Physical Security and Vulnerability Modeling for Infrastructure Facilities


 Kerry Cannon
 1 years ago
 Views:
Transcription
1 Proceedngs of the 39th Hawa Internatonal Conference on System Scences Physcal Securty and Vulnerablty Modelng for Infrastructure Facltes Dean A. Jones Chad E. Davs Sanda Natonal Laboratores Albuquerque, NM Mark A. Turnqust Lnda K. Nozck Cornell Unversty Ithaca, NY Abstract A model of malcous ntrusons n nfrastructure facltes s developed, usng a network representaton of the system structure together wth Markov models of ntruder progress and strategy. Ths structure provdes an explct mechansm to estmate the probablty of successful breaches of physcal securty, and to evaluate potental mprovements. An example of an ntruder attemptng to place an explosve devce on an arplane at an arport gate llustrates the structure and potental applcaton of the model. 1. Introducton There s wdespread nterest n protecton of crtcal nfrastructures from malcous attack. The attacks mght be ether physcal ntrusons (e.g., to steal vtal materal, plant a bomb, etc.) or cyber ntrusons (e.g., to dsrupt nformaton systems, steal data, etc.). The attackers may be nternatonal terrorsts, homegrown hackers, or ordnary crmnals. In 1997, the report of the U.S. Presdent s Commsson on Crtcal Infrastructure Protecton dentfed eght crtcal nfrastructures whose ncapacty or destructon would have a debltatng mpact on our defense and economc securty [11]. In subsequent years, ths lst of crtcal nfrastructures was expanded and a set of 13 crtcal nfrastructure sectors are ncluded n the Natonal Strategy for Homeland Securty [3]. These 13 are: agrculture, food processng, water, publc health, government, emergency servces, bankng and fnance, telecommuncatons, energy, transportaton, the chemcal ndustry, postal and shppng servces, and the defense ndustral base. In ths analyss, we focus prmarly on transportaton facltes, but the approach we suggest could also be used n other nfrastructure contexts. For example, a smlar type of analyss has been appled to nformaton systems [2]. The objectve of the analyss presented here s to provde gudance to system owners and operators regardng effectve ways to reduce vulnerabltes of specfc facltes. To accomplsh ths, we develop a Markov Decson Process (MDP) model of how an ntruder mght try to penetrate the varous barrers desgned to protect the faclty. Ths ntruder model provdes the bass for consderaton of possble strateges to reduce the probablty of a successful attack on the faclty. We represent the system of nterest as a network of nodes and arcs. Nodes represent barrers that an ntruder must penetrate, and arcs represent movements between barrers that an ntruder can make wthn the system. The adversares frst must penetrate entry ponts to the system, and f an attempted penetraton at a partcular entry node s successful, they can traverse edges from the successfully breached node to other nodes n the network that are connected to the one breached. Traversng an edge entals a rsk of detecton. The adversary s assumed to make the decson that maxmzes the probablty of successful attack. Several prevous authors have used graphbased methods to represent attackers or defenders n securty analyses. Phllps and Swler [10] ntroduced the concept of an attack graph to represent sets of system states and paths for an attacker to pursue an objectve n dsruptng an nformaton system. Several subsequent papers (e.g., [4], [13], [15]) have extended these ntal deas. A number of authors have used Markov models /06/$20.00 (C) 2006 IEEE 1
2 Proceedngs of the 39th Hawa Internatonal Conference on System Scences to represent uncertantes n system state n the face of attacks, especally n computer systems (e.g., [4], [7], [13], [14]). In partcular, Hdden Markov Models (HMM) focus on ntruder detecton usng ndcators that ndrectly reflect potental attacker actvtes (see, for example, [8], [14], [16]). Jha et al. [4] ntroduced the dea of usng Markov Decson Processes (MDP) for stuatons n whch the ntruder s path s probablstc. By nterpretng attack graphs as Markov Decson Processes they computed a probablty of ntruder success for each attack represented by the graph. In the current work, we also use the dea of computng the probablty of a successful attack by characterzng the problem as an MDP. However, our graph structure s dfferent from the normal attack graph structure used n nformaton systems, and thus the underlyng network over whch the MDP s formulated s dfferent from that used n [4]. Our prmary attenton s on a class of adversares that s ratonal and well nformed. By ratonal, we mean that the adversares follow a strategy that maxmzes the probablty of ther attack beng successful. By well nformed, we mean that the adversares know the probabltes of detecton, success, etc. at varous stages of the attack, so they can effectvely optmze ther attacks. Our focus on wellnformed adversares s useful because t leads to an estmate of the probablty of successful ntruson that s lkely to be an upper bound on the actual value. Ths, n turn, leads us to be conservatve n estmatng how wellprotected the system s. Less wellnformed ntruders mght also be successful, but ther probabltes of success wll be smaller. Further exploraton of the lkely strateges of less nformed ntruders s, however, an mportant area for addtonal work. We frst construct an HMM to represent an ntruder s actons at a sngle node (barrer) n a system. Then we develop an aggregated representaton of that snglenode model for ncluson n an MDP model of ntruder strategy wthn a network representaton of the entre system. 2. Intruson attempts at a node An attempt to penetrate a system barrer (node) and the nteracton between the ntruder and the ntrusondetecton system s modeled usng a Hdden Markov Model (HMM). The general concept of such a model s represented n Fgure 1. The ntruder s actons (the lower porton of the dagram) are assumed to progress through a set of states as a Markov process. The dagram n Fgure 1 shows a smplfed representaton n whch transtons are only to sequental states, but the transton matrx used can be more general. Occupancy of varous states may result n emanatons that are observable by the system operator (represented by the sgnals n Fgure 1). For example, the ntruder may be attemptng to pck the lock of a door where there s vdeo survellance. Pckng the lock requres an uncertan amount of tme, represented by transton through a seres of Markov states. Whle the ntruder occupes those states (.e., durng the tme that the ntruder s attemptng to pck the lock), there s a probablty that hs/her presence wll be detected by the vdeo survellance system. The general structure of the HMM allows consderable flexblty n defnng varous types of sgnals and resultng actons by the system operator. For example, some sgnals may cause an ncreased level of survellance wthout an alarm beng rased. For our current purposes, we use a straghtforward defnton that a recognzed sgnal from any state consttutes detecton and the end of the attempted ntruson. If the ntruder reaches a breach state wthout beng detected, we say that the node (barrer) has been breached, and no further emanatons wll cause the system to detect the ntruder at that node. We also nclude a retreat state that corresponds to an unsuccessful, but undetected, attempt to penetrate the barrer. In that outcome, the ntruder can wthdraw wthout rasng an alarm. Sgnals a b c Intruder States k Breach Retreat Fgure 1. A hdden Markov model characterzng an attack at a system node. We use a dscretetme, dscretestate HMM characterzed by the followng equatons: X = A X T n+1 n (1) Y n = BX n (2) for transton steps n = 1, 2,,. The state of the system (.e., presence of the ntruder n some node n 2
3 Proceedngs of the 39th Hawa Internatonal Conference on System Scences the lower porton of Fgure 1) s represented by the (column) probablty vector, X. The dynamcs of the system are governed by (1), where A s a transton matrx (.e., t satsfes the propertes aj 0 and j a j 1.) The states of the system are not observed drectly. The process Y s observed, whch s a functon of the state of the underlyng Markov process, X. Each column of B specfes a condtonal probablty dstrbuton over the possble observatons, gven that the underlyng (hdden) system s n a partcular state. The estmated values for B n a gven applcaton should reflect any efforts that mght be taken by an ntruder to reduce the lkelhood of detecton (e.g., attemptng to defeat sensors, create dversons, etc.). For our purposes, we assume that A and B are known (or have been estmated). We want to use the estmated HMMs at varous nodes as the bass for a networklevel model of ntruder strategy. In large networks, t s useful to abstract the HMM at node v to a smpler representaton, as shown n Fgure 2. An ntruder enters an Attempt state for that barrer (node). The ntruder contnues to occupy that state untl the attempted penetraton s detected (and an alarm s rased), the penetraton s successful and the barrer s breached, or the ntruder retreats. penetraton n the orgnal HMM. In the nterests of space, the detals are not gven here, but they are provded n [5]. The value of the aggregated representaton s that t allows us to construct a Markov Decson Process (MDP) of the ntruder s strategy at the system level, wthout carryng along all the detal of states wthn each node. Ths s the focus of the followng secton. 3. Expandng to the system level At the system level, we represent a network of barrers and potental movements as shown n the smple example n Fgure 3. Each node can be expanded usng a representaton lke the one n Fgure 2. If the ntruder s successful at breachng a partcular barrer, he/she has choces about where to go next (whch arc to cross). Crossng arc j entals a probablty of detecton j, and ths s represented n the transton matrx. Fgure 3. Smple systemlevel network. Fgure 2. Aggregated abstracton of the HMM at a node. To make the abstracton n Fgure 2 useful, we must be able to derve the transton probabltes p, s, d and r from the underlyng A and B matrces of the HMM. The transton probabltes s, d and r are specfed so that the probabltes of detecton, successful breach and retreat match those from the orgnal HMM. The transton probablty p s specfed so the expected length of resdence n the attempt state matches the duraton of the attempted We can pose the problem of fndng the ntruder s optmal strategy as an MDP over an nfnte horzon. We defne the expected reward to the ntruder as a value assocated wth reachng the success state of a goal node (such as node 8 n the example n Fgure 3), whch represents an undetected ext from the system after accomplshng a desred acton (such as placng a bomb, etc.). If we defne ths reward value as 1, then the expected rewards calculated at all earler nodes n the network can be nterpreted as probabltes of success, gven that the ntruder has reached that node. We assume that the objectve of the ntruder s to maxmze hs/her expected reward (probablty of successful attack), and we examne the problem of fndng the optmal strategy for ths objectve. Solvng ths problem postons us to adopt the perspectve of the system operator and consder the actons that can have the largest mpact on reducng the probablty of successful ntrusons. 3
4 Proceedngs of the 39th Hawa Internatonal Conference on System Scences If the ntruder s n state and chooses acton a, we denote the expected value of the future stream of rewards by w(,a ). Each possble acton a mples a change n the transton probabltes that govern the process. We denote the elements of the transton matrx resultng from choosng acton a as P j (a ). The MDP we defne for ths problem s postve bounded, and we can fnd the optmal polcy through ether polcy teraton or lnear programmng. From a computatonal standpont, polcy teraton s generally preferable to lnear programmng for fndng solutons, but the lnear programmng formulaton can yeld nsghts that are sgnfcant for our current purposes. Puterman [12] descrbes the lnear programmng formulaton for postve bounded expected total reward models. The formulaton seeks the decson polcy (choce of a ) that maxmzes the expected value of the reward stream, w(,a ). We denote the resultng optmal expected value as w*(). As [12] descrbes n detal, the set of w*() s the smallest set of values of w() for whch the followng nequaltes hold for all states, : w ( ) R ( a ) + Pj ( a ) w( j) (3) j where R ( a ) s the mmedate reward for selectng acton a when the system state s. In our applcaton, R ( a ) = 0 for all states other than the goal state, g, and R ( a g g ) = 1 for the dummy acton, a g, after achevng the goal state. If we then ntroduce an arbtrary set of postve scalars, β, wth the requrement that β = 1, the lnear program can be wrtten as follows: subject to: mn β w ( ) (4) x( a) Pj( a) x( a) β (8) a j a x ( a ) 0, a (9) In our case, because all but one of the R ( a ) values are zero, the dual objectve functon can be smplfed to: max x ( a ) (7 ) g g The prmal lnear program has many more constrants than varables, so t s more effectve to solve the dual problem. In addton, t can be shown (see [12]) that n an optmal soluton to the dual problem (7) (9), there s no more than one nonzero x (a ) for each state. The a for whch x (a ) s nonzero ndcates the optmal acton a for each. The shadow prces on * the dual constrants (8) are the values of w*(), ndcatng the probablty of successful attack, gven that the ntruder has reached state. 4. An llustratve applcaton As an example of systemlevel analyss for a specfc nfrastructure faclty, consder an ntruder who s attemptng to place an explosve devce aboard an arcraft whle t s sttng at an arport gate, wth the ntent that t wll explode later after the arcraft s n flght. A smplfed representaton of the barrer network and possble ntruder actons s shown n Fgure 4 (the network structure s the same as n Fgure 3, but the nodes and lnks have now been labeled as specfc barrers and movements). w ( ) P ( a ) w( j) R ( a ), a (5) j j w( ) 0 (6) Ths lnear program has a dual that can be expressed as follows: subject to: max R( a) x( a) (7) a 4
5 Proceedngs of the 39th Hawa Internatonal Conference on System Scences Fgure 4. Illustratve network for analyzng an attempted placement of an explosve devce on an arcraft. The ntruder must frst gan access to the apron area of the termnal. We postulate that ths can occur ether by ganng llct access through the employee gate (e.g., by stealng an employee ID and usng t to enter the area), or by enterng n a servce vehcle at a gate (e.g., n a caterng truck). If the ntruder s successful n gettng access to the area, he/she must then mpersonate a legtmate worker n the arcraft gate area ether an arlne employee or a servce contractor. The crossover arcs between entry and mpersonaton n Fgure 4 ndcate that even f the ntruder gans access to the apron area usng an employee ID, he/she may swtch ID s and mpersonate a servce contractor wthn the area (or vce versa). Ths mpersonaton must be successful for the perod of tme requred to get from the entrance to the arcraft tself. Approachng the arcraft carres a rsk of detecton, and the approachable areas on the arcraft f the ntruder s mpersonatng an employee may be dfferent from those that are approachable f he/she s mpersonatng a servce contractor. For example, a person who appears to be an arlne mantenance employee mght not attract attenton approachng the underwng area around the landng gear, whereas a person who appears to be a caterng contractor would. For purposes of ths example, we consder n Fgure 4 three areas of the arcraft where an explosve devce mght be hdden nsde the wng around the landng gear, n the cargo hold, or n the caterng supples delvered to the galley. If access to the arcraft s ganed, the devce must be placed wthout arousng suspcon. Ths s represented by the arcs connectng the arcraft area nodes to the ext node. Each of these arcs has a probablty of detecton. Fnally, f the ntruder succeeds n ganng access to the arcraft and placng the devce, he/she must ext wthout detecton, and ths represents the last barrer. Our modelng premse s that f the ntruder s detected after placng the devce, t wll trgger a thorough search of the arcraft and the devce wll be dscovered, so that the attempted attack wll be foled. Table 1 summarzes the node data used for the example analyss, and Table 2 shows the probabltes of detecton used for the arcs n the example network. These data are all nputs to the analyss and the values shown n Tables 1 and 2 are strctly hypothetcal. In practce, these nput values would lkely be a mxture of estmates based on testng specfc elements of the system and subjectve estmates (.e., expert judgment). Table 1. Example data for network nodes. Node (see Fgure 4) Expected Tme for Attempted Breach (mn) Prob. of Success Prob. of Detecton Prob. of Retreat Employee Gate Servce Vehcle Impersonate Employee Impersonate Contractor Landng Gear Cargo Hold Galley Undetected Ext Table 2. Probablty of detecton for possble moves. Arc Prob. of Detecton Empl. Gate Impersonate Employee 0 Empl. Gate Impersonate Contractor 0 Servce Vehcle Impersonate Empl. 0 Servce Vehcle Impersonate Contr. 0 Impersonate Empl. Landng Gear 0.3 Impersonate Empl. Cargo Hold 0.2 Impersonate Contr. Cargo Hold 0.5 Impersonate Contr. Galley 0.1 Landng Gear Ext 0.4 Cargo Hold Ext 0.2 Galley Ext 0.3 5
6 Proceedngs of the 39th Hawa Internatonal Conference on System Scences In the example data, we assume there s no retreat at the stage of extng after placng the devce at that stage ether the attack s successful or t s detected. Also note that the probablty of detecton on the arcs leadng to the mpersonaton nodes s zero. Ths s because we are treatng mpersonaton process (and tme) as a barrer (node), so the probablty of detecton s lumped at the nodes, rather than on the arcs. For ths set of nput data, the soluton for the optmal ntruder strategy can be summarzed as shown n Fgure 5. To the left of each node s the probablty of successful attack, gven that the ntruder s arrvng at that barrer. To the rght of each node s the probablty of success, gven that the ntruder has successfully negotated that barrer. There s only one value shown for the ext node (.e., the approachng probablty), because once that node s successfully negotated, the attack has been a success, by defnton. Fgure 5. Summary of ntruder strategy and probablty of success. The dashed lne ndcates the optmal path for an ntruder (.e., the path that maxmzes the probablty of success). Ths s the path of greatest vulnerablty to the system. In our smple example, we would compute a probablty of successful attack of 0.11 for an ntruder whose strategy s to gan entry to the apron area through the employee gate, then swtch ID s and mpersonate a contractor (probably a caterng servce worker) to access the arcraft galley and place the devce there before extng. The exstence of ths strategy does not mean that all ntruders wll always proceed n exactly the way ndcated. It does mean that f all ntruders were ratonal and well nformed (n the sense descrbed at the begnnng of the paper), ths would be a strategy through whch they could maxmze the probablty of a successful attack. The actual probablty of successful attack s lkely to be less than ths maxmum value because ntruders wll have lessthancomplete nformaton and may not optmze ther strategy. The soluton to the MDP model also provdes useful nformaton on the condtonal probablty of success for an attacker that reaches a certan pont n the network, regardless of whether or not he/she followed the optmal strategy. For example, f an ntruder succeeds n reachng the cargo hold of the arcraft (despte the fact that ths s not an optmal strategy), the probablty of a successful attack from that pont on s Ths nformaton can be extended to represent a vulnerablty tree as shown n Fgure 6. Ths tree ndcates the optmal strategy for contnung an attack by an ntruder who reaches a gven node, regardless of how he/she arrved there. Ths nformaton adds value to system securty studes over and above the dentfcaton of the sngle most vulnerable path for a system ntruder. Havng establshed a basecase vulnerablty assessment for the system, we can proceed to a seres of what f analyses to examne the mpact of potental changes to mprove securty. For example, what f an attempt were made to reduce the lkelhood of successful attack along the most vulnerable path by more carefully checkng contractors movng n the arcraft gate area and delverng food to the galley? We wll represent ths change n operatonal polcy by ncreasng the probablty of detecton of someone mpersonatng a contractor movng n the gate area to 0.5 (and correspondngly decreasng the probablty of successful mpersonaton to 0.4). We wll represent the effect of ncreasng the vglance on contractors enterng the galley area of the arcraft by ncreasng the probablty of detecton on that access arc to 0.3. Fgure 6. Vulnerablty tree. Fgure 7 summarzes the results of those changes. The wellnformed ntruder adapts by changng 6
7 Proceedngs of the 39th Hawa Internatonal Conference on System Scences hs/her strategy, and now mpersonates an arlne employee, makng an attempt to place the explosve devce n the cargo hold of the arcraft rather than n the galley. The overall probablty of success has declned, but only margnally, to Of course, the change mght have somewhat greater shortterm effectveness (.e., before the potental ntruder can learn of t and change strategy), but t s unlkely to produce very sgnfcant mprovements n securty over a longer perod. arcs n the cut set shown n Fgure 8. The resultng soluton for ntruder strategy s shown n Fgure 9. The optmal ntruder strategy has shfted from the galley to the cargo hold n response to ths change, and the overall probablty of successful attack has decreased to 0.075, a 32% decrease from the orgnal value of Fgure 7. Revsed ntruder strategy after ncreases n montorng levels for contractors. One strategy for achevng greater longterm mprovement n securty s to focus on cut sets n the ntruson network. Ths dea s llustrated n Fgure 8, whch shows a cut set constructed across the arcs representng access to the arcraft. If smultaneous mprovements n detecton rates for ntruders are made n all arcs of the cut set, t s more dffcult for the ntruder to change strategy to avod the hghersecurty paths because all paths must cross the cut set. Fgure 8. Illustraton of cut set. As an example, suppose that nstead of focusng just on contractors, as n our frst experment, the probablty of detecton were ncreased to 0.6 on all Fgure 9. Intruder strategy and probablty of success after ncreasng detecton probablty on cut set arcs to 0.6. The model structure developed here can also be used to answer a varety of other questons. For example, suppose we were to focus our attenton on the cut set n Fgure 8. We have seen that an ncrease n the detecton probablty on those arcs to 0.6 results n a notceable reducton n overall success probablty for the ntruder. How hgh would the detecton probablty on those cut set arcs have to be n order to reduce the overall ntruson success probablty to 0.01? We can determne that the requred detecton probablty s We can also use the model to examne combnatons of strateges. For example, suppose we thought t would be feasble to ncrease the detecton rate on the arcraft access arcs to 0.9, but not to If 0.9 were acheved on those arcs, how much better would the detecton probablty have to be at the mpersonaton nodes precedng those arcs n order to acheve an overall success probablty of no more than 0.01? We can do a quck search wth the model and determne that the answer to ths queston s That s, we would have to be able to mantan a 68% chance of detecton of mpersonators (of both employees and contractors), along wth a 90% chance of detecton of ntruders approachng an arcraft, n order to reduce the probablty of a successful attack to
8 Proceedngs of the 39th Hawa Internatonal Conference on System Scences Optmzng resource allocaton for securty mprovement The llustratve analyss n Secton 4 leads us to an obvous queston: If t were possble to estmate a cost functon for changes wthn the network that would reduce the lkelhood of a successful ntruson, could we dentfy the most effectve (.e., mnmum cost) way of achevng a desred (small) probablty of successful ntruson? Ths queston can be answered usng a blevel optmzaton formulaton. At the upper level we have an optmzaton that determnes changes at nodes and arcs n the network so as to mnmze cost, subject to a constrant that the resultng probablty of successful attack s no greater than a specfed value. However, the probablty of successful attack s determned as the soluton to a lower level optmzaton (optmzng the ntruder s strategy, gven the characterstcs of the network he/she s facng). To be more specfc about ths optmzaton, consder agan the model of the ntruder s strategy expressed n equatons (4)(6). There are at least fve ways that the system operator (or defender ) can act to reduce the lkelhood that the ntruder wll be successful: Increase the probablty of detecton at barrer (node) ; ths mght be accomplshed ether by ncreasng the senstvty of the detecton process, or by ncreasng the tme requred to penetrate the barrer, allowng the exstng detecton mechansms more tme to be effectve. Increase the probablty of detecton on movement arcs j between nodes. Add new barrers that must be negotated; ths s represented by a new node n the network, wth reconnecton of exstng arcs to force some (or all) ntruders paths to go through the new node. Remove exstng arcs n the network; ths represents some addtonal constrants (ether physcal or vrtual) on movement wthn the system. Reduce the level of nformaton that potental ntruders have about the system structure and detecton probabltes, creatng addtonal uncertanty for the ntruders, and perhaps some level of dsnformaton that would lead them to make poor choces n ther attack strategy. From the standpont of the model we have defned, the thrd and fourth strateges lsted can be consdered to be specal (extreme) cases of the frst two strateges (for more detaled dscusson of ths, see [5]). The ffth strategy s qute dfferent from the frst two, and needs to be analyzed n a separate way. Ths s descrbed further n the followng secton as an extenson of the work n the current paper. For our current analyss, we wll focus on the frst two strateges for reducng the vulnerablty of the system (mplctly ncludng the thrd and fourth as well). Suppose that the ntal detecton probablty at node s denoted d 0, and the ncrease n that probablty s denoted Δ, so that the actual detecton probablty n effect s d = d 0 + Δ. Smlarly, we wll assume that the ntal detecton probablty on arc j s δ 0, and the ncrease n that j probablty s γ j, so the actual detecton probablty n effect s δ j = δ 0 j + γ. j Increases n the detecton probabltes are assumed to requre expendtures C ( Δ ) and K j ( γ j ). In the current formulaton, the cost functons are separable by node and arc, but a more general cost functon could be used wthout changng the structure of the blevel optmzaton formulaton. We wll use E to denote the set of entry nodes to the system network, and then express the upper level problem as follows: subject to: Mn C ( Δ ) + Kj ( γ j ) (10) j * * w ( ) W E (11) d = d 0 + Δ (12) 0 δ = δ + γ j (13) j j j Δ 0 (14) γ j 0 j (15) In (11), the w * ( ) values are the optmal soluton to the lower level problem, specfed as follows: 8
9 Proceedngs of the 39th Hawa Internatonal Conference on System Scences subject to: j j mn β w ( ) (16) j w ( ) P ( a d, δ ) w( j) 0 g, a 17) w( g) P ( a d, δ ) w( j) 1 a (18) j gj g g gj w( ) 0 (19) In (17) and (18), the transton matrx s wrtten as Pj ( a d, δ j ) to reflect the fact that t depends on the values of d and δ determned n the upper problem. j The lower problem n (16)(19) s the same problem as n (4)(6), but s rewrtten to reflect the specfc knowledge of R ( a ) values that relevant to ths problem, and to emphasze ts connecton to the upper problem n (10)(15). A soluton procedure for ths blevel optmzaton searches over possble values of Δ andγ j, and for each set of values, solves the lower problem to fnd w * ( ) (after translatng the d and δ values nto a new j transton matrx Pj ( a d, δ j ) ). A general ssue (whch s endemc to blevel models) s that t s dffcult to guarantee convergence of soluton algorthms to true optmal solutons n the upper model. Bard [1] descrbes ths general dffculty. 6. Extensons Several extensons to the model descrbed here are possble and desrable. In addton to further development of the blevel optmzaton deas dscussed n the prevous secton, there are two extensons that seem partcularly mportant. Frst, t s useful to ncorporate mperfect nformaton on the part of the ntruders. Ths allows us to begn exploraton of the ffth defender strategy mentoned n secton 5. One very drect way to do ths s to embed the MDP model n a smulaton where uncertanty n the perceptons of the detecton probabltes s reflected. Ths s one type of lmtaton on the nformaton assumed to be avalable to the attackers. Varatons n the perceptons of the detecton probabltes can lead to dfferent strateges for dfferent ntruders, and the effect (from the system operator s perspectve) s that potental attacks appear g to be followng a mxed (or randomzed) strategy. Ths form of smulaton s a step n the general drecton of consderng the system to be a partally observable Markov decson process (POMDP) from the perspectve of the ntruder. The smulaton approach can also be used to analyze other types of mperfect nformaton on the part of ntruders for example, mperfect knowledge of what arcs exst n the network for movement among nodes, or even mperfect nformaton as to what nodes exst. A second useful extenson s to create semmarkov models for the processes of attempted penetraton of barrers. Ths would allow more accurate representaton of the uncertan tme requred to penetrate a gven barrer, as well as offer a broader range of opportuntes for modelng varous types of tmedependent detecton probabltes. Ths extenson could mprove the range of applcablty of the model. 7. Conclusons The objectve of the analyss presented here s to provde gudance to system owners and operators regardng effectve ways to reduce vulnerabltes of specfc nfrastructure facltes. To accomplsh ths, we have developed a Markov Decson Process (MDP) model of how an ntruder mght try to penetrate the varous barrers desgned to protect the faclty. The soluton to ths MDP model provdes nsght nto the level of vulnerablty of the faclty (the probablty of successful ntruson) and ndcates where the vulnerabltes are (the most lkely paths for the ntruder). The ntruder model also provdes the bass for consderaton of possble strateges to reduce the probablty of a successful attack on the faclty. Illustratons of usng the model n ths way are provded n the case study analyss n secton 4. The process of searchng for costeffectve strateges to reduce system vulnerablty can be formally cast as a blevel optmzaton problem, as dscussed n secton 5. Ths provdes a promsng drecton for further work. Successful mplementaton of the model descrbed n ths paper depends very drectly on two mportant tasks: 1) constructng largescale networks that represent the varous barrers and movement possbltes n a system; and 2) estmatng the varous probabltes embedded n the A and B matrces that are elements of the HMM s at each network node. Qute clearly, f the constructed network does not reflect accurately the barrers to ntruson and possble 9
10 Proceedngs of the 39th Hawa Internatonal Conference on System Scences paths for ntruders, the resultng computatons from the model wll be flawed. Constructng an accurate network representaton requres sgnfcant system knowledge and also the ablty to thnk lke an attacker. Estmatng the probabltes s also a challengng task. There are tools that have been created for estmatng HMM matrces n other applcaton contexts, and the experence ganed n those other contexts should provde mportant nsght for ths task. The process of testng, mplementng and enhancng the model s an ongong one, wth the expectaton that ths approach wll become an mportant new tool for the protecton of crtcal nfrastructure facltes. References [1] Bard, J.F., Some Propertes of the Blevel Programmng Problem, Journal of Optmzaton Theory and Applcatons, 68:2, 1991, [2] Carlson, R.E., Turnqust, M.A. and Nozck, L.K., Expected Losses, Insurablty and Benefts from Reducng Vulnerablty to Attacks, Report SAND , Sanda Natonal Laboratores, Albuquerque, NM, [3] Executve Offce of the Presdent, Natonal Strategy for Homeland Securty, July 2002, avalable on lne at [4] Jha, S., Sheyner, O., and Wng, J.M. Two Formal Analyses of Attack Graphs, 15th IEEE Computer Securty Foundatons Workshop, June 2002, Cape Breton, NS, Canada, Complexty, Journal of Computer Securty, 12:2, 2004, [10] Phllps, C.A., and Swler, L.P., A GraphBased System for Network Vulnerablty Analyss, Proceedngs of the 1998 New Securty Paradgms Workshop, Assocaton for Computng Machnery, 1998, [11] Presdent s Commsson on Crtcal Infrastructure Protecton, Crtcal Foundatons: Protectng Amerca s Infrastructures, The Whte House, Washngton, DC, [12] Puterman, M.L. Markov Decson Processes. Wley, New York, [13] Sheyner, O., Hanes, J., Jha, S., Lppmann, R., and Wng, J.M., Automated Generaton and Analyss of Attack Graphs, Proceedngs of the IEEE Computer Socety Symposum on Research n Securty and Prvacy, Berkeley, CA, May 2002, [14] Soh, B.C., and Dllon, T.S. Settng Optmal Intruson Detecton Thresholds, Computers & Securty, 14:7, 1995, [15] Swler, L.P., Phllps, C.A., Ells, D., and Chakeran, S., Computer Attack Graph Generaton Tool, Proceedngs of the 2nd DARPA Informaton Survvablty Conference and Exposton, 2001, [16] Warrender, C., Forrest, S. and Pearlmutter, B. Detectng Intrusons Usng System Calls: Alternatve Data Models, Proceedngs of the 1999 IEEE Symposum on Securty and Prvacy, 1999, [5] Jones, D.A., Turnqust, M.A. and Nozck, L.K., Physcal Securty and Vulnerablty Modelng for Infrastructure Facltes, Report SAND2005xxxx,Sanda Natonal Laboratores, Albuquerque, NM, [6] Katskas, S.K., Grtzals, D., and Spraks, P., Attack Modellng n Open Network Envronments, Communcatons and Multmeda Securty II, 1996, [7] Katskas, S.K., Spyrou, T., Grtzals, D., and Darzentas, J., Model for Network Behavour under Vral Attack, Computer Communcatons, 19:2, 1996, [8] Ourston, D., Matzner, S., Stump, W., and Hopkns, B., Applcatons of Hdden Markov Models to Detectng Multstage Network Attacks, 36 th Hawa Internatonal Conference on Systems Scence, IEEE Computer Socety, Hawa, 2003, CDROM, 10p. [9] Ourston, D., Matzner, S., Stump, W., and Hopkns, B. Coordnated Internet Attacks: Respondng to Attack 10
Allocating Time and Resources in Project Management Under Uncertainty
Proceedngs of the 36th Hawa Internatonal Conference on System Scences  23 Allocatng Tme and Resources n Project Management Under Uncertanty Mark A. Turnqust School of Cvl and Envronmental Eng. Cornell
More informationAn Alternative Way to Measure Private Equity Performance
An Alternatve Way to Measure Prvate Equty Performance Peter Todd Parlux Investment Technology LLC Summary Internal Rate of Return (IRR) s probably the most common way to measure the performance of prvate
More informationbenefit is 2, paid if the policyholder dies within the year, and probability of death within the year is ).
REVIEW OF RISK MANAGEMENT CONCEPTS LOSS DISTRIBUTIONS AND INSURANCE Loss and nsurance: When someone s subject to the rsk of ncurrng a fnancal loss, the loss s generally modeled usng a random varable or
More informationRobust Design of Public Storage Warehouses. Yeming (Yale) Gong EMLYON Business School
Robust Desgn of Publc Storage Warehouses Yemng (Yale) Gong EMLYON Busness School Rene de Koster Rotterdam school of management, Erasmus Unversty Abstract We apply robust optmzaton and revenue management
More informationModule 2 LOSSLESS IMAGE COMPRESSION SYSTEMS. Version 2 ECE IIT, Kharagpur
Module LOSSLESS IMAGE COMPRESSION SYSTEMS Lesson 3 Lossless Compresson: Huffman Codng Instructonal Objectves At the end of ths lesson, the students should be able to:. Defne and measure source entropy..
More informationThe Development of Web Log Mining Based on ImproveKMeans Clustering Analysis
The Development of Web Log Mnng Based on ImproveKMeans Clusterng Analyss TngZhong Wang * College of Informaton Technology, Luoyang Normal Unversty, Luoyang, 471022, Chna wangtngzhong2@sna.cn Abstract.
More informationProject Networks With MixedTime Constraints
Project Networs Wth MxedTme Constrants L Caccetta and B Wattananon Western Australan Centre of Excellence n Industral Optmsaton (WACEIO) Curtn Unversty of Technology GPO Box U1987 Perth Western Australa
More informationANALYZING THE RELATIONSHIPS BETWEEN QUALITY, TIME, AND COST IN PROJECT MANAGEMENT DECISION MAKING
ANALYZING THE RELATIONSHIPS BETWEEN QUALITY, TIME, AND COST IN PROJECT MANAGEMENT DECISION MAKING Matthew J. Lberatore, Department of Management and Operatons, Vllanova Unversty, Vllanova, PA 19085, 6105194390,
More informationRecurrence. 1 Definitions and main statements
Recurrence 1 Defntons and man statements Let X n, n = 0, 1, 2,... be a MC wth the state space S = (1, 2,...), transton probabltes p j = P {X n+1 = j X n = }, and the transton matrx P = (p j ),j S def.
More informationA hybrid global optimization algorithm based on parallel chaos optimization and outlook algorithm
Avalable onlne www.ocpr.com Journal of Chemcal and Pharmaceutcal Research, 2014, 6(7):18841889 Research Artcle ISSN : 09757384 CODEN(USA) : JCPRC5 A hybrd global optmzaton algorthm based on parallel
More informationThe OC Curve of Attribute Acceptance Plans
The OC Curve of Attrbute Acceptance Plans The Operatng Characterstc (OC) curve descrbes the probablty of acceptng a lot as a functon of the lot s qualty. Fgure 1 shows a typcal OC Curve. 10 8 6 4 1 3 4
More informationWhat is Candidate Sampling
What s Canddate Samplng Say we have a multclass or mult label problem where each tranng example ( x, T ) conssts of a context x a small (mult)set of target classes T out of a large unverse L of possble
More informationA DYNAMIC CRASHING METHOD FOR PROJECT MANAGEMENT USING SIMULATIONBASED OPTIMIZATION. Michael E. Kuhl Radhamés A. TolentinoPeña
Proceedngs of the 2008 Wnter Smulaton Conference S. J. Mason, R. R. Hll, L. Mönch, O. Rose, T. Jefferson, J. W. Fowler eds. A DYNAMIC CRASHING METHOD FOR PROJECT MANAGEMENT USING SIMULATIONBASED OPTIMIZATION
More informationOn the Optimal Control of a Cascade of HydroElectric Power Stations
On the Optmal Control of a Cascade of HydroElectrc Power Statons M.C.M. Guedes a, A.F. Rbero a, G.V. Smrnov b and S. Vlela c a Department of Mathematcs, School of Scences, Unversty of Porto, Portugal;
More informationUsing Series to Analyze Financial Situations: Present Value
2.8 Usng Seres to Analyze Fnancal Stuatons: Present Value In the prevous secton, you learned how to calculate the amount, or future value, of an ordnary smple annuty. The amount s the sum of the accumulated
More informationDEFINING %COMPLETE IN MICROSOFT PROJECT
CelersSystems DEFINING %COMPLETE IN MICROSOFT PROJECT PREPARED BY James E Aksel, PMP, PMISP, MVP For Addtonal Informaton about Earned Value Management Systems and reportng, please contact: CelersSystems,
More informationForecasting the Demand of Emergency Supplies: Based on the CBR Theory and BP Neural Network
700 Proceedngs of the 8th Internatonal Conference on Innovaton & Management Forecastng the Demand of Emergency Supples: Based on the CBR Theory and BP Neural Network Fu Deqang, Lu Yun, L Changbng School
More informationHow Sets of Coherent Probabilities May Serve as Models for Degrees of Incoherence
1 st Internatonal Symposum on Imprecse Probabltes and Ther Applcatons, Ghent, Belgum, 29 June 2 July 1999 How Sets of Coherent Probabltes May Serve as Models for Degrees of Incoherence Mar J. Schervsh
More informationThe Analysis of Outliers in Statistical Data
THALES Project No. xxxx The Analyss of Outlers n Statstcal Data Research Team Chrysses Caron, Assocate Professor (P.I.) Vaslk Karot, Doctoral canddate Polychrons Economou, Chrstna Perrakou, Postgraduate
More informationAn Evaluation of the Extended Logistic, Simple Logistic, and Gompertz Models for Forecasting Short Lifecycle Products and Services
An Evaluaton of the Extended Logstc, Smple Logstc, and Gompertz Models for Forecastng Short Lfecycle Products and Servces Charles V. Trappey a,1, Hsnyng Wu b a Professor (Management Scence), Natonal Chao
More informationA powerful tool designed to enhance innovation and business performance
A powerful tool desgned to enhance nnovaton and busness performance The LEGO Foundaton has taken over the responsblty for the LEGO SERIOUS PLAY method. Ths change wll help create the platform for the contnued
More information1 Approximation Algorithms
CME 305: Dscrete Mathematcs and Algorthms 1 Approxmaton Algorthms In lght of the apparent ntractablty of the problems we beleve not to le n P, t makes sense to pursue deas other than complete solutons
More informationNumber of Levels Cumulative Annual operating Income per year construction costs costs ($) ($) ($) 1 600,000 35,000 100,000 2 2,200,000 60,000 350,000
Problem Set 5 Solutons 1 MIT s consderng buldng a new car park near Kendall Square. o unversty funds are avalable (overhead rates are under pressure and the new faclty would have to pay for tself from
More informationA Secure PasswordAuthenticated Key Agreement Using Smart Cards
A Secure PasswordAuthentcated Key Agreement Usng Smart Cards Ka Chan 1, WenChung Kuo 2 and JnChou Cheng 3 1 Department of Computer and Informaton Scence, R.O.C. Mltary Academy, Kaohsung 83059, Tawan,
More informationEfficient Project Portfolio as a tool for Enterprise Risk Management
Effcent Proect Portfolo as a tool for Enterprse Rsk Management Valentn O. Nkonov Ural State Techncal Unversty Growth Traectory Consultng Company January 5, 27 Effcent Proect Portfolo as a tool for Enterprse
More informationFault tolerance in cloud technologies presented as a service
Internatonal Scentfc Conference Computer Scence 2015 Pavel Dzhunev, PhD student Fault tolerance n cloud technologes presented as a servce INTRODUCTION Improvements n technques for vrtualzaton and performance
More informationSupport Vector Machines
Support Vector Machnes Max Wellng Department of Computer Scence Unversty of Toronto 10 Kng s College Road Toronto, M5S 3G5 Canada wellng@cs.toronto.edu Abstract Ths s a note to explan support vector machnes.
More informationAnswer: A). There is a flatter IS curve in the high MPC economy. Original LM LM after increase in M. IS curve for low MPC economy
4.02 Quz Solutons Fall 2004 MultpleChoce Questons (30/00 ponts) Please, crcle the correct answer for each of the followng 0 multplechoce questons. For each queston, only one of the answers s correct.
More informationSurvey on Virtual Machine Placement Techniques in Cloud Computing Environment
Survey on Vrtual Machne Placement Technques n Cloud Computng Envronment Rajeev Kumar Gupta and R. K. Paterya Department of Computer Scence & Engneerng, MANIT, Bhopal, Inda ABSTRACT In tradtonal data center
More informationFinancial Mathemetics
Fnancal Mathemetcs 15 Mathematcs Grade 12 Teacher Gude Fnancal Maths Seres Overvew In ths seres we am to show how Mathematcs can be used to support personal fnancal decsons. In ths seres we jon Tebogo,
More informationFeature selection for intrusion detection. Slobodan Petrović NISlab, Gjøvik University College
Feature selecton for ntruson detecton Slobodan Petrovć NISlab, Gjøvk Unversty College Contents The feature selecton problem Intruson detecton Traffc features relevant for IDS The CFS measure The mrmr measure
More informationStaff Paper. Farm Savings Accounts: Examining Income Variability, Eligibility, and Benefits. Brent Gloy, Eddy LaDue, and Charles Cuykendall
SP 200502 August 2005 Staff Paper Department of Appled Economcs and Management Cornell Unversty, Ithaca, New York 148537801 USA Farm Savngs Accounts: Examnng Income Varablty, Elgblty, and Benefts Brent
More information7.5. Present Value of an Annuity. Investigate
7.5 Present Value of an Annuty Owen and Anna are approachng retrement and are puttng ther fnances n order. They have worked hard and nvested ther earnngs so that they now have a large amount of money on
More informationMultiplePeriod Attribution: Residuals and Compounding
MultplePerod Attrbuton: Resduals and Compoundng Our revewer gave these authors full marks for dealng wth an ssue that performance measurers and vendors often regard as propretary nformaton. In 1994, Dens
More informationDynamic Fleet Management for Cybercars
Proceedngs of the IEEE ITSC 2006 2006 IEEE Intellgent Transportaton Systems Conference Toronto, Canada, September 1720, 2006 TC7.5 Dynamc Fleet Management for Cybercars Fenghu. Wang, Mng. Yang, Ruqng.
More informationCan Auto Liability Insurance Purchases Signal Risk Attitude?
Internatonal Journal of Busness and Economcs, 2011, Vol. 10, No. 2, 159164 Can Auto Lablty Insurance Purchases Sgnal Rsk Atttude? ChuShu L Department of Internatonal Busness, Asa Unversty, Tawan ShengChang
More information+ + +   This circuit than can be reduced to a planar circuit
MeshCurrent Method The meshcurrent s analog of the nodeoltage method. We sole for a new set of arables, mesh currents, that automatcally satsfy KCLs. As such, meshcurrent method reduces crcut soluton to
More informationTraffic State Estimation in the Traffic Management Center of Berlin
Traffc State Estmaton n the Traffc Management Center of Berln Authors: Peter Vortsch, PTV AG, Stumpfstrasse, D763 Karlsruhe, Germany phone ++49/72/965/35, emal peter.vortsch@ptv.de Peter Möhl, PTV AG,
More informationIntrayear Cash Flow Patterns: A Simple Solution for an Unnecessary Appraisal Error
Intrayear Cash Flow Patterns: A Smple Soluton for an Unnecessary Apprasal Error By C. Donald Wggns (Professor of Accountng and Fnance, the Unversty of North Florda), B. Perry Woodsde (Assocate Professor
More informationRiskbased Fatigue Estimate of Deep Water Risers  Course Project for EM388F: Fracture Mechanics, Spring 2008
Rskbased Fatgue Estmate of Deep Water Rsers  Course Project for EM388F: Fracture Mechancs, Sprng 2008 Chen Sh Department of Cvl, Archtectural, and Envronmental Engneerng The Unversty of Texas at Austn
More informationSmall pots lump sum payment instruction
For customers Small pots lump sum payment nstructon Please read these notes before completng ths nstructon About ths nstructon Use ths nstructon f you re an ndvdual wth Aegon Retrement Choces Self Invested
More informationInstitute of Informatics, Faculty of Business and Management, Brno University of Technology,Czech Republic
Lagrange Multplers as Quanttatve Indcators n Economcs Ivan Mezník Insttute of Informatcs, Faculty of Busness and Management, Brno Unversty of TechnologCzech Republc Abstract The quanttatve role of Lagrange
More informationLIFETIME INCOME OPTIONS
LIFETIME INCOME OPTIONS May 2011 by: Marca S. Wagner, Esq. The Wagner Law Group A Professonal Corporaton 99 Summer Street, 13 th Floor Boston, MA 02110 Tel: (617) 3575200 Fax: (617) 3575250 www.ersalawyers.com
More informationAn InterestOriented Network Evolution Mechanism for Online Communities
An InterestOrented Network Evoluton Mechansm for Onlne Communtes Cahong Sun and Xaopng Yang School of Informaton, Renmn Unversty of Chna, Bejng 100872, P.R. Chna {chsun,yang}@ruc.edu.cn Abstract. Onlne
More informationCALL ADMISSION CONTROL IN WIRELESS MULTIMEDIA NETWORKS
CALL ADMISSION CONTROL IN WIRELESS MULTIMEDIA NETWORKS Novella Bartoln 1, Imrch Chlamtac 2 1 Dpartmento d Informatca, Unverstà d Roma La Sapenza, Roma, Italy novella@ds.unroma1.t 2 Center for Advanced
More informationJ. Parallel Distrib. Comput.
J. Parallel Dstrb. Comput. 71 (2011) 62 76 Contents lsts avalable at ScenceDrect J. Parallel Dstrb. Comput. journal homepage: www.elsever.com/locate/jpdc Optmzng server placement n dstrbuted systems n
More informationDistributed MultiTarget Tracking In A SelfConfiguring Camera Network
Dstrbuted MultTarget Trackng In A SelfConfgurng Camera Network Crstan Soto, B Song, Amt K. RoyChowdhury Department of Electrcal Engneerng Unversty of Calforna, Rversde {cwlder,bsong,amtrc}@ee.ucr.edu
More informationFormulating & Solving Integer Problems Chapter 11 289
Formulatng & Solvng Integer Problems Chapter 11 289 The Optonal Stop TSP If we drop the requrement that every stop must be vsted, we then get the optonal stop TSP. Ths mght correspond to a ob sequencng
More informationNONLINEAR OPTIMIZATION FOR PROJECT SCHEDULING AND RESOURCE ALLOCATION UNDER UNCERTAINTY
NONLINEAR OPTIMIZATION FOR PROJECT SCHEDULING AND RESOURCE ALLOCATION UNDER UNCERTAINTY A Dssertaton Presented to the Faculty of the Graduate School of Cornell Unversty In Partal Fulfllment of the Requrements
More informationCredit Limit Optimization (CLO) for Credit Cards
Credt Lmt Optmzaton (CLO) for Credt Cards Vay S. Desa CSCC IX, Ednburgh September 8, 2005 Copyrght 2003, SAS Insttute Inc. All rghts reserved. SAS Propretary Agenda Background Tradtonal approaches to credt
More informationPowerofTwo Policies for Single Warehouse MultiRetailer Inventory Systems with Order Frequency Discounts
Powerofwo Polces for Sngle Warehouse MultRetaler Inventory Systems wth Order Frequency Dscounts José A. Ventura Pennsylvana State Unversty (USA) Yale. Herer echnon Israel Insttute of echnology (Israel)
More informationStochastic Protocol Modeling for Anomaly Based Network Intrusion Detection
Stochastc Protocol Modelng for Anomaly Based Network Intruson Detecton Juan M. EstevezTapador, Pedro GarcaTeodoro, and Jesus E. DazVerdejo Department of Electroncs and Computer Technology Unversty of
More informationEffective Network Defense Strategies against Malicious Attacks with Various Defense Mechanisms under Quality of Service Constraints
Effectve Network Defense Strateges aganst Malcous Attacks wth Varous Defense Mechansms under Qualty of Servce Constrants Frank YeongSung Ln Department of Informaton Natonal Tawan Unversty Tape, Tawan,
More informationUnderstanding the physical and economic consequences of attacks on control systems
I N T E R N A T I O N A L J O U R N A L O F C R I T I C A L I N F R A S T R U C T U R E P R O T E C T I O N 2 ( 2 0 0 9 ) 7 3 8 3 avalable at www.scencedrect.com journal homepage: www.elsever.com/locate/jcp
More informationRisk Model of LongTerm Production Scheduling in Open Pit Gold Mining
Rsk Model of LongTerm Producton Schedulng n Open Pt Gold Mnng R Halatchev 1 and P Lever 2 ABSTRACT Open pt gold mnng s an mportant sector of the Australan mnng ndustry. It uses large amounts of nvestments,
More informationA Novel Methodology of Working Capital Management for Large. Public Constructions by Using Fuzzy Scurve Regression
Novel Methodology of Workng Captal Management for Large Publc Constructons by Usng Fuzzy Scurve Regresson ChengWu Chen, Morrs H. L. Wang and TngYa Hseh Department of Cvl Engneerng, Natonal Central Unversty,
More informationIMPACT ANALYSIS OF A CELLULAR PHONE
4 th ASA & μeta Internatonal Conference IMPACT AALYSIS OF A CELLULAR PHOE We Lu, 2 Hongy L Bejng FEAonlne Engneerng Co.,Ltd. Bejng, Chna ABSTRACT Drop test smulaton plays an mportant role n nvestgatng
More informationTesting and Debugging Resource Allocation for Fault Detection and Removal Process
Internatonal Journal of New Computer Archtectures and ther Applcatons (IJNCAA) 4(4): 9300 The Socety of Dgtal Informaton and Wreless Communcatons, 04 (ISSN: 09085) Testng and Debuggng Resource Allocaton
More informationThe Greedy Method. Introduction. 0/1 Knapsack Problem
The Greedy Method Introducton We have completed data structures. We now are gong to look at algorthm desgn methods. Often we are lookng at optmzaton problems whose performance s exponental. For an optmzaton
More informationHollinger Canadian Publishing Holdings Co. ( HCPH ) proceeding under the Companies Creditors Arrangement Act ( CCAA )
February 17, 2011 Andrew J. Hatnay ahatnay@kmlaw.ca Dear Sr/Madam: Re: Re: Hollnger Canadan Publshng Holdngs Co. ( HCPH ) proceedng under the Companes Credtors Arrangement Act ( CCAA ) Update on CCAA Proceedngs
More informationForecasting the Direction and Strength of Stock Market Movement
Forecastng the Drecton and Strength of Stock Market Movement Jngwe Chen Mng Chen Nan Ye cjngwe@stanford.edu mchen5@stanford.edu nanye@stanford.edu Abstract  Stock market s one of the most complcated systems
More informationAn Empirical Study of Search Engine Advertising Effectiveness
An Emprcal Study of Search Engne Advertsng Effectveness Sanjog Msra, Smon School of Busness Unversty of Rochester Edeal Pnker, Smon School of Busness Unversty of Rochester Alan RmmKaufman, RmmKaufman
More informationAN APPOINTMENT ORDER OUTPATIENT SCHEDULING SYSTEM THAT IMPROVES OUTPATIENT EXPERIENCE
AN APPOINTMENT ORDER OUTPATIENT SCHEDULING SYSTEM THAT IMPROVES OUTPATIENT EXPERIENCE YuL Huang Industral Engneerng Department New Mexco State Unversty Las Cruces, New Mexco 88003, U.S.A. Abstract Patent
More informationVision Mouse. Saurabh Sarkar a* University of Cincinnati, Cincinnati, USA ABSTRACT 1. INTRODUCTION
Vson Mouse Saurabh Sarkar a* a Unversty of Cncnnat, Cncnnat, USA ABSTRACT The report dscusses a vson based approach towards trackng of eyes and fngers. The report descrbes the process of locatng the possble
More informationNetwork Security Situation Evaluation Method for Distributed Denial of Service
Network Securty Stuaton Evaluaton Method for Dstrbuted Denal of Servce Jn Q,2, Cu YMn,2, Huang MnHuan,2, Kuang XaoHu,2, TangHong,2 ) Scence and Technology on Informaton System Securty Laboratory, Bejng,
More informationL10: Linear discriminants analysis
L0: Lnear dscrmnants analyss Lnear dscrmnant analyss, two classes Lnear dscrmnant analyss, C classes LDA vs. PCA Lmtatons of LDA Varants of LDA Other dmensonalty reducton methods CSCE 666 Pattern Analyss
More informationChapter 4 ECONOMIC DISPATCH AND UNIT COMMITMENT
Chapter 4 ECOOMIC DISATCH AD UIT COMMITMET ITRODUCTIO A power system has several power plants. Each power plant has several generatng unts. At any pont of tme, the total load n the system s met by the
More informationFace Verification Problem. Face Recognition Problem. Application: Access Control. Biometric Authentication. Face Verification (1:1 matching)
Face Recognton Problem Face Verfcaton Problem Face Verfcaton (1:1 matchng) Querymage face query Face Recognton (1:N matchng) database Applcaton: Access Control www.vsage.com www.vsoncs.com Bometrc Authentcaton
More informationCalculating the high frequency transmission line parameters of power cables
< ' Calculatng the hgh frequency transmsson lne parameters of power cables Authors: Dr. John Dcknson, Laboratory Servces Manager, N 0 RW E B Communcatons Mr. Peter J. Ncholson, Project Assgnment Manager,
More informationThe Current Employment Statistics (CES) survey,
Busness Brths and Deaths Impact of busness brths and deaths n the payroll survey The CES probabltybased sample redesgn accounts for most busness brth employment through the mputaton of busness deaths,
More informationExtending Probabilistic Dynamic Epistemic Logic
Extendng Probablstc Dynamc Epstemc Logc Joshua Sack May 29, 2008 Probablty Space Defnton A probablty space s a tuple (S, A, µ), where 1 S s a set called the sample space. 2 A P(S) s a σalgebra: a set
More informationStudy on Model of Risks Assessment of Standard Operation in Rural Power Network
Study on Model of Rsks Assessment of Standard Operaton n Rural Power Network Qngj L 1, Tao Yang 2 1 Qngj L, College of Informaton and Electrcal Engneerng, Shenyang Agrculture Unversty, Shenyang 110866,
More informationAbteilung für Stadt und Regionalentwicklung Department of Urban and Regional Development
Abtelung für Stadt und Regonalentwcklung Department of Urban and Regonal Development Gunther Maer, Alexander Kaufmann The Development of Computer Networks Frst Results from a Mcroeconomc Model SREDscusson
More informationCalculation of Sampling Weights
Perre Foy Statstcs Canada 4 Calculaton of Samplng Weghts 4.1 OVERVIEW The basc sample desgn used n TIMSS Populatons 1 and 2 was a twostage stratfed cluster desgn. 1 The frst stage conssted of a sample
More informationTo manage leave, meeting institutional requirements and treating individual staff members fairly and consistently.
Corporate Polces & Procedures Human Resources  Document CPP216 Leave Management Frst Produced: Current Verson: Past Revsons: Revew Cycle: Apples From: 09/09/09 26/10/12 09/09/09 3 years Immedately Authorsaton:
More informationPAS: A Packet Accounting System to Limit the Effects of DoS & DDoS. Debish Fesehaye & Klara Naherstedt University of IllinoisUrbana Champaign
PAS: A Packet Accountng System to Lmt the Effects of DoS & DDoS Debsh Fesehaye & Klara Naherstedt Unversty of IllnosUrbana Champagn DoS and DDoS DDoS attacks are ncreasng threats to our dgtal world. Exstng
More informationA ReplicationBased and Fault Tolerant Allocation Algorithm for Cloud Computing
A ReplcatonBased and Fault Tolerant Allocaton Algorthm for Cloud Computng Tork Altameem Dept of Computer Scence, RCC, Kng Saud Unversty, PO Box: 28095 11437 RyadhSaud Araba Abstract The very large nfrastructure
More information1. Fundamentals of probability theory 2. Emergence of communication traffic 3. Stochastic & Markovian Processes (SP & MP)
6.3 /  Communcaton Networks II (Görg) SS20  www.comnets.unbremen.de Communcaton Networks II Contents. Fundamentals of probablty theory 2. Emergence of communcaton traffc 3. Stochastc & Markovan Processes
More informationActivity Scheduling for CostTime Investment Optimization in Project Management
PROJECT MANAGEMENT 4 th Internatonal Conference on Industral Engneerng and Industral Management XIV Congreso de Ingenería de Organzacón Donosta San Sebastán, September 8 th 10 th 010 Actvty Schedulng
More informationAPPLICATION OF COMPUTER PROGRAMMING IN OPTIMIZATION OF TECHNOLOGICAL OBJECTIVES OF COLD ROLLING
Journal Journal of Chemcal of Chemcal Technology and and Metallurgy, 50, 6, 50, 2015, 6, 2015 638643 APPLICATION OF COMPUTER PROGRAMMING IN OPTIMIZATION OF TECHNOLOGICAL OBJECTIVES OF COLD ROLLING Abdrakhman
More informationImplementation of Deutsch's Algorithm Using Mathcad
Implementaton of Deutsch's Algorthm Usng Mathcad Frank Roux The followng s a Mathcad mplementaton of Davd Deutsch's quantum computer prototype as presented on pages  n "Machnes, Logc and Quantum Physcs"
More informationDamage detection in composite laminates using cointap method
Damage detecton n composte lamnates usng contap method S.J. Km Korea Aerospace Research Insttute, 45 EoeunDong, YouseongGu, 35333 Daejeon, Republc of Korea yaeln@kar.re.kr 45 The contap test has the
More informationDurham Research Online
Durham Research Onlne Deposted n DRO: 9 March 21 Verson of attached le: Accepted Verson Peerrevew status of attached le: Peerrevewed Ctaton for publshed tem: Matthews, P. C. and Coates, G. (27) 'Stochastc
More informationAbstract. 1. Introduction
System and Methodology for Usng Moble Phones n Lve Remote Montorng of Physcal Actvtes Hamed Ketabdar and Matt Lyra Qualty and Usablty Lab, Deutsche Telekom Laboratores, TU Berln hamed.ketabdar@telekom.de,
More informationAllocating Collaborative Profit in LessthanTruckload Carrier Alliance
J. Servce Scence & Management, 2010, 3: 143149 do:10.4236/jssm.2010.31018 Publshed Onlne March 2010 (http://www.scrp.org/journal/jssm) 143 Allocatng Collaboratve Proft n LessthanTruckload Carrer Allance
More informationiavenue iavenue i i i iavenue iavenue iavenue
Saratoga Systems' enterprsewde Avenue CRM system s a comprehensve webenabled software soluton. Ths next generaton system enables you to effectvely manage and enhance your customer relatonshps n both
More informationPlanning for Marketing Campaigns
Plannng for Marketng Campagns Qang Yang and Hong Cheng Department of Computer Scence Hong Kong Unversty of Scence and Technology Clearwater Bay, Kowloon, Hong Kong, Chna (qyang, csch)@cs.ust.hk Abstract
More informationDynamic Pricing for Smart Grid with Reinforcement Learning
Dynamc Prcng for Smart Grd wth Renforcement Learnng ByungGook Km, Yu Zhang, Mhaela van der Schaar, and JangWon Lee Samsung Electroncs, Suwon, Korea Department of Electrcal Engneerng, UCLA, Los Angeles,
More informationCloud AutoScaling with Deadline and Budget Constraints
Prelmnary verson. Fnal verson appears In Proceedngs of 11th ACM/IEEE Internatonal Conference on Grd Computng (Grd 21). Oct 2528, 21. Brussels, Belgum. Cloud AutoScalng wth Deadlne and Budget Constrants
More informationOptimal Bidding Strategies for Generation Companies in a DayAhead Electricity Market with Risk Management Taken into Account
Amercan J. of Engneerng and Appled Scences (): 86, 009 ISSN 94700 009 Scence Publcatons Optmal Bddng Strateges for Generaton Companes n a DayAhead Electrcty Market wth Rsk Management Taken nto Account
More informationVoIP Playout Buffer Adjustment using Adaptive Estimation of Network Delays
VoIP Playout Buffer Adjustment usng Adaptve Estmaton of Network Delays Mroslaw Narbutt and Lam Murphy* Department of Computer Scence Unversty College Dubln, Belfeld, Dubln, IRELAND Abstract The poor qualty
More informationMAPP. MERIS level 3 cloud and water vapour products. Issue: 1. Revision: 0. Date: 9.12.1998. Function Name Organisation Signature Date
Ttel: Project: Doc. No.: MERIS level 3 cloud and water vapour products MAPP MAPPATBDClWVL3 Issue: 1 Revson: 0 Date: 9.12.1998 Functon Name Organsaton Sgnature Date Author: Bennartz FUB Preusker FUB Schüller
More information8.5 UNITARY AND HERMITIAN MATRICES. The conjugate transpose of a complex matrix A, denoted by A*, is given by
6 CHAPTER 8 COMPLEX VECTOR SPACES 5. Fnd the kernel of the lnear transformaton gven n Exercse 5. In Exercses 55 and 56, fnd the mage of v, for the ndcated composton, where and are gven by the followng
More informationOverview of monitoring and evaluation
540 Toolkt to Combat Traffckng n Persons Tool 10.1 Overvew of montorng and evaluaton Overvew Ths tool brefly descrbes both montorng and evaluaton, and the dstncton between the two. What s montorng? Montorng
More informationTime Value of Money Module
Tme Value of Money Module O BJECTIVES After readng ths Module, you wll be able to: Understand smple nterest and compound nterest. 2 Compute and use the future value of a sngle sum. 3 Compute and use the
More informationA Hierarchical Anomaly Network Intrusion Detection System using Neural Network Classification
IDC IDC A Herarchcal Anomaly Network Intruson Detecton System usng Neural Network Classfcaton ZHENG ZHANG, JUN LI, C. N. MANIKOPOULOS, JAY JORGENSON and JOSE UCLES ECE Department, New Jersey Inst. of Tech.,
More informationA Lyapunov Optimization Approach to Repeated Stochastic Games
PROC. ALLERTON CONFERENCE ON COMMUNICATION, CONTROL, AND COMPUTING, OCT. 2013 1 A Lyapunov Optmzaton Approach to Repeated Stochastc Games Mchael J. Neely Unversty of Southern Calforna http://wwwbcf.usc.edu/
More informationLecture 2: Single Layer Perceptrons Kevin Swingler
Lecture 2: Sngle Layer Perceptrons Kevn Sngler kms@cs.str.ac.uk Recap: McCullochPtts Neuron Ths vastly smplfed model of real neurons s also knon as a Threshold Logc Unt: W 2 A Y 3 n W n. A set of synapses
More information行 政 院 國 家 科 學 委 員 會 補 助 專 題 研 究 計 畫 成 果 報 告 期 中 進 度 報 告
行 政 院 國 家 科 學 委 員 會 補 助 專 題 研 究 計 畫 成 果 報 告 期 中 進 度 報 告 畫 類 別 : 個 別 型 計 畫 半 導 體 產 業 大 型 廠 房 之 設 施 規 劃 計 畫 編 號 :NSC 962628E009026MY3 執 行 期 間 : 2007 年 8 月 1 日 至 2010 年 7 月 31 日 計 畫 主 持 人 : 巫 木 誠 共 同
More informationRELIABILITY, RISK AND AVAILABILITY ANLYSIS OF A CONTAINER GANTRY CRANE ABSTRACT
Kolowrock Krzysztof Joanna oszynska MODELLING ENVIRONMENT AND INFRATRUCTURE INFLUENCE ON RELIABILITY AND OPERATION RT&A # () (Vol.) March RELIABILITY RIK AND AVAILABILITY ANLYI OF A CONTAINER GANTRY CRANE
More information