate, then swtch ID s and mpersonate a contractor (probably a caterng servce worker) to access the arcraft galley and place the devce there before extng. The exstence of ths strategy does not mean that all ntruders wll always proceed n exactly the way ndcated. It does mean that f all ntruders were ratonal and well nformed (n the sense descrbed at the begnnng of the paper), ths would be a strategy through whch they could maxmze the probablty of a successful attack. The actual probablty of successful attack s lkely to be less than ths maxmum value because ntruders wll have less-thancomplete nformaton and may not optmze ther strategy. The soluton to the MDP model also provdes useful nformaton on the condtonal probablty of success for an attacker that reaches a certan pont n the network, regardless of whether or not he/she followed the optmal strategy. For example, f an ntruder succeeds n reachng the cargo hold of the arcraft (despte the fact that ths s not an optmal strategy), the probablty of a successful attack from that pont on s Ths nformaton can be extended to represent a vulnerablty tree as shown n Fgure 6. Ths tree ndcates the optmal strategy for contnung an attack by an ntruder who reaches a gven node, regardless of how he/she arrved there. Ths nformaton adds value to system securty studes over and above the dentfcaton of the sngle most vulnerable path for a system ntruder. Havng establshed a base-case vulnerablty assessment for the system, we can proceed to a seres of what f analyses to examne the mpact of potental changes to mprove securty. For example, what f an attempt were made to reduce the lkelhood of successful attack along the most vulnerable path by more carefully checkng contractors movng n the arcraft gate area and delverng food to the galley? We wll represent ths change n operatonal polcy by ncreasng the probablty of detecton of someone mpersonatng a contractor movng n the gate area to 0.5 (and correspondngly decreasng the probablty of successful mpersonaton to 0.4). We wll represent the effect of ncreasng the vglance on contractors enterng the galley area of the arcraft by ncreasng the probablty of detecton on that access arc to 0.3. Fgure 6. Vulnerablty tree. Fgure 7 summarzes the results of those changes. The well-nformed ntruder adapts by changng 6

7 Proceedngs of the 39th Hawa Internatonal Conference on System Scences hs/her strategy, and now mpersonates an arlne employee, makng an attempt to place the explosve devce n the cargo hold of the arcraft rather than n the galley. The overall probablty of success has declned, but only margnally, to Of course, the change mght have somewhat greater short-term effectveness (.e., before the potental ntruder can learn of t and change strategy), but t s unlkely to produce very sgnfcant mprovements n securty over a longer perod. arcs n the cut set shown n Fgure 8. The resultng soluton for ntruder strategy s shown n Fgure 9. The optmal ntruder strategy has shfted from the galley to the cargo hold n response to ths change, and the overall probablty of successful attack has decreased to 0.075, a 32% decrease from the orgnal value of Fgure 7. Revsed ntruder strategy after ncreases n montorng levels for contractors. One strategy for achevng greater long-term mprovement n securty s to focus on cut sets n the ntruson network. Ths dea s llustrated n Fgure 8, whch shows a cut set constructed across the arcs representng access to the arcraft. If smultaneous mprovements n detecton rates for ntruders are made n all arcs of the cut set, t s more dffcult for the ntruder to change strategy to avod the hghersecurty paths because all paths must cross the cut set. Fgure 8. Illustraton of cut set. As an example, suppose that nstead of focusng just on contractors, as n our frst experment, the probablty of detecton were ncreased to 0.6 on all Fgure 9. Intruder strategy and probablty of success after ncreasng detecton probablty on cut set arcs to 0.6. The model structure developed here can also be used to answer a varety of other questons. For example, suppose we were to focus our attenton on the cut set n Fgure 8. We have seen that an ncrease n the detecton probablty on those arcs to 0.6 results n a notceable reducton n overall success probablty for the ntruder. How hgh would the detecton probablty on those cut set arcs have to be n order to reduce the overall ntruson success probablty to 0.01? We can determne that the requred detecton probablty s We can also use the model to examne combnatons of strateges. For example, suppose we thought t would be feasble to ncrease the detecton rate on the arcraft access arcs to 0.9, but not to If 0.9 were acheved on those arcs, how much better would the detecton probablty have to be at the mpersonaton nodes precedng those arcs n order to acheve an overall success probablty of no more than 0.01? We can do a quck search wth the model and determne that the answer to ths queston s That s, we would have to be able to mantan a 68% chance of detecton of mpersonators (of both employees and contractors), along wth a 90% chance of detecton of ntruders approachng an arcraft, n order to reduce the probablty of a successful attack to

8 Proceedngs of the 39th Hawa Internatonal Conference on System Scences Optmzng resource allocaton for securty mprovement The llustratve analyss n Secton 4 leads us to an obvous queston: If t were possble to estmate a cost functon for changes wthn the network that would reduce the lkelhood of a successful ntruson, could we dentfy the most effectve (.e., mnmum cost) way of achevng a desred (small) probablty of successful ntruson? Ths queston can be answered usng a b-level optmzaton formulaton. At the upper level we have an optmzaton that determnes changes at nodes and arcs n the network so as to mnmze cost, subject to a constrant that the resultng probablty of successful attack s no greater than a specfed value. However, the probablty of successful attack s determned as the soluton to a lower level optmzaton (optmzng the ntruder s strategy, gven the characterstcs of the network he/she s facng). To be more specfc about ths optmzaton, consder agan the model of the ntruder s strategy expressed n equatons (4)-(6). There are at least fve ways that the system operator (or defender ) can act to reduce the lkelhood that the ntruder wll be successful: Increase the probablty of detecton at barrer (node) ; ths mght be accomplshed ether by ncreasng the senstvty of the detecton process, or by ncreasng the tme requred to penetrate the barrer, allowng the exstng detecton mechansms more tme to be effectve. Increase the probablty of detecton on movement arcs j between nodes. Add new barrers that must be negotated; ths s represented by a new node n the network, wth reconnecton of exstng arcs to force some (or all) ntruders paths to go through the new node. Remove exstng arcs n the network; ths represents some addtonal constrants (ether physcal or vrtual) on movement wthn the system. Reduce the level of nformaton that potental ntruders have about the system structure and detecton probabltes, creatng addtonal uncertanty for the ntruders, and perhaps some level of dsnformaton that would lead them to make poor choces n ther attack strategy. From the standpont of the model we have defned, the thrd and fourth strateges lsted can be consdered to be specal (extreme) cases of the frst two strateges (for more detaled dscusson of ths, see [5]). The ffth strategy s qute dfferent from the frst two, and needs to be analyzed n a separate way. Ths s descrbed further n the followng secton as an extenson of the work n the current paper. For our current analyss, we wll focus on the frst two strateges for reducng the vulnerablty of the system (mplctly ncludng the thrd and fourth as well). Suppose that the ntal detecton probablty at node s denoted d 0, and the ncrease n that probablty s denoted Δ, so that the actual detecton probablty n effect s d = d 0 + Δ. Smlarly, we wll assume that the ntal detecton probablty on arc j s δ 0, and the ncrease n that j probablty s γ j, so the actual detecton probablty n effect s δ j = δ 0 j + γ. j Increases n the detecton probabltes are assumed to requre expendtures C ( Δ ) and K j ( γ j ). In the current formulaton, the cost functons are separable by node and arc, but a more general cost functon could be used wthout changng the structure of the b-level optmzaton formulaton. We wll use E to denote the set of entry nodes to the system network, and then express the upper level problem as follows: subject to: Mn C ( Δ ) + Kj ( γ j ) (10) j * * w ( ) W E (11) d = d 0 + Δ (12) 0 δ = δ + γ j (13) j j j Δ 0 (14) γ j 0 j (15) In (11), the w * ( ) values are the optmal soluton to the lower level problem, specfed as follows: 8

9 Proceedngs of the 39th Hawa Internatonal Conference on System Scences subject to: j j mn β w ( ) (16) j w ( ) P ( a d, δ ) w( j) 0 g, a 17) w( g) P ( a d, δ ) w( j) 1 a (18) j gj g g gj w( ) 0 (19) In (17) and (18), the transton matrx s wrtten as Pj ( a d, δ j ) to reflect the fact that t depends on the values of d and δ determned n the upper problem. j The lower problem n (16)-(19) s the same problem as n (4)-(6), but s re-wrtten to reflect the specfc knowledge of R ( a ) values that relevant to ths problem, and to emphasze ts connecton to the upper problem n (10)-(15). A soluton procedure for ths b-level optmzaton searches over possble values of Δ andγ j, and for each set of values, solves the lower problem to fnd w * ( ) (after translatng the d and δ values nto a new j transton matrx Pj ( a d, δ j ) ). A general ssue (whch s endemc to b-level models) s that t s dffcult to guarantee convergence of soluton algorthms to true optmal solutons n the upper model. Bard [1] descrbes ths general dffculty. 6. Extensons Several extensons to the model descrbed here are possble and desrable. In addton to further development of the b-level optmzaton deas dscussed n the prevous secton, there are two extensons that seem partcularly mportant. Frst, t s useful to ncorporate mperfect nformaton on the part of the ntruders. Ths allows us to begn exploraton of the ffth defender strategy mentoned n secton 5. One very drect way to do ths s to embed the MDP model n a smulaton where uncertanty n the perceptons of the detecton probabltes s reflected. Ths s one type of lmtaton on the nformaton assumed to be avalable to the attackers. Varatons n the perceptons of the detecton probabltes can lead to dfferent strateges for dfferent ntruders, and the effect (from the system operator s perspectve) s that potental attacks appear g to be followng a mxed (or randomzed) strategy. Ths form of smulaton s a step n the general drecton of consderng the system to be a partally observable Markov decson process (POMDP) from the perspectve of the ntruder. The smulaton approach can also be used to analyze other types of mperfect nformaton on the part of ntruders for example, mperfect knowledge of what arcs exst n the network for movement among nodes, or even mperfect nformaton as to what nodes exst. A second useful extenson s to create sem-markov models for the processes of attempted penetraton of barrers. Ths would allow more accurate representaton of the uncertan tme requred to penetrate a gven barrer, as well as offer a broader range of opportuntes for modelng varous types of tme-dependent detecton probabltes. Ths extenson could mprove the range of applcablty of the model. 7. Conclusons The objectve of the analyss presented here s to provde gudance to system owners and operators regardng effectve ways to reduce vulnerabltes of specfc nfrastructure facltes. To accomplsh ths, we have developed a Markov Decson Process (MDP) model of how an ntruder mght try to penetrate the varous barrers desgned to protect the faclty. The soluton to ths MDP model provdes nsght nto the level of vulnerablty of the faclty (the probablty of successful ntruson) and ndcates where the vulnerabltes are (the most lkely paths for the ntruder). The ntruder model also provdes the bass for consderaton of possble strateges to reduce the probablty of a successful attack on the faclty. Illustratons of usng the model n ths way are provded n the case study analyss n secton 4. The process of searchng for cost-effectve strateges to reduce system vulnerablty can be formally cast as a b-level optmzaton problem, as dscussed n secton 5. Ths provdes a promsng drecton for further work. Successful mplementaton of the model descrbed n ths paper depends very drectly on two mportant tasks: 1) constructng large-scale networks that represent the varous barrers and movement possbltes n a system; and 2) estmatng the varous probabltes embedded n the A and B matrces that are elements of the HMM s at each network node. Qute clearly, f the constructed network does not reflect accurately the barrers to ntruson and possble 9

10 Proceedngs of the 39th Hawa Internatonal Conference on System Scences paths for ntruders, the resultng computatons from the model wll be flawed. Constructng an accurate network representaton requres sgnfcant system knowledge and also the ablty to thnk lke an attacker. Estmatng the probabltes s also a challengng task. There are tools that have been created for estmatng HMM matrces n other applcaton contexts, and the experence ganed n those other contexts should provde mportant nsght for ths task. The process of testng, mplementng and enhancng the model s an ongong one, wth the expectaton that ths approach wll become an mportant new tool for the protecton of crtcal nfrastructure facltes. References [1] Bard, J.F., Some Propertes of the Blevel Programmng Problem, Journal of Optmzaton Theory and Applcatons, 68:2, 1991, [2] Carlson, R.E., Turnqust, M.A. and Nozck, L.K., Expected Losses, Insurablty and Benefts from Reducng Vulnerablty to Attacks, Report SAND , Sanda Natonal Laboratores, Albuquerque, NM, [3] Executve Offce of the Presdent, Natonal Strategy for Homeland Securty, July 2002, avalable on lne at [4] Jha, S., Sheyner, O., and Wng, J.M. Two Formal Analyses of Attack Graphs, 15th IEEE Computer Securty Foundatons Workshop, June 2002, Cape Breton, NS, Canada, Complexty, Journal of Computer Securty, 12:2, 2004, [10] Phllps, C.A., and Swler, L.P., A Graph-Based System for Network Vulnerablty Analyss, Proceedngs of the 1998 New Securty Paradgms Workshop, Assocaton for Computng Machnery, 1998, [11] Presdent s Commsson on Crtcal Infrastructure Protecton, Crtcal Foundatons: Protectng Amerca s Infrastructures, The Whte House, Washngton, DC, [12] Puterman, M.L. Markov Decson Processes. Wley, New York, [13] Sheyner, O., Hanes, J., Jha, S., Lppmann, R., and Wng, J.M., Automated Generaton and Analyss of Attack Graphs, Proceedngs of the IEEE Computer Socety Symposum on Research n Securty and Prvacy, Berkeley, CA, May 2002, [14] Soh, B.C., and Dllon, T.S. Settng Optmal Intruson- Detecton Thresholds, Computers & Securty, 14:7, 1995, [15] Swler, L.P., Phllps, C.A., Ells, D., and Chakeran, S., Computer Attack Graph Generaton Tool, Proceedngs of the 2nd DARPA Informaton Survvablty Conference and Exposton, 2001, [16] Warrender, C., Forrest, S. and Pearlmutter, B. Detectng Intrusons Usng System Calls: Alternatve Data Models, Proceedngs of the 1999 IEEE Symposum on Securty and Prvacy, 1999, [5] Jones, D.A., Turnqust, M.A. and Nozck, L.K., Physcal Securty and Vulnerablty Modelng for Infrastructure Facltes, Report SAND2005-xxxx,Sanda Natonal Laboratores, Albuquerque, NM, [6] Katskas, S.K., Grtzals, D., and Spraks, P., Attack Modellng n Open Network Envronments, Communcatons and Multmeda Securty II, 1996, [7] Katskas, S.K., Spyrou, T., Grtzals, D., and Darzentas, J., Model for Network Behavour under Vral Attack, Computer Communcatons, 19:2, 1996, [8] Ourston, D., Matzner, S., Stump, W., and Hopkns, B., Applcatons of Hdden Markov Models to Detectng Mult-stage Network Attacks, 36 th Hawa Internatonal Conference on Systems Scence, IEEE Computer Socety, Hawa, 2003, CD-ROM, 10p. [9] Ourston, D., Matzner, S., Stump, W., and Hopkns, B. Coordnated Internet Attacks: Respondng to Attack 10

Allocating Time and Resources in Project Management Under Uncertainty

Allocating Time and Resources in Project Management Under Uncertainty Proceedngs of the 36th Hawa Internatonal Conference on System Scences - 23 Allocatng Tme and Resources n Project Management Under Uncertanty Mark A. Turnqust School of Cvl and Envronmental Eng. Cornell

More information

An Alternative Way to Measure Private Equity Performance

An Alternative Way to Measure Private Equity Performance An Alternatve Way to Measure Prvate Equty Performance Peter Todd Parlux Investment Technology LLC Summary Internal Rate of Return (IRR) s probably the most common way to measure the performance of prvate

More information

benefit is 2, paid if the policyholder dies within the year, and probability of death within the year is ).

benefit is 2, paid if the policyholder dies within the year, and probability of death within the year is ). REVIEW OF RISK MANAGEMENT CONCEPTS LOSS DISTRIBUTIONS AND INSURANCE Loss and nsurance: When someone s subject to the rsk of ncurrng a fnancal loss, the loss s generally modeled usng a random varable or

More information

Robust Design of Public Storage Warehouses. Yeming (Yale) Gong EMLYON Business School

Robust Design of Public Storage Warehouses. Yeming (Yale) Gong EMLYON Business School Robust Desgn of Publc Storage Warehouses Yemng (Yale) Gong EMLYON Busness School Rene de Koster Rotterdam school of management, Erasmus Unversty Abstract We apply robust optmzaton and revenue management

More information

Module 2 LOSSLESS IMAGE COMPRESSION SYSTEMS. Version 2 ECE IIT, Kharagpur

Module 2 LOSSLESS IMAGE COMPRESSION SYSTEMS. Version 2 ECE IIT, Kharagpur Module LOSSLESS IMAGE COMPRESSION SYSTEMS Lesson 3 Lossless Compresson: Huffman Codng Instructonal Objectves At the end of ths lesson, the students should be able to:. Defne and measure source entropy..

More information

The Development of Web Log Mining Based on Improve-K-Means Clustering Analysis

The Development of Web Log Mining Based on Improve-K-Means Clustering Analysis The Development of Web Log Mnng Based on Improve-K-Means Clusterng Analyss TngZhong Wang * College of Informaton Technology, Luoyang Normal Unversty, Luoyang, 471022, Chna wangtngzhong2@sna.cn Abstract.

More information

Project Networks With Mixed-Time Constraints

Project Networks With Mixed-Time Constraints Project Networs Wth Mxed-Tme Constrants L Caccetta and B Wattananon Western Australan Centre of Excellence n Industral Optmsaton (WACEIO) Curtn Unversty of Technology GPO Box U1987 Perth Western Australa

More information

ANALYZING THE RELATIONSHIPS BETWEEN QUALITY, TIME, AND COST IN PROJECT MANAGEMENT DECISION MAKING

ANALYZING THE RELATIONSHIPS BETWEEN QUALITY, TIME, AND COST IN PROJECT MANAGEMENT DECISION MAKING ANALYZING THE RELATIONSHIPS BETWEEN QUALITY, TIME, AND COST IN PROJECT MANAGEMENT DECISION MAKING Matthew J. Lberatore, Department of Management and Operatons, Vllanova Unversty, Vllanova, PA 19085, 610-519-4390,

More information

Recurrence. 1 Definitions and main statements

Recurrence. 1 Definitions and main statements Recurrence 1 Defntons and man statements Let X n, n = 0, 1, 2,... be a MC wth the state space S = (1, 2,...), transton probabltes p j = P {X n+1 = j X n = }, and the transton matrx P = (p j ),j S def.

More information

A hybrid global optimization algorithm based on parallel chaos optimization and outlook algorithm

A hybrid global optimization algorithm based on parallel chaos optimization and outlook algorithm Avalable onlne www.ocpr.com Journal of Chemcal and Pharmaceutcal Research, 2014, 6(7):1884-1889 Research Artcle ISSN : 0975-7384 CODEN(USA) : JCPRC5 A hybrd global optmzaton algorthm based on parallel

More information

The OC Curve of Attribute Acceptance Plans

The OC Curve of Attribute Acceptance Plans The OC Curve of Attrbute Acceptance Plans The Operatng Characterstc (OC) curve descrbes the probablty of acceptng a lot as a functon of the lot s qualty. Fgure 1 shows a typcal OC Curve. 10 8 6 4 1 3 4

More information

What is Candidate Sampling

What is Candidate Sampling What s Canddate Samplng Say we have a multclass or mult label problem where each tranng example ( x, T ) conssts of a context x a small (mult)set of target classes T out of a large unverse L of possble

More information

A DYNAMIC CRASHING METHOD FOR PROJECT MANAGEMENT USING SIMULATION-BASED OPTIMIZATION. Michael E. Kuhl Radhamés A. Tolentino-Peña

A DYNAMIC CRASHING METHOD FOR PROJECT MANAGEMENT USING SIMULATION-BASED OPTIMIZATION. Michael E. Kuhl Radhamés A. Tolentino-Peña Proceedngs of the 2008 Wnter Smulaton Conference S. J. Mason, R. R. Hll, L. Mönch, O. Rose, T. Jefferson, J. W. Fowler eds. A DYNAMIC CRASHING METHOD FOR PROJECT MANAGEMENT USING SIMULATION-BASED OPTIMIZATION

More information

On the Optimal Control of a Cascade of Hydro-Electric Power Stations

On the Optimal Control of a Cascade of Hydro-Electric Power Stations On the Optmal Control of a Cascade of Hydro-Electrc Power Statons M.C.M. Guedes a, A.F. Rbero a, G.V. Smrnov b and S. Vlela c a Department of Mathematcs, School of Scences, Unversty of Porto, Portugal;

More information

Using Series to Analyze Financial Situations: Present Value

Using Series to Analyze Financial Situations: Present Value 2.8 Usng Seres to Analyze Fnancal Stuatons: Present Value In the prevous secton, you learned how to calculate the amount, or future value, of an ordnary smple annuty. The amount s the sum of the accumulated

More information

DEFINING %COMPLETE IN MICROSOFT PROJECT

DEFINING %COMPLETE IN MICROSOFT PROJECT CelersSystems DEFINING %COMPLETE IN MICROSOFT PROJECT PREPARED BY James E Aksel, PMP, PMI-SP, MVP For Addtonal Informaton about Earned Value Management Systems and reportng, please contact: CelersSystems,

More information

Forecasting the Demand of Emergency Supplies: Based on the CBR Theory and BP Neural Network

Forecasting the Demand of Emergency Supplies: Based on the CBR Theory and BP Neural Network 700 Proceedngs of the 8th Internatonal Conference on Innovaton & Management Forecastng the Demand of Emergency Supples: Based on the CBR Theory and BP Neural Network Fu Deqang, Lu Yun, L Changbng School

More information

How Sets of Coherent Probabilities May Serve as Models for Degrees of Incoherence

How Sets of Coherent Probabilities May Serve as Models for Degrees of Incoherence 1 st Internatonal Symposum on Imprecse Probabltes and Ther Applcatons, Ghent, Belgum, 29 June 2 July 1999 How Sets of Coherent Probabltes May Serve as Models for Degrees of Incoherence Mar J. Schervsh

More information

The Analysis of Outliers in Statistical Data

The Analysis of Outliers in Statistical Data THALES Project No. xxxx The Analyss of Outlers n Statstcal Data Research Team Chrysses Caron, Assocate Professor (P.I.) Vaslk Karot, Doctoral canddate Polychrons Economou, Chrstna Perrakou, Postgraduate

More information

An Evaluation of the Extended Logistic, Simple Logistic, and Gompertz Models for Forecasting Short Lifecycle Products and Services

An Evaluation of the Extended Logistic, Simple Logistic, and Gompertz Models for Forecasting Short Lifecycle Products and Services An Evaluaton of the Extended Logstc, Smple Logstc, and Gompertz Models for Forecastng Short Lfecycle Products and Servces Charles V. Trappey a,1, Hsn-yng Wu b a Professor (Management Scence), Natonal Chao

More information

A powerful tool designed to enhance innovation and business performance

A powerful tool designed to enhance innovation and business performance A powerful tool desgned to enhance nnovaton and busness performance The LEGO Foundaton has taken over the responsblty for the LEGO SERIOUS PLAY method. Ths change wll help create the platform for the contnued

More information

1 Approximation Algorithms

1 Approximation Algorithms CME 305: Dscrete Mathematcs and Algorthms 1 Approxmaton Algorthms In lght of the apparent ntractablty of the problems we beleve not to le n P, t makes sense to pursue deas other than complete solutons

More information

Number of Levels Cumulative Annual operating Income per year construction costs costs ($) ($) ($) 1 600,000 35,000 100,000 2 2,200,000 60,000 350,000

Number of Levels Cumulative Annual operating Income per year construction costs costs ($) ($) ($) 1 600,000 35,000 100,000 2 2,200,000 60,000 350,000 Problem Set 5 Solutons 1 MIT s consderng buldng a new car park near Kendall Square. o unversty funds are avalable (overhead rates are under pressure and the new faclty would have to pay for tself from

More information

A Secure Password-Authenticated Key Agreement Using Smart Cards

A Secure Password-Authenticated Key Agreement Using Smart Cards A Secure Password-Authentcated Key Agreement Usng Smart Cards Ka Chan 1, Wen-Chung Kuo 2 and Jn-Chou Cheng 3 1 Department of Computer and Informaton Scence, R.O.C. Mltary Academy, Kaohsung 83059, Tawan,

More information

Efficient Project Portfolio as a tool for Enterprise Risk Management

Efficient Project Portfolio as a tool for Enterprise Risk Management Effcent Proect Portfolo as a tool for Enterprse Rsk Management Valentn O. Nkonov Ural State Techncal Unversty Growth Traectory Consultng Company January 5, 27 Effcent Proect Portfolo as a tool for Enterprse

More information

Fault tolerance in cloud technologies presented as a service

Fault tolerance in cloud technologies presented as a service Internatonal Scentfc Conference Computer Scence 2015 Pavel Dzhunev, PhD student Fault tolerance n cloud technologes presented as a servce INTRODUCTION Improvements n technques for vrtualzaton and performance

More information

Support Vector Machines

Support Vector Machines Support Vector Machnes Max Wellng Department of Computer Scence Unversty of Toronto 10 Kng s College Road Toronto, M5S 3G5 Canada wellng@cs.toronto.edu Abstract Ths s a note to explan support vector machnes.

More information

Answer: A). There is a flatter IS curve in the high MPC economy. Original LM LM after increase in M. IS curve for low MPC economy

Answer: A). There is a flatter IS curve in the high MPC economy. Original LM LM after increase in M. IS curve for low MPC economy 4.02 Quz Solutons Fall 2004 Multple-Choce Questons (30/00 ponts) Please, crcle the correct answer for each of the followng 0 multple-choce questons. For each queston, only one of the answers s correct.

More information

Survey on Virtual Machine Placement Techniques in Cloud Computing Environment

Survey on Virtual Machine Placement Techniques in Cloud Computing Environment Survey on Vrtual Machne Placement Technques n Cloud Computng Envronment Rajeev Kumar Gupta and R. K. Paterya Department of Computer Scence & Engneerng, MANIT, Bhopal, Inda ABSTRACT In tradtonal data center

More information

Financial Mathemetics

Financial Mathemetics Fnancal Mathemetcs 15 Mathematcs Grade 12 Teacher Gude Fnancal Maths Seres Overvew In ths seres we am to show how Mathematcs can be used to support personal fnancal decsons. In ths seres we jon Tebogo,

More information

Feature selection for intrusion detection. Slobodan Petrović NISlab, Gjøvik University College

Feature selection for intrusion detection. Slobodan Petrović NISlab, Gjøvik University College Feature selecton for ntruson detecton Slobodan Petrovć NISlab, Gjøvk Unversty College Contents The feature selecton problem Intruson detecton Traffc features relevant for IDS The CFS measure The mrmr measure

More information

Staff Paper. Farm Savings Accounts: Examining Income Variability, Eligibility, and Benefits. Brent Gloy, Eddy LaDue, and Charles Cuykendall

Staff Paper. Farm Savings Accounts: Examining Income Variability, Eligibility, and Benefits. Brent Gloy, Eddy LaDue, and Charles Cuykendall SP 2005-02 August 2005 Staff Paper Department of Appled Economcs and Management Cornell Unversty, Ithaca, New York 14853-7801 USA Farm Savngs Accounts: Examnng Income Varablty, Elgblty, and Benefts Brent

More information

7.5. Present Value of an Annuity. Investigate

7.5. Present Value of an Annuity. Investigate 7.5 Present Value of an Annuty Owen and Anna are approachng retrement and are puttng ther fnances n order. They have worked hard and nvested ther earnngs so that they now have a large amount of money on

More information

Multiple-Period Attribution: Residuals and Compounding

Multiple-Period Attribution: Residuals and Compounding Multple-Perod Attrbuton: Resduals and Compoundng Our revewer gave these authors full marks for dealng wth an ssue that performance measurers and vendors often regard as propretary nformaton. In 1994, Dens

More information

Dynamic Fleet Management for Cybercars

Dynamic Fleet Management for Cybercars Proceedngs of the IEEE ITSC 2006 2006 IEEE Intellgent Transportaton Systems Conference Toronto, Canada, September 17-20, 2006 TC7.5 Dynamc Fleet Management for Cybercars Fenghu. Wang, Mng. Yang, Ruqng.

More information

Can Auto Liability Insurance Purchases Signal Risk Attitude?

Can Auto Liability Insurance Purchases Signal Risk Attitude? Internatonal Journal of Busness and Economcs, 2011, Vol. 10, No. 2, 159-164 Can Auto Lablty Insurance Purchases Sgnal Rsk Atttude? Chu-Shu L Department of Internatonal Busness, Asa Unversty, Tawan Sheng-Chang

More information

+ + + - - This circuit than can be reduced to a planar circuit

+ + + - - This circuit than can be reduced to a planar circuit MeshCurrent Method The meshcurrent s analog of the nodeoltage method. We sole for a new set of arables, mesh currents, that automatcally satsfy KCLs. As such, meshcurrent method reduces crcut soluton to

More information

Traffic State Estimation in the Traffic Management Center of Berlin

Traffic State Estimation in the Traffic Management Center of Berlin Traffc State Estmaton n the Traffc Management Center of Berln Authors: Peter Vortsch, PTV AG, Stumpfstrasse, D-763 Karlsruhe, Germany phone ++49/72/965/35, emal peter.vortsch@ptv.de Peter Möhl, PTV AG,

More information

Intra-year Cash Flow Patterns: A Simple Solution for an Unnecessary Appraisal Error

Intra-year Cash Flow Patterns: A Simple Solution for an Unnecessary Appraisal Error Intra-year Cash Flow Patterns: A Smple Soluton for an Unnecessary Apprasal Error By C. Donald Wggns (Professor of Accountng and Fnance, the Unversty of North Florda), B. Perry Woodsde (Assocate Professor

More information

Risk-based Fatigue Estimate of Deep Water Risers -- Course Project for EM388F: Fracture Mechanics, Spring 2008

Risk-based Fatigue Estimate of Deep Water Risers -- Course Project for EM388F: Fracture Mechanics, Spring 2008 Rsk-based Fatgue Estmate of Deep Water Rsers -- Course Project for EM388F: Fracture Mechancs, Sprng 2008 Chen Sh Department of Cvl, Archtectural, and Envronmental Engneerng The Unversty of Texas at Austn

More information

Small pots lump sum payment instruction

Small pots lump sum payment instruction For customers Small pots lump sum payment nstructon Please read these notes before completng ths nstructon About ths nstructon Use ths nstructon f you re an ndvdual wth Aegon Retrement Choces Self Invested

More information

Institute of Informatics, Faculty of Business and Management, Brno University of Technology,Czech Republic

Institute of Informatics, Faculty of Business and Management, Brno University of Technology,Czech Republic Lagrange Multplers as Quanttatve Indcators n Economcs Ivan Mezník Insttute of Informatcs, Faculty of Busness and Management, Brno Unversty of TechnologCzech Republc Abstract The quanttatve role of Lagrange

More information

LIFETIME INCOME OPTIONS

LIFETIME INCOME OPTIONS LIFETIME INCOME OPTIONS May 2011 by: Marca S. Wagner, Esq. The Wagner Law Group A Professonal Corporaton 99 Summer Street, 13 th Floor Boston, MA 02110 Tel: (617) 357-5200 Fax: (617) 357-5250 www.ersa-lawyers.com

More information

An Interest-Oriented Network Evolution Mechanism for Online Communities

An Interest-Oriented Network Evolution Mechanism for Online Communities An Interest-Orented Network Evoluton Mechansm for Onlne Communtes Cahong Sun and Xaopng Yang School of Informaton, Renmn Unversty of Chna, Bejng 100872, P.R. Chna {chsun,yang}@ruc.edu.cn Abstract. Onlne

More information

CALL ADMISSION CONTROL IN WIRELESS MULTIMEDIA NETWORKS

CALL ADMISSION CONTROL IN WIRELESS MULTIMEDIA NETWORKS CALL ADMISSION CONTROL IN WIRELESS MULTIMEDIA NETWORKS Novella Bartoln 1, Imrch Chlamtac 2 1 Dpartmento d Informatca, Unverstà d Roma La Sapenza, Roma, Italy novella@ds.unroma1.t 2 Center for Advanced

More information

J. Parallel Distrib. Comput.

J. Parallel Distrib. Comput. J. Parallel Dstrb. Comput. 71 (2011) 62 76 Contents lsts avalable at ScenceDrect J. Parallel Dstrb. Comput. journal homepage: www.elsever.com/locate/jpdc Optmzng server placement n dstrbuted systems n

More information

Distributed Multi-Target Tracking In A Self-Configuring Camera Network

Distributed Multi-Target Tracking In A Self-Configuring Camera Network Dstrbuted Mult-Target Trackng In A Self-Confgurng Camera Network Crstan Soto, B Song, Amt K. Roy-Chowdhury Department of Electrcal Engneerng Unversty of Calforna, Rversde {cwlder,bsong,amtrc}@ee.ucr.edu

More information

Formulating & Solving Integer Problems Chapter 11 289

Formulating & Solving Integer Problems Chapter 11 289 Formulatng & Solvng Integer Problems Chapter 11 289 The Optonal Stop TSP If we drop the requrement that every stop must be vsted, we then get the optonal stop TSP. Ths mght correspond to a ob sequencng

More information

NONLINEAR OPTIMIZATION FOR PROJECT SCHEDULING AND RESOURCE ALLOCATION UNDER UNCERTAINTY

NONLINEAR OPTIMIZATION FOR PROJECT SCHEDULING AND RESOURCE ALLOCATION UNDER UNCERTAINTY NONLINEAR OPTIMIZATION FOR PROJECT SCHEDULING AND RESOURCE ALLOCATION UNDER UNCERTAINTY A Dssertaton Presented to the Faculty of the Graduate School of Cornell Unversty In Partal Fulfllment of the Requrements

More information

Credit Limit Optimization (CLO) for Credit Cards

Credit Limit Optimization (CLO) for Credit Cards Credt Lmt Optmzaton (CLO) for Credt Cards Vay S. Desa CSCC IX, Ednburgh September 8, 2005 Copyrght 2003, SAS Insttute Inc. All rghts reserved. SAS Propretary Agenda Background Tradtonal approaches to credt

More information

Power-of-Two Policies for Single- Warehouse Multi-Retailer Inventory Systems with Order Frequency Discounts

Power-of-Two Policies for Single- Warehouse Multi-Retailer Inventory Systems with Order Frequency Discounts Power-of-wo Polces for Sngle- Warehouse Mult-Retaler Inventory Systems wth Order Frequency Dscounts José A. Ventura Pennsylvana State Unversty (USA) Yale. Herer echnon Israel Insttute of echnology (Israel)

More information

Stochastic Protocol Modeling for Anomaly Based Network Intrusion Detection

Stochastic Protocol Modeling for Anomaly Based Network Intrusion Detection Stochastc Protocol Modelng for Anomaly Based Network Intruson Detecton Juan M. Estevez-Tapador, Pedro Garca-Teodoro, and Jesus E. Daz-Verdejo Department of Electroncs and Computer Technology Unversty of

More information

Effective Network Defense Strategies against Malicious Attacks with Various Defense Mechanisms under Quality of Service Constraints

Effective Network Defense Strategies against Malicious Attacks with Various Defense Mechanisms under Quality of Service Constraints Effectve Network Defense Strateges aganst Malcous Attacks wth Varous Defense Mechansms under Qualty of Servce Constrants Frank Yeong-Sung Ln Department of Informaton Natonal Tawan Unversty Tape, Tawan,

More information

Understanding the physical and economic consequences of attacks on control systems

Understanding the physical and economic consequences of attacks on control systems I N T E R N A T I O N A L J O U R N A L O F C R I T I C A L I N F R A S T R U C T U R E P R O T E C T I O N 2 ( 2 0 0 9 ) 7 3 8 3 avalable at www.scencedrect.com journal homepage: www.elsever.com/locate/jcp

More information

Risk Model of Long-Term Production Scheduling in Open Pit Gold Mining

Risk Model of Long-Term Production Scheduling in Open Pit Gold Mining Rsk Model of Long-Term Producton Schedulng n Open Pt Gold Mnng R Halatchev 1 and P Lever 2 ABSTRACT Open pt gold mnng s an mportant sector of the Australan mnng ndustry. It uses large amounts of nvestments,

More information

A Novel Methodology of Working Capital Management for Large. Public Constructions by Using Fuzzy S-curve Regression

A Novel Methodology of Working Capital Management for Large. Public Constructions by Using Fuzzy S-curve Regression Novel Methodology of Workng Captal Management for Large Publc Constructons by Usng Fuzzy S-curve Regresson Cheng-Wu Chen, Morrs H. L. Wang and Tng-Ya Hseh Department of Cvl Engneerng, Natonal Central Unversty,

More information

IMPACT ANALYSIS OF A CELLULAR PHONE

IMPACT ANALYSIS OF A CELLULAR PHONE 4 th ASA & μeta Internatonal Conference IMPACT AALYSIS OF A CELLULAR PHOE We Lu, 2 Hongy L Bejng FEAonlne Engneerng Co.,Ltd. Bejng, Chna ABSTRACT Drop test smulaton plays an mportant role n nvestgatng

More information

Testing and Debugging Resource Allocation for Fault Detection and Removal Process

Testing and Debugging Resource Allocation for Fault Detection and Removal Process Internatonal Journal of New Computer Archtectures and ther Applcatons (IJNCAA) 4(4): 93-00 The Socety of Dgtal Informaton and Wreless Communcatons, 04 (ISSN: 0-9085) Testng and Debuggng Resource Allocaton

More information

The Greedy Method. Introduction. 0/1 Knapsack Problem

The Greedy Method. Introduction. 0/1 Knapsack Problem The Greedy Method Introducton We have completed data structures. We now are gong to look at algorthm desgn methods. Often we are lookng at optmzaton problems whose performance s exponental. For an optmzaton

More information

Hollinger Canadian Publishing Holdings Co. ( HCPH ) proceeding under the Companies Creditors Arrangement Act ( CCAA )

Hollinger Canadian Publishing Holdings Co. ( HCPH ) proceeding under the Companies Creditors Arrangement Act ( CCAA ) February 17, 2011 Andrew J. Hatnay ahatnay@kmlaw.ca Dear Sr/Madam: Re: Re: Hollnger Canadan Publshng Holdngs Co. ( HCPH ) proceedng under the Companes Credtors Arrangement Act ( CCAA ) Update on CCAA Proceedngs

More information

Forecasting the Direction and Strength of Stock Market Movement

Forecasting the Direction and Strength of Stock Market Movement Forecastng the Drecton and Strength of Stock Market Movement Jngwe Chen Mng Chen Nan Ye cjngwe@stanford.edu mchen5@stanford.edu nanye@stanford.edu Abstract - Stock market s one of the most complcated systems

More information

An Empirical Study of Search Engine Advertising Effectiveness

An Empirical Study of Search Engine Advertising Effectiveness An Emprcal Study of Search Engne Advertsng Effectveness Sanjog Msra, Smon School of Busness Unversty of Rochester Edeal Pnker, Smon School of Busness Unversty of Rochester Alan Rmm-Kaufman, Rmm-Kaufman

More information

AN APPOINTMENT ORDER OUTPATIENT SCHEDULING SYSTEM THAT IMPROVES OUTPATIENT EXPERIENCE

AN APPOINTMENT ORDER OUTPATIENT SCHEDULING SYSTEM THAT IMPROVES OUTPATIENT EXPERIENCE AN APPOINTMENT ORDER OUTPATIENT SCHEDULING SYSTEM THAT IMPROVES OUTPATIENT EXPERIENCE Yu-L Huang Industral Engneerng Department New Mexco State Unversty Las Cruces, New Mexco 88003, U.S.A. Abstract Patent

More information

Vision Mouse. Saurabh Sarkar a* University of Cincinnati, Cincinnati, USA ABSTRACT 1. INTRODUCTION

Vision Mouse. Saurabh Sarkar a* University of Cincinnati, Cincinnati, USA ABSTRACT 1. INTRODUCTION Vson Mouse Saurabh Sarkar a* a Unversty of Cncnnat, Cncnnat, USA ABSTRACT The report dscusses a vson based approach towards trackng of eyes and fngers. The report descrbes the process of locatng the possble

More information

Network Security Situation Evaluation Method for Distributed Denial of Service

Network Security Situation Evaluation Method for Distributed Denial of Service Network Securty Stuaton Evaluaton Method for Dstrbuted Denal of Servce Jn Q,2, Cu YMn,2, Huang MnHuan,2, Kuang XaoHu,2, TangHong,2 ) Scence and Technology on Informaton System Securty Laboratory, Bejng,

More information

L10: Linear discriminants analysis

L10: Linear discriminants analysis L0: Lnear dscrmnants analyss Lnear dscrmnant analyss, two classes Lnear dscrmnant analyss, C classes LDA vs. PCA Lmtatons of LDA Varants of LDA Other dmensonalty reducton methods CSCE 666 Pattern Analyss

More information

Chapter 4 ECONOMIC DISPATCH AND UNIT COMMITMENT

Chapter 4 ECONOMIC DISPATCH AND UNIT COMMITMENT Chapter 4 ECOOMIC DISATCH AD UIT COMMITMET ITRODUCTIO A power system has several power plants. Each power plant has several generatng unts. At any pont of tme, the total load n the system s met by the

More information

Face Verification Problem. Face Recognition Problem. Application: Access Control. Biometric Authentication. Face Verification (1:1 matching)

Face Verification Problem. Face Recognition Problem. Application: Access Control. Biometric Authentication. Face Verification (1:1 matching) Face Recognton Problem Face Verfcaton Problem Face Verfcaton (1:1 matchng) Querymage face query Face Recognton (1:N matchng) database Applcaton: Access Control www.vsage.com www.vsoncs.com Bometrc Authentcaton

More information

Calculating the high frequency transmission line parameters of power cables

Calculating the high frequency transmission line parameters of power cables < ' Calculatng the hgh frequency transmsson lne parameters of power cables Authors: Dr. John Dcknson, Laboratory Servces Manager, N 0 RW E B Communcatons Mr. Peter J. Ncholson, Project Assgnment Manager,

More information

The Current Employment Statistics (CES) survey,

The Current Employment Statistics (CES) survey, Busness Brths and Deaths Impact of busness brths and deaths n the payroll survey The CES probablty-based sample redesgn accounts for most busness brth employment through the mputaton of busness deaths,

More information

Extending Probabilistic Dynamic Epistemic Logic

Extending Probabilistic Dynamic Epistemic Logic Extendng Probablstc Dynamc Epstemc Logc Joshua Sack May 29, 2008 Probablty Space Defnton A probablty space s a tuple (S, A, µ), where 1 S s a set called the sample space. 2 A P(S) s a σ-algebra: a set

More information

Study on Model of Risks Assessment of Standard Operation in Rural Power Network

Study on Model of Risks Assessment of Standard Operation in Rural Power Network Study on Model of Rsks Assessment of Standard Operaton n Rural Power Network Qngj L 1, Tao Yang 2 1 Qngj L, College of Informaton and Electrcal Engneerng, Shenyang Agrculture Unversty, Shenyang 110866,

More information

Abteilung für Stadt- und Regionalentwicklung Department of Urban and Regional Development

Abteilung für Stadt- und Regionalentwicklung Department of Urban and Regional Development Abtelung für Stadt- und Regonalentwcklung Department of Urban and Regonal Development Gunther Maer, Alexander Kaufmann The Development of Computer Networks Frst Results from a Mcroeconomc Model SRE-Dscusson

More information

Calculation of Sampling Weights

Calculation of Sampling Weights Perre Foy Statstcs Canada 4 Calculaton of Samplng Weghts 4.1 OVERVIEW The basc sample desgn used n TIMSS Populatons 1 and 2 was a two-stage stratfed cluster desgn. 1 The frst stage conssted of a sample

More information

To manage leave, meeting institutional requirements and treating individual staff members fairly and consistently.

To manage leave, meeting institutional requirements and treating individual staff members fairly and consistently. Corporate Polces & Procedures Human Resources - Document CPP216 Leave Management Frst Produced: Current Verson: Past Revsons: Revew Cycle: Apples From: 09/09/09 26/10/12 09/09/09 3 years Immedately Authorsaton:

More information

PAS: A Packet Accounting System to Limit the Effects of DoS & DDoS. Debish Fesehaye & Klara Naherstedt University of Illinois-Urbana Champaign

PAS: A Packet Accounting System to Limit the Effects of DoS & DDoS. Debish Fesehaye & Klara Naherstedt University of Illinois-Urbana Champaign PAS: A Packet Accountng System to Lmt the Effects of DoS & DDoS Debsh Fesehaye & Klara Naherstedt Unversty of Illnos-Urbana Champagn DoS and DDoS DDoS attacks are ncreasng threats to our dgtal world. Exstng

More information

A Replication-Based and Fault Tolerant Allocation Algorithm for Cloud Computing

A Replication-Based and Fault Tolerant Allocation Algorithm for Cloud Computing A Replcaton-Based and Fault Tolerant Allocaton Algorthm for Cloud Computng Tork Altameem Dept of Computer Scence, RCC, Kng Saud Unversty, PO Box: 28095 11437 Ryadh-Saud Araba Abstract The very large nfrastructure

More information

1. Fundamentals of probability theory 2. Emergence of communication traffic 3. Stochastic & Markovian Processes (SP & MP)

1. Fundamentals of probability theory 2. Emergence of communication traffic 3. Stochastic & Markovian Processes (SP & MP) 6.3 / -- Communcaton Networks II (Görg) SS20 -- www.comnets.un-bremen.de Communcaton Networks II Contents. Fundamentals of probablty theory 2. Emergence of communcaton traffc 3. Stochastc & Markovan Processes

More information

Activity Scheduling for Cost-Time Investment Optimization in Project Management

Activity Scheduling for Cost-Time Investment Optimization in Project Management PROJECT MANAGEMENT 4 th Internatonal Conference on Industral Engneerng and Industral Management XIV Congreso de Ingenería de Organzacón Donosta- San Sebastán, September 8 th -10 th 010 Actvty Schedulng

More information

APPLICATION OF COMPUTER PROGRAMMING IN OPTIMIZATION OF TECHNOLOGICAL OBJECTIVES OF COLD ROLLING

APPLICATION OF COMPUTER PROGRAMMING IN OPTIMIZATION OF TECHNOLOGICAL OBJECTIVES OF COLD ROLLING Journal Journal of Chemcal of Chemcal Technology and and Metallurgy, 50, 6, 50, 2015, 6, 2015 638-643 APPLICATION OF COMPUTER PROGRAMMING IN OPTIMIZATION OF TECHNOLOGICAL OBJECTIVES OF COLD ROLLING Abdrakhman

More information

Implementation of Deutsch's Algorithm Using Mathcad

Implementation of Deutsch's Algorithm Using Mathcad Implementaton of Deutsch's Algorthm Usng Mathcad Frank Roux The followng s a Mathcad mplementaton of Davd Deutsch's quantum computer prototype as presented on pages - n "Machnes, Logc and Quantum Physcs"

More information

Damage detection in composite laminates using coin-tap method

Damage detection in composite laminates using coin-tap method Damage detecton n composte lamnates usng con-tap method S.J. Km Korea Aerospace Research Insttute, 45 Eoeun-Dong, Youseong-Gu, 35-333 Daejeon, Republc of Korea yaeln@kar.re.kr 45 The con-tap test has the

More information

Durham Research Online

Durham Research Online Durham Research Onlne Deposted n DRO: 9 March 21 Verson of attached le: Accepted Verson Peer-revew status of attached le: Peer-revewed Ctaton for publshed tem: Matthews, P. C. and Coates, G. (27) 'Stochastc

More information

Abstract. 1. Introduction

Abstract. 1. Introduction System and Methodology for Usng Moble Phones n Lve Remote Montorng of Physcal Actvtes Hamed Ketabdar and Matt Lyra Qualty and Usablty Lab, Deutsche Telekom Laboratores, TU Berln hamed.ketabdar@telekom.de,

More information

Allocating Collaborative Profit in Less-than-Truckload Carrier Alliance

Allocating Collaborative Profit in Less-than-Truckload Carrier Alliance J. Servce Scence & Management, 2010, 3: 143-149 do:10.4236/jssm.2010.31018 Publshed Onlne March 2010 (http://www.scrp.org/journal/jssm) 143 Allocatng Collaboratve Proft n Less-than-Truckload Carrer Allance

More information

iavenue iavenue i i i iavenue iavenue iavenue

iavenue iavenue i i i iavenue iavenue iavenue Saratoga Systems' enterprse-wde Avenue CRM system s a comprehensve web-enabled software soluton. Ths next generaton system enables you to effectvely manage and enhance your customer relatonshps n both

More information

Planning for Marketing Campaigns

Planning for Marketing Campaigns Plannng for Marketng Campagns Qang Yang and Hong Cheng Department of Computer Scence Hong Kong Unversty of Scence and Technology Clearwater Bay, Kowloon, Hong Kong, Chna (qyang, csch)@cs.ust.hk Abstract

More information

Dynamic Pricing for Smart Grid with Reinforcement Learning

Dynamic Pricing for Smart Grid with Reinforcement Learning Dynamc Prcng for Smart Grd wth Renforcement Learnng Byung-Gook Km, Yu Zhang, Mhaela van der Schaar, and Jang-Won Lee Samsung Electroncs, Suwon, Korea Department of Electrcal Engneerng, UCLA, Los Angeles,

More information

Cloud Auto-Scaling with Deadline and Budget Constraints

Cloud Auto-Scaling with Deadline and Budget Constraints Prelmnary verson. Fnal verson appears In Proceedngs of 11th ACM/IEEE Internatonal Conference on Grd Computng (Grd 21). Oct 25-28, 21. Brussels, Belgum. Cloud Auto-Scalng wth Deadlne and Budget Constrants

More information

Optimal Bidding Strategies for Generation Companies in a Day-Ahead Electricity Market with Risk Management Taken into Account

Optimal Bidding Strategies for Generation Companies in a Day-Ahead Electricity Market with Risk Management Taken into Account Amercan J. of Engneerng and Appled Scences (): 8-6, 009 ISSN 94-700 009 Scence Publcatons Optmal Bddng Strateges for Generaton Companes n a Day-Ahead Electrcty Market wth Rsk Management Taken nto Account

More information

VoIP Playout Buffer Adjustment using Adaptive Estimation of Network Delays

VoIP Playout Buffer Adjustment using Adaptive Estimation of Network Delays VoIP Playout Buffer Adjustment usng Adaptve Estmaton of Network Delays Mroslaw Narbutt and Lam Murphy* Department of Computer Scence Unversty College Dubln, Belfeld, Dubln, IRELAND Abstract The poor qualty

More information

MAPP. MERIS level 3 cloud and water vapour products. Issue: 1. Revision: 0. Date: 9.12.1998. Function Name Organisation Signature Date

MAPP. MERIS level 3 cloud and water vapour products. Issue: 1. Revision: 0. Date: 9.12.1998. Function Name Organisation Signature Date Ttel: Project: Doc. No.: MERIS level 3 cloud and water vapour products MAPP MAPP-ATBD-ClWVL3 Issue: 1 Revson: 0 Date: 9.12.1998 Functon Name Organsaton Sgnature Date Author: Bennartz FUB Preusker FUB Schüller

More information

8.5 UNITARY AND HERMITIAN MATRICES. The conjugate transpose of a complex matrix A, denoted by A*, is given by

8.5 UNITARY AND HERMITIAN MATRICES. The conjugate transpose of a complex matrix A, denoted by A*, is given by 6 CHAPTER 8 COMPLEX VECTOR SPACES 5. Fnd the kernel of the lnear transformaton gven n Exercse 5. In Exercses 55 and 56, fnd the mage of v, for the ndcated composton, where and are gven by the followng

More information

Overview of monitoring and evaluation

Overview of monitoring and evaluation 540 Toolkt to Combat Traffckng n Persons Tool 10.1 Overvew of montorng and evaluaton Overvew Ths tool brefly descrbes both montorng and evaluaton, and the dstncton between the two. What s montorng? Montorng

More information

Time Value of Money Module

Time Value of Money Module Tme Value of Money Module O BJECTIVES After readng ths Module, you wll be able to: Understand smple nterest and compound nterest. 2 Compute and use the future value of a sngle sum. 3 Compute and use the

More information

A Hierarchical Anomaly Network Intrusion Detection System using Neural Network Classification

A Hierarchical Anomaly Network Intrusion Detection System using Neural Network Classification IDC IDC A Herarchcal Anomaly Network Intruson Detecton System usng Neural Network Classfcaton ZHENG ZHANG, JUN LI, C. N. MANIKOPOULOS, JAY JORGENSON and JOSE UCLES ECE Department, New Jersey Inst. of Tech.,

More information

A Lyapunov Optimization Approach to Repeated Stochastic Games

A Lyapunov Optimization Approach to Repeated Stochastic Games PROC. ALLERTON CONFERENCE ON COMMUNICATION, CONTROL, AND COMPUTING, OCT. 2013 1 A Lyapunov Optmzaton Approach to Repeated Stochastc Games Mchael J. Neely Unversty of Southern Calforna http://www-bcf.usc.edu/

More information

Lecture 2: Single Layer Perceptrons Kevin Swingler

Lecture 2: Single Layer Perceptrons Kevin Swingler Lecture 2: Sngle Layer Perceptrons Kevn Sngler kms@cs.str.ac.uk Recap: McCulloch-Ptts Neuron Ths vastly smplfed model of real neurons s also knon as a Threshold Logc Unt: W 2 A Y 3 n W n. A set of synapses

More information

行 政 院 國 家 科 學 委 員 會 補 助 專 題 研 究 計 畫 成 果 報 告 期 中 進 度 報 告

行 政 院 國 家 科 學 委 員 會 補 助 專 題 研 究 計 畫 成 果 報 告 期 中 進 度 報 告 行 政 院 國 家 科 學 委 員 會 補 助 專 題 研 究 計 畫 成 果 報 告 期 中 進 度 報 告 畫 類 別 : 個 別 型 計 畫 半 導 體 產 業 大 型 廠 房 之 設 施 規 劃 計 畫 編 號 :NSC 96-2628-E-009-026-MY3 執 行 期 間 : 2007 年 8 月 1 日 至 2010 年 7 月 31 日 計 畫 主 持 人 : 巫 木 誠 共 同

More information

RELIABILITY, RISK AND AVAILABILITY ANLYSIS OF A CONTAINER GANTRY CRANE ABSTRACT

RELIABILITY, RISK AND AVAILABILITY ANLYSIS OF A CONTAINER GANTRY CRANE ABSTRACT Kolowrock Krzysztof Joanna oszynska MODELLING ENVIRONMENT AND INFRATRUCTURE INFLUENCE ON RELIABILITY AND OPERATION RT&A # () (Vol.) March RELIABILITY RIK AND AVAILABILITY ANLYI OF A CONTAINER GANTRY CRANE

More information