diff --git a/Diss_Version/Bibliography.bib b/Diss_Version/Bibliography.bib new file mode 100644 index 0000000..800a6df --- /dev/null +++ b/Diss_Version/Bibliography.bib @@ -0,0 +1,1788 @@ +@article{AG-Analysis-Data-Knowledge, + title={Survey of Attack Graph Analysis Methods From the Perspective of Data and Knowledge Processing}, + author={Jianping Zeng and Shuang Wu and Yanyu Chen and Rui Zeng and Chengrong Wu}, + journal={Security Communications Networks}, + year={2019}, + volume={2019}, + pages={2031063:1-2031063:16} +} + +@article{AG-Analysis-Explan, + title = {Attack Graph Analysis: An Explanatory Guide}, + journal = "Computers \& Security", + volume = {126}, + pages = {103081}, + year = {2023}, + issn = {0167-4048}, + doi = {https://doi.org/10.1016/j.cose.2022.103081}, + url = {https://www.sciencedirect.com/science/article/pii/S0167404822004734}, + author = {Kengo Zenitani} +} + +@incollection{jajodia_topological_2005, + address = {Boston, MA}, + title = {Topological {Analysis} of {Network} {Attack} {Vulnerability}}, + isbn = {978-0-387-24230-9}, + url = {https://doi.org/10.1007/0-387-24230-9{\_}9}, + booktitle = {Managing {Cyber} {Threats}: {Issues}, {Approaches}, and {Challenges}}, + publisher = {Springer US}, + author = {Jajodia, Sushil and Noel, Steven and O'Berry, Brian}, + editor = {Kumar, Vipin and Srivastava, Jaideep and Lazarevic, Aleksandar}, + year = {2005}, + doi = {10.1007/0-387-24230-9{\_}9}, + pages = {247--266} +} + +@inproceedings{cao_assessing_2018, + address = {Cham}, + title = {Assessing {Attack} {Impact} on {Business} {Processes} by {Interconnecting} {Attack} {Graphs} and {Entity} {Dependency} {Graphs}}, + isbn = {978-3-319-95729-6}, + booktitle = {Data and {Applications} {Security} and {Privacy} {XXXII}}, + publisher = {Springer International Publishing}, + author = {Cao, Chen and Yuan, Lun-Pin and Singhal, Anoop and Liu, Peng and Sun, Xiaoyan and Zhu, Sencun}, + editor = {Kerschbaum, Florian and Paraboschi, Stefano}, + year = {2018}, + pages = {330--348}, +} + +@ARTICLE{8470942, + author={Husák, Martin and Komárková, Jana and Bou-Harb, Elias and Čeleda, Pavel}, + journal={IEEE Communications Surveys \& Tutorials}, + title={{Survey of Attack Projection, Prediction, and Forecasting in Cyber Security}}, + year={2019}, + volume={21}, + number={1}, + pages={640-660}, + doi={10.1109/COMST.2018.2871866} +} + +@misc{noauthor_health_1996, + title = {Health {Insurance} {Portability} and {Accountability} {Act} of 1996}, + note = {Pub. L. No. 104-191. 1996 [Online]. Available: https://www.govinfo.gov/content/pkg/PLAW-104publ191/html/PLAW-104publ191.htm}, +} + +@misc{PCI, + title = {Payment {Card} {Industry} {(PCI)} {Data} {Security} {Standard}}, + note = {{Available: https://www.pcisecuritystandards.org/documents/PCI{\_}DSS{\_}v3-2-1.pdf}}, + month = {May}, + year = {2018}, + author = {{PCI Security Standards Council}} +} + +@misc{fincen, + title={{Financial Crimes Enforcement Network, Title 31 U.S.C. 310}}, + year={2010}, + note={{Available: https://www.govinfo.gov/content/pkg/USCODE-2010-title31/html/USCODE-2010-title31-subtitleI-chap3-subchapI-sec310.htm}}, +} + +@misc{fdaqsr, + title = {Quality System Regulations}, + year = {1996}, + note = {Federal Register: Volume 61, Number 195. 1996 [Online]. Available: https://www.fda.gov/science-research/clinical-trials-and-human-subject-protection/quality-system-regulations}, + author = {{Food and Drug Administration}} +} + +@misc{nerccip, + title = {Critical Infrastructure Protection Reliability Standard CIP}, + year = {2020}, + note = {85 FR 8161. 2020 [Online]. Available: https://www.federalregister.gov/documents/2020/02/13/2020-02173/critical-infrastructure-protection-reliability-standard-cip-012-1-cyber-security-communications}, + author = {{Federal Energy Regulatory Commission}} +} + + +@article{centrality_causal, + title = {Node Centrality Measures Are a Poor Substitute for Causal Inference}, + volume = {9}, + issn = {6846}, + doi = {10.1038/s41598-019-43033-9}, + journal = {Scientific Reports}, + author = {Dablander, Fabian and Hinne, Max}, + year = {2019}, +} + +@inproceedings{Mieghem2018DirectedGA, + title={Directed Graphs and Mysterious Complex Eigenvalues}, + author={Piet Van Mieghem}, + year={2018}, + note={{Delft University of Technology.}} +} + +@article{Guo2017HermitianAM, + title={{Hermitian Adjacency Matrix of Digraphs and Mixed Graphs}}, + author={Krystal Guo and Bojan Mohar}, + journal={Journal of Graph Theory}, + year={2017}, + volume={85} +} + +@article{Brualdi2010SpectraOD, + title={{Spectra of Digraphs}}, + author={Richard A. Brualdi}, + journal={Linear Algebra and Its Applications}, + year={2010}, + volume={432}, + pages={2181-2213} +} + +@article {PMID:30064421, + title = {A Systematic Survey of Centrality Measures for Protein-Protein Interaction Networks}, + Author = {Ashtiani, Minoo and Salehzadeh-Yazdi, Ali and Razaghi-Moghadam, Zahra and Hennig, Holger and Wolkenhauer, Olaf and Mirzaie, Mehdi and Jafari, Mohieddin}, + DOI = {10.1186/s12918-018-0598-2}, + Number = {1}, + Volume = {12}, + Month = {July}, + Year = {2018}, + Journal = {{BMC Systems Biology}}, + ISSN = {1752-0509}, + Pages = {80}, + URL = {https://europepmc.org/articles/PMC6069823}, +} + +@Article{Katz, + author={Leo Katz}, + title={{A New Status Index Derived From Sociometric Analysis}}, + journal={Psychometrika}, + year=1953, + volume={18}, + number={1}, + pages={39-43}, + month={March}, + keywords={}, + doi={10.1007/BF02289026}, + abstract={No abstract is available for this item.}, + url={https://ideas.repec.org/a/spr/psycho/v18y1953i1p39-43.html} +} + +@article{ModKatz, + title={Katz Centrality of Markovian Temporal Networks: Analysis and Optimization}, + author={Masaki Ogura and Victor M. Preciado}, + journal={2017 American Control Conference (ACC)}, + year={2017}, + pages={5001-5006} +} + +@book{newman2010networks, + title={Networks: An Introduction}, + author={Newman, M.E.J.}, + isbn={9780191594175}, + url={https://books.google.com/books?id=sgSlvgEACAAJ}, + year={2010}, + publisher={Oxford University Press} +} + +@article{K_Path_Edge, + doi = {10.1016/j.knosys.2012.01.007}, + url = {https://doi.org/10.1016{\%}2Fj.knosys.2012.01.007}, + year = 2012, + month = {jun}, + publisher = {Elsevier {BV}}, + volume = {30}, + pages = {136--150}, + author = {Pasquale De Meo and Emilio Ferrara and Giacomo Fiumara and Angela Ricciardello}, + title = {A Novel Measure of Edge Centrality in Social Networks}, + journal = {Knowledge-Based Systems} +} + +@article{Adapted_PageRank, + title={An Algorithm for Ranking the Nodes of an Urban Network Based on the Concept of PageRank Vector}, + author={Taras Agryzkov and Jos{\'e} Luis Oliver and Leandro Tortosa and Jos{\'e}-Francisco Vicent}, + journal={Appl. Math. Comput.}, + year={2012}, + volume={219}, + pages={2186-2193} +} + +@article{PageRank, + title = {The Anatomy of a Large-Scale Hypertextual Web Search Engine}, + journal = {Computer Networks and ISDN Systems}, + volume = {30}, + number = {1}, + pages = {107-117}, + year = {1998}, + note = {Proceedings of the Seventh International World Wide Web Conference}, + issn = {0169-7552}, + doi = {https://doi.org/10.1016/S0169-7552(98)00110-X}, + url = {https://www.sciencedirect.com/science/article/pii/S016975529800110X}, + author = {Sergey Brin and Lawrence Page}, + keywords = {World Wide Web, Search engines, Information retrieval, PageRank, Google}, + abstract = {In this paper, we present Google, a prototype of a large-scale search engine which makes heavy use of the structure present in hypertext. Google is designed to crawl and index the Web efficiently and produce much more satisfying search results than existing systems. The prototype with a full text and hyperlink database of at least 24 million pages is available at http://google.stanford.edu/ To engineer a search engine is a challenging task. Search engines index tens to hundreds of millions of Web pages involving a comparable number of distinct terms. They answer tens of millions of queries every day. Despite the importance of large-scale search engines on the Web, very little academic research has been done on them. Furthermore, due to rapid advance in technology and Web proliferation, creating a Web search engine today is very different from three years ago. This paper provides an in-depth description of our large-scale Web search engine — the first such detailed public description we know of to date. Apart from the problems of scaling traditional search techniques to data of this magnitude, there are new technical challenges involved with using the additional information present in hypertext to produce better search results. This paper addresses this question of how to build a practical large-scale system which can exploit the additional information present in hypertext. Also we look at the problem of how to effectively deal with uncontrolled hypertext collections where anyone can publish anything they want.} +} + +@article{PageRank_Survey, + author = { Pavel Berkhin }, + title = {A Survey on PageRank Computing}, + journal = {Internet Mathematics}, + volume = {2}, + number = {1}, + pages = {73-120}, + year = {2005}, + publisher = "Taylor \& Francis", + doi = {10.1080/15427951.2005.10129098}, + URL = {https://doi.org/10.1080/15427951.2005.10129098}, + eprint = {https://doi.org/10.1080/15427951.2005.10129098} +} + +@inproceedings{dominance, + author = {Prosser, Reese T.}, + title = {Applications of Boolean Matrices to the Analysis of Flow Diagrams}, + year = {1959}, + isbn = {9781450378680}, + publisher = {Association for Computing Machinery}, + address = {New York, NY, USA}, + url = {https://doi.org/10.1145/1460299.1460314}, + doi = {10.1145/1460299.1460314}, + abstract = {Any serious attempt at automatic programming of large-scale digital computing machines must provide for some sort of analysis of program structure. Questions concerning order of operations, location and disposition of transfers, identification of subroutines, internal consistency, redundancy and equivalence, all involve a knowledge of the structure of the program under study, and must be handled effectively by any automatic programming system.}, + booktitle = {Papers Presented at the December 1-3, 1959, Eastern Joint IRE-AIEE-ACM Computer Conference}, + pages = {133–138}, + numpages = {6}, + location = {Boston, Massachusetts}, + series = {IRE-AIEE-ACM '59 (Eastern)} +} + +@article{10.1145/3491257, + author = {Li, Ming and Hawrylak, Peter and Hale, John}, + title = {Strategies for Practical Hybrid Attack Graph Generation and Analysis}, + year = {2021}, + publisher = {Association for Computing Machinery}, + address = {New York, NY, USA}, + issn = {2692-1626}, + url = {https://doi.org/10.1145/3491257}, + doi = {10.1145/3491257}, + abstract = {As an analytical tool in cyber-security, an attack graph (AG) is capable of discovering multi-stage attack vectors on target computer networks. Cyber-physical systems (CPSs) comprise a special type of network that not only contains computing devices but also integrates components that operate in the continuous domain, such as sensors and actuators. Using AGs on CPSs requires that the system models and exploit patterns capture both token- and real-valued information. In this paper, we describe a hybrid AG model for security analysis of CPSs and computer networks. Specifically, we focus on two issues related to applying the model in practice: efficient hybrid AG generation and techniques for information extraction from them. To address the first issue, we present an accelerated hybrid AG generator that employs parallel programming and high performance computing (HPC). We conduct performance tests on CPU and GPU platforms to characterize the efficiency of our parallel algorithms. To address the second issue, we introduce an analytical regimen based on centrality analysis and apply it to a hybrid AG generated for a target CPS system to discover effective vulnerability remediation solutions.}, + journal = {Digital Threats}, + month = {Oct}, + keywords = {attack graph, breadth-first search, cyber-physical system, high performance computing} +} + +@article{ZENITANI2023103081, + title = {Attack Graph Analysis: An Explanatory Guide}, + journal = "Computers \& Security", + volume = {126}, + pages = {103081}, + year = {2023}, + issn = {0167-4048}, + doi = {https://doi.org/10.1016/j.cose.2022.103081}, + url = {https://www.sciencedirect.com/science/article/pii/S0167404822004734}, + author = {Kengo Zenitani}, + keywords = {Attack graph, Exploit dependency graph, Cycle handling, Network security metrics, Network hardening, Bayesian attack graph}, + abstract = {Attack graph analysis is a model-based approach for network-security analysis. It analyzes a directed graph called an attack graph. Usually, each node in it corresponds to a malicious event caused by attackers, and the edges correspond to the causal relations between events. We can obtain an attack graph from the network topology, its configuration, and the distribution of vulnerabilities. An attack graph gives us various information relevant to network security. Also, there are several relevant algorithms to find desirable security controls applicable to the network. Over twenty years of research have made much progress in this field. However, it comprises a breadth of definitions and discussions, and it is difficult for people new to this field to comprehend the key ideas. This article aims to briefly introduce this method to prospective researchers by summarizing their progress by selecting and reviewing foundational studies. We elaborate on the essential concepts, such as exploit dependency, AND/OR graph, monotonicity, and cycle handling.} +} + +@article{Zeng2019SurveyOA, + title={Survey of Attack Graph Analysis Methods From the Perspective of Data and Knowledge Processing}, + author={Jianping Zeng and Shuang Wu and Yanyu Chen and Rui Zeng and Chengrong Wu}, + journal={Secur. Commun. Networks}, + year={2019}, + volume={2019}, + pages={2031063:1-2031063:16} +} + +@phdthesis{ming_diss, + author = {Li, Ming and Hawrylak, Peter and Hale, John}, + title = "A System for Attack Graph Generation and Analysis", + school = "The University of Tulsa", + year = "2021", + type = "{PhD} dissertation", + address = "Tulsa, OK", +} + +@article{MO2019121538, + title = {Identifying Node Importance Based on Evidence Theory in Complex Networks}, + journal = {Physica A: Statistical Mechanics and Its Applications}, + volume = {529}, + pages = {121538}, + year = {2019}, + issn = {0378-4371}, + doi = {https://doi.org/10.1016/j.physa.2019.121538}, + url = {https://www.sciencedirect.com/science/article/pii/S0378437119309021}, + author = {Hongming Mo and Yong Deng}, + keywords = {Complex networks, Important nodes, Evidence theory, Multi-evidence centrality, Comprehensive measure}, +} + +@article{LI2018512, + title = {Identification of Influential Spreaders Based on Classified Neighbors in Real-World Complex Networks}, + journal = {Applied Mathematics and Computation}, + volume = {320}, + pages = {512-523}, + year = {2018}, + issn = {0096-3003}, + doi = {https://doi.org/10.1016/j.amc.2017.10.001}, + url = {https://www.sciencedirect.com/science/article/pii/S0096300317306884}, + author = {Chao Li and Li Wang and Shiwen Sun and Chengyi Xia}, + keywords = {Influential spreaders, Identification algorithms, Classified neighbors, Complex networks}, +} + + +@Article{sym11020284, + AUTHOR = {Agryzkov, Taras and Curado, Manuel and Pedroche, Francisco and Tortosa, Leandro and Vicent, José F.}, + title = {Extending the Adapted PageRank Algorithm Centrality to Multiplex Networks With Data Using the PageRank Two-Layer Approach}, + JOURNAL = {Symmetry}, + VOLUME = {11}, + YEAR = {2019}, + NUMBER = {2}, + ARTICLE-NUMBER = {284}, + URL = {https://www.mdpi.com/2073-8994/11/2/284}, + ISSN = {2073-8994}, + ABSTRACT = {Usually, the nodes’ interactions in many complex networks need a more accurate mapping than simple links. For instance, in social networks, it may be possible to consider different relationships between people. This implies the use of different layers where the nodes are preserved and the relationships are diverse, that is, multiplex networks or biplex networks, for two layers. One major issue in complex networks is the centrality, which aims to classify the most relevant elements in a given system. One of these classic measures of centrality is based on the PageRank classification vector used initially in the Google search engine to order web pages. The PageRank model may be understood as a two-layer network where one layer represents the topology of the network and the other layer is related to teleportation between the nodes. This approach may be extended to define a centrality index for multiplex networks based on the PageRank vector concept. On the other hand, the adapted PageRank algorithm (APA) centrality constitutes a model to obtain the importance of the nodes in a spatial network with the presence of data (both real and virtual). Following the idea of the two-layer approach for PageRank centrality, we can consider the APA centrality under the perspective of a two-layer network where, on the one hand, we keep maintaining the layer of the topological connections of the nodes and, on the other hand, we consider a data layer associated with the network. Following a similar reasoning, we are able to extend the APA model to spatial networks with different layers. The aim of this paper is to propose a centrality measure for biplex networks that extends the adapted PageRank algorithm centrality for spatial networks with data to the PageRank two-layer approach. Finally, we show an example where the ability to analyze data referring to a group of people from different aspects and using different sets of independent data are revealed.}, + DOI = {10.3390/sym11020284} +} + +@article{10.1093/bioinformatics/bty965, + author = {Parvandeh, Saeid and McKinney, Brett A}, + title = "{EpistasisRank and EpistasisKatz: interaction network centrality methods that integrate prior knowledge networks}", + journal = {Bioinformatics}, + volume = {35}, + number = {13}, + pages = {2329-2331}, + year = {2018}, + month = {11}, + abstract = "{An important challenge in gene expression analysis is to improve hub gene selection to enrich for biological relevance or improve classification accuracy for a given phenotype. In order to incorporate phenotypic context into co-expression, we recently developed an epistasis-expression network centrality method that blends the importance of gene–gene interactions (epistasis) and main effects of genes. Further blending of prior knowledge from functional interactions has the potential to enrich for relevant genes and stabilize classification.We develop two new expression-epistasis centrality methods that incorporate interaction prior knowledge. The first extends our SNPrank (EpistasisRank) method by incorporating a gene-wise prior knowledge vector. This prior knowledge vector informs the centrality algorithm of the inclination of a gene to be involved in interactions by incorporating functional interaction information from the Integrative Multi-species Prediction database. The second method extends Katz centrality to expression-epistasis networks (EpistasisKatz), extends the Katz bias to be a gene-wise vector of main effects and extends the Katz attenuation constant prefactor to be a prior-knowledge vector for interactions. Using independent microarray studies of major depressive disorder, we find that including prior knowledge in network centrality feature selection stabilizes the training classification and reduces over-fitting.Methods and examples provided at https://github.com/insilico/Rinbix and https://github.com/insilico/PriorKnowledgeEpistasisRank.Supplementary data are available at Bioinformatics online.}", + issn = {1367-4803}, + doi = {10.1093/bioinformatics/bty965}, + url = {https://doi.org/10.1093/bioinformatics/bty965}, + eprint = {https://academic.oup.com/bioinformatics/article-pdf/35/13/2329/36613945/bioinformatics\{\_}35\{\_}13\{\_}2329.pdf}, +} + +@article{li_combining_2019, + title = {Combining {OpenCL} and {MPI} to Support Heterogeneous Computing on a Cluster}, + issn = {9781450372275}, + doi = {10.1145/3332186.3333059}, + abstract = {This paper presents an implementation of a heterogeneous programming model which combines Open Computing Language (OpenCL) and Message Passing Interface (MPI). The model is applied to solving a Markov decision process (MDP) with value iteration method. The performance test is conducted on a high performance computing cluster. At peak performance, the model is able to achieve a 57X speedup over a serial implementation. For an extremely large input MDP, which has 1,000,000 states, the obtained speedup is still over 12X, showing that this heterogeneous programming model can solve MDPs more efficiently than the serial solver does.}, + journal = {ACM International Conference Proceeding Series}, + author = {Li, Ming and Hawrylak, Peter and Hale, John}, + year = {2019}, + keywords = {Heterogeneous computing, HPC, MDP, MPI, OpenCL, Parallelism}, + file = {Combining OpenCL and MPI to Support Heterogeneous Computing on a Cluster:/home/noah/Zotero/storage/TXHCQ5S8/Combining OpenCL and MPI to Support Heterogeneous Computing on a Cluster.pdf:application/pdf}, +} + +@mastersthesis{zeng_cyber_2017, + title = {Cyber {Attack} {Analysis} {Based} on {Markov} {Process} {Model}}, + author = {Zeng, Keming}, + school = "The University of Tulsa", + year = {2017}, + address = "Tulsa, OK", +} + +@misc{alaya2022mathematical, + title={Mathematical Analysis of a Delayed SEIRDS Epidemics Models: Deterministic and Stochastic Approach}, + author={Mohamed Ben Alaya and Walid Ben Aribi and Slimane Ben Miled}, + year={2022}, + note={arXiv:2208.07690}, + archivePrefix={arXiv}, + primaryClass={q-bio.PE} +} + +@article{NetworkX, + title = {Exploring Network Structure, Dynamics, and Function Using NetworkX}, + author = {Hagberg, Aric and Swart, Pieter J. and Schult, Daniel A.}, + doi = {}, + note = {{Available: https://www.osti.gov/biblio/960616}}, + journal = {}, + number = , + volume = , + place = {United States}, + year = {2008}, + month = {Jan} +} + +@Manual{igraph, + title = {{Igraph}: Network Analysis and Visualization in R}, + author = {Gábor Csárdi and Tamás Nepusz and Vincent Traag and + Szabolcs Horvát and Fabio Zanini and Daniel Noom and Kirill + Müller}, + year = {2023}, + note = {R package version 1.5.1}, + doi = {10.5281/zenodo.7682609}, + url = {https://CRAN.R-project.org/package=igraph}, +} + +@Manual{Graphviz, + title = {{Graphviz}: Graph Visualization}, + author = {The Graphviz Authors}, + year = {2023}, + note = {Graphviz release 8.1.0 [Online]. Available:https://www.graphviz.org/}, + doi = {10.1007/3-540-45848-4{\_}57}, + url = {https://www.graphviz.org/} +} + +@Manual{diffeqjl, + title = {{DifferentialEquations.jl: Efficient Differential Equation Solving in Julia}}, + author = {{Julia Programming Language}}, + year = {2023}, + note = {{DiffEq.jl v7.7.1}}, + url = {https://docs.sciml.ai/DiffEqDocs/latest/} +} + +@Manual{pracma, + title = {Pracma: Practical Numerical Math Functions}, + author = {Hans W. Borchers}, + year = {2022}, + note = {R package version 2.4.2}, + url = {https://CRAN.R-project.org/package=pracma}, +} + +@Manual{reticulate, + title = {Reticulate: Interface to 'Python'}, + author = {Kevin Ushey and JJ Allaire and Yuan Tang}, + year = {2023}, + note = {{R package version 1.28. Available: https://CRAN.R-project.org/package=reticulate}} +} + +@thesis{Kalavri2016PerformanceOT, + title={Performance Optimization Techniques and Tools for Distributed Graph Processing}, + author={Vasiliki Kalavri}, + school={{KTH Royal Institute of Technology, Sweden, and Université Catholique de Louvain, Belgium}}, + year={2016}, + type={{PhD}}, + url={https://api.semanticscholar.org/CorpusID:63506793} +} + +@article{10.14778/2947618.2947623, + author = {Kalavri, Vasiliki and Simas, Tiago and Logothetis, Dionysios}, + title = {The Shortest Path Is Not Always a Straight Line: Leveraging Semi-Metricity in Graph Analysis}, + year = {2016}, + issue_date = {May 2016}, + publisher = {VLDB Endowment}, + volume = {9}, + number = {9}, + issn = {2150-8097}, + url = {https://doi.org/10.14778/2947618.2947623}, + doi = {10.14778/2947618.2947623}, + journal = {Proc. VLDB Endow.}, + month = {may}, + pages = {672-683}, + numpages = {12} +} + +@inproceedings{10.1145/3229710.3229730, + author = {Kim, Jong Wook and Choi, Hyoeun and Bae, Seung-Hee}, + title = {Efficient Parallel All-Pairs Shortest Paths Algorithm for Complex Graph Analysis}, + year = {2018}, + isbn = {9781450365239}, + publisher = {Association for Computing Machinery}, + address = {New York, NY, USA}, + url = {https://doi.org/10.1145/3229710.3229730}, + doi = {10.1145/3229710.3229730}, + booktitle = {Workshop Proceedings of the 47th International Conference on Parallel Processing}, + articleno = {5}, + numpages = {10}, + keywords = {All-pairs shortest paths, Parallel Algorithms, Shared-memory parallelism}, + location = {Eugene, OR, USA}, + series = {ICPP Workshops '18} +} + +@article{Jha2002TwoFA, + title={Two Formal Analyses of Attack Graphs}, + author={Somesh Jha and Oleg Sheyner and Jeannette M. Wing}, + journal={Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15}, + year={2002}, + pages={49-63}, + url={https://api.semanticscholar.org/CorpusID:16108364} +} + +@article{Islam2008AHA36, + title={A Heuristic Approach to Minimum-Cost Network Hardening Using Attack Graph}, + author={Tania Islam and Lingyu Wang}, + journal={2008 New Technologies, Mobility and Security}, + year={2008}, + pages={1-5}, + url={https://api.semanticscholar.org/CorpusID:6625112} +} + +@article{10.1016/j.comcom.2006.06.01837, + author = {Wang, Lingyu and Noel, Steven and Jajodia, Sushil}, + title = {Minimum-Cost Network Hardening Using Attack Graphs}, + year = {2006}, + issue_date = {November, 2006}, + publisher = {Elsevier Science Publishers B. V.}, + address = {NLD}, + volume = {29}, + number = {18}, + issn = {0140-3664}, + url = {https://doi.org/10.1016/j.comcom.2006.06.018}, + doi = {10.1016/j.comcom.2006.06.018}, + journal = {Computer Communications}, + month = {nov}, + pages = {3812-3824}, + numpages = {13}, + keywords = {Intrusion detection, Vulnerability analysis, Intrusion prevention} +} + +@inproceedings{10.1109/IAS.2008.38, + author = {Chen, Feng and Wang, Lingyu and Su, Jinshu}, + title = {An Efficient Approach to Minimum-Cost Network Hardening Using Attack Graphs}, + year = {2008}, + isbn = {9780769533247}, + publisher = {IEEE Computer Society}, + address = {USA}, + url = {https://doi.org/10.1109/IAS.2008.38}, + doi = {10.1109/IAS.2008.38}, + abstract = {Attack graphs can reveal the threat of sophisticated multi-step attacks by enumerating possible sequences of exploits leading to the compromise of given critical resources. Finding a solution to remove such threats by hands is tedious and error prone, particularly for larger and poorly secured networks. Existing automated approaches for hardening a network has an exponential complexity and is not scalable to large networks. This paper proposes a novel approach of applying the Reduced Ordered Binary Decision Diagram (ROBDD) method to network hardening. Existing mature optimization techniques in ROBDD makes the proposed approach an efficient solution that can potentially be applied to large networks.}, + booktitle = {Proceedings of the 2008 The Fourth International Conference on Information Assurance and Security}, + pages = {209-212}, + numpages = {4}, + keywords = {Attack Graphs, Minimum-Cost, network securty, vulnerability}, + series = {IAS '08} +} + +@article{JUNCHUN20113227, + title = {A Minimum Cost of Network Hardening Model Based on Attack Graphs}, + journal = {Procedia Engineering}, + volume = {15}, + pages = {3227-3233}, + year = {2011}, + note = {CEIS 2011}, + issn = {1877-7058}, + doi = {https://doi.org/10.1016/j.proeng.2011.08.606}, + url = {https://www.sciencedirect.com/science/article/pii/S1877705811021072}, + author = {MA Jun-chun and WANG Yong-jun and SUN Ji-yin and CHEN Shan}, + keywords = {network security, attack graphs, bidirectional-based search, genetic algorithms, minimum-cost}, +} + +@article{0.1117/12.60424, + author = {Liu, Yu and Man, Hong}, + year = {2005}, + month = {03}, + pages = {}, + title = {Network Vulnerability Assessment Using Bayesian Networks}, + journal = {Proc SPIE}, + doi = {10.1117/12.604240} +} + +@inproceedings{10.1145/1456362.1456368, + author = {Frigault, Marcel and Wang, Lingyu and Singhal, Anoop and Jajodia, Sushil}, + year = {2008}, + month = {10}, + pages = {23-30}, + title = {Measuring Network Security Using Dynamic Bayesian Network}, + doi = {10.1145/1456362.1456368} +} + +@article{10.1145/3105760, + author = {Mu\~{n}oz-Gonz\'{a}lez, Luis and Sgandurra, Daniele and Paudice, Andrea and Lupu, Emil C.}, + title = {Efficient Attack Graph Analysis Through Approximate Inference}, + year = {2017}, + issue_date = {August 2017}, + publisher = {Association for Computing Machinery}, + address = {New York, NY, USA}, + volume = {20}, + number = {3}, + issn = {2471-2566}, + url = {https://doi.org/10.1145/3105760}, + doi = {10.1145/3105760}, + journal = {ACM Trans. Priv. Secur.}, + month = {Jul}, + articleno = {10}, + numpages = {30}, + keywords = {Bayesian networks, approximate inference, probabilistic graphical models} +} + +@article{10.1155/2017/3407642, + author = {{Hu, Hao and Zhang, Hongqi and Liu, Yuling and Wang, Yongwei and Du, Xiaojiang}}, + title = {{Quantitative Method for Network Security Situation Based on Attack Prediction}}, + year = {2017}, + issue_date = {2017}, + publisher = {{John Wiley \& Sons, Inc.}}, + address = {USA}, + volume = {2017}, + issn = {1939-0114}, + url = {https://doi.org/10.1155/2017/3407642}, + doi = {10.1155/2017/3407642}, + journal = {Security and Communications Networks}, + month = {jan}, + numpages = {19} +} + +@article{Abraham2014CyberSA, + title={Cyber Security Analytics: A Stochastic Model for Security Quantification Using Absorbing Markov Chains}, + author={Subil Abraham and Suku Nair}, + journal={Journal of Communications}, + year={2014}, + url={https://api.semanticscholar.org/CorpusID:8554925} +} + +@misc{abraham2015predictive, + title={A Predictive Framework for Cyber Security Analytics Using Attack Graphs}, + author={Subil Abraham and Suku Nair}, + year={2015}, + eprint={1502.01240}, + archivePrefix={arXiv}, + primaryClass={cs.CR} +} + +@article{Durkota2019HardeningNA, + title={Hardening Networks Against Strategic Attackers Using Attack Graph Games}, + author={Karel Durkota and V. Lis{\'y} and Branislav Bosansk{\'y} and Christopher Kiekintveld and Michal Pechoucek}, + journal={Computer Security}, + year={2019}, + volume={87}, + url={https://api.semanticscholar.org/CorpusID:201134692} +} + +@article{10.1145/3418897, + author = {Hu, Zhisheng and Zhu, Minghui and Liu, Peng}, + title = {Adaptive Cyber Defense Against Multi-Stage Attacks Using Learning-Based POMDP}, + year = {2020}, + issue_date = {February 2021}, + publisher = {Association for Computing Machinery}, + address = {New York, NY, USA}, + volume = {24}, + number = {1}, + issn = {2471-2566}, + url = {https://doi.org/10.1145/3418897}, + doi = {10.1145/3418897}, + journal = {ACM Transactions on Privacy and Security}, + month = {nov}, + articleno = {6}, + numpages = {25}, + keywords = {adaptive cyber defense, Thompson sampling, Reinforcement learning} +} + +@article{Miehling2018APA, + title={A POMDP Approach to the Dynamic Defense of Large-Scale Cyber Networks}, + author={Erik Miehling and Mohammad Reza Rasouli and Demosthenis Teneketzis}, + journal={IEEE Transactions on Information Forensics and Security}, + year={2018}, + volume={13}, + pages={2490-2505}, + url={https://api.semanticscholar.org/CorpusID:13705714} +} + +@article{Nguyen2017AnAT, + title={An Approach to Incorporating Uncertainty in Network Security Analysis}, + author={Hoang Hai Nguyen and Kartik Palani and David M. Nicol}, + journal={Proceedings of the Hot Topics in Science of Security: Symposium and Bootcamp}, + year={2017}, + url={https://api.semanticscholar.org/CorpusID:16666067} +} + +@Inbook{Wang2017, + author="Wang, Lingyu + and Jajodia, Sushil + and Singhal, Anoop + and Cheng, Pengsu + and Noel, Steven", + title="k-Zero Day Safety: Evaluating the Resilience of Networks Against Unknown Attacks", + bookTitle="Network Security Metrics", + year="2017", + publisher="Springer International Publishing", + address="Cham", + pages="75--93", + isbn="978-3-319-66505-4", + doi="10.1007/978-3-319-66505-4{\_}4", + url="https://doi.org/10.1007/978-3-319-66505-4{\_}4" +} + +@InProceedings{10.1007/978-3-030-64793-3_24, + author="Anwar, Ahmed H. + and Kamhoua, Charles", + editor="Zhu, Quanyan + and Baras, John S. + and Poovendran, Radha + and Chen, Juntao", + title="Game Theory on Attack Graph for Cyber Deception", + booktitle="Decision and Game Theory for Security", + year="2020", + publisher="Springer International Publishing", + address="Cham", + pages="445--456", + abstract="Game Theory provides a set of tools and a framework suitable to study security problems. In this paper, a class of games is developed to study cyber deception and the interactions between the network defender who is deceiving an adversary to mitigate the damage of the attack. In order to capture network topology, each game is played over an attack graph that can be generated according to the vulnerabilities associated with each node. The defender's goal is to take deceptive actions to prevent the attacker from taking control over the network resources exploiting the incomplete information of the attacker regarding the deceptive network gained through the attack reconnaissance stage. To this end, we present several games such as normal form static, dynamic, hypergame, and a partially observable stochastic game (POSG) to study the game dynamics at different information structures. For the most general class of games, (i.e., POSG), we provide multiple solution approaches to overcome the intractability of the game model and finally present numerical result samples to show the effectiveness of each solution approach.", + isbn="978-3-030-64793-3" +} + +@INBOOK{9124037, + author={Xi, Bowei and Kamhoua, Charles A.}, + booktitle={Modeling and Design of Secure Internet of Things}, + title={A Hypergame-Based Defense Strategy Toward Cyber Deception in Internet of Battlefield Things (IoBT)}, + year={2020}, + volume={}, + number={}, + pages={59-77}, + doi={10.1002/9781119593386.ch3} +} + +@InProceedings{10.1007/978-3-030-64793-3_9, + author="Kulkarni, Abhishek N. + and Fu, Jie + and Luo, Huan + and Kamhoua, Charles A. + and Leslie, Nandi O.", + editor="Zhu, Quanyan + and Baras, John S. + and Poovendran, Radha + and Chen, Juntao", + title="Decoy Allocation Games on Graphs with Temporal Logic Objectives", + booktitle="Decision and Game Theory for Security", + year="2020", + publisher="Springer International Publishing", + address="Cham", + pages="168--187", + isbn="978-3-030-64793-3" +} + +@conference{1503283, + title = {Security Scheduling for Real-World Networks }, + booktitle = {International Conference on Autonomous Agents and Multiagent Systems (AAMAS)}, + year = {2013}, + author = {Jain, Manish and Vincent Conitzer and Tambe, Milind} +} + +@article{HORAK2019101579, + title = {Optimizing Honeypot Strategies Against Dynamic Lateral Movement Using Partially Observable Stochastic Games}, + journal = {Computers \& Security}, + volume = {87}, + pages = {101579}, + year = {2019}, + issn = {0167-4048}, + doi = {https://doi.org/10.1016/j.cose.2019.101579}, + url = {https://www.sciencedirect.com/science/article/pii/S0167404819300665}, + author = {Karel Horák and Branislav Bošanský and Petr Tomášek and Christopher Kiekintveld and Charles Kamhoua}, + keywords = {Dynamic honeypot allocation, Lateral movement, Partially observable stochastic games, Compact representation, Incremental strategy generation} +} + +@article{10.1080/23311916.2018.1502242, + author = {Gunantara, Nyoman}, + year = {2018}, + month = {07}, + pages = {}, + title = {A Review of Multi-Objective Optimization: Methods and Its Applications}, + volume = {5}, + journal = {Cogent Engineering}, + doi = {10.1080/23311916.2018.1502242} +} + +@Inbook{Awange2023, + author="Awange, Joseph L. + and Pal{\'a}ncz, B{\'e}la + and Lewis, Robert H. + and V{\"o}lgyesi, Lajos", + title="Multiobjective Optimization", + bookTitle="Mathematical Geosciences: Hybrid Symbolic-Numeric Methods", + year="2023", + publisher="Springer International Publishing", + address="Cham", + pages="319--352", + isbn="978-3-030-92495-9", + doi="10.1007/978-3-030-92495-9{\_}9", + url="https://doi.org/10.1007/978-3-030-92495-9{\_}9" +} + +@article{MIRJALILI2015228, + title = {Moth-Flame Optimization Algorithm: A Novel Nature-Inspired Heuristic Paradigm}, + journal = {Knowledge-Based Systems}, + volume = {89}, + pages = {228-249}, + year = {2015}, + issn = {0950-7051}, + doi = {https://doi.org/10.1016/j.knosys.2015.07.006}, + url = {https://www.sciencedirect.com/science/article/pii/S0950705115002580}, + author = {Seyedali Mirjalili}, + keywords = {Optimization, Stochastic optimization, Constrained optimization, Meta-heuristic, Population-based algorithm} +} + +@INPROCEEDINGS{7732428, + author={Vikas and Nanda, Satyasai Jagannath}, + booktitle={2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI)}, + title={Multi-Objective Moth Flame Optimization}, + year={2016}, + volume={}, + number={}, + pages={2470-2476}, + doi={10.1109/ICACCI.2016.7732428} +} + +@INPROCEEDINGS{9563556, + author={Bingi, Kishore and Kulkarni, Rakshit Raghavendra and Mantri, Rhea}, + booktitle={2021 IEEE Madras Section Conference (MASCON)}, + title={Development of Hybrid Algorithm Using Moth-Flame and Particle Swarm Optimization}, + year={2021}, + volume={}, + number={}, + pages={1-6}, + doi={10.1109/MASCON51689.2021.9563556} +} + +@article{Sharifi2021ANO, + title={A New Optimization Algorithm to Solve Multi-Objective Problems}, + author={Mohammad Reza Sharifi and Saeid Akbarifard and Kourosh Qaderi and Mohamad Reza Madadi}, + journal={Scientific Reports}, + year={2021}, + volume={11}, + url={https://api.semanticscholar.org/CorpusID:238860219} +} + +@book{10.1007/978-3-540-24777-7, + author = {Kellerer, Hans and Pferschy, Ulrich and Pisinger, David}, + year = {2004}, + month = {Jan.}, + pages = {}, + title = {Knapsack Problems}, + isbn = {978-3-540-40286-2}, + journal = {Knapsack Problems}, + doi = {10.1007/978-3-540-24777-7}, + publisher = {Springer Berlin, Heidelberg}, +} + +@INPROCEEDINGS{8204118, + author={Gupta, Indresh Kumar and Choubey, Abha and Choubey, Siddhartha}, + booktitle={2017 8th International Conference on Computing, Communication and Networking Technologies (ICCCNT)}, + title={Clustered Genetic Algorithm to Solve Multidimensional Knapsack Problem}, + year={2017}, + volume={}, + number={}, + pages={1-6}, + doi={10.1109/ICCCNT.2017.8204118} +} + +@ARTICLE{9142411, + author={Li, Zuocheng and Tang, Lixin and Liu, Jiyin}, + journal={IEEE Transactions on Cybernetics}, + title={A Memetic Algorithm Based on Probability Learning for Solving the Multidimensional Knapsack Problem}, + year={2022}, + volume={52}, + number={4}, + pages={2284-2299}, + doi={10.1109/TCYB.2020.3002495} +} + +@INPROCEEDINGS{9308380, + author={Gu, Hanyu}, + booktitle={2020 IEEE Symposium Series on Computational Intelligence (SSCI)}, + title={Optimal Lagrangian Multipliers for the Multidimensional Knapsack Problem: A Bayesian Optimisation Approach}, + year={2020}, + volume={}, + number={}, + pages={3149-3155}, + doi={10.1109/SSCI47803.2020.9308380} +} + +@INPROCEEDINGS{5455187, + author={Shan, Bowei}, + booktitle={2009 First International Conference on Information Science and Engineering}, + title={The Spread of Malware on the WiFi Network: Epidemiology Model and Behaviour Evaluation}, + year={2009}, + volume={}, + number={}, + pages={1916-1918}, + doi={10.1109/ICISE.2009.1285} +} + +@INPROCEEDINGS{8228672, + author={Mitchell, Robert}, + booktitle={2017 IEEE Conference on Communications and Network Security (CNS)}, + title={Epidemic-Resistant Configurations for Intrusion Detection Systems}, + year={2017}, + volume={}, + number={}, + pages={487-494}, + doi={10.1109/CNS.2017.8228672} +} + +@ARTICLE{6414589, + author={Kim, Hyoungshick and Anderson, Ross}, + journal={IEEE Systems Journal}, + title={An Experimental Evaluation of Robustness of Networks}, + year={2013}, + volume={7}, + number={2}, + pages={179-188}, + doi={10.1109/JSYST.2012.2221851} +} + +@INPROCEEDINGS{9450250, + author={Wang, Yingxu and Plataniotis, Kostas N. and Wang, Jane Z. and Hou, Ming and Zhou, Menchu and Howard, Newton and Peng, Jun and Huang, Runhe and Patel, Shushma and Zhang, Du}, + booktitle={2020 IEEE 19th International Conference on Cognitive Informatics \& Cognitive Computing (ICCI*CC)}, + title={The Cognitive and Mathematical Foundations of Analytic Epidemiology}, + year={2020}, + volume={}, + number={}, + pages={6-14}, + doi={10.1109/ICCICC50026.2020.9450250} +} + +@INPROCEEDINGS{9457692, + author={Parwez, Md. Aslam and Abulaish, Muhammad and Jahiruddin, Jahiruddin}, + booktitle={2020 IEEE/WIC/ACM International Joint Conference on Web Intelligence and Intelligent Agent Technology (WI-IAT)}, + title={A Social Media Time-Series Data Analytics Approach for Digital Epidemiology}, + year={2020}, + volume={}, + number={}, + pages={852-859}, + doi={10.1109/WIIAT50758.2020.00131} +} + +@misc{j_hale_compliance_nodate, + title = {Compliance {Method} for a {Cyber}-{Physical} {System}}, + author = {{J. Hale} and Hawrylak, P. and Papa, M.}, + note = {U.S. Patent Number 9,471,789, Oct. 18, 2016.}, + number = {9471789}, + file = {Complaince{\_}Graph{\_}US{\_}Patent{\_}9471789:/home/noah/Zotero/storage/55BZN4U7/Complaince{\_}Graph{\_}US{\_}Patent{\_}9471789.pdf:application/pdf}, +} + +@inproceedings{baloyi_guidelines_2019, + address = {Skukuza South Africa}, + title = {Guidelines for {Data} {Privacy} {Compliance}: {A} {Focus} on {Cyberphysical} {Systems} and {Internet} of {Things}}, + doi = {10.1145/3351108.3351143}, + booktitle = {{SAICSIT} '19: {Proceedings} of the {South} {African} {Institute} of {Computer} {Scientists} and {Information} {Technologists} 2019}, + publisher = {Association for Computing Machinery}, + author = {Baloyi, Ntsako and Kotzé, Paula}, + year = {2019}, +} + +@article{allman_complying_2006, + title = {Complying With {Compliance}: {Blowing} It Off Is Not an Option.}, + volume = {4}, + number = {7}, + journal = {ACM Queue}, + author = {Allman, Eric}, + year = {2006}, +} + +@ARTICLE{9914620, + author={Ahn, Sujin and Kwon, Minhae}, + journal={IEEE Journal of Biomedical and Health Informatics}, + title={Reproduction Factor Based Latent Epidemic Model Inference: A Data-Driven Approach Using COVID-19 Datasets}, + year={2023}, + volume={27}, + number={3}, + pages={1259-1270}, + doi={10.1109/JBHI.2022.3213175} +} + +@INPROCEEDINGS{9929470, + author={Roy, Tamal Joyti and Mahmood, Md. Ashiq and Mohanta, Aninda and Roy, Diti}, + booktitle={2021 IEEE International Conference on Robotics, Automation, Artificial-Intelligence and Internet-of-Things (RAAICON)}, + title={An Analytical Approach to Predict the COVID-19 Death Rate in Bangladesh Utilizing Multiple Regression and SEIR Model}, + year={2021}, + volume={}, + number={}, + pages={42-45}, + doi={10.1109/RAAICON54709.2021.9929470} +} + +@INPROCEEDINGS{9628991, + author={Chumachenko, Dmytro and Bazilevych, Kseniia and Meniailov, Ievgen and Yakovlev, Sergiy and Chumachenko, Tetyana}, + booktitle={2021 IEEE 4th International Conference on Advanced Information and Communication Technologies (AICT)}, + title={Simulation of COVID-19 Dynamics Using Ridge Regression}, + year={2021}, + volume={}, + number={}, + pages={163-166}, + doi={10.1109/AICT52120.2021.9628991} +} + +@INPROCEEDINGS{9630798, + author={Zhang, Siqi and Yang, Hui}, + booktitle={2021 43rd Annual International Conference of the IEEE Engineering in Medicine \& Biology Society (EMBC)}, + title={Spatial Modeling and Analysis of Human Traffic and Infectious Virus Spread in Community Networks}, + year={2021}, + volume={}, + number={}, + pages={2286-2289}, + doi={10.1109/EMBC46164.2021.9630798} +} + +@INPROCEEDINGS{9678822, + author={Dakhno, Natalia and Leshchenko, Olga and Kravchenko, Yurii and Dudnik, Andriy and Trush, Olexandr and Khankishiev, Victor}, + booktitle={2021 IEEE 3rd International Conference on Advanced Trends in Information Theory (ATIT)}, + title={Dynamic Model of the Spread of Viruses in a Computer Network Using Differential Equations}, + year={2021}, + volume={}, + number={}, + pages={111-115}, + doi={10.1109/ATIT54053.2021.9678822} +} + +@INPROCEEDINGS{10227113, + author={Tang, Yuyang and Williams, Richard A.}, + booktitle={2022 IEEE International Symposium on Technology and Society (ISTAS)}, + title={Investigating Relationship Conflict Within the Social Network of Large IS Projects Using a SIR Model}, + year={2022}, + volume={1}, + number={}, + pages={1-5}, + doi={10.1109/ISTAS55053.2022.10227113} +} + +@INPROCEEDINGS{9856356, + author={Mathebula, Dephney}, + booktitle={2022 International Conference on Artificial Intelligence, Big Data, Computing and Data Communication Systems (icABCD)}, + title={Novel Data-Based Model for Future Epidemiology}, + year={2022}, + volume={}, + number={}, + pages={1-6}, + doi={10.1109/icABCD54961.2022.9856356} +} + +@INPROCEEDINGS{9593147, + author={Fedorov, Dmitriy and Tabarak, Yrys and Dadlani, Aresh and Kumar, Muthukrishnan Senthil and Kizheppatt, Vipin}, + booktitle={2021 International Balkan Conference on Communications and Networking (BalkanCom)}, + title={Dynamics of Multi-Strain Malware Epidemics Over Duty-Cycled Wireless Sensor Networks}, + year={2021}, + volume={}, + number={}, + pages={1-5}, + doi={10.1109/BalkanCom53780.2021.9593147} +} + +@Article{Lou2021, + author={Lou, Yuan + and Salako, Rachidi B.}, + title={Control Strategies for a Multi-Strain Epidemic Model}, + journal={Bulletin of Mathematical Biology}, + year={2021}, + month={Nov}, + day={27}, + volume={84}, + number={1}, + pages={10}, + issn={1522-9602}, + doi={10.1007/s11538-021-00957-6}, + url={https://doi.org/10.1007/s11538-021-00957-6} +} + +@article{10.1371/journal.pone.0257512, + doi = {10.1371/journal.pone.0257512}, + author = {Arruda, Edilson F. AND Das, Shyam S. AND Dias, Claudia M. AND Pastore, Dayse H.}, + journal = {Plos One}, + publisher = {Public Library of Science}, + title = {Modelling and Optimal Control of Multi Strain Epidemics, With Application to COVID-19}, + year = {2021}, + month = {09}, + volume = {16}, + url = {https://doi.org/10.1371/journal.pone.0257512}, + pages = {1-18}, + number = {9}, +} + +@inproceedings{GCAI-2018:Analysis_of_Attack_Graph, + author = {Tom Gonda and Tal Pascal and Rami Puzis and Guy Shani and Bracha Shapira}, + title = {Analysis of Attack Graph Representations for Ranking Vulnerability Fixes}, + booktitle = {GCAI-2018. 4th Global Conference on Artificial Intelligence}, + editor = {Daniel Lee and Alexander Steen and Toby Walsh}, + series = {EPiC Series in Computing}, + volume = {55}, + pages = {215--228}, + year = {2018}, + publisher = {EasyChair}, + bibsource = {EasyChair, https://easychair.org}, + issn = {2398-7340}, + url = {https://easychair.org/publications/paper/ZBHj}, + doi = {10.29007/2c1q} +} + +@article{10.1371/journal.pone.0053095, + doi = {10.1371/journal.pone.0053095}, + author = {Piraveenan, Mahendra AND Prokopenko, Mikhail AND Hossain, Liaquat}, + journal = {Plos One}, + publisher = {Public Library of Science}, + title = {Percolation Centrality: Quantifying Graph-Theoretic Impact of Nodes During Percolation in Networks}, + year = {2013}, + month = {01}, + volume = {8}, + url = {https://doi.org/10.1371/journal.pone.0053095}, + pages = {1-14}, + number = {1}, +} + +@inproceedings{10.1145/3288599.3295597, + author = {De, Sanghamitra and Barik, Mridul Sankar and Banerjee, Indrajit}, + title = {A Percolation-Based Recovery Mechanism for Bot Infected P2P Cloud}, + year = {2019}, + isbn = {9781450360944}, + publisher = {Association for Computing Machinery}, + address = {New York, NY, USA}, + url = {https://doi-org.utulsa.idm.oclc.org/10.1145/3288599.3295597}, + doi = {10.1145/3288599.3295597}, + abstract = {Execution of any recovery procedure in compromised nodes of a Cloud should aim at covering as many nodes as possible in a given time. The authors propose an innovative approach using the concept of percolation centrality to spread the execution of a recovery procedure across adjacent nodes in a P2PCloud. Compromised networks can be large since botnets and malware infections use the advantage of the internet to spread rapidly. Using percolation centrality to choose a node from where to begin, the recovery procedure runs in parallel in different nodes which can be reached from a chosen node and spreads fast.}, + booktitle = {Proceedings of the 20th International Conference on Distributed Computing and Networking}, + pages = {474-479}, + numpages = {6}, + keywords = {churning, botnet, P2PCloud, P2P network, percolation centrality}, + location = {Bangalore, India}, + series = {ICDCN '19} +} + +@INPROCEEDINGS{9680376, + author={Chandramouli, Athreya and Jana, Sayantan and Kothapalli, Kishore}, + booktitle={2021 IEEE 28th International Conference on High Performance Computing, Data, and Analytics (HiPC)}, + title={Efficient Parallel Algorithms for Computing Percolation Centrality}, + year={2021}, + volume={}, + number={}, + pages={111-120}, + doi={10.1109/HiPC53243.2021.00025} +} + +@article{AUDRITO2021102584, +title = {Aggregate Centrality Measures for IoT-based Coordination}, +journal = {Science of Computer Programming}, +volume = {203}, +pages = {102584}, +year = {2021}, +issn = {0167-6423}, +doi = {https://doi.org/10.1016/j.scico.2020.102584}, +url = {https://www.sciencedirect.com/science/article/pii/S0167642320301921}, +author = {Giorgio Audrito and Danilo Pianini and Ferruccio Damiani and Mirko Viroli} +} + +@article{MO2019121538, +title = {Identifying Node Importance Based on Evidence Theory in Complex Networks}, +journal = {Physica A: Statistical Mechanics and Its Applications}, +volume = {529}, +pages = {121538}, +year = {2019}, +issn = {0378-4371}, +doi = {https://doi.org/10.1016/j.physa.2019.121538}, +url = {https://www.sciencedirect.com/science/article/pii/S0378437119309021}, +author = {Hongming Mo and Yong Deng}, +keywords = {Complex networks, Important nodes, Evidence theory, Multi-evidence centrality, Comprehensive measure}, +} + +@article{LI2018512, +title = {Identification of Influential Spreaders Based on Classified Neighbors in Real-World Complex Networks}, +journal = {Applied Mathematics and Computation}, +volume = {320}, +pages = {512-523}, +year = {2018}, +issn = {0096-3003}, +doi = {https://doi.org/10.1016/j.amc.2017.10.001}, +url = {https://www.sciencedirect.com/science/article/pii/S0096300317306884}, +author = {Chao Li and Li Wang and Shiwen Sun and Chengyi Xia}, +keywords = {Influential spreaders, Identification algorithms, Classified neighbors, Complex networks}, +} + +@article{brandes, +author = {Ulrik Brandes}, +title = {A Faster Algorithm for Betweenness Centrality* }, +journal = {The Journal of Mathematical Sociology}, +volume = {25}, +number = {2}, +pages = {163-177}, +year = {2001}, +publisher = {Routledge}, +doi = {10.1080/0022250X.2001.9990249}, + + +URL = { + + https://doi.org/10.1080/0022250X.2001.9990249 + + + +}, +eprint = { + + https://doi.org/10.1080/0022250X.2001.9990249 + + + +} + +} + +@misc{stankovic2023fourier, + title={Fourier Analysis of Signals on Directed Acyclic Graphs (DAG) Using Graph Zero-Padding}, + author={Ljubisa Stankovic and Milos Dakovic and Ali Bagheri Bardi and Milos Brajovic and Isidora Stankovic}, + year={2023}, + note={arXiv:2311.01073}, + archivePrefix={arXiv}, + primaryClass={cs.IT} +} + +@misc{seifert2023causal, + title={Causal Fourier Analysis on Directed Acyclic Graphs and Posets}, + author={Bastian Seifert and Chris Wendler and Markus Püschel}, + year={2023}, + note={arXiv:2209.07970}, + archivePrefix={arXiv}, + primaryClass={eess.SP} +} + +@BOOK{laug, + AUTHOR = {Anderson, E. and Bai, Z. and Bischof, C. and + Blackford, S. and Demmel, J. and Dongarra, J. and + Du Croz, J. and Greenbaum, A. and Hammarling, S. and + McKenney, A. and Sorensen, D.}, + title = {{LAPACK} Users' Guide}, + EDITION = {3rd}, + PUBLISHER = {Society for Industrial and Applied Mathematics}, + YEAR = {1999}, + ADDRESS = {Philadelphia, PA}, + ISBN = {0-89871-447-8 (paperback)} } + +@article{MACEDO2016999, +title = {Gaussian Elimination Is Not Optimal, Revisited}, +journal = {Journal of Logical and Algebraic Methods in Programming}, +volume = {85}, +number = {5, Part 2}, +pages = {999-1010}, +year = {2016}, +issn = {2352-2208}, +doi = {https://doi.org/10.1016/j.jlamp.2016.06.003}, +url = {https://www.sciencedirect.com/science/article/pii/S2352220816300529}, +author = {Hugo Daniel Macedo}, +} + +@misc{williams2023new, + title={New Bounds for Matrix Multiplication: From Alpha to Omega}, + author={Virginia Vassilevska Williams and Yinzhan Xu and Zixuan Xu and Renfei Zhou}, + year={2023}, + eprint={2307.07970}, + archivePrefix={arXiv}, + primaryClass={cs.DS} +} + +@misc{alman2020refined, + title={A Refined Laser Method and Faster Matrix Multiplication}, + author={Josh Alman and Virginia Vassilevska Williams}, + year={2020}, + eprint={2010.05846}, + archivePrefix={arXiv}, + primaryClass={cs.DS} +} + +@article{bordacent, +author = {Madotto, Andrea and Liu, Jiming}, +year = {2016}, +month = {Dec.}, +pages = {}, +title = {Super-Spreader Identification Using Meta-Centrality}, +volume = {6}, +journal = {Scientific Reports}, +doi = {10.1038/srep38994} +} + +@article{6023c4f8-ecc1-3dbe-9f88-265b318523d2, + ISSN = {00115266}, + URL = {http://www.jstor.org/stable/20026529}, + author = {John G. Kemeny}, + journal = {Daedalus}, + number = {4}, + pages = {577--591}, + publisher = {The MIT Press}, + title = {Mathematics Without Numbers}, + urldate = {2024-03-01}, + volume = {88}, + year = {1959} +} + +@article{doi:10.1137/0135023, +author = {Young, H. P. and Levenglick, A.}, +title = {A Consistent Extension of Condorcet’s Election Principle}, +journal = {SIAM Journal on Applied Mathematics}, +volume = {35}, +number = {2}, +pages = {285-300}, +year = {1978}, +doi = {10.1137/0135023}, + +URL = { + + https://doi.org/10.1137/0135023 + + + +}, +eprint = { + + https://doi.org/10.1137/0135023 + + + +} +, +} + +@misc{OSHA, + author = {{Occupational Safety and Health Administration}}, + title = {{Standard} 1910 {Subpart} {H} {Hazardous} {Materials}}, + year = {{Last Amended 2024 via Code of Federal Regulations Title 29}} +} + + +@onlne{AutoInd, + author = {{International Trade Administration, U.S. Department of Commerce}}, + title = {{Automotive Industry}}, + year = {August 2021}, + note = {{[Online]. Available: https://www.trade.gov/selectusa-automotive-industry}}, + urldate = {2023-11-07} +} + +@onlne{AutoIndFS, + author = {{International Trade Administration, U.S. Department of Commerce}}, + title = {{Foreign Direct Investment (FDI): Automotive}}, + year = {August 2021}, + note = {{[Online]. Available: https://www.trade.gov/sites/default/files/2021-09/Automotive{\%}20-{\%}20FINAL.pdf}}, + urldate = {2023-11-07} +} + +@online{BEAFS, + author = {{U.S. Bureau of Economic Analysis}}, + title = {{Industry Factsheet: Transportation and Warehousing}}, + year = {2023}, + note = {{[Online]. Available: https://apps.bea.gov/industry/factsheet/factsheet.html\#48TW}}, + urldate = {2024-02-25} +} + +@online{BEATables, + author = {{U.S. Bureau of Economic Analysis}}, + title = {{Value Added by Industry}}, + year = {2023-12-21}, + urldate = {2024-02-25} +} + +@online{BEATablesOutput, + author = {{U.S. Bureau of Economic Analysis}}, + title = {{Gross Output by Industry}}, + year = {2023-12-21}, + urldate = {2024-02-25} +} + +@online{GMInsight, + author = {{Singh, A, and Singh, S.}}, + title = {{Automotive Repair and Maintenance Service Market Size}}, + year = {Feb. 2024}, + note = {{[Online]. Available: https://www.gminsights.com/industry-analysis/automotive-repair-maintenance-services-market}}, + urldate = {2024-02-25} +} + +@online{Corolla, + author = {{Toyota Motor Sales, U.S.A., Inc.}}, + title = {{Downloadable Manuals}}, + note = {{[Online]. Available: https://www.toyota.com/owners/warranty-owners-manuals/}}, + urldate = {2024-02-25} +} + +@online{carDOE, + author = {{U.S. Department of Energy}}, + title = {{Alternative Fuels Data Center}}, + note = {{[Online]. Available: https://afdc.energy.gov/data/categories/driving-patterns}}, + urldate = {2024-02-25} +} + +@online{carDOT, + author = {{National Transportation Statistics Datasets}}, + title = {{United States Department of Transportation Bureau of Transportation Statistics}}, + note = {{[Online]. Available: https://www.bts.gov/product/national-transportation-statistics}}, + urldate = {2024-02-25} +} + +@online{carFWHA, + author = {{U.S. Department of Transportation Federal Highway Administration}}, + title = {{Highway Statistics Series}}, + note = {{[Online]. Available: https://www.fhwa.dot.gov/policyinformation/statistics.cfm}}, + urldate = {2024-02-25} +} + +@online{carCR, + author = {{Preston, B.}}, + title = {{Car Brands and Models That Can Save You Money Over Time}}, + year = {2023-04-02}, + note = {{[Online]. Available: https://www.consumerreports.org/cars/car-repair-maintenance/car-brands-and-models-that-can-save-you-money-over-time-a9081677414}}, + urldate = {2024-02-25} +} + +@online{carAAA, + author = {{AAA}}, + title = {{Planning for Auto Maintenance and Repair Costs}}, + note = {{[Online]. Available: https://www.aaa.com/autorepair/articles/planning-for-auto-maintenance-and-repair-costs (visited on Feb. 25, 2024.)}} +} + +@online{carFarmers, + author = {{Farmers Insurance}}, + title = {{Auto Service and Repair Shop Insurance}}, + note = {{[Online]. Available: https://www.farmers.com/business/industry/auto-service-repair/ (visited on Feb. 25, 2024.)}} +} + +@online{carext, + author = {{AAA}}, + title = {{Your Driving Costs}}, + note = {{[Online]. Available: https://newsroom.aaa.com/wp-content/uploads/2020/12/Your-Driving-Costs-2020-Fact-Sheet-FINAL-12-9-20-2.pdf}}, + year = {2020-12-09}, + urldate = {2024-02-25} +} + +@online{CMS, + author = {{Centers for Medicare \& Medicaid Services}}, + title = {{NHE Fact Sheet}}, + year = {2022}, + note = {{[Online]. Available: https://www.cms.gov/data-research/statistics-trends-and-reports/national-health-expenditure-data/nhe-fact-sheet}}, + urldate = {2024-02-25} +} + +@online{WB, + author = {{The World Bank}}, + title = {{Current Health Expenditure (\% of GDP)}}, + year = {2023-04-07}, + note = {{[Online]. Available: https://data.worldbank.org/indicator/SH.XPD.CHEX.GD.ZS?name{\_}desc=true{\&}locations=US}}, + urldate = {2024-02-25} +} + +@online{OECD, + author = {{Organisation for Economic Co-operation and Development}}, + title = {{OECD Health Statistics 2023}}, + year = {2023}, + note = {{[Online]. Available: https://www.oecd.org/health/health-data.htm}}, + urldate = {2024-02-25} +} + +@online{CDC, + author = {{Centers for Disease Control and Preventation}}, + title = {{Health Expenditures}}, + year = {2019}, + note = {{[Online]. Available: https://www.cdc.gov/nchs/fastats/health-expenditures.htm}}, + urldate = {2024-02-25} +} + +@online{NCSES, + author = {{National Center for Science and Engineering Statistics}}, + title = {{R\&D; Most Pharmaceutical R\&D Focused on Biotechnology}}, + year = {2018}, + note = {{[Online]. Available: https://ncses.nsf.gov/pubs/nsf21316}}, + urldate = {2024-02-25} +} + +@online{DefHC, + author = {{Definitive Healthcare}}, + title = {{Healthcare Insights}}, + year = {2023-08-22}, + note = {{[Online]. Available: https://www.definitivehc.com/resources/healthcare-insights/urgent-care-clinics-us}}, + urldate = {2024-02-25} +} + +@online{AHA, + author = {{American Hospital Association}}, + title = {{Fast Facts on U.S. Hospitals, 2024}}, + year = {2024}, + note = {{[Online]. Available: https://www.aha.org/statistics/fast-facts-us-hospitals}}, + urldate = {2024-02-25} +} + +@online{AAMC, + author = {{Association of American Medical Colleges}}, + title = {{Workforce Data}}, + year = {2019}, + note = {{[Online]. Available: https://www.aamc.org/data-reports/workforce/data/active-physicians-us-doctor-medicine-us-md-degree-specialty-2019}}, + urldate = {2024-02-25} +} + +@online{CBO, + author = {{Congressional Budget Office}}, + title = {{Research and Development in the Pharmaceutical Industry}}, + year = {April 2021}, + note = {{[Online]. Available: https://www.cbo.gov/publication/57126}}, + urldate = {2024-02-25} +} + +@online{BEAHC, + author = {{Bureau of Economic Analysis}}, + title = {{New Health Care Statistics for First Year of COVID-19 Pandemic}}, + year = {2023-02-10}, + note = {{[Online]. Available: https://www.bea.gov/news/blog/2023-02-10/new-health-care-statistics-first-year-covid-19-pandemic}}, + urldate = {2024-02-25} +} + +@online{BEAHCM, + author = {{Bureau of Economic Analysis}}, + title = {{Experimental Data Map Health Care Estimates in GDP to Centers for Medicare \& Medicaid Framework}}, + year = {2023-09-25}, + note = {{[Online]. Available: https://www.bea.gov/news/blog/2023-09-25/experimental-data-map-health-care-estimates-gdp-centers-medicare-medicaid}}, + urldate = {2024-02-25} +} + +@article{PhysRevLett.87.198701, + title = {Efficient Behavior of Small-World Networks}, + author = {Latora, Vito and Marchiori, Massimo}, + journal = {Phys. Rev. Lett.}, + volume = {87}, + issue = {19}, + pages = {198701}, + numpages = {4}, + year = {2001}, + month = {Oct}, + publisher = {American Physical Society}, + doi = {10.1103/PhysRevLett.87.198701}, + url = {https://link.aps.org/doi/10.1103/PhysRevLett.87.198701} +} + +@online{HHS, + author = {{U.S. Department of Health and Human Services}}, + title = {{Compliance Enforcement Data}}, + year = {2024-01-31}, + note = {{[Online]. Available: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/data/numbers-glance/index.html}}, + urldate = {2024-02-25} +} + +@online{HHSDol, + author = {{U.S. Department of Health and Human Services}}, + title = {{Enforcement Highlights}}, + year = {2024-01-31}, + note = {{[Online]. Available:https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/data/enforcement-highlights/index.html}}, + urldate = {2024-02-25} +} + +@ARTICLE{10124989, + author={Schrick, Noah L. and Hawrylak, Peter J.}, + journal={IEEE Open Journal of the Computer Society}, + title={State Space Explosion Mitigation for Large-Scale Attack and Compliance Graphs Using Synchronous Exploit Firing}, + year={2023}, + volume={4}, + number={}, + pages={147-157}, + keywords={Firing;Explosions;Automobiles;Computer security;Flexible printed circuits;Cyber-physical systems;Regulation;Attack graph;compliance and regulation;compliance graph;cybersecurity;high-performance computing;speedup;synchronous firing}, + doi={10.1109/OJCS.2023.3276370}} + + +@online{HHSPen, + author = {{U.S. Department of Health and Human Services}}, + title = {{Resolution Agreements}}, + year = {2024-02-06}, + note = {{[Online]. Available: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/index.html}}, + urldate = {2024-02-25} +} + +@online{HHSCong, + author = {{U.S. Department of Health and Human Services}}, + title = {{Reports to Congress on Privacy Rule and Security Rule Compliance}}, + year = {2022}, + note = {{[Online]. Available: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/reports-congress/index.html}}, + urldate = {2024-02-25} +} + +@online{HHSAud, + author = {{U.S. Department of Health and Human Services}}, + title = {{HIPAA Privacy, Security, and Breach Notification Audit Program}}, + year = {2020}, + note = {{[Online]. Available: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/audit/index.html}}, + urldate = {2024-02-25} +} + +@online{HHSCE, + author = {{U.S. Department of Health and Human Services}}, + title = {{Case Examples}}, + year = {2023-11-01}, + note = {{[Online]. Available: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/examples/index.html}}, + urldate = {2024-02-25} +} + +@online{Census, + author = {{United States Census Bureau}}, + title = {{Oil \& Natural Gas}}, + year = {2019}, + note = {{[Online]. Available: https://www.census.gov/history/pdf/api-082021.pdf}}, + urldate = {2024-02-25} +} + +@online{EnergyGov, + author = {{U.S. Department of Energy}}, + title = {{Economic Impact of Oil \& Gas}}, + year = {2020}, + note = {{[Online]. Available: https://www.energy.gov/articles/economic-impact-oil-and-gas}}, + urldate = {2024-02-25} +} + +@online{IEA, + author = {{International Energy Agency}}, + title = {{R\&D Technology Innovation}}, + year = {2020}, + note = {{[Online]. Available: https://www.iea.org/reports/world-energy-investment-2020/rd-and-technology-innovation}}, + urldate = {2024-02-25} +} + +@online{EIA, + author = {{U.S. Energy Information Administration}}, + title = {{Financial Review of the Global Oil and Natural Gas Industry: Third-Quarter 2023}}, + year = {December 2023}, + note = {{[Online]. Available: https://www.eia.gov/finance/review/pdf/3Q2023{\%}20Financial{\%}20Review.pdf}}, + urldate = {2024-02-25} +} + +@online{oshonline, + author = {{Smart, S.J.}}, + title = {{Keeping Oil and Gas Workers Safe and Avoiding Costly Penalties}}, + year = {June 2015}, + note = {{[Online]. Available: https://ohsonline.com/Articles/2015/06/01/Keeping-Oil-and-Gas-Workers-Safe-and-Avoiding-Costly-Penalties.aspx}}, + urldate = {2024-02-25} +} + +@online{OSHAHist, + author = {{U.S. Department of Labor, Occupational Safety and Health Administration}}, + title = {{Industry Profile for an OSHA Standard Results}}, + year = {2023}, + note = {{[Online]. Available: https://www.osha.gov/ords/imis/industryprofile.html}}, + urldate = {2024-02-25} +} + +@online{OSHAPen, + author = {{U.S. Department of Labor, Occupational Safety and Health Administration}}, + title = {{Standard Number 1903.15 - Proposed Penalties}}, + year = {2024-01-15}, + note = {{[Online]. Available: https://www.osha.gov/laws-regs/regulations/standardnumber/1903/1903.15}}, + urldate = {2024-02-25} +} + +@article{https://doi.org/10.1112/plms/s1-28.1.486, +author = {Mathews, G. B.}, +title = {On the Partition of Numbers}, +journal = {Proceedings of the London Mathematical Society}, +volume = {s1-28}, +number = {1}, +pages = {486-490}, +doi = {https://doi.org/10.1112/plms/s1-28.1.486}, +url = {https://londmathsoc.onlinelibrary.wiley.com/doi/abs/10.1112/plms/s1-28.1.486}, +eprint = {https://londmathsoc.onlinelibrary.wiley.com/doi/pdf/10.1112/plms/s1-28.1.486}, +year = {1896} +} + +@book{10.5555/98124, +author = {Martello, Silvano and Toth, Paolo}, +title = {Knapsack Problems: Algorithms and Computer Implementations}, +year = {1990}, +isbn = {0471924202}, +publisher = {John Wiley \& Sons, Inc.}, +address = {USA} +} + +@incollection{RA, + author = {Rausand, M}, + title = {Introduction}, + booktitle = {Risk Assessment: Theory, Methods, and Applications}, + publisher = {John Wiley \& Sons Inc.}, + year = {2013}, + pages = {1-28}, + chapter = {1}, + isbn = {9780470637647} +} + + +@article{CAPRARA2000333, +title = {Approximation Algorithms for Knapsack Problems With Cardinality Constraints}, +journal = {European Journal of Operational Research}, +volume = {123}, +number = {2}, +pages = {333-345}, +year = {2000}, +issn = {0377-2217}, +doi = {https://doi.org/10.1016/S0377-2217(99)00261-1}, +url = {https://www.sciencedirect.com/science/article/pii/S0377221799002611}, +author = {Alberto Caprara and Hans Kellerer and Ulrich Pferschy and David Pisinger} +} + +@article{Jangir2018NonDominatedSM, + title={Non-Dominated Sorting Moth Flame Optimizer: A Novel Multi-Objective Optimization Algorithm for Solving Engineering Design Problems}, + author={Pradeep Jangir}, + journal={Engineering Technology Open Access Journal}, + year={2018}, + url={https://api.semanticscholar.org/CorpusID:212452626} +} + +@manual{Octave, + title = {{GNU Octave} Version 8.4.0 Manual: A High-Level Interactive Language for Numerical Computations}, + author = {John W. Eaton and David Bateman and S{\o}ren Hauberg and Rik Wehbring}, + year = {2023}, + note = {{[Online]. Available: https://www.gnu.org/software/octave/doc/v8.4.0/}} +} + +@misc{gplv3, + title = {{GNU General Public License}}, + version = {3}, + shorthand = {GPL}, + organization = {Free Software Foundation}, + note = {{[Online]. Available: http://www.gnu.org/licenses/gpl.html}}, + pagination = {section}, + language = {english}, + date = {2007-06-29} +} + +@article{10.1162/106365600568202, + author = {Zitzler, Eckart and Deb, Kalyanmoy and Thiele, Lothar}, + title = "{Comparison of Multiobjective Evolutionary Algorithms: Empirical Results}", + journal = {Evolutionary Computation}, + volume = {8}, + number = {2}, + pages = {173-195}, + year = {2000}, + month = {06}, + abstract = "{In this paper, we provide a systematic comparison of various evolutionary approaches to multiobjective optimization using six carefully chosen test functions. Each test function involves a particular feature that is known to cause difficulty in the evolutionary optimization process, mainly in converging to the Pareto-optimal front (e.g., multimodality and deception). By investigating these different problem features separately, it is possible to predict the kind of problems to which a certain technique is or is not well suited. However, in contrast to what was suspected beforehand, the experimental results indicate a hierarchy of the algorithms under consideration. Furthermore, the emerging effects are evidence that the suggested test functions provide sufficient complexity to compare multiobjective optimizers. Finally, elitism is shown to be an important factor for improving evolutionary multiobjective search.}", + issn = {1063-6560}, + doi = {10.1162/106365600568202}, + url = {https://doi.org/10.1162/106365600568202}, + eprint = {https://direct.mit.edu/evco/article-pdf/8/2/173/1493199/106365600568202.pdf}, +} + +@article{doi:10.1287/mnsc.27.1.1, + author = {Fisher, Marshall L.}, + title = {The Lagrangian Relaxation Method for Solving Integer Programming Problems}, + journal = {Management Science}, + volume = {27}, + number = {1}, + pages = {1-18}, + year = {1981}, + doi = {10.1287/mnsc.27.1.1}, + URL = {https://doi.org/10.1287/mnsc.27.1.1}, + eprint = {https://doi.org/10.1287/mnsc.27.1.1} +} + +@article{3c419982-0884-3763-8914-983157eab6e5, + ISSN = {0030364X, 15265463}, + URL = {http://www.jstor.org/stable/168028}, + abstract = {The usefulness of Lagrange multipliers for optimization in the presence of constraints is not limited to differentiable functions. They can be applied to problems of maximizing an arbitrary real valued objective function over any set whatever, subject to bounds on the values of any other finite collection of real valued functions defined on the same set. While the use of the Lagrange multipliers does not guarantee that a solution will necessarily be found for all problems, it is 'fail-safe' in the sense that any solution found by their use is a true solution. Since the method is so simple compared to other available methods it is often worth trying first, and succeeds in a surprising fraction of cases. They are particularly well suited to the solution of problems of allocating limited resources among a set of independent activities.}, + author = {Hugh Everett}, + journal = {Operations Research}, + number = {3}, + pages = {399--417}, + publisher = {INFORMS}, + title = {Generalized Lagrange Multiplier Method for Solving Problems of Optimum Allocation of Resources}, + urldate = {2024-03-13}, + volume = {11}, + year = {1963} +} + +@inproceedings{Nocedal2018NumericalO, + title={Numerical Optimization}, + author={Jorge Nocedal and Stephen J. Wright}, + booktitle={Fundamental Statistical Inference}, + year={2018}, + url={https://api.semanticscholar.org/CorpusID:189864167} +} + +@Manual{pracma, + title = {Pracma: Practical Numerical Math Functions}, + author = {Hans W. Borchers}, + year = {2023}, + note = {{R package version 2.4.4 [Online]. Available: https://CRAN.R-project.org/package=pracma}} + } + +@article{c8bc284a-942a-3e27-9ea0-6db64782cbb2, + ISSN = {00129682, 14680262}, + URL = {http://www.jstor.org/stable/1909582}, + abstract = {Several models for limited dependent variables (variables having a non-negligible probability of exactly equaling zero) are examined. Estimation in and discrimination among the various models are considered, followed by a small sampling experiment into the procedures and an example of their application.}, + author = {John G. Cragg}, + journal = {Econometrica}, + number = {5}, + pages = {829--844}, + publisher = {[Wiley, Econometric Society]}, + title = {Some Statistical Models for Limited Dependent Variables With Application to the Demand for Durable Goods}, + urldate = {2024-03-27}, + volume = {39}, + year = {1971} +} + +@article{fc317238-6f24-34d1-86ea-e81c1292d7e9, + ISSN = {00401706}, + URL = {http://www.jstor.org/stable/1269547}, + abstract = {Zero-inflated Poisson (ZIP) regression is a model for count data with excess zeros. It assumes that with probability p the only possible observation is 0, and with probability 1 - p, a Poisson(λ) random variable is observed. For example, when manufacturing equipment is properly aligned, defects may be nearly impossible. But when it is misaligned, defects may occur according to a Poisson(λ) distribution. Both the probability p of the perfect, zero defect state and the mean number of defects λ in the imperfect state may depend on covariates. Sometimes p and λ are unrelated; other times p is a simple function of λ such as p=1/(1+λ τ) for an unknown constant τ. In either case, ZIP regression models are easy to fit. The maximum likelihood estimates (MLE's) are approximately normal in large samples, and confidence intervals can be constructed by inverting likelihood ratio tests or using the approximate normality of the MLE's. Simulations suggest that the confidence intervals based on likelihood ratio tests are better, however. Finally, ZIP regression models are not only easy to interpret, but they can also lead to more refined data analyses. For example, in an experiment concerning soldering defects on printed wiring boards, two sets of conditions gave about the same mean number of defects, but the perfect state was more likely under one set of conditions and the mean number of defects in the imperfect state was smaller under the other set of conditions; that is, ZIP regression can show not only which conditions give lower mean number of defects but also why the means are lower.}, + author = {Diane Lambert}, + journal = {Technometrics}, + number = {1}, + pages = {1--14}, + publisher = {[Taylor & Francis, Ltd., American Statistical Association, American Society for Quality]}, + title = {Zero-Inflated Poisson Regression, With an Application to Defects in Manufacturing}, + urldate = {2024-03-27}, + volume = {34}, + year = {1992} +} + + diff --git a/Diss_Version/Schrick-Noah_CG-Network-Theory.tex b/Diss_Version/Schrick-Noah_CG-Network-Theory.tex new file mode 100644 index 0000000..f3c70aa --- /dev/null +++ b/Diss_Version/Schrick-Noah_CG-Network-Theory.tex @@ -0,0 +1,521 @@ +\documentclass[conference]{IEEEtran} +\RequirePackage{setspace} +\usepackage{graphicx} % Images +\graphicspath{ {./images/} } + +\usepackage{float} % Table captions on top +\floatstyle{plaintop} +\restylefloat{table} + +\usepackage{ifpdf} % Detect PDF or DVI mode +\usepackage{babel} % Bibliography +\usepackage{dsfont} % mathbb + +\usepackage[utf8]{inputenc} +\usepackage{indentfirst} +\setlength{\parskip}{\baselineskip} + +% Table of Contents/Figure Spacing +\usepackage[titles]{tocloft} +\cftsetindents{figure}{0em}{3.5em} +\cftsetindents{table}{0em}{3.5em} + +\usepackage{dsfont} % mathbb +\usepackage{amsmath} +\usepackage[linesnumbered,commentsnumbered,ruled,vlined]{algorithm2e} + +\begin{document} + +\title{ + Compliance Graph Analysis Using Network Science and Structure Variations +} + +\author{ + \IEEEauthorblockN{Noah L. Schrick} + \IEEEauthorblockA{ + \textit{Tandy School of Computer Science} \\ + \textit{The University of Tulsa}\\ + Tulsa, USA \\ + noah-schrick@utulsa.edu + } + + \and + + \IEEEauthorblockN{Peter J. Hawrylak} + \IEEEauthorblockA{ + \textit{Tandy School of Computer Science} \\ + \textit{The University of Tulsa}\\ + Tulsa, USA \\ + peter-hawrylak@utulsa.edu + } + + \and + + \IEEEauthorblockN{Brett A. McKinney} + \IEEEauthorblockA{ + \textit{Tandy School of Computer Science} \\ + \textit{The University of Tulsa}\\ + Tulsa, USA \\ + brett-mckinney@utulsa.edu + } +} + +\maketitle + +\begin{abstract} + Compliance graphs are generated graphs (or networks) that represent systems' compliance or regulation standings at present, with expected changes, or both. These graphs are generated as directed acyclic graphs (DAGs), and can be used to identify possible correction or mitigation schemes for environments necessitating compliance to mandates or regulations. + DAGs complicate the analysis process due to their underlying graph structures and asymmetry. This work presents network science centralities compatible with DAGs, and structure variations as a means to analyze three different example compliance graphs. Each centrality measure and structural change offers a unique importance ranking that can be used for prioritizing correction or mitigation schemes. +\end{abstract} + +\begin{IEEEkeywords} +Attack Graph; Compliance Graph; Cybersecurity; Compliance and Regulation; Network Theory; Centrality; +\end{IEEEkeywords} + +\section{Introduction} \label{sec:Intro} +Compliance graphs are an alternate form of attack graphs, utilized specifically for examining compliance and regulation statuses of systems. Like attack graphs, compliance graphs can be used to determine all ways that systems may fall out of compliance or violate regulations, or highlight the ways in which violations are already present. These graphs are notably useful for cyber-physical systems due to the increased need for compliance. As the authors of \cite{j_hale_compliance_nodate}, \cite{baloyi_guidelines_2019}, and \cite{allman_complying_2006} discuss, cyber-physical systems have seen greater usage, especially in areas such as critical infrastructure and Internet of Things. The challenge of cyber-physical systems lies not only in the demand for cybersecurity of these systems, but also the concern for safe, stable, and undamaged equipment. The industry in which these devices are used can lead to additional compliance guidelines that must be followed, increasing the complexity required for examining compliance statuses. Compliance graphs are promising tools that can aid in minimizing the overhead caused by these systems and the regulations they must follow. +The state-space explosion and large-scale nature of compliance graphs leads to additional overhead for analysis approaches. Simplistic, initial approaches for compliance graph analysis quickly results in difficulties in terms of spatial and runtime complexities. Comparing every edge of every node in a graph containing upwards of hundreds of millions of nodes and edges makes analysis techniques with exponential complexities in either spatial or runtime terms largely infeasible. Brute-force tactics, manual evaluations, and consideration of all permutations will yield lackluster output, or may fail to complete in a reasonable manner of time. To reduce the problem space, prioritization of nodes can be performed as a pre-processing step for further analysis works. A compliance graph can undergo an initial analysis process to determine which nodes or edges should undergo a more rigorous investigation. In addition, the structure of the compliance graph can be altered to limit or refine the goal of the analysis process. This work will proceed as follows: Section \ref{sec:corr-priorities} will present the prioritization metrics through a Network Science lens. Section \ref{sec:graph-xform} will present graph transformations for altering and refining compliance graphs to other structures. Section \ref{sec:cent-res} will present and discuss the centrality results, and Section \ref{sec:xform-res} will present and discuss the transformation results. + +\section{Related Works} \label{sec:rel-works} +Compliance graphs have yet to be formally investigated for analysis purposes. However, compliance graphs share many similarities to attack graphs. As Section \ref{sec:Intro} discusses, attack and compliance graphs are both directed acyclic graphs (DAGs) that exhaustively walk through all changes in a system or set of systems. Attack graphs examine the cybersecurity postures, while compliance graphs examine compliance or regulation standings. These graphs are generated and processed similarly, but are focused and refined on different fields of interest. Many researchers have developed or applied analysis techniques to attack graphs in order to analyze various features and reveal information regarding common trends or possible corrections. These techniques, though applied to attack graphs, are capable of being applied to compliance graphs if slight modifications were made. This Section highlights a few of the research routes that have been undertaken in order to accomplish these goals. This Section categorizes these related investigations to highlight the availability and novelty of the research methods for this dissertation. + +After the generation of graphs, it is reasonable to visualize possible violation paths an environment may endure. However, assuming not all paths can be removed, deciding which paths to choose is a cumbersome difficulty. One analysis technique to overcome this difficulty is through using minimization. Minimization can be employed to determine if a given security countermeasure increases the security or regulatory standing of a network \cite{Jha2002TwoFA}. Given a security countermeasure or correction scheme and the generated graph, if the proposed option prevents a transition from one graph state to another, the connecting edge is removed. After repeating for all possible edge removals, if the number of attacker or violation goal states has decreased, then the security countermeasure or correction scheme does improve the network. If the number of goal states remains the same, then the security countermeasure or correction scheme is not sufficient enough to improve the network's standing with regard to security or compliance. + +Another technique for minimization analysis is identifying the smallest subset of security countermeasures or correction schemes that produce a desired network threshold \cite{Jha2002TwoFA}. However, the authors of \cite{Jha2002TwoFA} discuss that determining this is an NP-complete problem. This approach becomes increasingly infeasible as the size of the graphs grow with high numbers of possible attack vectors or regulatory violation conditions. If the minimum subset was known, then a set of countermeasures or correction schemes could be processed to identify the smallest number of resolutions that would prevent all attacks or violations in the minimum set. + +Though the minimum subset is an NP-Complete problem, approximations can still be derived, and various works have taken approaches toward the cost minimization problem. The authors of \cite{10.1016/j.comcom.2006.06.01837} presented an approach utilizing disjunctive normal forms. In this approach, countermeasures and correction schemes are represented as disjunctive clauses. The authors of \cite{Islam2008AHA36} developed a heuristic approach for attacks of multiple steps. In this approach, a cost is associated with the beginning nodes, with partial costs being distributed and propagated through state transitions. The authors of \cite{10.1109/IAS.2008.38} implemented a graphical approach for cost minimization analysis. Boolean functions and Shannon decomposition were leveraged with the use of source and sink nodes. + +Regarding network science approaches, the authors of \cite{GCAI-2018:Analysis_of_Attack_Graph} use betweenness centrality specifically for logical attack graphs. Using the importance derived from the centrality results, the authors were able to employ a correction scheme with greater efficiency as compared to prioritizing a shortest-path approach. The author of \cite{ming_diss} presents three centrality measures that were applied to various attack graphs. The centrality measures implemented were Katz, K-path Edge, and Adapted PageRank, with the authors of \cite{10.1145/3491257} expanding on the Adapted PageRank approach. Each of these centrality measures are applicable to the directed format of compliance graphs, and conclusions were drawn by the author of \cite{ming_diss} regarding patching schemes for preventing exploits in attack graphs. As an approach for avoiding complex eigenvalues, the authors of \cite{Guo2017HermitianAM} present work examining directed, undirected, and mixed graphs using its Hermitian adjacency matrix. Other works, such as that discussed by the author of \cite{Mieghem2018DirectedGA}, include mathematical manipulation of directed graph spectra (originally presented by the author of \cite{Brualdi2010SpectraOD}) with Schur's Theorem to bound eigenvalues and allow for explicit computation, which can then be used for additional analysis metrics. + +\section{Example Networks} \label{sec:example-networks} + +\section{Identifying Correction Priority Through Network Centralities} \label{sec:corr-priorities} +In order to generate a correction scheme from a compliance graph, correction priorities first need to be obtained. For a correction scheme to be useful, it is imperative to tailor it around the most important concerns for a system or set of systems. Given a prior knowledge network and a compliance graph consisting of nodes and edges, it is possible to ascertain importance based on various information. Though nodes flagged as ``in violation" have importance, compliant upstream nodes and edges may have greater importance. Figure \ref{fig:topo-ex} illustrates an example subgraph of a compliance graph. An initial approach could be to assign nodes 67, 71, 74, and 75 (the shaded, ``in violation" nodes) the highest priority. If nodes 74 and 75 were to be independently addressed, both edge ``e" and edge ``b" would need to be prevented. However, though node 73 is compliant, removing this node from generation would prevent nodes 74 and 75 from their generations. Based on constraints and other factors present in a prior knowledge network, edge ``a" could have insignificant impact on available resources. Preventing edge ``a" would additionally prevent node 71 (another shaded, ``in violation" node) from its generation. Obtaining a priority list using a prior knowledge network and topographical information makes a network science approach very appealing. This Section discusses using centrality and graph transformations as a means of obtaining a correction priority. Figure \ref{fig:obj3} displays this approach as it relates to obtaining the correction priority. + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/Topographical.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Example Subgraph of a Compliance Graph]{Example Subgraph of a Compliance Graph. Prioritization of flagged nodes (shaded nodes) is one approach at minimizing severity in a system or set of systems. However, accounting for topographical information and upstream nodes that are in compliance can serve as better approaches for minimizing severity.} + \label{fig:topo-ex} +\end{figure} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/Obj3.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Obtaining a Correction Priority]{Obtaining a Correction Priority. A correction priority can be obtained through a compliance graph and a prior knowledge network. By using graph transformations and network centralities, importance can be assigned to nodes to serve as a correction priority.} + \label{fig:obj3} +\end{figure} + +\subsection{Introduction to Network Centralities} \label{sec:net-cents} +Within the field of network science, centralities are often used to determine the importance of a node or edge of a graph (or network). Various centrality metrics assign importance based on differing characteristics of a graph or network, such as the ability a node or edge has for transferring information, or the influence they may have on other, local or global nodes or edges. The author of \cite{PMID:30064421} provides a survey of centrality measures, and discusses how various centrality measures have been implemented in order to determine node importance in networks. By determining the importance of nodes, various conclusions can be drawn regarding the network, and how to identify noteworthy hubs. In the case of compliance graphs, conclusions can be drawn regarding the prioritization of patching or correction schemes. If one node directs to many other nodes, a mitigation enforcement may be considered imperative to prevent further opportunities for compliance violation. This work discusses centrality measures across various structural changes, and contextualizes their applications to compliance graphs. + +\subsubsection{Network Centralities for Directed Graphs} \label{sec:NC-dir-challenges} +Compliance graphs, like attack graphs, are directed acyclic graphs, and analysis of directed graphs is notably more involved compared to their undirected counterparts. The primary contributor to the increased difficulty is due to the asymmetric adjacency matrix present in directed graphs. Figure \ref{fig:symm-adj} displays an undirected graph with a symmetric adjacency matrix, and Figure \ref{fig:asymm-adj} displays a directed form of the same graph with an asymmetric adjacency matrix. With undirected graphs, simplifications can be made in the analysis process both computationally and conceptually. Since the ``in" degrees are equal to the ``out" degrees, less work is required both in terms of parsing the adjacency matrix, but also in terms of determining importance of nodes. The author of \cite{newman2010networks} discusses that common analysis techniques such as eigenvector centrality is often unapplicable to directed acyclic graphs. As the author of \cite{Mieghem2018DirectedGA} discusses, the difficulty of directed graphs also extends to the graph Laplacian, where the definition for asymmetric adjacency matrices is not uniquely defined, and is based on either row or column sums computing to zero, but both cannot. The author of \cite{Mieghem2018DirectedGA} continues to discuss that directed graphs lead to complex eigenvalues, and can lead to adjacency matrices that are unable to be diagonalized. These challenges require different approaches for typical clustering or centrality measures. + + +\begin{figure}[htp] + \includegraphics[scale=0.5]{"./images/Symm.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Undirected Graph and its Symmetric Adjacency Matrix]{For undirected graphs, the resulting adjacency matrix is symmetric. For all nodes that have a connecting edge, the corresponding cell in the matrix is marked with a ``1". This value is present both when traversing by row and by column. All nodes that do not have a connecting edge have a value of ``0" in their corresponding cell. This value is also present both when traversing by row and by column. Therefore, the halves of the matrix across its diagonal are mirrored.} + \label{fig:symm-adj} +\end{figure} + +\begin{figure}[htp] + \includegraphics[scale=0.5]{"./images/Asymm.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Directed Graph and its Asymmetric Adjacency Matrix]{For directed graphs, the resulting adjacency matrix is asymmetric. Node ``A" has a directed edge to Node ``B", and therefore a value of ``1" is found in the corresponding cell. However, since this edge is not reciprocated, there is a value of ``0" when examining the cell between Node ``B" and Node ``A". This behavior is repeated for other, similar node relationships in this example graph. The halves of the matrix across its diagonal are not mirrored. } + \label{fig:asymm-adj} +\end{figure} + +While Section \ref{sec:rel-works} discusses a few options for approaching the challenges with directed graphs, this work opted for centrality metrics that are natively compatible with compliance graphs. Specifically, this work employed centrality metrics that are compatible with directed graphs and assign importance to nodes, rather than edges. Recall that for compliance graphs, nodes represent the state of an environment, with all relevant asset information encoded within the node. Edges (exploits) represent the changes that can be made to a system state. When generating a compliance graph, the edge specification is performed in advance, where the exploit is known, or the behavior (such as for zero-day modeling) can be described. The edges can have probability values assigned through likelihood analysis, can be linked to known CVEs, or through historical data. Since the unique set of exploits is orders of magnitudes less than the total number of edges in a graph, coupled with existing techniques for assigning edge values, and given the contextualization of edges in a compliance graph, assigning importance to edges is far less beneficial than examining prioritization at the node level. Since the goal of compliance graph analysis is securitization and limiting regulation violation seen at a node level, centrality metrics that assign importance to nodes were chosen over metrics that assign importance to edges. Section \ref{sec:FW} discusses future avenues that include assigning importance to edges in addition to nodes. + +\subsection{Degree} \label{sec:degree} +Degree centrality is a trivial, localized measure of node importance based on the number of edges that a node has. In an undirected graph, the degree centrality is predicated solely on the number of edges. However, in the case of a directed graph, a distinction is drawn with a degree centrality oriented on the number of edges entering a node, and another measure focused on the number of edges leaving a node. Both of these cases provide useful information for compliance graphs. When a node has a large number of other nodes it directs to, this node may be prioritized since it creates further opportunity for violation. When a node has a large number of edges pointing to it, this node may be prioritized since the probability that systems may enter this state is higher due to the increased number of possibilities that a system change could lead to this state. + +Degree centrality for the example networks presented in Section \ref{sec:example-networks} was implemented in R. The attack and compliance graph generator, RAGE, outputs the graph in a Graphviz \cite{Graphviz} DOT file. R's igraph \cite{igraph} package includes functionality to import from a DOT file into an igraph network, and this functionality was used for this purpose. Once the graph was imported, the built-in igraph function for degree centrality was called, and its output was stored in a list. With standard approaches, degree centrality has a spacial and time complexity of $\mathcal{O}(n^2)$. Standard approaches compute degree centrality through the adjacency matrix representation of a graph, which is a \textit{n} x \textit{n} matrix. Apart from the ease-of-use that igraph provides, it also includes optimizations for commonly-used graph operations. Due to the compliance graph structure, the graph can be stored in a column-compressed format as a sparse matrix. This sparse matrix is able to significantly reduce the memory footprint. Rather than storing an integer (or Boolean) value for each node-to-node connection (in the standard a \textit{n} x \textit{n} matrix), a series of reduced columns can be used, which reduces the spatial complexity to $\mathcal{O}(K)$, where \textit{K} is the number of nonzero elements. Operations on a sparse matrix likewise have reduced time complexities, including degree centrality. When using a sparse matrix with igraph's degree centrality function, time complexity is bound by $\mathcal{O}(n*d)$, where \textit{d} is the average degree. + +\subsection{Betweenness}\label{sec:between} +Betweenness centrality ranks node importance based on its ability to transfer information in a network. For all pairs of nodes in a network, a shortest path is determined. A node that is in this shortest path is considered to have importance. The total betweenness centrality is based on the number of shortest paths that pass through a given node. For compliance graphs, the shortest paths are useful to identify the quickest way (least number of steps) that systems may fall out of compliance. By prioritizing the nodes that fall in the highest number of shortest paths, correction schemes can be employed to prolong or prevent systems from falling out of compliance. + +Betweenness centrality is given in Equation \ref{eq:between}, where \textit{i} and \textit{j} are two different, individual nodes in the network, $\sigma_{ij}$ is the total number of shortest paths from \textit{i} to \textit{j}, and $\sigma _{ij}(v)$ is the number of shortest paths that include a node \textit{v}. + +\begin{equation} + \sum_{i \neq i \neq v} \frac{\sigma_{ij}(v)}{\sigma_{ij}} + \label{eq:between} +\end{equation} + +The implementation details for betweenness centrality are largely similar to the details described in Section \ref{sec:degree} for degree centrality. Betweenness centrality was computed using igraph's betweenness function, due to the ease-of-use and graph algorithm optimizations offered by the library. For the applications described in Section \ref{sec:example-networks}, the compliance graphs are unweighted. The igraph library implements Brande's algorithm \cite{brandes} for the centrality computation, which provides drastic improvements over other algorithms for computing betweenness. Using the igraph package, and coupled with the unweighted nature of the given compliance graphs, the time complexity of betweenness centrality is $\mathcal{O}(|n|*|e|)$, where \textit{n} is the number of nodes, and \textit{e} is the number of edges, and the spatial complexity is $\mathcal{O}(n+e)$. + +\subsection{Katz} \label{sec:katz} +Katz centrality was first introduced by the author of \cite{Katz}, and measures the importance of nodes through all paths in a network. Katz centrality varies in that its centrality measure is not limited to solely the shortest path between any two given nodes. The original work by the author defines Katz as seen in Equation \ref{eq:Katz}, where \textit{i} and \textit{j} are nodes in the network, \textit{n} is the total number of nodes in the network, \textit{A} is the adjacency matrix, and $\alpha$ is an attenuation factor and has a value between 0 and 1. A value of 1 is assigned if node \textit{i} is connected to node \textit{j}. + +\begin{equation} + C_{\mathrm {Katz} }(i)=\sum _{k=1}^{\infty }\sum _{j=1}^{n}\alpha ^{k}(A^{k})_{ji} + \label{eq:Katz} +\end{equation} + +Later works have expanded on the original Katz to include a $\beta$ vector that allows for additional scaling in the instance that prior knowledge of the network exists. The modified equation implemented by the authors of \cite{ModKatz} can be seen in Equation \ref{eq:mod_katz}. + +\begin{equation} + \vec{x} = \left(I - \alpha A \right)^{-1}\vec{\beta} + \label{eq:mod_katz} +\end{equation} + +For compliance graphs, Katz centrality represents the total number of paths that exist from a given node to any other downstream nodes, and is scaled based on the attenuation factor as well as the prior knowledge vector $\beta$. When the Katz centrality of a given node is high, prioritizing a correction scheme for the node would be useful to prevent opportunity of future compliance violations that may be many steps ahead, but still reachable from the current state. Additional weighting and scaling can be applied to nodes known in advance to have greater importance through the $\beta$ vector, and through tuning the attenuation factor to give greater weight to local or global reach of nodes. + +For Katz centrality, difficulties can be encountered when computing the eigenvalues. When using the igraph ``eigen" function, \textit{$n^2$} memory is required. This function calls upon a row summing helper function, which requires an intermediate matrix to be held in memory. For large-scale graphs, this quickly becomes problematic. In addition, computing eigenvalues is bound by a time complexity of $\mathcal{O}(n^3)$, which is cumbersome for the large-scale compliance and attack graphs that are generated \cite{laug}. igraph does make use of the LAPACK \cite{laug} routines, which reduces the time complexity to $\mathcal{O}(n^2)$. However, for the compliance graphs that are generated in this work, there are a few ways to work around the time and spatial complexity. Directed acyclic graphs (DAGs) have special properties in their spectral analysis. As the authors of \cite{stankovic2023fourier} and \cite{seifert2023causal} discuss, the eigenvalues of the adjacency matrix of a DAG are 0. As a result, a column vector of 0s of size \textit{n} can be initialized in place of an eigenvalue computation. For computing Katz centrality, a custom method that follows the original approach of \cite{Katz} was created. Though the eigenvalue computation can be omitted, Katz centrality is still bound by matrix multiplication, which has a direct definitional time complexity of $\mathcal{O}(n^3)$ \cite{MACEDO2016999}. Recent works have shown that the time complexity can theoretically be reduced to $\mathcal{O}(n^{2.371552})$ \cite{williams2023new}, however the implemented, tested, and confirmed algorithm for a time complexity of $\mathcal{O}(n^{2.3728596})$ \cite{alman2020refined} is more common in practice. + +For this implementation, since sparse matrices are employed, the time complexity can be reduced even further. Though the eigenvalue vector is initialized to zero, its values are updated to match the adjacency matrix values each iteration. The adjacency matrix will be denoted as \textit{A}, and the eigenvalue vector will be denoted as \textit{B}. For each of these matrices, \textit{a} shall represent the number of nonzero elements in \textit{A}, and \textit{b} shall represent the number of nonzero elements in \textit{B}. Rather than the definitional time complexity being represented as $\mathcal{O}(n*n*n)$, the definitional time complexity for sparse matrices can be represented as $\mathcal{O}(a*b*n)$. Regarding parameters, $\alpha$ was set to 0.5 to allow for a balance in short and long distance edge traversals. The $\beta$ vector was trivially set. If a node was in violation of a mandate, regulation, or some other form of compliance requirement, a value of 5.0 was assigned. Otherwise, the node had a value of 1.0. + +\subsection{Adapted PageRank} \label{sec:pr} +The original PageRank algorithm was first designed by the authors of \cite{PageRank} for the Google prototype for ranking web pages. The authors of \cite{Adapted_PageRank} later introduced an Adapted PageRank algorithm that was designed to measure both the number and quality of connections specifically for an urban network. Equation \ref{eq:PR} displays the PageRank algorithm, where $\gamma$ is a damping factor with a value between 0 and 1, \textit{n} is the total number of nodes in the network, \textit{A} is the adjacency matrix of the network, \textit{i} and \textit{j} represent the row and column of the adjacency matrix, \textit{x} is a given node in the network, and \textit{k} is the row sum out degree. Since the Adapted PageRank algorithm measures the quality of connections, there is increased application to directed networks such as compliance graphs. As seen in Equation \ref{eq:PR}, the \textit{k$_j$} term is a penalizing factor. Importance is based on the in degree of a node, with a penalty for the out degree. If many nodes point to a given node, then that node is considered important due to its accessibility. + +\begin{equation} +x_i = \frac{1-\gamma}{n} + \gamma\sum_{j = 1}^{n}\frac{A_{ij}}{k_j}x_j +\label{eq:PR} +\end{equation} + +The adapted PageRank algorithm includes additional data that may be present in an urban network, such as geographical position, resource availability, and proximity to facilities. This data is user-defined, and may not be present in the network. Equation \ref{eq:APC} displays the Adapated PageRank algorithm in matrix form where \textit{D} is the user-defined data matrix, \textit{I} is the identity matrix, and $\mathds{1}$ is a column matrix comprised of 1s. + +\begin{equation} +(I-\gamma A D)\vec{x} = \frac{1-\gamma}{n}\mathds{1} +\label{eq:APC} +\end{equation} + +For compliance graphs, the Adapted PageRank algorithm is useful for a few reasons. First, it is able to include user-defined data regarding the network. This could include scaling certain nodes to have greater weight, such as those known to be in a noncompliant state. Second, since nodes are penalized for pointing to other nodes, this algorithm is useful for determining nodes that are likely to be visited. If a state has a greater in-degree, it may require greater prioritization since the system has a higher likelihood of falling into this state. + +The implementation details for PageRank centrality are largely similar to the details described in Section \ref{sec:degree} for degree centrality. PageRank centrality was computed using igraph's ``pagerank" function, due to the ease-of-use and graph algorithm optimizations offered by the library. For the applications described in Section \ref{sec:example-networks}, the time complexity of the Adapted PageRank centrality when using igraph is $\mathcal{O}(|E|)$, where \textit{e} is the number of edges, and the spatial complexity is $\mathcal{O}(n)$ for the results vector, plus the spatial requirements of holding the graph object. The igraph computation features improvements over traditional implementations - the traditional time complexity is often $\mathcal{O}(n+e)$, where \textit{n} is the number of nodes, and \textit{e} is the number of edges. + +\subsection{Percolation Centrality} \label{sec:perc} +Percolation centrality was originally presented by the authors of \cite{10.1371/journal.pone.0053095}, and has continued to see usage in works such as that presented by the authors of \cite{10.1145/3288599.3295597} for percolation centrality approximation, and in the work presented by the authors of \cite{9680376} for parallel programming approaches. Percolation centrality aims to measure importance of nodes through their topographical connectivity, as well as through using percolation theory. As a contagion travels through a network, it has the capacity to alter the state of each node. This alteration, and any residual effects, can cause nodes to become percolated, which can then themselves cause other nodes to also become percolated. Equation \ref{eq:PercC} displays the formal definition for percolation centrality, where \textit{x} is the percolated state, \textit{s} is a source node, \textit{v} is a different, unique node, \textit{N} is the number of nodes, $\sigma_{ij}$ is the total number of shortest paths from \textit{i} to \textit{j}, and $\sigma _{ij}(v)$ is the number of shortest paths that include a node \textit{v}. + +\begin{equation} \label{eq:PercC} + PC^t(v)=\frac{1}{(N-2)}\sum_{s \neq v \neq r}\frac{\sigma_{s,r}(v)}{\sigma_{s,r}}\frac{x_{s}^t}{[\sum{x_{i}^t}]-x_{v}^t} +\end{equation} + +For compliance graphs, percolation centrality is able to examine and consider the dependencies that violations may have. Some compliance or regulation mandates rely on the statuses of other mandates. When nodes are flagged as ``at risk" of a violation or are actively violating a mandate, this percolation will spread to surrounding nodes. This measure is able to prioritize nodes based on their surrounding connections and their standings in regard to a mandate. + +Percolation centrality required additional pre-processing before computing centrality values. Though NetworkX \cite{NetworkX} includes a percolation centrality function, percolation attributes need to be embedded within the graph object prior to calling the function. For this centrality metric, all work was performed in Python, and the final centrality vector was passed back to R through the Reticulate library \cite{reticulate}, which acts as an interface between R and Python. + +The pre-processing component of percolation centrality required the parsing of the prior-knowledge network. This file was opened and parsed within Python in order to determine which edge labels marked a violation in a compliance requirement. The graph was processed to determine which nodes were considered ``in violation", which was identifiable through an ``in-edge" with a label that marked a violation state. In addition, the pre-processing identified nodes that were in contact with a violation node through \textit{n}-step reachability. A node was considered to have exposure to a percolated state if it was \textit{n} steps away from a node in violation. This work made use of a 2-step reachability scheme. As the graph was processed, node attributes were assigned with a ``percolation" label. Nodes in violation were assigned a percolation value of 0.99, exposed nodes were assigned a value of 0.50, and all other nodes were assigned a percolation value of 0.01. This approach can be seen in Algorithm \ref{alg:prePC}, which expands the algorithm into an unoptimized format to showcase the process for simplicity. + +\IncMargin{1em} +\begin{algorithm}[htbp] \label{alg:prePC} +\SetKwData{Left}{left} +\SetKwData{This}{this} +\SetKwData{Up}{up} +\SetKwFunction{Union}{Union} +\SetKwFunction{FindCompress}{FindCompress} +\SetKwInOut{Input}{Input}\SetKwInOut{Output}{Output} +\SetKwComment{comment}{\#}{} +\Input{Prior-Knowledge Network (PKN), Network, n (Reachability Step)} +\Output{Network} +\BlankLine + +\textbf{STEP 1:} Parse PKN and identify exploits that denote a violation. \\ + violationEdges = array[]; \\ + \For{$exploit$ in PKN}{ + \If {$exploit$ causesVio} + {do add $exploit$ ID or label to violationEdges array;} + } + +\textbf{STEP 2:} Identify nodes in violation. \\ + violationNodes = array[]; + + \For{$node$ in Network}{ + \uIf {any in-edge is in the violationEdges array} + {do add $node$ to violationNodes array; \\ + do set $node$[percolation attribute] = 0.99;} + \Else + {do set $node$[percolation attribute] = 0.01;} + } + +\textbf{STEP 3:} Identify nodes exposed to violation nodes. \\ + exposedNodes = array[]; + + \If{$n$ is not provided} + {do set $n$ = 2;} + + \For{$node$ in violationNodes array}{ + \If{\textbf{find} {nodes that are within $n$ path length away from $node$ and not in violationNodes array}} + {do add to exposedNodes array;} + } + +\textbf{STEP 4:} Update percolation label for exposed nodes. \\ + \For{$node$ in exposedNodes array}{ + {do set $node$[percolation attribute] = 0.50;} + } + + \caption{Expanded, Unoptimized Approach for Pre-Processing the Network for Percolation Centrality} +\end{algorithm} + +Identifying violation nodes is bound by a time complexity $\mathcal{O}(e)$, where \textit{e} is the number of edges. This is due to iterating through the graph's edge labels. Identifying exposed nodes has a time complexity of $\mathcal{O}(v*k*\log{v})$, where \textit{v} is the number of nodes in violation and \textit{k} is the \textit{n}-step reachability cutoff length. Since the adjacency matrix has already been obtained through the graph object and through edge labels, there is no edge exploration cost incurred. The NetworkX implementation of percolation centrality uses the algorithm presented by the authors of \cite{10.1371/journal.pone.0053095}, which also includes Brande's algorithm \cite{brandes}. For the applications described in Section \ref{sec:example-networks}, the NetworkX time complexity for percolation centrality is $\mathcal{O}(|n|*|e|)$, where \textit{n} is the number of nodes, and \textit{e} is the number of edges. The spatial complexity is $\mathcal{O}(e)$. + +\subsection{Centrality Aggregation} \label{sec:cent-aggr} +Each centrality metric assigns importance on various features of a network. Each approach focuses and highlights on different aspects of the network's topographical properties, with some centrality approaches also relying on external data matrices and prior-knowledge networks. Due to the utility and strengths of each approach, an aggregation of scores in a meta-centrality fashion allows importance to be obtained as a collection of all centrality approaches, rather than choosing a single centrality metric to use. The aggregation of centralities has been investigated in the works seen by the authors of \cite{AUDRITO2021102584}, \cite{LI2018512}, and \cite{MO2019121538}. + +To aggregate the importance scores, a few approaches are possible. The authors of \cite{bordacent} use a Borda-count based aggregation system to study the effect of super-spreaders in a network through a meta-centrality approach. Other approaches include the Kemeny-Young method \cite{6023c4f8-ecc1-3dbe-9f88-265b318523d2}, \cite{doi:10.1137/0135023}, however this approach requires a greater computation requirement that yields this unfeasible for the large-scale compliance graphs. Though the Borda-count approach would be feasible, this work opted for a mean-based rank method for simplicity. Equation \ref{eq:CentAgg} displays the approach for computing an aggregated centrality score. In this approach, a proportion is computed for each node in relation to the overall centrality score for that metric. That proportion is then adjusted based on a weighting for the metric, where the weighting is a value between 0.0 and 1.0, where all weightings sum to a value of 1.0. This approach allows for each centrality metric to contribute to the aggregated centrality score, but additional tuning can be employed to assign greater contributions to metrics that may utilize prior-knowledge of the embedded network information (such as Katz or Percolation Centrality). + +\begin{equation} \label{eq:CentAgg} + \begin{split} + importance_{i} = (\frac{\frac{degree_{i}}{\Sigma degree}*weight_{degree}}{length(CentralityMetrics)}) + \\ + (\frac{\frac{betweenness_{i}}{\Sigma betweenness}*weight_{betweenness}}{length(CentralityMetrics)})+\\ + (\frac{\frac{Katz_{i}}{\Sigma Katz}*weight_{Katz}}{length(CentralityMetrics)})+\\ + (\frac{\frac{PageRank_{i}}{\Sigma PageRank}*weight_{PageRank}}{length(CentralityMetrics)})+\\ + (\frac{\frac{percolation_{i}}{\Sigma percolation}*weight_{percolation}}{length(CentralityMetrics)}) + \end{split} +\end{equation} + +Post-processing is performed on the aggregated centrality vector. Since prior-knowledge networks are implemented for all example applications, it is useful to further tune the aggregated scores. In order for a graph node to be fully mitigated, all ``in-edges" must be prevented. Within the prior-knowledge network, all exploits (edges) have information to specify the cost of mitigation if possible. This prior-knowledge network is parsed in order to identify exploits that cannot be prevented. The graph is then processed to identify nodes that have an unpreventable exploit as an in-edge, and are therefore unpreventable nodes. Since these nodes cannot be removed from the network or mitigated, their centrality value is removed from the aggregated vector since analysis computation will yield no beneficial results for these nodes. The removed aggregated value is equally distributed to all other nodes in the aggregated vector that have a nonzero value. This process is shown in Algorithm \ref{alg:redistcent}. + +\IncMargin{1em} +\begin{algorithm}[htbp] \label{alg:redistcent} +\SetKwData{Left}{left} +\SetKwData{This}{this} +\SetKwData{Up}{up} +\SetKwFunction{Union}{Union} +\SetKwFunction{FindCompress}{FindCompress} +\SetKwInOut{Input}{Input}\SetKwInOut{Output}{Output} +\SetKwComment{comment}{\#}{} +\Input{Prior-Knowledge Network (PKN), aggregatedCentralityVector} +\Output{aggregatedCentralityVector} +\BlankLine + +\textbf{STEP 1:} Parse PKN and identify unpreventable exploits. \\ +\textbf{STEP 2:} Identify unpreventable nodes and gather/reset their centrality score. \\ + redistributeValue = 0; + + \For{$node$ in Network}{ + \If {any in-edge is unpreventable or unable to be mitigated} + {do redistributeValue += aggregatedCentralityVector[$node$]; + + do aggregatedCentralityVector[$node$] = 0;} + } +\textbf{STEP 3:} Redistribute Centrality Scores \\ + redistributeValue /= number of nonzero aggregated scores; + + \For{$score$ in aggregatedCentralityVector}{ + \If{$score$ is nonzero} + {do $score$ += redistributeValue} + } + + \caption{Redistribute Aggregated Centrality Scores} +\end{algorithm} + +\subsection{Centrality Results and Analysis} \label{sec:cent-res} +\begin{table}[] + \scriptsize + \centering + \caption{Properties of the Aggregated Centrality Scores for the Three Example Networks} + \begin{tabular}{|c|c|c|c|} + \hline + & \textbf{\begin{tabular}[c]{@{}c@{}}Automobile\\ Maintenance\end{tabular}} & \textbf{HIPAA} & \textbf{OSHA 1910H} \\ \hline + \textbf{\begin{tabular}[c]{@{}c@{}}Number of Nonzero\\ Elements\end{tabular}} & 4245 & 9215 & 4603 \\ \hline + \textbf{\begin{tabular}[c]{@{}c@{}}Percent of Total\\ Elements that are Nonzero\end{tabular}} & 6.341\% & 1.481 x $10^{1}$\hspace{0.05em}\% & 9.516\% \\ \hline + \textbf{\begin{tabular}[c]{@{}c@{}}Number of Zero\\ Elements\end{tabular}} & 6270 x $10^{1}$ & 5300 x $10^{1}$ & 4377 x $10^{1}$ \\ \hline + \textbf{Nonzero Minimum} & 2.214 x $10^{-4}$ & 9.723 x $10^{-5}$ & 2.076 x $10^{-4}$ \\ \hline + \textbf{Maximum} & 1.936 x $10^{-3}$ & 2.713 x $10^{-4}$ & 2.592 x $10^{-4}$ \\ \hline + \textbf{Nonzero Mean} & 2.356 x $10^{-4}$ & 1.085 x $10^{-4}$ & 2.172 x $10^{-4}$ \\ \hline + \textbf{\begin{tabular}[c]{@{}c@{}}Nonzero Element\\ Standard Deviation\end{tabular}} & 6.248 x $10^{-5}$ & 5.428 x $10^{-6}$ & 2.855 x $10^{-6}$ \\ \hline + \end{tabular} + \label{tab:aggCentScores} +\end{table} + +Table \ref{tab:aggCentScores} displays the statistical properties of the aggregated centrality scores. In all example networks, by performing post-processing, the number of states that can be analyzed is drastically reduced. In all cases, due to unpreventable exploits in the network, severities or importances can be set to 0 to prevent any further analysis on the given states. This reduction in state space has implications that require contextual understanding of the input data; it could be considered beneficial, a negative indication, or neutral. Though it reduces the state space and alleviates additional computation strain on future analysis work, it can be indicative of insufficient mitigation information or of a large set of zero-day or critical issues with no known remedy. Alternatively, the pruned nodes could be neutral states. In each network, there are flag-setting states, states that progress time, and states that reflect normal, expected behavior. In the prior-knowledge network, these states have no mitigations since their execution is expected or required. For all three example networks in this work, all pruned nodes are neutral states. Section \ref{sec:example-networks} describes the networks in more detail, and describes how all exploits that are known to cause a violation have at least one mitigation. + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/carDist.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Aggregated Centrality Score Distribution for the Automobile Maintenance Network]{Aggregated Centrality Score Distribution for the Automobile Maintenance Network. The resulting distribution of the aggregated centrality scores when using the centrality metrics presented in Section \ref{sec:net-cents}.} + \label{fig:carAggCentDist} +\end{figure} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/carDistCF.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Cullen and Frey Plot for the Nonzero Elements of the Aggregated Centralities for the Automobile Maintenance Network]{Cullen and Frey Plot for the Nonzero Elements of the Aggregated Centralities for the Automobile Maintenance Network. 500 bootstrap values (random selection with replacement) are used. This Figure displays skewness\textsuperscript{2} versus kurtosis to characterize the aggregated centrality scores with various distributions.} + \label{fig:carAggCentDistCF} +\end{figure} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/hipaaDist.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Aggregated Centrality Score Distribution for the HIPAA Network]{Aggregated Centrality Score Distribution for the HIPAA Network. The resulting distribution of the aggregated centrality scores when using the centrality metrics presented in Section \ref{sec:net-cents}.} + \label{fig:hipaaAggCentDist} +\end{figure} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/hipaaDistCF.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Cullen and Frey Plot for the Nonzero Elements of the Aggregated Centralities for the HIPAA Network]{Cullen and Frey Plot for the Nonzero Elements of the Aggregated Centralities for the HIPAA Network. 500 bootstrap values (random selection with replacement) are used. This Figure displays skewness\textsuperscript{2} versus kurtosis to characterize the aggregated centrality scores with various distributions.} + \label{fig:hipaaAggCentDistCF} +\end{figure} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/oshaDist.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Aggregated Centrality Score Distribution for the OSHA 1910H Network]{Aggregated Centrality Score Distribution for the OSHA 190H Network. The resulting distribution of the aggregated centrality scores when using the centrality metrics presented in Section \ref{sec:net-cents}.} + \label{fig:oshaAggCentDist} +\end{figure} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/oshaDistCF.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Cullen and Frey Plot for the Nonzero Elements of the Aggregated Centralities for the OSHA 1910H Network]{Cullen and Frey Plot for the Nonzero Elements of the Aggregated Centralities for the OSHA 1910H Network. 500 bootstrap values (random selection with replacement) are used. This Figure displays skewness\textsuperscript{2} versus kurtosis to characterize the aggregated centrality scores with various distributions.} + \label{fig:oshaAggCentDistCF} +\end{figure} + +Figures \ref{fig:carAggCentDist}, \ref{fig:hipaaAggCentDist}, and \ref{fig:oshaAggCentDist} display the distribution of the aggregated centrality scores. These Figures depict a distribution of all elements, including the elements with a score of zero. Though no future analysis was conducted with the aggregated centrality scores in this work, additional insight or analysis could be performed regarding these results. To add insight, Cullen and Frey plots (Figures \ref{fig:carAggCentDistCF}, \ref{fig:hipaaAggCentDistCF}, and \ref{fig:oshaAggCentDistCF}) were generated using only the nonzero elements of all three example networks' aggregated centrality scores. Each plot uses 500 bootstrap values in the generation, which randomly select and replace values from the aggregated centrality vector to aid in the potential uncertainty of the data set. Though this work makes no direct analysis of these plots other than displaying their distribution characterizations, they could yield promising results for new techniques or approaches using statistical analysis. This is discussed further in Section \ref{sec:FW}. + +\subsection{Validation} \label{sec:cent-valid} +In order to validate the aggregated centrality scores, the following characteristics were examined, and test cases were created to compare against expected behavior. The results of these tests are not included in this work, since the test results were a boolean ``pass" or ``fail". If a failed test was encountered, the validation process failed, and the methodology was flawed and in need of correction. For the work presented, each test returned a successful outcome. +\begin{itemize} + \item The sum across the aggregated centrality scores vector is 1.0. + \item All individual centrality metric scores are greater than or equal to 0.0. + \item All aggregated centrality scores are greater than 0.0. + \item All individual centrality metric scores contain nonzero values. + \item Select a random node and check the PKN to determine if this node is preventable: + \begin{itemize} + \item If preventable, ensure that the aggregated centrality score is nonzero. + \item If unpreventable, ensure that the aggregated centrality score is zero. + \end{itemize} + \item The aggregated centrality score for the root node is zero. + \item All individual centrality metric score vectors match in length to the number of nodes in the network. + \item The aggregated centrality metric score vector matches in length to the number of nodes in the network. +\end{itemize} + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +\section{Graph Transformations} \label{sec:graph-xform} +Generating compliance graphs as a DAG is done so purposefully. DAGs are useful representations for relationships and dependencies, and the authors of \cite{stankovic2023fourier} reaffirm this standing. DAGs and their traversals reveal deeper understandings of causal relationships between nodes and events, and can aid in the analysis and prediction of known or expected events. However, for compliance graphs, it may be useful to transform the DAG into an alternate structure for additional analysis. It is still important to generate the compliance graph as a DAG initially to obtain the relationships of the network, and only after its initial generation is the graph transformation investigated. These transformations can be useful for determining which nodes are most important when an adversarial action can be considered to have infinite time and resources to perform changes to the original system. Alternatively, they can be useful for determining which nodes are most important from an information flow perspective, where adversarial actions must pass though a series of nodes to reach any other node in the network. This Section presents transformation options and contextualizations for compliance graphs to aid in the analysis process. Section \ref{sec:TC} presents the Transitive Closure, and Section \ref{sec:DT} presents the Dominant Tree. + +\subsection{Transitive Closure} \label{sec:TC} +Transitive closure represents a transitive relation on a given binary set, and can be used to determine reachability of a given network. Figure \ref{fig:TC} displays an example output when performing transitive closure. In context of compliance graphs, it is useful to consider that an adversary (whether an internal or external malicious actor, poor policy execution by an organization, accidental misuse, or any other adversarial occurrence) could have no time constraints. That is, for any given state of the system or set of systems, an adversarial act could have ``infinite" time to perform a series of actions. If no prior knowledge is known about the network, it can be assumed that all changes performed on the systems are equally likely. In practice, specifying a probability that a change can occur has been performed through a Markov Decision Process, such as that seen by the authors of \cite{li_combining_2019} and \cite{zeng_cyber_2017}. When under these assumptions, it is useful to then consider which nodes are important, assuming they have 1-step reachability to any downstream node they may have a transitive connection to. + +\begin{figure}[htp] + \includegraphics[scale=0.6]{"./images/TC.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Illustration of an Example DAG and its Transitive Closure]{Illustration of an Example DAG and its Transitive Closure. Each node in the original DAG has 1-step reachability to any downstream node it has a transitive connection to in the resulting transitive closure. } + \label{fig:TC} +\end{figure} + + +\subsection{Dominant Tree} \label{sec:DT} +Dominance, as initially introduced by the author of \cite{dominance} in terms of flow, is defined as a node that is in every path to another node. If a node \textit{i} is a destination node, and every path to \textit{i} from a source node includes node \textit{j}, then node \textit{j} is said to dominate node \textit{i}. Figure \ref{fig:domNet} displays an example starting network. With node 1 as the source node, it is evident that node 2 immediately dominates nodes 3, 4, 5, and 6, since all messages from node 1 must pass through node 2. By definition, each node must also dominate itself, so node 2 also dominates node 2. + +Following the properties of dominance, a dominator tree can be derived. In a dominator tree, each node has children that it immediately dominates. Immediate dominance is referred to nodes that strictly dominate a given node, but do not strictly dominate any other node that may strictly dominate a node. Figure \ref{fig:domTree} displays the dominant tree of the network seen in Figure \ref{fig:domNet}. + +\begin{figure}[htp] + \includegraphics[scale=0.6]{"./images/dom_net_unshaded.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Example ``Base" Network for Illustrating Dominance]{Example ``Base" Network for Illustrating Dominance. An arbitrary DAG that has not yet undergone transformation.} + \label{fig:domNet} +\end{figure} + +\begin{figure}[htp] + \includegraphics[scale=0.6]{"./images/dom_tree_unshaded.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Dominant Tree Derived from the ``Base" Network]{Dominant Tree Derived from the Network Displayed in Figure \ref{fig:domNet}. Node 1 dominates Node 2, and Node 2 possesses immediate dominance over Nodes 3, 4, 5, and 6.} + \label{fig:domTree} +\end{figure} + +Dominant trees do alter the structure of compliance graphs, and lead to leaf nodes and branches that do not exist in the original network. As a result, some nodes that have directed edges to other nodes may be moved to a position where the edge no longer points to the original nodes. However, in dominant trees, all node parents dominate their children. In this format, the information flow is guided predominantly by the upstream nodes, and all parents in the dominant tree exist as upstream nodes in the original compliance graph. While some downstream nodes may be altered, the importance of nodes can be reexamined in the dominant tree to see how importance differs when information flow is refined. + +\subsection{Results and Analysis} \label{sec:xform-res} +To analyze the changes in the original DAG, network properties were collected for the transitive closure and dominant tree representations. Table \ref{tab:auto-prop} displays the properties for the automobile maintenance example, Table \ref{tab:hipaa-prop} displays the properties for the HIPAA example, and Table \ref{tab:osha-prop} displays the properties for the OSHA 1910H example. For each of the graphs, the number of nodes and number of edges were collected to examine how the quantity of the network structures changes. In all examples, it was expected that the number of edges for the transitive closure would substantially increase, and it was expected that the number of edges for the dominant tree would decrease. Efficiency in terms of network science was introduced by the authors of \cite{PhysRevLett.87.198701}. Efficiency of a graph is measured by its ability to exchange information, whereas the distance between nodes increases, the efficiency decreases. Global efficiency is a measure of communication exchange within the entire network. Local efficiency of a node is quantified through the impact of information exchange if that node was removed from the network, and is therefore a measure of fault tolerance. For the transitive closures, it is expected that the removal of any node has minimal impact on communication efficiency. Since each node has a connecting edge to all downstream nodes, the removal of any one midstream node should not degrade the ability to exchange information throughout the network. For dominant trees, the opposite is expected. The dominant tree network is generated through the concept of dominance, which is a measure of how information is passed through nodes. Since the dominant tree is hierarchical based on communication exchange properties, the removal of a node will have more severe impacts on the communication efficiency. + +The radius and diameter of a graph are computed through eccentricity. Each node in a network will have an eccentricity value, which is the shortest path from that node to the farthest reachable node. The radius of a graph is the smallest eccentricity value, and the diameter is the largest eccentricity value. For transitive closures, since new edges are drawn from all upstream nodes to all reachable downstream nodes, it is expected that the radius and diameter decrease. No analysis or conclusions were drawn from the dominant trees, since the dominance of the original DAG may vary, which could result in either an increase or decrease in the radius and diameter. The density of a graph is a proportion of actual edges and theoretical edges. Due to the addition of edges in the transitive closure, the density is expected to increase compared to the original DAG. No analysis or conclusions were drawn from the dominant trees, since the dominance of the original DAG may vary, which could result in either an increase or decrease in the density. + +% Automobile +\begin{table}[] + \scriptsize + \centering + \caption{Network Property Comparisons of the Original DAG, Transitive Closure, and Dominant Tree for the Automobile Maintenance Network} + \begin{tabular}{|c|c|c|c|} + \hline + & \textbf{DAG} & \textbf{\begin{tabular}[c]{@{}c@{}}Transitive\\ Closure\end{tabular}} & \textbf{\begin{tabular}[c]{@{}c@{}}Dominant\\ Tree\end{tabular}} \\ \hline + \textbf{Number of Nodes} & 6695 x $10^{1}$ & 6695 x $10^{1}$ & 6695 x $10^{1}$ \\ \hline + \textbf{Number of Edges} & 4682 x $10^{2}$ & 3958 x $10^{4}$ & 6694 x $10^{1}$ \\ \hline + \textbf{Global Efficiency} & 1.541 x $10^{-3}$ & 8.831 x $10^{-3}$ & 2.465 x $10^{-5}$ \\ \hline + \textbf{\begin{tabular}[c]{@{}c@{}}Average Local\\ Efficiency\end{tabular}} & 1.515 x $10^{-1}$ & 2.164 x $10^{-1}$ & 0.000 \\ \hline + \textbf{Radius} & 13.00 & 1.000 & 7.000 \\ \hline + \textbf{Diameter} & 18.00 & 1.000 & 8.000 \\ \hline + \textbf{Density} & 1.045 x $10^{-4}$ & 8.831 x $10^{-3}$ & 1.494 x $10^{-5}$ \\ \hline + \end{tabular} + \label{tab:auto-prop} +\end{table} + +% HIPAA +\begin{table}[] + \scriptsize + \centering + \caption{Network Property Comparisons of the Original DAG, Transitive Closure, and Dominant Tree for the HIPAA Network} + \begin{tabular}{|c|c|c|c|} + \hline + & \textbf{DAG} & \textbf{\begin{tabular}[c]{@{}c@{}}Transitive\\ Closure\end{tabular}} & \textbf{\begin{tabular}[c]{@{}c@{}}Dominant\\ Tree\end{tabular}} \\ \hline + \textbf{Number of Nodes} & 6222 x $10^{1}$ & 6622 x $10^{1}$ & 6222 x $10^{1}$ \\ \hline + \textbf{Number of Edges} & 4009 x $10^{2}$ & 2475 x $10^{4}$ & 6222 x $10^{1}$ \\ \hline + \textbf{Global Efficiency} & 1.417 x $10^{-3}$ & 6.394 x $10^{-3}$ & 1.935 x $10^{-5}$ \\ \hline + \textbf{\begin{tabular}[c]{@{}c@{}}Average Local\\ Efficiency\end{tabular}} & 1.225 x $10^{-1}$ & 1.866 x $10^{-1}$ & 0.000 \\ \hline + \textbf{Radius} & 17.00 & 1.000 & 6.000 \\ \hline + \textbf{Diameter} & 19.00 & 1.000 & 6.000 \\ \hline + \textbf{Density} & 1.036 x $10^{-4}$ & 6.394 x $10^{-3}$ & 1.607 x $10^{-5}$ \\ \hline + \end{tabular} + \label{tab:hipaa-prop} +\end{table} + +% OSHA +\begin{table}[] + \scriptsize + \centering + \caption{Network Property Comparisons of the Original DAG, Transitive Closure, and Dominant Tree for the OSHA 1910H Network} + \begin{tabular}{|c|c|c|c|} + \hline + & \textbf{DAG} & \textbf{\begin{tabular}[c]{@{}c@{}}Transitive\\ Closure\end{tabular}} & \textbf{\begin{tabular}[c]{@{}c@{}}Dominant\\ Tree\end{tabular}} \\ \hline + \textbf{Number of Nodes} & 4837 x $10^{1}$ & 4837 x $10^{1}$ & 4837 x $10^{1}$ \\ \hline + \textbf{Number of Edges} & 4083 x $10^{2}$ & 3584 x $10^{4}$ & 4837 x $10^{1}$ \\ \hline + \textbf{Global Efficiency} & 3.187 x $10^{-3}$ & 1.532 x $10^{-2}$ & 3.533 x $10^{-5}$ \\ \hline + \textbf{\begin{tabular}[c]{@{}c@{}}Average Local\\ Efficiency\end{tabular}} & 1.616 x $10^{-1}$ & 2.200 x $10^{-1}$ & 0.000 \\ \hline + \textbf{Radius} & 7.000 & 1.000 & 4.000 \\ \hline + \textbf{Diameter} & 25.00 & 1.000 & 5.000 \\ \hline + \textbf{Density} & 1.745 x $10^{-4}$ & 1.532 x $10^{-2}$ & 2.067 x $10^{-5}$ \\ \hline + \end{tabular} + \label{tab:osha-prop} +\end{table} + +\subsection{Validation} \label{sec:xform-valid} +Since no direct analysis is conducted on the transformed compliance graphs, validation of the transformation is limited. Though centrality metrics can be collected on the transformed graphs, the same validation techniques employed by the original network will be used. In order to validate the transformed graphs, there are a few network properties that were examined, and test cases were created to compare against expected behavior. The results of these tests are not included in this work, since the test results were a boolean ``pass" or ``fail". If a failed test was encountered, the validation process failed, and the methodology was flawed and in need of correction. For the work presented, each test returned a successful outcome. +\begin{itemize} + \item{The root node in the original DAG is the root node of the Transitive Closure and Dominant Tree representations.} + \item{The number of nodes in the Transitive Closure and Dominant Tree representations do not exceed the number of nodes in the original DAG.} + \item{The number of nodes in the Dominant Tree representation is equal to the number of nodes in the original DAG.} + \item{The number of edges in the Dominant Tree representation do not exceed the number of edges in the original DAG.} + \item{The number of edges in the Transitive closure representation do exceed the number of edges in the original DAG.} + \item{For the Transitive Closure representation, the root node should have a number of edges equal to 1 minus the number of nodes.} + \item{The diameter and radius of the Transitive Closure representation are both 1.} +\end{itemize} + +\section{Future Work} \label{sec:FW} + +\section{Conclusions} + +This work presented and implemented a methodology for obtaining violation priorities in a compliance graph. Specifically, this work analyzed and validated the results on three example networks: an automotive maintenance example, a HIPAA example, and an OSHA 1910H example. Each network centrality metric provides unique insight on the topological information in a compliance graph, and three of the metrics (Katz (Section \ref{sec:katz}), Adapted PageRank (Section \ref{sec:pr}), and Percolation (Section \ref{sec:perc})) are also able to work with the embedded information of the compliance graph. Each unique scoring of each compliance graph node from the centrality metrics are then aggregated and processed as part of the work presented in Section \ref{sec:cent-aggr}. The results were validated as part of the validation process shown in Section \ref{sec:cent-valid}. These results are provided in the form of violation priorities under constraints, and showcase significant savings in terms of computations due to the implemented solutions for each centrality metric. Additional computational savings will be carried forward in future analysis techniques due to the significant reduction of nonzero elements for each example network. + +In addition, this work presented and implemented two transformation options for compliance graphs. The transitive closure transformation presented in Section \ref{sec:TC} is useful for determining all possible routes for noncompliance given unlimited time and resources. By reducing all chains of events to single-step reachability, new analysis techniques could be investigated to focus on immediate importance. The dominant tree transformation presented in Section \ref{sec:DT} is useful for providing a graph structure based on information flow. This transformation alters the original structure of the compliance graph, leading to a new hierarchy of nodes based on dominance. Using this transformation, the importance of nodes can be reexamined to determine how importance differs when information flow is refined. The results were validated as part of the validation process shown in Section \ref{sec:xform-valid}. The results in Section \ref{sec:xform-res} showcase notable differences in network properties, which allow for new investigations to uncover further information from future analysis techniques. + +\addcontentsline{toc}{section}{Bibliography} +\bibliography{Bibliography} +\bibliographystyle{ieeetr} +\end{document} \ No newline at end of file diff --git a/Diss_Version/build.sh b/Diss_Version/build.sh new file mode 100755 index 0000000..3b26134 --- /dev/null +++ b/Diss_Version/build.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +bibtex ./output/Schrick-Noah_CG-Network-Theory +pdflatex -output-directory=./output Schrick-Noah_CG-Network-Theory.tex \ No newline at end of file diff --git a/Diss_Version/images/Asymm.png b/Diss_Version/images/Asymm.png new file mode 100644 index 0000000..22a2b94 Binary files /dev/null and b/Diss_Version/images/Asymm.png differ diff --git a/Diss_Version/images/Obj3.png b/Diss_Version/images/Obj3.png new file mode 100644 index 0000000..edc9b99 Binary files /dev/null and b/Diss_Version/images/Obj3.png differ diff --git a/Diss_Version/images/Symm.png b/Diss_Version/images/Symm.png new file mode 100644 index 0000000..716ef1a Binary files /dev/null and b/Diss_Version/images/Symm.png differ diff --git a/images/TC.png b/Diss_Version/images/TC.png similarity index 100% rename from images/TC.png rename to Diss_Version/images/TC.png diff --git a/Diss_Version/images/Topographical.png b/Diss_Version/images/Topographical.png new file mode 100644 index 0000000..864a98b Binary files /dev/null and b/Diss_Version/images/Topographical.png differ diff --git a/Diss_Version/images/carDist.png b/Diss_Version/images/carDist.png new file mode 100644 index 0000000..e816d6e Binary files /dev/null and b/Diss_Version/images/carDist.png differ diff --git a/Diss_Version/images/carDistCF.png b/Diss_Version/images/carDistCF.png new file mode 100644 index 0000000..d10364b Binary files /dev/null and b/Diss_Version/images/carDistCF.png differ diff --git a/images/dom_net.png b/Diss_Version/images/dom_net.png similarity index 100% rename from images/dom_net.png rename to Diss_Version/images/dom_net.png diff --git a/images/dom_net_unshaded.png b/Diss_Version/images/dom_net_unshaded.png similarity index 100% rename from images/dom_net_unshaded.png rename to Diss_Version/images/dom_net_unshaded.png diff --git a/images/dom_tree.png b/Diss_Version/images/dom_tree.png similarity index 100% rename from images/dom_tree.png rename to Diss_Version/images/dom_tree.png diff --git a/images/dom_tree_unshaded.png b/Diss_Version/images/dom_tree_unshaded.png similarity index 100% rename from images/dom_tree_unshaded.png rename to Diss_Version/images/dom_tree_unshaded.png diff --git a/Diss_Version/images/hipaaDist.png b/Diss_Version/images/hipaaDist.png new file mode 100644 index 0000000..729b542 Binary files /dev/null and b/Diss_Version/images/hipaaDist.png differ diff --git a/Diss_Version/images/hipaaDistCF.png b/Diss_Version/images/hipaaDistCF.png new file mode 100644 index 0000000..e7b5a60 Binary files /dev/null and b/Diss_Version/images/hipaaDistCF.png differ diff --git a/Diss_Version/images/oshaDist.png b/Diss_Version/images/oshaDist.png new file mode 100644 index 0000000..403c0c1 Binary files /dev/null and b/Diss_Version/images/oshaDist.png differ diff --git a/Diss_Version/images/oshaDistCF.png b/Diss_Version/images/oshaDistCF.png new file mode 100644 index 0000000..a5840b4 Binary files /dev/null and b/Diss_Version/images/oshaDistCF.png differ diff --git a/Diss_Version/output/Schrick-Noah_CG-Network-Theory.aux b/Diss_Version/output/Schrick-Noah_CG-Network-Theory.aux new file mode 100644 index 0000000..c6029db --- /dev/null +++ b/Diss_Version/output/Schrick-Noah_CG-Network-Theory.aux @@ -0,0 +1,192 @@ +\relax +\providecommand\babel@aux[2]{} +\@nameuse{bbl@beforestart} +\citation{j_hale_compliance_nodate} +\citation{baloyi_guidelines_2019} +\citation{allman_complying_2006} +\citation{Jha2002TwoFA} +\providecommand \oddpage@label [2]{} +\babel@aux{nil}{} +\@writefile{toc}{\contentsline {section}{\numberline {I}Introduction}{1}{}\protected@file@percent } +\newlabel{sec:Intro}{{I}{1}{}{}{}} +\@writefile{toc}{\contentsline {section}{\numberline {II}Related Works}{1}{}\protected@file@percent } +\newlabel{sec:rel-works}{{II}{1}{}{}{}} +\citation{Jha2002TwoFA} +\citation{Jha2002TwoFA} +\citation{10.1016/j.comcom.2006.06.01837} +\citation{Islam2008AHA36} +\citation{10.1109/IAS.2008.38} +\citation{GCAI-2018:Analysis_of_Attack_Graph} +\citation{ming_diss} +\citation{10.1145/3491257} +\citation{ming_diss} +\citation{Guo2017HermitianAM} +\citation{Mieghem2018DirectedGA} +\citation{Brualdi2010SpectraOD} +\citation{PMID:30064421} +\@writefile{toc}{\contentsline {section}{\numberline {III}Example Networks}{2}{}\protected@file@percent } +\newlabel{sec:example-networks}{{III}{2}{}{}{}} +\@writefile{toc}{\contentsline {section}{\numberline {IV}Identifying Correction Priority Through Network Centralities}{2}{}\protected@file@percent } +\newlabel{sec:corr-priorities}{{IV}{2}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-A}}Introduction to Network Centralities}{2}{}\protected@file@percent } +\newlabel{sec:net-cents}{{\mbox {IV-A}}{2}{}{}{}} +\citation{newman2010networks} +\citation{Mieghem2018DirectedGA} +\citation{Mieghem2018DirectedGA} +\@writefile{lof}{\contentsline {figure}{\numberline {1}{\ignorespaces Example Subgraph of a Compliance Graph}}{3}{}\protected@file@percent } +\newlabel{fig:topo-ex}{{1}{3}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {2}{\ignorespaces Obtaining a Correction Priority}}{3}{}\protected@file@percent } +\newlabel{fig:obj3}{{2}{3}{}{}{}} +\newlabel{sec:NC-dir-challenges}{{\mbox {IV-A}1}{3}{}{}{}} +\@writefile{toc}{\contentsline {subsubsection}{\numberline {\mbox {IV-A}1}Network Centralities for Directed Graphs}{3}{}\protected@file@percent } +\@writefile{lof}{\contentsline {figure}{\numberline {3}{\ignorespaces Undirected Graph and its Symmetric Adjacency Matrix}}{3}{}\protected@file@percent } +\newlabel{fig:symm-adj}{{3}{3}{}{}{}} +\citation{Graphviz} +\citation{igraph} +\citation{brandes} +\@writefile{lof}{\contentsline {figure}{\numberline {4}{\ignorespaces Directed Graph and its Asymmetric Adjacency Matrix}}{4}{}\protected@file@percent } +\newlabel{fig:asymm-adj}{{4}{4}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-B}}Degree}{4}{}\protected@file@percent } +\newlabel{sec:degree}{{\mbox {IV-B}}{4}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-C}}Betweenness}{4}{}\protected@file@percent } +\newlabel{sec:between}{{\mbox {IV-C}}{4}{}{}{}} +\newlabel{eq:between}{{1}{4}{}{}{}} +\citation{Katz} +\citation{ModKatz} +\citation{laug} +\citation{laug} +\citation{stankovic2023fourier} +\citation{seifert2023causal} +\citation{Katz} +\citation{MACEDO2016999} +\citation{williams2023new} +\citation{alman2020refined} +\citation{PageRank} +\citation{Adapted_PageRank} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-D}}Katz}{5}{}\protected@file@percent } +\newlabel{sec:katz}{{\mbox {IV-D}}{5}{}{}{}} +\newlabel{eq:Katz}{{2}{5}{}{}{}} +\newlabel{eq:mod_katz}{{3}{5}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-E}}Adapted PageRank}{5}{}\protected@file@percent } +\newlabel{sec:pr}{{\mbox {IV-E}}{5}{}{}{}} +\citation{10.1371/journal.pone.0053095} +\citation{10.1145/3288599.3295597} +\citation{9680376} +\citation{NetworkX} +\citation{reticulate} +\citation{10.1371/journal.pone.0053095} +\citation{brandes} +\newlabel{eq:PR}{{4}{6}{}{}{}} +\newlabel{eq:APC}{{5}{6}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-F}}Percolation Centrality}{6}{}\protected@file@percent } +\newlabel{sec:perc}{{\mbox {IV-F}}{6}{}{}{}} +\newlabel{eq:PercC}{{6}{6}{}{}{}} +\citation{AUDRITO2021102584} +\citation{LI2018512} +\citation{MO2019121538} +\citation{bordacent} +\citation{6023c4f8-ecc1-3dbe-9f88-265b318523d2} +\citation{doi:10.1137/0135023} +\newlabel{alg:prePC}{{1}{7}{}{}{}} +\@writefile{loa}{\contentsline {algocf}{\numberline {1}{\ignorespaces Expanded, Unoptimized Approach for Pre-Processing the Network for Percolation Centrality}}{7}{}\protected@file@percent } +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-G}}Centrality Aggregation}{7}{}\protected@file@percent } +\newlabel{sec:cent-aggr}{{\mbox {IV-G}}{7}{}{}{}} +\newlabel{eq:CentAgg}{{7}{7}{}{}{}} +\newlabel{alg:redistcent}{{2}{8}{}{}{}} +\@writefile{loa}{\contentsline {algocf}{\numberline {2}{\ignorespaces Redistribute Aggregated Centrality Scores}}{8}{}\protected@file@percent } +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-H}}Centrality Results and Analysis}{8}{}\protected@file@percent } +\newlabel{sec:cent-res}{{\mbox {IV-H}}{8}{}{}{}} +\@writefile{lot}{\contentsline {table}{\numberline {I}{\ignorespaces Properties of the Aggregated Centrality Scores for the Three Example Networks}}{8}{}\protected@file@percent } +\newlabel{tab:aggCentScores}{{I}{8}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {5}{\ignorespaces Aggregated Centrality Score Distribution for the Automobile Maintenance Network}}{8}{}\protected@file@percent } +\newlabel{fig:carAggCentDist}{{5}{8}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {6}{\ignorespaces Cullen and Frey Plot for the Nonzero Elements of the Aggregated Centralities for the Automobile Maintenance Network}}{8}{}\protected@file@percent } +\newlabel{fig:carAggCentDistCF}{{6}{8}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {7}{\ignorespaces Aggregated Centrality Score Distribution for the HIPAA Network}}{9}{}\protected@file@percent } +\newlabel{fig:hipaaAggCentDist}{{7}{9}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {8}{\ignorespaces Cullen and Frey Plot for the Nonzero Elements of the Aggregated Centralities for the HIPAA Network}}{9}{}\protected@file@percent } +\newlabel{fig:hipaaAggCentDistCF}{{8}{9}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {9}{\ignorespaces Aggregated Centrality Score Distribution for the OSHA 1910H Network}}{9}{}\protected@file@percent } +\newlabel{fig:oshaAggCentDist}{{9}{9}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {10}{\ignorespaces Cullen and Frey Plot for the Nonzero Elements of the Aggregated Centralities for the OSHA 1910H Network}}{9}{}\protected@file@percent } +\newlabel{fig:oshaAggCentDistCF}{{10}{9}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-I}}Validation}{9}{}\protected@file@percent } +\newlabel{sec:cent-valid}{{\mbox {IV-I}}{9}{}{}{}} +\citation{stankovic2023fourier} +\citation{li_combining_2019} +\citation{zeng_cyber_2017} +\citation{dominance} +\@writefile{toc}{\contentsline {section}{\numberline {V}Graph Transformations}{10}{}\protected@file@percent } +\newlabel{sec:graph-xform}{{V}{10}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {V-A}}Transitive Closure}{10}{}\protected@file@percent } +\newlabel{sec:TC}{{\mbox {V-A}}{10}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {11}{\ignorespaces Illustration of an Example DAG and its Transitive Closure}}{10}{}\protected@file@percent } +\newlabel{fig:TC}{{11}{10}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {V-B}}Dominant Tree}{10}{}\protected@file@percent } +\newlabel{sec:DT}{{\mbox {V-B}}{10}{}{}{}} +\citation{PhysRevLett.87.198701} +\@writefile{lof}{\contentsline {figure}{\numberline {12}{\ignorespaces Example ``Base" Network for Illustrating Dominance}}{11}{}\protected@file@percent } +\newlabel{fig:domNet}{{12}{11}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {V-C}}Results and Analysis}{11}{}\protected@file@percent } +\newlabel{sec:xform-res}{{\mbox {V-C}}{11}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {13}{\ignorespaces Dominant Tree Derived from the ``Base" Network}}{11}{}\protected@file@percent } +\newlabel{fig:domTree}{{13}{11}{}{}{}} +\@writefile{lot}{\contentsline {table}{\numberline {II}{\ignorespaces Network Property Comparisons of the Original DAG, Transitive Closure, and Dominant Tree for the Automobile Maintenance Network}}{12}{}\protected@file@percent } +\newlabel{tab:auto-prop}{{II}{12}{}{}{}} +\@writefile{lot}{\contentsline {table}{\numberline {III}{\ignorespaces Network Property Comparisons of the Original DAG, Transitive Closure, and Dominant Tree for the HIPAA Network}}{12}{}\protected@file@percent } +\newlabel{tab:hipaa-prop}{{III}{12}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {V-D}}Validation}{12}{}\protected@file@percent } +\newlabel{sec:xform-valid}{{\mbox {V-D}}{12}{}{}{}} +\@writefile{lot}{\contentsline {table}{\numberline {IV}{\ignorespaces Network Property Comparisons of the Original DAG, Transitive Closure, and Dominant Tree for the OSHA 1910H Network}}{12}{}\protected@file@percent } +\newlabel{tab:osha-prop}{{IV}{12}{}{}{}} +\@writefile{toc}{\contentsline {section}{\numberline {VI}Future Work}{12}{}\protected@file@percent } +\newlabel{sec:FW}{{VI}{12}{}{}{}} +\@writefile{toc}{\contentsline {section}{\numberline {VII}Conclusions}{12}{}\protected@file@percent } +\bibdata{Bibliography} +\bibcite{j_hale_compliance_nodate}{1} +\bibcite{baloyi_guidelines_2019}{2} +\bibcite{allman_complying_2006}{3} +\bibcite{Jha2002TwoFA}{4} +\bibcite{10.1016/j.comcom.2006.06.01837}{5} +\bibcite{Islam2008AHA36}{6} +\bibcite{10.1109/IAS.2008.38}{7} +\bibcite{GCAI-2018:Analysis_of_Attack_Graph}{8} +\bibcite{ming_diss}{9} +\bibcite{10.1145/3491257}{10} +\bibcite{Guo2017HermitianAM}{11} +\bibcite{Mieghem2018DirectedGA}{12} +\bibcite{Brualdi2010SpectraOD}{13} +\bibcite{PMID:30064421}{14} +\bibcite{newman2010networks}{15} +\bibcite{Graphviz}{16} +\bibcite{igraph}{17} +\bibcite{brandes}{18} +\bibcite{Katz}{19} +\bibcite{ModKatz}{20} +\bibcite{laug}{21} +\bibcite{stankovic2023fourier}{22} +\bibcite{seifert2023causal}{23} +\bibcite{MACEDO2016999}{24} +\bibcite{williams2023new}{25} +\bibcite{alman2020refined}{26} +\bibcite{PageRank}{27} +\bibcite{Adapted_PageRank}{28} +\bibcite{10.1371/journal.pone.0053095}{29} +\bibcite{10.1145/3288599.3295597}{30} +\bibcite{9680376}{31} +\bibcite{NetworkX}{32} +\bibcite{reticulate}{33} +\bibcite{AUDRITO2021102584}{34} +\bibcite{LI2018512}{35} +\bibcite{MO2019121538}{36} +\bibcite{bordacent}{37} +\bibcite{6023c4f8-ecc1-3dbe-9f88-265b318523d2}{38} +\bibcite{doi:10.1137/0135023}{39} +\bibcite{li_combining_2019}{40} +\bibcite{zeng_cyber_2017}{41} +\bibcite{dominance}{42} +\bibcite{PhysRevLett.87.198701}{43} +\@writefile{toc}{\contentsline {section}{Bibliography}{13}{}\protected@file@percent } +\@writefile{toc}{\contentsline {section}{References}{13}{}\protected@file@percent } +\bibstyle{ieeetr} +\gdef \@abspage@last{14} diff --git a/Diss_Version/output/Schrick-Noah_CG-Network-Theory.bbl b/Diss_Version/output/Schrick-Noah_CG-Network-Theory.bbl new file mode 100644 index 0000000..a467675 --- /dev/null +++ b/Diss_Version/output/Schrick-Noah_CG-Network-Theory.bbl @@ -0,0 +1,216 @@ +\begin{thebibliography}{10} + +\bibitem{j_hale_compliance_nodate} +{J. Hale}, P.~Hawrylak, and M.~Papa, ``Compliance {Method} for a + {Cyber}-{Physical} {System}.'' +\newblock U.S. Patent Number 9,471,789, Oct. 18, 2016. + +\bibitem{baloyi_guidelines_2019} +N.~Baloyi and P.~Kotzé, ``Guidelines for {Data} {Privacy} {Compliance}: {A} + {Focus} on {Cyberphysical} {Systems} and {Internet} of {Things},'' in {\em + {SAICSIT} '19: {Proceedings} of the {South} {African} {Institute} of + {Computer} {Scientists} and {Information} {Technologists} 2019}, (Skukuza + South Africa), Association for Computing Machinery, 2019. + +\bibitem{allman_complying_2006} +E.~Allman, ``Complying with {Compliance}: {Blowing} it off is not an option.,'' + {\em ACM Queue}, vol.~4, no.~7, 2006. + +\bibitem{Jha2002TwoFA} +S.~Jha, O.~Sheyner, and J.~M. Wing, ``Two formal analyses of attack graphs,'' + {\em Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15}, + pp.~49--63, 2002. + +\bibitem{10.1016/j.comcom.2006.06.01837} +L.~Wang, S.~Noel, and S.~Jajodia, ``Minimum-cost network hardening using attack + graphs,'' {\em Computer Communications}, vol.~29, pp.~3812--3824, nov 2006. + +\bibitem{Islam2008AHA36} +T.~Islam and L.~Wang, ``A heuristic approach to minimum-cost network hardening + using attack graph,'' {\em 2008 New Technologies, Mobility and Security}, + pp.~1--5, 2008. + +\bibitem{10.1109/IAS.2008.38} +F.~Chen, L.~Wang, and J.~Su, ``An efficient approach to minimum-cost network + hardening using attack graphs,'' in {\em Proceedings of the 2008 The Fourth + International Conference on Information Assurance and Security}, IAS '08, + (USA), pp.~209--212, IEEE Computer Society, 2008. + +\bibitem{GCAI-2018:Analysis_of_Attack_Graph} +T.~Gonda, T.~Pascal, R.~Puzis, G.~Shani, and B.~Shapira, ``Analysis of attack + graph representations for ranking vulnerability fixes,'' in {\em GCAI-2018. + 4th Global Conference on Artificial Intelligence} (D.~Lee, A.~Steen, and + T.~Walsh, eds.), vol.~55 of {\em EPiC Series in Computing}, pp.~215--228, + EasyChair, 2018. + +\bibitem{ming_diss} +M.~Li, P.~Hawrylak, and J.~Hale, {\em A System for Attack Graph Generation and + Analysis}. +\newblock {PhD} dissertation, The University of Tulsa, Tulsa, OK, 2021. + +\bibitem{10.1145/3491257} +M.~Li, P.~Hawrylak, and J.~Hale, ``Strategies for practical hybrid attack graph + generation and analysis,'' {\em Digital Threats}, Oct 2021. + +\bibitem{Guo2017HermitianAM} +K.~Guo and B.~Mohar, ``{Hermitian Adjacency Matrix of Digraphs and Mixed + Graphs},'' {\em Journal of Graph Theory}, vol.~85, 2017. + +\bibitem{Mieghem2018DirectedGA} +P.~V. Mieghem, ``Directed graphs and mysterious complex eigenvalues,'' 2018. +\newblock {Delft University of Technology.} + +\bibitem{Brualdi2010SpectraOD} +R.~A. Brualdi, ``{Spectra of Digraphs},'' {\em Linear Algebra and Its + Applications}, vol.~432, pp.~2181--2213, 2010. + +\bibitem{PMID:30064421} +M.~Ashtiani, A.~Salehzadeh-Yazdi, Z.~Razaghi-Moghadam, H.~Hennig, + O.~Wolkenhauer, M.~Mirzaie, and M.~Jafari, ``A systematic survey of + centrality measures for protein-protein interaction networks,'' {\em {BMC + Systems Biology}}, vol.~12, p.~80, July 2018. + +\bibitem{newman2010networks} +M.~Newman, {\em Networks: An Introduction}. +\newblock Oxford University Press, 2010. + +\bibitem{Graphviz} +T.~G. Authors, {\em {Graphviz}: Graph Visualization}, 2023. +\newblock Graphviz release 8.1.0 [Online]. Available:https://www.graphviz.org/. + +\bibitem{igraph} +G.~Csárdi, T.~Nepusz, V.~Traag, S.~Horvát, F.~Zanini, D.~Noom, and + K.~Müller, {\em {Igraph}: Network Analysis and Visualization in R}, 2023. +\newblock R package version 1.5.1. + +\bibitem{brandes} +U.~Brandes, ``A faster algorithm for betweenness centrality*,'' {\em The + Journal of Mathematical Sociology}, vol.~25, no.~2, pp.~163--177, 2001. + +\bibitem{Katz} +L.~Katz, ``{A New Status Index Derived From Sociometric Analysis},'' {\em + Psychometrika}, vol.~18, pp.~39--43, March 1953. + +\bibitem{ModKatz} +M.~Ogura and V.~M. Preciado, ``Katz centrality of markovian temporal networks: + Analysis and optimization,'' {\em 2017 American Control Conference (ACC)}, + pp.~5001--5006, 2017. + +\bibitem{laug} +E.~Anderson, Z.~Bai, C.~Bischof, S.~Blackford, J.~Demmel, J.~Dongarra, + J.~Du~Croz, A.~Greenbaum, S.~Hammarling, A.~McKenney, and D.~Sorensen, {\em + {LAPACK} Users' Guide}. +\newblock Philadelphia, PA: Society for Industrial and Applied Mathematics, + 3rd~ed., 1999. + +\bibitem{stankovic2023fourier} +L.~Stankovic, M.~Dakovic, A.~B. Bardi, M.~Brajovic, and I.~Stankovic, ``Fourier + analysis of signals on directed acyclic graphs (dag) using graph + zero-padding,'' 2023. +\newblock arXiv:2311.01073. + +\bibitem{seifert2023causal} +B.~Seifert, C.~Wendler, and M.~Püschel, ``Causal fourier analysis on directed + acyclic graphs and posets,'' 2023. +\newblock arXiv:2209.07970. + +\bibitem{MACEDO2016999} +H.~D. Macedo, ``Gaussian elimination is not optimal, revisited,'' {\em Journal + of Logical and Algebraic Methods in Programming}, vol.~85, no.~5, Part 2, + pp.~999--1010, 2016. + +\bibitem{williams2023new} +V.~V. Williams, Y.~Xu, Z.~Xu, and R.~Zhou, ``New bounds for matrix + multiplication: From alpha to omega,'' 2023. + +\bibitem{alman2020refined} +J.~Alman and V.~V. Williams, ``A refined laser method and faster matrix + multiplication,'' 2020. + +\bibitem{PageRank} +S.~Brin and L.~Page, ``The anatomy of a large-scale hypertextual web search + engine,'' {\em Computer Networks and ISDN Systems}, vol.~30, no.~1, + pp.~107--117, 1998. +\newblock Proceedings of the Seventh International World Wide Web Conference. + +\bibitem{Adapted_PageRank} +T.~Agryzkov, J.~L. Oliver, L.~Tortosa, and J.-F. Vicent, ``An algorithm for + ranking the nodes of an urban network based on the concept of pagerank + vector,'' {\em Appl. Math. Comput.}, vol.~219, pp.~2186--2193, 2012. + +\bibitem{10.1371/journal.pone.0053095} +M.~Piraveenan, M.~Prokopenko, and L.~Hossain, ``Percolation centrality: + Quantifying graph-theoretic impact of nodes during percolation in networks,'' + {\em Plos One}, vol.~8, pp.~1--14, 01 2013. + +\bibitem{10.1145/3288599.3295597} +S.~De, M.~S. Barik, and I.~Banerjee, ``A percolation-based recovery mechanism + for bot infected p2p cloud,'' in {\em Proceedings of the 20th International + Conference on Distributed Computing and Networking}, ICDCN '19, (New York, + NY, USA), pp.~474--479, Association for Computing Machinery, 2019. + +\bibitem{9680376} +A.~Chandramouli, S.~Jana, and K.~Kothapalli, ``Efficient parallel algorithms + for computing percolation centrality,'' in {\em 2021 IEEE 28th International + Conference on High Performance Computing, Data, and Analytics (HiPC)}, + pp.~111--120, 2021. + +\bibitem{NetworkX} +A.~Hagberg, P.~J. Swart, and D.~A. Schult, ``Exploring network structure, + dynamics, and function using networkx,'' +\newblock {Available: https://www.osti.gov/biblio/960616}. + +\bibitem{reticulate} +K.~Ushey, J.~Allaire, and Y.~Tang, {\em Reticulate: Interface to 'Python'}, + 2023. +\newblock {R package version 1.28. Available: + https://CRAN.R-project.org/package=reticulate}. + +\bibitem{AUDRITO2021102584} +G.~Audrito, D.~Pianini, F.~Damiani, and M.~Viroli, ``Aggregate centrality + measures for iot-based coordination,'' {\em Science of Computer Programming}, + vol.~203, p.~102584, 2021. + +\bibitem{LI2018512} +C.~Li, L.~Wang, S.~Sun, and C.~Xia, ``Identification of influential spreaders + based on classified neighbors in real-world complex networks,'' {\em Applied + Mathematics and Computation}, vol.~320, pp.~512--523, 2018. + +\bibitem{MO2019121538} +H.~Mo and Y.~Deng, ``Identifying node importance based on evidence theory in + complex networks,'' {\em Physica A: Statistical Mechanics and Its + Applications}, vol.~529, p.~121538, 2019. + +\bibitem{bordacent} +A.~Madotto and J.~Liu, ``Super-spreader identification using meta-centrality,'' + {\em Scientific Reports}, vol.~6, Dec. 2016. + +\bibitem{6023c4f8-ecc1-3dbe-9f88-265b318523d2} +J.~G. Kemeny, ``Mathematics without numbers,'' {\em Daedalus}, vol.~88, no.~4, + pp.~577--591, 1959. + +\bibitem{doi:10.1137/0135023} +H.~P. Young and A.~Levenglick, ``A consistent extension of condorcet’s + election principle,'' {\em SIAM Journal on Applied Mathematics}, vol.~35, + no.~2, pp.~285--300, 1978. + +\bibitem{li_combining_2019} +M.~Li, P.~Hawrylak, and J.~Hale, ``Combining {OpenCL} and {MPI} to support + heterogeneous computing on a cluster,'' {\em ACM International Conference + Proceeding Series}, 2019. + +\bibitem{zeng_cyber_2017} +K.~Zeng, ``Cyber {Attack} {Analysis} {Based} on {Markov} {Process} {Model},'' + Master's thesis, The University of Tulsa, Tulsa, OK, 2017. + +\bibitem{dominance} +R.~T. Prosser, ``Applications of boolean matrices to the analysis of flow + diagrams,'' in {\em Papers Presented at the December 1-3, 1959, Eastern Joint + IRE-AIEE-ACM Computer Conference}, IRE-AIEE-ACM '59 (Eastern), (New York, NY, + USA), p.~133–138, Association for Computing Machinery, 1959. + +\bibitem{PhysRevLett.87.198701} +V.~Latora and M.~Marchiori, ``Efficient behavior of small-world networks,'' + {\em Phys. Rev. Lett.}, vol.~87, p.~198701, Oct 2001. + +\end{thebibliography} diff --git a/Diss_Version/output/Schrick-Noah_CG-Network-Theory.blg b/Diss_Version/output/Schrick-Noah_CG-Network-Theory.blg new file mode 100644 index 0000000..53a0eab --- /dev/null +++ b/Diss_Version/output/Schrick-Noah_CG-Network-Theory.blg @@ -0,0 +1,62 @@ +This is BibTeX, Version 0.99d (TeX Live 2024/Arch Linux) +Capacity: max_strings=200000, hash_size=200000, hash_prime=170003 +The top-level auxiliary file: ./output/Schrick-Noah_CG-Network-Theory.aux +The style file: ieeetr.bst +Database file #1: Bibliography.bib +You're missing a field part---line 381 of file Bibliography.bib + : number = + : , +I'm skipping whatever remains of this entry +Repeated entry---line 1130 of file Bibliography.bib + : @article{MO2019121538 + : , +I'm skipping whatever remains of this entry +Repeated entry---line 1143 of file Bibliography.bib + : @article{LI2018512 + : , +I'm skipping whatever remains of this entry +Warning--empty booktitle in Mieghem2018DirectedGA +Warning--empty journal in NetworkX +Warning--empty year in NetworkX +You've used 43 entries, + 1876 wiz_defined-function locations, + 749 strings with 11358 characters, +and the built_in function-call counts, 10768 in all, are: += -- 1040 +> -- 449 +< -- 0 ++ -- 167 +- -- 124 +* -- 731 +:= -- 1527 +add.period$ -- 53 +call.type$ -- 43 +change.case$ -- 39 +chr.to.int$ -- 0 +cite$ -- 46 +duplicate$ -- 569 +empty$ -- 1024 +format.name$ -- 124 +if$ -- 2664 +int.to.chr$ -- 0 +int.to.str$ -- 43 +missing$ -- 35 +newline$ -- 144 +num.names$ -- 45 +pop$ -- 147 +preamble$ -- 1 +purify$ -- 0 +quote$ -- 0 +skip$ -- 401 +stack$ -- 0 +substring$ -- 560 +swap$ -- 237 +text.length$ -- 0 +text.prefix$ -- 0 +top$ -- 0 +type$ -- 0 +warning$ -- 3 +while$ -- 87 +width$ -- 45 +write$ -- 420 +(There were 3 error messages) diff --git a/Diss_Version/output/Schrick-Noah_CG-Network-Theory.log b/Diss_Version/output/Schrick-Noah_CG-Network-Theory.log new file mode 100644 index 0000000..abb876b --- /dev/null +++ b/Diss_Version/output/Schrick-Noah_CG-Network-Theory.log @@ -0,0 +1,728 @@ +This is pdfTeX, Version 3.141592653-2.6-1.40.26 (TeX Live 2024/Arch Linux) (preloaded format=pdflatex 2024.4.16) 18 APR 2024 14:07 +entering extended mode + restricted \write18 enabled. + %&-line parsing enabled. +**Schrick-Noah_CG-Network-Theory.tex +(./Schrick-Noah_CG-Network-Theory.tex +LaTeX2e <2023-11-01> patch level 1 +L3 programming layer <2024-02-20> +(/usr/share/texmf-dist/tex/latex/ieeetran/IEEEtran.cls +Document Class: IEEEtran 2015/08/26 V1.8b by Michael Shell +-- See the "IEEEtran_HOWTO" manual for usage information. +-- http://www.michaelshell.org/tex/ieeetran/ +\@IEEEtrantmpdimenA=\dimen140 +\@IEEEtrantmpdimenB=\dimen141 +\@IEEEtrantmpdimenC=\dimen142 +\@IEEEtrantmpcountA=\count188 +\@IEEEtrantmpcountB=\count189 +\@IEEEtrantmpcountC=\count190 +\@IEEEtrantmptoksA=\toks17 +LaTeX Font Info: Trying to load font information for OT1+ptm on input line 5 +03. +(/usr/share/texmf-dist/tex/latex/psnfss/ot1ptm.fd +File: ot1ptm.fd 2001/06/04 font definitions for OT1/ptm. +) +-- Using 8.5in x 11in (letter) paper. +-- Using PDF output. +\@IEEEnormalsizeunitybaselineskip=\dimen143 +-- This is a 10 point document. +\CLASSINFOnormalsizebaselineskip=\dimen144 +\CLASSINFOnormalsizeunitybaselineskip=\dimen145 +\IEEEnormaljot=\dimen146 +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <5> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <5> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <7> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <7> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <8> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <8> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <9> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <9> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <10> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <10> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <11> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <11> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <12> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <12> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <17> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <17> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <20> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <20> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <24> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <24> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +\IEEEquantizedlength=\dimen147 +\IEEEquantizedlengthdiff=\dimen148 +\IEEEquantizedtextheightdiff=\dimen149 +\IEEEilabelindentA=\dimen150 +\IEEEilabelindentB=\dimen151 +\IEEEilabelindent=\dimen152 +\IEEEelabelindent=\dimen153 +\IEEEdlabelindent=\dimen154 +\IEEElabelindent=\dimen155 +\IEEEiednormlabelsep=\dimen156 +\IEEEiedmathlabelsep=\dimen157 +\IEEEiedtopsep=\skip48 +\c@section=\count191 +\c@subsection=\count192 +\c@subsubsection=\count193 +\c@paragraph=\count194 +\c@IEEEsubequation=\count195 +\abovecaptionskip=\skip49 +\belowcaptionskip=\skip50 +\c@figure=\count196 +\c@table=\count197 +\@IEEEeqnnumcols=\count198 +\@IEEEeqncolcnt=\count199 +\@IEEEsubeqnnumrollback=\count266 +\@IEEEquantizeheightA=\dimen158 +\@IEEEquantizeheightB=\dimen159 +\@IEEEquantizeheightC=\dimen160 +\@IEEEquantizeprevdepth=\dimen161 +\@IEEEquantizemultiple=\count267 +\@IEEEquantizeboxA=\box51 +\@IEEEtmpitemindent=\dimen162 +\IEEEPARstartletwidth=\dimen163 +\c@IEEEbiography=\count268 +\@IEEEtranrubishbin=\box52 +) (/usr/share/texmf-dist/tex/latex/setspace/setspace.sty +Package: setspace 2022/12/04 v6.7b set line spacing +) +(/usr/share/texmf-dist/tex/latex/graphics/graphicx.sty +Package: graphicx 2021/09/16 v1.2d Enhanced LaTeX Graphics (DPC,SPQR) + +(/usr/share/texmf-dist/tex/latex/graphics/keyval.sty +Package: keyval 2022/05/29 v1.15 key=value parser (DPC) +\KV@toks@=\toks18 +) +(/usr/share/texmf-dist/tex/latex/graphics/graphics.sty +Package: graphics 2022/03/10 v1.4e Standard LaTeX Graphics (DPC,SPQR) + +(/usr/share/texmf-dist/tex/latex/graphics/trig.sty +Package: trig 2021/08/11 v1.11 sin cos tan (DPC) +) +(/usr/share/texmf-dist/tex/latex/graphics-cfg/graphics.cfg +File: graphics.cfg 2016/06/04 v1.11 sample graphics configuration +) +Package graphics Info: Driver file: pdftex.def on input line 107. + +(/usr/share/texmf-dist/tex/latex/graphics-def/pdftex.def +File: pdftex.def 2022/09/22 v1.2b Graphics/color driver for pdftex +)) +\Gin@req@height=\dimen164 +\Gin@req@width=\dimen165 +) +(/usr/share/texmf-dist/tex/latex/float/float.sty +Package: float 2001/11/08 v1.3d Float enhancements (AL) +\c@float@type=\count269 +\float@exts=\toks19 +\float@box=\box53 +\@float@everytoks=\toks20 +\@floatcapt=\box54 +) +\@float@every@table=\toks21 + +(/usr/share/texmf-dist/tex/generic/iftex/ifpdf.sty +Package: ifpdf 2019/10/25 v3.4 ifpdf legacy package. Use iftex instead. + +(/usr/share/texmf-dist/tex/generic/iftex/iftex.sty +Package: iftex 2022/02/03 v1.0f TeX engine tests +)) +(/usr/share/texmf-dist/tex/generic/babel/babel.sty +Package: babel 2024/02/07 v24.2 The Babel package +\babel@savecnt=\count270 +\U@D=\dimen166 +\l@unhyphenated=\language5 + +(/usr/share/texmf-dist/tex/generic/babel/txtbabel.def) +\bbl@readstream=\read2 +\bbl@dirlevel=\count271 +Package babel Info: You haven't specified a language as a class or package +(babel) option. I'll load 'nil'. Reported on input line 4258. + +(/usr/share/texmf-dist/tex/generic/babel/nil.ldf +Language: nil 2024/02/07 v24.2 Nil language +\l@nil=\language6 +)) +(/usr/share/texmf-dist/tex/latex/doublestroke/dsfont.sty +Package: dsfont 1995/08/01 v0.1 Double stroke roman fonts +) +(/usr/share/texmf-dist/tex/latex/base/inputenc.sty +Package: inputenc 2021/02/14 v1.3d Input encoding file +\inpenc@prehook=\toks22 +\inpenc@posthook=\toks23 +) +(/usr/share/texmf-dist/tex/latex/tools/indentfirst.sty +Package: indentfirst 2023/07/02 v1.03 Indent first paragraph (DPC) +) +(/usr/share/texmf-dist/tex/latex/tocloft/tocloft.sty +Package: tocloft 2017/08/31 v2.3i parameterised ToC, etc., typesetting +Package tocloft Info: The document has section divisions on input line 51. +\cftparskip=\skip51 +\cftbeforetoctitleskip=\skip52 +\cftaftertoctitleskip=\skip53 +\cftbeforesecskip=\skip54 +\cftsecindent=\skip55 +\cftsecnumwidth=\skip56 +\cftbeforesubsecskip=\skip57 +\cftsubsecindent=\skip58 +\cftsubsecnumwidth=\skip59 +\cftbeforesubsubsecskip=\skip60 +\cftsubsubsecindent=\skip61 +\cftsubsubsecnumwidth=\skip62 +\cftbeforeparaskip=\skip63 +\cftparaindent=\skip64 +\cftparanumwidth=\skip65 +\cftbeforesubparaskip=\skip66 +\cftsubparaindent=\skip67 +\cftsubparanumwidth=\skip68 +\cftbeforeloftitleskip=\skip69 +\cftafterloftitleskip=\skip70 +\cftbeforefigskip=\skip71 +\cftfigindent=\skip72 +\cftfignumwidth=\skip73 +\c@lofdepth=\count272 +\c@lotdepth=\count273 +\cftbeforelottitleskip=\skip74 +\cftafterlottitleskip=\skip75 +\cftbeforetabskip=\skip76 +\cfttabindent=\skip77 +\cfttabnumwidth=\skip78 +) +(/usr/share/texmf-dist/tex/latex/amsmath/amsmath.sty +Package: amsmath 2023/05/13 v2.17o AMS math features +\@mathmargin=\skip79 + +For additional information on amsmath, use the `?' option. +(/usr/share/texmf-dist/tex/latex/amsmath/amstext.sty +Package: amstext 2021/08/26 v2.01 AMS text + +(/usr/share/texmf-dist/tex/latex/amsmath/amsgen.sty +File: amsgen.sty 1999/11/30 v2.0 generic functions +\@emptytoks=\toks24 +\ex@=\dimen167 +)) +(/usr/share/texmf-dist/tex/latex/amsmath/amsbsy.sty +Package: amsbsy 1999/11/29 v1.2d Bold Symbols +\pmbraise@=\dimen168 +) +(/usr/share/texmf-dist/tex/latex/amsmath/amsopn.sty +Package: amsopn 2022/04/08 v2.04 operator names +) +\inf@bad=\count274 +LaTeX Info: Redefining \frac on input line 234. +\uproot@=\count275 +\leftroot@=\count276 +LaTeX Info: Redefining \overline on input line 399. +LaTeX Info: Redefining \colon on input line 410. +\classnum@=\count277 +\DOTSCASE@=\count278 +LaTeX Info: Redefining \ldots on input line 496. +LaTeX Info: Redefining \dots on input line 499. +LaTeX Info: Redefining \cdots on input line 620. +\Mathstrutbox@=\box55 +\strutbox@=\box56 +LaTeX Info: Redefining \big on input line 722. +LaTeX Info: Redefining \Big on input line 723. +LaTeX Info: Redefining \bigg on input line 724. +LaTeX Info: Redefining \Bigg on input line 725. +\big@size=\dimen169 +LaTeX Font Info: Redeclaring font encoding OML on input line 743. +LaTeX Font Info: Redeclaring font encoding OMS on input line 744. +\macc@depth=\count279 +LaTeX Info: Redefining \bmod on input line 905. +LaTeX Info: Redefining \pmod on input line 910. +LaTeX Info: Redefining \smash on input line 940. +LaTeX Info: Redefining \relbar on input line 970. +LaTeX Info: Redefining \Relbar on input line 971. +\c@MaxMatrixCols=\count280 +\dotsspace@=\muskip16 +\c@parentequation=\count281 +\dspbrk@lvl=\count282 +\tag@help=\toks25 +\row@=\count283 +\column@=\count284 +\maxfields@=\count285 +\andhelp@=\toks26 +\eqnshift@=\dimen170 +\alignsep@=\dimen171 +\tagshift@=\dimen172 +\tagwidth@=\dimen173 +\totwidth@=\dimen174 +\lineht@=\dimen175 +\@envbody=\toks27 +\multlinegap=\skip80 +\multlinetaggap=\skip81 +\mathdisplay@stack=\toks28 +LaTeX Info: Redefining \[ on input line 2953. +LaTeX Info: Redefining \] on input line 2954. +) +(/usr/share/texmf-dist/tex/latex/algorithm2e/algorithm2e.sty +Package: algorithm2e 2017/07/18 v5.2 algorithms environments +\c@AlgoLine=\count286 + +(/usr/share/texmf-dist/tex/latex/base/ifthen.sty +Package: ifthen 2022/04/13 v1.1d Standard LaTeX ifthen package (DPC) +) +\algocf@hangindent=\skip82 + +(/usr/share/texmf-dist/tex/latex/ifoddpage/ifoddpage.sty +Package: ifoddpage 2022/10/18 v1.2 Conditionals for odd/even page detection +\c@checkoddpage=\count287 +) +(/usr/share/texmf-dist/tex/latex/tools/xspace.sty +Package: xspace 2014/10/28 v1.13 Space after command names (DPC,MH) +) +(/usr/share/texmf-dist/tex/latex/relsize/relsize.sty +Package: relsize 2013/03/29 ver 4.1 +) +\skiptotal=\skip83 +\skiplinenumber=\skip84 +\skiprule=\skip85 +\skiphlne=\skip86 +\skiptext=\skip87 +\skiplength=\skip88 +\algomargin=\skip89 +\skipalgocfslide=\skip90 +\algowidth=\dimen176 +\inoutsize=\dimen177 +\inoutindent=\dimen178 +\interspacetitleruled=\dimen179 +\interspacealgoruled=\dimen180 +\interspacetitleboxruled=\dimen181 +\algocf@ruledwidth=\skip91 +\algocf@inoutbox=\box57 +\algocf@inputbox=\box58 +\AlCapSkip=\skip92 +\AlCapHSkip=\skip93 +\algoskipindent=\skip94 +\algocf@nlbox=\box59 +\algocf@hangingbox=\box60 +\algocf@untilbox=\box61 +\algocf@skipuntil=\skip95 +\algocf@capbox=\box62 +\algocf@lcaptionbox=\skip96 +\algoheightruledefault=\skip97 +\algoheightrule=\skip98 +\algotitleheightruledefault=\skip99 +\algotitleheightrule=\skip100 +\c@algocfline=\count288 +\c@algocfproc=\count289 +\c@algocf=\count290 +\algocf@algoframe=\box63 +\algocf@algobox=\box64 +) +(/usr/share/texmf-dist/tex/latex/l3backend/l3backend-pdftex.def +File: l3backend-pdftex.def 2024-02-20 L3 backend support: PDF output (pdfTeX) +\l__color_backend_stack_int=\count291 +\l__pdf_internal_box=\box65 +) +(./output/Schrick-Noah_CG-Network-Theory.aux) +\openout1 = `Schrick-Noah_CG-Network-Theory.aux'. + +LaTeX Font Info: Checking defaults for OML/cmm/m/it on input line 27. +LaTeX Font Info: ... okay on input line 27. +LaTeX Font Info: Checking defaults for OMS/cmsy/m/n on input line 27. +LaTeX Font Info: ... okay on input line 27. +LaTeX Font Info: Checking defaults for OT1/cmr/m/n on input line 27. +LaTeX Font Info: ... okay on input line 27. +LaTeX Font Info: Checking defaults for T1/cmr/m/n on input line 27. +LaTeX Font Info: ... okay on input line 27. +LaTeX Font Info: Checking defaults for TS1/cmr/m/n on input line 27. +LaTeX Font Info: ... okay on input line 27. +LaTeX Font Info: Checking defaults for OMX/cmex/m/n on input line 27. +LaTeX Font Info: ... okay on input line 27. +LaTeX Font Info: Checking defaults for U/cmr/m/n on input line 27. +LaTeX Font Info: ... okay on input line 27. + +-- Lines per column: 56 (exact). +(/usr/share/texmf-dist/tex/context/base/mkii/supp-pdf.mkii +[Loading MPS to PDF converter (version 2006.09.02).] +\scratchcounter=\count292 +\scratchdimen=\dimen182 +\scratchbox=\box66 +\nofMPsegments=\count293 +\nofMParguments=\count294 +\everyMPshowfont=\toks29 +\MPscratchCnt=\count295 +\MPscratchDim=\dimen183 +\MPnumerator=\count296 +\makeMPintoPDFobject=\count297 +\everyMPtoPDFconversion=\toks30 +) (/usr/share/texmf-dist/tex/latex/epstopdf-pkg/epstopdf-base.sty +Package: epstopdf-base 2020-01-24 v2.11 Base part for package epstopdf +Package epstopdf-base Info: Redefining graphics rule for `.eps' on input line 4 +85. + +(/usr/share/texmf-dist/tex/latex/latexconfig/epstopdf-sys.cfg +File: epstopdf-sys.cfg 2010/07/13 v1.3 Configuration of (r)epstopdf for TeX Liv +e +)) +Underfull \hbox (badness 2922) in paragraph at lines 65--68 +[]\OT1/ptm/b/it/9 Abstract\OT1/ptm/b/n/9 ---Compliance graphs are generated gra +phs (or + [] + + +Underfull \hbox (badness 1371) in paragraph at lines 65--68 +\OT1/ptm/b/n/9 can be used to identify possible correction or mitigation + [] + + +Underfull \hbox (badness 10000) in paragraph at lines 70--72 +[]\OT1/ptm/b/it/9 Index Terms\OT1/ptm/b/n/9 ---Attack Graph; Compliance Graph; + [] + +[1{/var/lib/texmf/fonts/map/pdftex/updmap/pdftex.map}{/usr/share/texmf-dist/fon +ts/enc/dvips/base/8r.enc} + + +] +Underfull \hbox (badness 2111) in paragraph at lines 83--84 +\OT1/ptm/m/n/10 schemes that produce a desired network threshold [[]]. + [] + + +Underfull \hbox (badness 5050) in paragraph at lines 85--86 +\OT1/ptm/m/n/10 normal forms. In this approach, countermeasures and + [] + + +Underfull \hbox (badness 1708) in paragraph at lines 87--88 +\OT1/ptm/m/n/10 Other works, such as that discussed by the author of + [] + +<./images/Topographical.png, id=10, 653.44125pt x 382.42876pt> +File: ./images/Topographical.png Graphic file (type png) + +Package pdftex.def Info: ./images/Topographical.png used on input line 95. +(pdftex.def) Requested size: 252.0pt x 147.48352pt. +<./images/Obj3.png, id=12, 613.29124pt x 314.17375pt> +File: ./images/Obj3.png Graphic file (type png) + +Package pdftex.def Info: ./images/Obj3.png used on input line 103. +(pdftex.def) Requested size: 252.0pt x 129.09491pt. +[2] +<./images/Symm.png, id=16, 482.55281pt x 277.78781pt> +File: ./images/Symm.png Graphic file (type png) + +Package pdftex.def Info: ./images/Symm.png used on input line 118. +(pdftex.def) Requested size: 241.2758pt x 138.89355pt. +<./images/Asymm.png, id=17, 499.11469pt x 280.79906pt> +File: ./images/Asymm.png Graphic file (type png) + +Package pdftex.def Info: ./images/Asymm.png used on input line 126. +(pdftex.def) Requested size: 249.55672pt x 140.39919pt. + [3 <./images/Topographical.png> <./images/Obj3.png> <./images/Symm.png>] +Underfull \hbox (badness 1789) in paragraph at lines 138--139 +\OT1/ptm/m/n/10 was called, and its output was stored in a list. With + [] + +[4 <./images/Asymm.png>] +Underfull \hbox (badness 2359) in paragraph at lines 169--170 +\OT1/ptm/m/n/10 matrix to be held in memory. For large-scale graphs, + [] + + +Underfull \hbox (badness 6332) in paragraph at lines 171--172 +[]\OT1/ptm/m/n/10 For this implementation, since sparse matrices are + [] + +[5] +LaTeX Font Info: Trying to load font information for U+dsrom on input line 1 +81. + (/usr/share/texmf-dist/tex/latex/doublestroke/Udsrom.fd +File: Udsrom.fd 1995/08/01 v0.1 Double stroke roman font definitions +) +Underfull \hbox (badness 1742) in paragraph at lines 190--191 +\OT1/ptm/m/n/10 For the applications described in Section III[], the time + [] + + +Underfull \hbox (badness 1622) in paragraph at lines 193--194 +[]\OT1/ptm/m/n/10 Percolation centrality was originally presented by the + [] + + +Underfull \hbox (badness 1460) in paragraph at lines 193--194 +\OT1/ptm/m/n/10 centrality approximation, and in the work presented by + [] + + +Underfull \hbox (badness 4859) in paragraph at lines 201--202 +\OT1/ptm/m/n/10 before computing centrality values. Though NetworkX + [] + + +Underfull \hbox (badness 1430) in paragraph at lines 203--204 +\OT1/ptm/m/n/10 which edge labels marked a violation in a compliance + [] + + +Underfull \hbox (badness 1502) in paragraph at lines 252--252 +\OT1/ptm/m/n/10 for Pre-Processing the Network for Percolation + [] + + +Underfull \vbox (badness 10000) has occurred while \output is active [] + + [6] +Underfull \hbox (badness 2042) in paragraph at lines 258--259 +[]\OT1/ptm/m/n/10 Each centrality metric assigns importance on various + [] + + +Underfull \vbox (badness 10000) has occurred while \output is active [] + + [7] + +LaTeX Warning: No positions in optional float specifier. + Default added (so using `tbp') on input line 309. + + +Overfull \hbox (3.82709pt too wide) in paragraph at lines 313--325 + [][] + [] + + +Underfull \hbox (badness 1622) in paragraph at lines 327--328 +\OT1/ptm/m/n/10 set to 0 to prevent any further analysis on the given + [] + +<./images/carDist.png, id=46, 625.58719pt x 393.72093pt> +File: ./images/carDist.png Graphic file (type png) + +Package pdftex.def Info: ./images/carDist.png used on input line 330. +(pdftex.def) Requested size: 252.0pt x 158.597pt. +<./images/carDistCF.png, id=47, 624.08156pt x 371.13657pt> +File: ./images/carDistCF.png Graphic file (type png) + +Package pdftex.def Info: ./images/carDistCF.png used on input line 338. +(pdftex.def) Requested size: 252.0pt x 149.86209pt. +<./images/hipaaDist.png, id=48, 721.85965pt x 468.0743pt> +File: ./images/hipaaDist.png Graphic file (type png) + +Package pdftex.def Info: ./images/hipaaDist.png used on input line 346. +(pdftex.def) Requested size: 252.0pt x 163.40706pt. +<./images/hipaaDistCF.png, id=49, 628.59843pt x 372.64218pt> +File: ./images/hipaaDistCF.png Graphic file (type png) + +Package pdftex.def Info: ./images/hipaaDistCF.png used on input line 354. +(pdftex.def) Requested size: 252.0pt x 149.3897pt. +<./images/oshaDist.png, id=50, 863.225pt x 568.1225pt> +File: ./images/oshaDist.png Graphic file (type png) + +Package pdftex.def Info: ./images/oshaDist.png used on input line 362. +(pdftex.def) Requested size: 252.0pt x 165.84357pt. +<./images/oshaDistCF.png, id=51, 633.11531pt x 386.19281pt> +File: ./images/oshaDistCF.png Graphic file (type png) + +Package pdftex.def Info: ./images/oshaDistCF.png used on input line 370. +(pdftex.def) Requested size: 252.0pt x 153.7142pt. + +Underfull \hbox (badness 1552) in paragraph at lines 373--373 +\OT1/ptm/m/n/8 selection with replacement) are used. This Figure displays skewn +ess$[]$ + [] + + +Underfull \hbox (badness 1383) in paragraph at lines 377--378 +\OT1/ptm/m/n/10 centrality scores. These Figures depict a distribution of + [] + + +Underfull \hbox (badness 1983) in paragraph at lines 377--378 +\OT1/ptm/m/n/10 using only the nonzero elements of all three example + [] + +[8 <./images/carDist.png> <./images/carDistCF.png>] +Underfull \vbox (badness 5119) has occurred while \output is active [] + + [9 <./images/hipaaDist.png> <./images/hipaaDistCF.png> <./images/oshaDist.png> + <./images/oshaDistCF.png>] +Underfull \hbox (badness 10000) in paragraph at lines 389--390 +[]\OT1/ptm/m/n/10 If unpreventable, ensure that the aggregated + [] + + +Underfull \hbox (badness 7168) in paragraph at lines 399--400 +\OT1/ptm/m/n/10 and dependencies, and the authors of [[]] reaffirm + [] + + +Underfull \hbox (badness 2443) in paragraph at lines 399--400 +\OT1/ptm/m/n/10 this standing. DAGs and their traversals reveal deeper + [] + +<./images/TC.png, id=66, 378.41376pt x 522.95375pt> +File: ./images/TC.png Graphic file (type png) + +Package pdftex.def Info: ./images/TC.png used on input line 405. +(pdftex.def) Requested size: 227.05pt x 313.77466pt. +[10 <./images/TC.png>] +<./images/dom_net_unshaded.png, id=71, 319.1925pt x 432.61626pt> +File: ./images/dom_net_unshaded.png Graphic file (type png) + +Package pdftex.def Info: ./images/dom_net_unshaded.png used on input line 419. + +(pdftex.def) Requested size: 191.51697pt x 259.57176pt. +<./images/dom_tree_unshaded.png, id=72, 352.31625pt x 312.16624pt> +File: ./images/dom_tree_unshaded.png Graphic file (type png) + +Package pdftex.def Info: ./images/dom_tree_unshaded.png used on input line 427 +. +(pdftex.def) Requested size: 211.39137pt x 187.3012pt. + +Underfull \hbox (badness 1881) in paragraph at lines 437--438 +\OT1/ptm/m/n/10 properties were collected for the transitive closure and + [] + +[11 <./images/dom_net_unshaded.png> <./images/dom_tree_unshaded.png>] + +LaTeX Warning: No positions in optional float specifier. + Default added (so using `tbp') on input line 442. + + +Underfull \hbox (badness 3525) in paragraph at lines 445--445 +\OT1/ptm/m/n/10 DAG, Transitive Closure, and Dominant Tree for the + [] + + +LaTeX Warning: No positions in optional float specifier. + Default added (so using `tbp') on input line 461. + + +LaTeX Warning: No positions in optional float specifier. + Default added (so using `tbp') on input line 480. + + +Underfull \hbox (badness 6173) in paragraph at lines 505--506 +[]\OT1/ptm/m/n/10 The number of edges in the Transitive closure + [] + + +Underfull \hbox (badness 1609) in paragraph at lines 507--508 +[]\OT1/ptm/m/n/10 The diameter and radius of the Transitive Closure + [] + +[12] (./output/Schrick-Noah_CG-Network-Theory.bbl +Underfull \hbox (badness 1442) in paragraph at lines 9--14 +\OT1/ptm/m/n/8 A Focus on Cyberphysical Systems and Internet of Things,'' in + [] + + +Underfull \hbox (badness 2573) in paragraph at lines 64--66 +[]\OT1/ptm/m/n/8 R. A. Brualdi, ``Spectra of Digraphs,'' \OT1/ptm/m/it/8 Linear + Algebra and Its + [] + + +Underfull \hbox (badness 2698) in paragraph at lines 95--98 +[]\OT1/ptm/m/n/8 M. Ogura and V. M. Preciado, ``Katz centrality of markovian + [] + + +Underfull \hbox (badness 1436) in paragraph at lines 153--157 +[]\OT1/ptm/m/n/8 A. Chandramouli, S. Jana, and K. Kothapalli, ``Efficient paral +lel + [] + + +Underfull \hbox (badness 2865) in paragraph at lines 159--162 +\OT1/ptm/m/n/8 structure, dynamics, and function using networkx,'' Available: + [] + + +Underfull \hbox (badness 6412) in paragraph at lines 164--168 +[]\OT1/ptm/m/n/8 K. Ushey, J. Allaire, and Y. Tang, \OT1/ptm/m/it/8 Reticulate: + Interface to + [] + + +Underfull \hbox (badness 1859) in paragraph at lines 170--173 +[]\OT1/ptm/m/n/8 G. Audrito, D. Pianini, F. Damiani, and M. Viroli, ``Aggregate + + [] + + +Underfull \hbox (badness 1762) in paragraph at lines 213--215 +[]\OT1/ptm/m/n/8 V. Latora and M. Marchiori, ``Efficient behavior of small-worl +d + [] + +[13]) + +** Conference Paper ** +Before submitting the final camera ready copy, remember to: + + 1. Manually equalize the lengths of two columns on the last page + of your paper; + + 2. Ensure that any PostScript and/or PDF output post-processing + uses only Type 1 fonts and that every step in the generation + process uses the appropriate paper size. + +[14 + +] (./output/Schrick-Noah_CG-Network-Theory.aux) + *********** +LaTeX2e <2023-11-01> patch level 1 +L3 programming layer <2024-02-20> + *********** + ) +Here is how much of TeX's memory you used: + 5688 strings out of 476076 + 97419 string characters out of 5793775 + 1959187 words of memory out of 5000000 + 27733 multiletter control sequences out of 15000+600000 + 597752 words of font info for 106 fonts, out of 8000000 for 9000 + 14 hyphenation exceptions out of 8191 + 57i,17n,65p,1945b,492s stack positions out of 10000i,1000n,20000p,200000b,200000s +< +/usr/share/texmf-dist/fonts/type1/urw/times/utmb8a.pfb> +Output written on ./output/Schrick-Noah_CG-Network-Theory.pdf (14 pages, 435278 + bytes). +PDF statistics: + 152 PDF objects out of 1000 (max. 8388607) + 80 compressed objects within 1 object stream + 0 named destinations out of 1000 (max. 500000) + 66 words of extra memory for PDF output out of 10000 (max. 10000000) + diff --git a/Diss_Version/output/Schrick-Noah_CG-Network-Theory.pdf b/Diss_Version/output/Schrick-Noah_CG-Network-Theory.pdf new file mode 100644 index 0000000..f5d18ab Binary files /dev/null and b/Diss_Version/output/Schrick-Noah_CG-Network-Theory.pdf differ diff --git a/Bibliography.bib b/Old_Version/Bibliography.bib similarity index 100% rename from Bibliography.bib rename to Old_Version/Bibliography.bib diff --git a/README.md b/Old_Version/README.md similarity index 100% rename from README.md rename to Old_Version/README.md diff --git a/Schrick-Noah_CG-Network_Theory.aux b/Old_Version/Schrick-Noah_CG-Network_Theory.aux similarity index 92% rename from Schrick-Noah_CG-Network_Theory.aux rename to Old_Version/Schrick-Noah_CG-Network_Theory.aux index d6cdf28..055a361 100644 --- a/Schrick-Noah_CG-Network_Theory.aux +++ b/Old_Version/Schrick-Noah_CG-Network_Theory.aux @@ -24,7 +24,7 @@ \@writefile{toc}{\contentsline {section}{\numberline {II}Related Works}{2}{}\protected@file@percent } \@writefile{toc}{\contentsline {section}{\numberline {III}Experimental Networks}{2}{}\protected@file@percent } \newlabel{sec:networks}{{III}{2}} -\@writefile{lot}{\contentsline {table}{\numberline {I}{\ignorespaces Network Structural Properties (Nodes, Edges, and Connectivity Percentage) for the Three Example Networks}}{2}{}\protected@file@percent } +\@writefile{lot}{\contentsline {table}{\numberline {I}{\ignorespaces Network Structural Properties (Nodes, Edges, and Connectivity Percentage) for the Three Example Networks.\\\hspace {\textwidth }Notably, each network has a different size, allowing for more expansive results analysis. The Car network and the HIPAA network have a similar number of nodes, but a difference in edges and connectivity percentage. The PCI DSS network is substantially smaller, with a much greater connectivity percentage}}{2}{}\protected@file@percent } \newlabel{table:networks}{{I}{2}} \@writefile{toc}{\contentsline {section}{\numberline {IV}Centralities and their Contextualizations to Compliance Graphs}{2}{}\protected@file@percent } \newlabel{sec:centralities}{{IV}{2}} @@ -49,7 +49,7 @@ \newlabel{eq:PR}{{5}{4}} \newlabel{eq:APC}{{6}{4}} \@writefile{toc}{\contentsline {section}{\numberline {V}Transitive Closure}{4}{}\protected@file@percent } -\@writefile{lof}{\contentsline {figure}{\numberline {1}{\ignorespaces Illustration of an Example DAG and its Transitive Closure}}{4}{}\protected@file@percent } +\@writefile{lof}{\contentsline {figure}{\numberline {1}{\ignorespaces Illustration of an Example DAG and its Transitive Closure. \\\hspace {\textwidth }Each node in the original DAG has 1-step reachability to any downstream node it has a transitive connection to in the resulting transitive closure. }}{4}{}\protected@file@percent } \newlabel{fig:TC}{{1}{4}} \@writefile{toc}{\contentsline {section}{\numberline {VI}Dominant Tree}{4}{}\protected@file@percent } \@writefile{lof}{\contentsline {figure}{\numberline {2}{\ignorespaces Example ``Base" Network for Illustrating Dominance. \\\hspace {\textwidth }An arbitrary DAG that has not yet undergone transformation.}}{5}{}\protected@file@percent } diff --git a/Schrick-Noah_CG-Network_Theory.bbl b/Old_Version/Schrick-Noah_CG-Network_Theory.bbl similarity index 100% rename from Schrick-Noah_CG-Network_Theory.bbl rename to Old_Version/Schrick-Noah_CG-Network_Theory.bbl diff --git a/Schrick-Noah_CG-Network_Theory.blg b/Old_Version/Schrick-Noah_CG-Network_Theory.blg similarity index 100% rename from Schrick-Noah_CG-Network_Theory.blg rename to Old_Version/Schrick-Noah_CG-Network_Theory.blg diff --git a/Schrick-Noah_CG-Network_Theory.log b/Old_Version/Schrick-Noah_CG-Network_Theory.log similarity index 97% rename from Schrick-Noah_CG-Network_Theory.log rename to Old_Version/Schrick-Noah_CG-Network_Theory.log index aa6d9b8..5234cc6 100644 --- a/Schrick-Noah_CG-Network_Theory.log +++ b/Old_Version/Schrick-Noah_CG-Network_Theory.log @@ -1,4 +1,4 @@ -This is pdfTeX, Version 3.141592653-2.6-1.40.25 (TeX Live 2023/Arch Linux) (preloaded format=pdflatex 2023.4.3) 25 APR 2023 18:51 +This is pdfTeX, Version 3.141592653-2.6-1.40.25 (TeX Live 2023/Arch Linux) (preloaded format=pdflatex 2023.4.3) 25 APR 2023 19:12 entering extended mode restricted \write18 enabled. %&-line parsing enabled. @@ -356,19 +356,20 @@ File: ./images/TC.png Graphic file (type png) Package pdftex.def Info: ./images/TC.png used on input line 168. (pdftex.def) Requested size: 227.05pt x 313.77466pt. -<./images/dom_net_unshaded.png, id=25, 319.1925pt x 432.61626pt> + [4 <./images/TC.png>] +<./images/dom_net_unshaded.png, id=30, 319.1925pt x 432.61626pt> File: ./images/dom_net_unshaded.png Graphic file (type png) Package pdftex.def Info: ./images/dom_net_unshaded.png used on input line 182. (pdftex.def) Requested size: 191.51697pt x 259.57176pt. -<./images/dom_tree_unshaded.png, id=26, 352.31625pt x 312.16624pt> +<./images/dom_tree_unshaded.png, id=31, 352.31625pt x 312.16624pt> File: ./images/dom_tree_unshaded.png Graphic file (type png) Package pdftex.def Info: ./images/dom_tree_unshaded.png used on input line 189 . (pdftex.def) Requested size: 211.39137pt x 187.3012pt. - [4 <./images/TC.png>] + LaTeX Warning: No positions in optional float specifier. Default added (so using `tbp') on input line 201. @@ -420,7 +421,7 @@ Underfull \hbox (badness 1997) in paragraph at lines 276--277 [] -Underfull \vbox (badness 1005) has occurred while \output is active [] +Underfull \vbox (badness 6001) has occurred while \output is active [] [5 <./images/dom_net_unshaded.png> <./images/dom_tree_unshaded.png>] [6 <./ima ges/car-degree.png> <./images/car-katz.png> <./images/car-pagerank.png> <./imag @@ -438,8 +439,8 @@ Underfull \hbox (badness 3009) in paragraph at lines 280--281 [] -Underfull \hbox (badness 2012) in paragraph at lines 280--281 -\OT1/ptm/m/n/10 However, the dominant tree rankings also vary greatly +Underfull \hbox (badness 2452) in paragraph at lines 280--281 +\OT1/ptm/m/n/10 importance. This is due to the structure change from [] @@ -513,7 +514,7 @@ Before submitting the final camera ready copy, remember to: Here is how much of TeX's memory you used: 4313 strings out of 476025 78637 string characters out of 5796533 - 1877388 words of memory out of 5000000 + 1878388 words of memory out of 5000000 24703 multiletter control sequences out of 15000+600000 546200 words of font info for 93 fonts, out of 8000000 for 9000 1141 hyphenation exceptions out of 8191 @@ -528,7 +529,7 @@ sfonts/cm/cmsy7.pfb> -Output written on Schrick-Noah_CG-Network_Theory.pdf (8 pages, 411022 bytes). +Output written on Schrick-Noah_CG-Network_Theory.pdf (8 pages, 411465 bytes). PDF statistics: 109 PDF objects out of 1000 (max. 8388607) 58 compressed objects within 1 object stream diff --git a/Schrick-Noah_CG-Network_Theory.out b/Old_Version/Schrick-Noah_CG-Network_Theory.out similarity index 100% rename from Schrick-Noah_CG-Network_Theory.out rename to Old_Version/Schrick-Noah_CG-Network_Theory.out diff --git a/Schrick-Noah_CG-Network_Theory.pdf b/Old_Version/Schrick-Noah_CG-Network_Theory.pdf similarity index 92% rename from Schrick-Noah_CG-Network_Theory.pdf rename to Old_Version/Schrick-Noah_CG-Network_Theory.pdf index f78789b..6b54a52 100644 Binary files a/Schrick-Noah_CG-Network_Theory.pdf and b/Old_Version/Schrick-Noah_CG-Network_Theory.pdf differ diff --git a/Schrick-Noah_CG-Network_Theory.tex b/Old_Version/Schrick-Noah_CG-Network_Theory.tex similarity index 93% rename from Schrick-Noah_CG-Network_Theory.tex rename to Old_Version/Schrick-Noah_CG-Network_Theory.tex index 4df2612..6c45782 100644 --- a/Schrick-Noah_CG-Network_Theory.tex +++ b/Old_Version/Schrick-Noah_CG-Network_Theory.tex @@ -96,7 +96,7 @@ The work conducted in this approach utilized three compliance graphs, with their HIPAA & 2321 & 8063 & 0.150 \\ \hline PCI DSS & 61 & 163 & 4.381 \\ \hline \end{tabular} - \caption{Network Structural Properties (Nodes, Edges, and Connectivity Percentage) for the Three Example Networks} + \caption{Network Structural Properties (Nodes, Edges, and Connectivity Percentage) for the Three Example Networks.\\\hspace{\textwidth}Notably, each network has a different size, allowing for more expansive results analysis. The Car network and the HIPAA network have a similar number of nodes, but a difference in edges and connectivity percentage. The PCI DSS network is substantially smaller, with a much greater connectivity percentage} \label{table:networks} \end{table} @@ -168,7 +168,7 @@ Section \ref{sec:networks}, and this transitive closure was then analyzed throug \includegraphics[scale=0.6]{"./images/TC.png"} \centering \vspace{.2truein} \centerline{} - \caption{Illustration of an Example DAG and its Transitive Closure} + \caption{Illustration of an Example DAG and its Transitive Closure. \\\hspace{\textwidth}Each node in the original DAG has 1-step reachability to any downstream node it has a transitive connection to in the resulting transitive closure. } \label{fig:TC} \end{figure} @@ -273,11 +273,11 @@ In this section, only results for the automobile network are displayed for brevi \subsection{Result Analysis} -When viewing the results of the car networks, unsurprisingly, each centrality method ranks nodes in a different order. These differences in rankings can be used based on additional metrics, such as severity, cost, or disturbance of systems, to identify correction schemes best suited for a given environment. However, degree centrality and K-path edge centrality rankings for the top 15 were identical for the car network. This also extends to the HIPAA network, as seen in the included results in the Supplementary Material, but does not extend to the PCI DSS network. The value for \textit{k} in K-path edge centrality was set to 3. With a relatively small \textit{k} value in comparison to the overall size of the car and HIPAA networks, coupled with the high degree count of the top 15 nodes ranked with degree centrality, it is likely that the high degree count correlates to the K-path edge centrality scoring. This reasoning extends to the PCI DSS network, where the network is substantially smaller and there is a greater percentage of connectivity. +When viewing the results of the car networks, unsurprisingly, each centrality method ranks nodes in a different order. These differences in rankings can be used based on additional metrics, such as severity, cost, or disturbance of systems, to identify correction schemes best suited for a given environment. However, degree centrality (Table \ref{table:car-deg} and Figure \ref{fig:car-deg}) and K-path edge centrality (Figure \ref{fig:car-kpe}) rankings for the top 15 were identical for the car network. This also extends to the HIPAA network, as seen in the included results in the Supplementary Material, but does not extend to the PCI DSS network. The value for \textit{k} in K-path edge centrality was set to 3. With a relatively small \textit{k} value in comparison to the overall size of the car and HIPAA networks, coupled with the high degree count of the top 15 nodes ranked with degree centrality, it is likely that the high degree count correlates to the K-path edge centrality scoring. This reasoning extends to the PCI DSS network, where the network is substantially smaller and there is a greater percentage of connectivity. Comparing the transitive closure format of compliance graphs, the associated centrality rankings greatly vary from their original compliance graph rankings. As expected, the root or a leaf node has the highest centrality value. Since the root node can reach all nodes, and a leaf node can be reached by all nodes, these two nodes are expectedly ranked high. What is unexpected, however, is that the highest rankings are not comprised of the most upstream nodes or the most downstream nodes. While rankings do tend to be higher for more upstream for K-path edge (Figure \ref{fig:car-kpe}), Katz (Figure \ref{fig:car-katz}), and degree centralities (Figure \ref{fig:car-deg}), node IDs in the 100s, 200s, and 300s (``midstream" nodes) all make appearances in the upper rankings. Betweenness centrality (Figure \ref{fig:car-betweenness}) for the transitive closure representation yielded no valuable insight, since shortest paths to a node from any given node is reachable in 1 step. -For the dominant tree representation, it was initially hypothesized that nodes ranked highly in the original compliance graph's betweenness centrality or Katz centrality measures would closely relate to the dominant tree results. However, the dominant tree rankings also vary greatly from the original compliance graph's rankings. Even nodes that saw no appearances in the top rankings of the base compliance graph or transitive closure representation made appearances in the dominant tree results. Since the dominant tree format does favor the upstream nodes due to a lesser reordering effect caused by dominance, the PageRank ordering (Figure \ref{fig:car-pr}) were not predominantly downstream nodes, but mostly node IDs in the 300s, with all nodes having near identical importance. Apart from this PageRank ordering, the dominant tree representation yielded results where almost all importance was cumulated into a few nodes. As opposed to the base network and transitive closure networks which had many nodes with noticeable importance, the dominant tree representation had only few nodes with importance. This is due to the structure change from dominance computations, and this is validated by the upstream nodes having the importance in the transformed network, with the root node possessing the maximum importance value. +For the dominant tree representation, it was initially hypothesized that nodes ranked highly in the original compliance graph's betweenness centrality (Figure \ref{fig:car-betweenness}) or Katz centrality (Figure \ref{fig:car-katz}) measures would closely relate to the dominant tree results. However, the dominant tree rankings also vary greatly from the original compliance graph's rankings. Even nodes that saw no appearances in the top rankings of the base compliance graph or transitive closure representation made appearances in the dominant tree results. Since the dominant tree format does favor the upstream nodes due to a lesser reordering effect caused by dominance, the PageRank ordering (Figure \ref{fig:car-pr}) were not predominantly downstream nodes, but mostly node IDs in the 300s, with all nodes having near identical importance. Apart from this PageRank ordering, the dominant tree representation yielded results where almost all importance was cumulated into a few nodes. As opposed to the base network and transitive closure networks which had many nodes with noticeable importance, the dominant tree representation had only few nodes with importance. This is due to the structure change from dominance computations, and this is validated by the upstream nodes having the importance in the transformed network, with the root node possessing the maximum importance value. \section{Conclusions and Future Work} \subsection{Conclusions} diff --git a/Schrick-Noah_CG-Network_Theory.toc b/Old_Version/Schrick-Noah_CG-Network_Theory.toc similarity index 100% rename from Schrick-Noah_CG-Network_Theory.toc rename to Old_Version/Schrick-Noah_CG-Network_Theory.toc diff --git a/Schrick-Noah_Supplemental.aux b/Old_Version/Schrick-Noah_Supplemental.aux similarity index 100% rename from Schrick-Noah_Supplemental.aux rename to Old_Version/Schrick-Noah_Supplemental.aux diff --git a/Schrick-Noah_Supplemental.log b/Old_Version/Schrick-Noah_Supplemental.log similarity index 100% rename from Schrick-Noah_Supplemental.log rename to Old_Version/Schrick-Noah_Supplemental.log diff --git a/Schrick-Noah_Supplemental.out b/Old_Version/Schrick-Noah_Supplemental.out similarity index 100% rename from Schrick-Noah_Supplemental.out rename to Old_Version/Schrick-Noah_Supplemental.out diff --git a/Schrick-Noah_Supplemental.pdf b/Old_Version/Schrick-Noah_Supplemental.pdf similarity index 100% rename from Schrick-Noah_Supplemental.pdf rename to Old_Version/Schrick-Noah_Supplemental.pdf diff --git a/Schrick-Noah_Supplemental.tex b/Old_Version/Schrick-Noah_Supplemental.tex similarity index 100% rename from Schrick-Noah_Supplemental.tex rename to Old_Version/Schrick-Noah_Supplemental.tex diff --git a/code/Schrick-Noah_CG-Analysis.R b/Old_Version/code/Schrick-Noah_CG-Analysis.R similarity index 100% rename from code/Schrick-Noah_CG-Analysis.R rename to Old_Version/code/Schrick-Noah_CG-Analysis.R diff --git a/data/CG_Files/Network_1/DOTFILE.dot b/Old_Version/data/CG_Files/Network_1/DOTFILE.dot similarity index 100% rename from data/CG_Files/Network_1/DOTFILE.dot rename to Old_Version/data/CG_Files/Network_1/DOTFILE.dot diff --git a/data/CG_Files/Network_1/car_timeline_maintenance.nm b/Old_Version/data/CG_Files/Network_1/car_timeline_maintenance.nm similarity index 100% rename from data/CG_Files/Network_1/car_timeline_maintenance.nm rename to Old_Version/data/CG_Files/Network_1/car_timeline_maintenance.nm diff --git a/data/CG_Files/Network_1/car_timeline_maintenance.xp b/Old_Version/data/CG_Files/Network_1/car_timeline_maintenance.xp similarity index 100% rename from data/CG_Files/Network_1/car_timeline_maintenance.xp rename to Old_Version/data/CG_Files/Network_1/car_timeline_maintenance.xp diff --git a/data/CG_Files/Network_1/edges.txt b/Old_Version/data/CG_Files/Network_1/edges.txt similarity index 100% rename from data/CG_Files/Network_1/edges.txt rename to Old_Version/data/CG_Files/Network_1/edges.txt diff --git a/data/CG_Files/Network_2/DOTFILE.dot b/Old_Version/data/CG_Files/Network_2/DOTFILE.dot similarity index 100% rename from data/CG_Files/Network_2/DOTFILE.dot rename to Old_Version/data/CG_Files/Network_2/DOTFILE.dot diff --git a/data/CG_Files/Network_2/edges.txt b/Old_Version/data/CG_Files/Network_2/edges.txt similarity index 100% rename from data/CG_Files/Network_2/edges.txt rename to Old_Version/data/CG_Files/Network_2/edges.txt diff --git a/data/CG_Files/Network_2/hipaa.nm b/Old_Version/data/CG_Files/Network_2/hipaa.nm similarity index 100% rename from data/CG_Files/Network_2/hipaa.nm rename to Old_Version/data/CG_Files/Network_2/hipaa.nm diff --git a/data/CG_Files/Network_2/hipaa.xp b/Old_Version/data/CG_Files/Network_2/hipaa.xp similarity index 100% rename from data/CG_Files/Network_2/hipaa.xp rename to Old_Version/data/CG_Files/Network_2/hipaa.xp diff --git a/data/CG_Files/Network_3/DOTFILE.dot b/Old_Version/data/CG_Files/Network_3/DOTFILE.dot similarity index 100% rename from data/CG_Files/Network_3/DOTFILE.dot rename to Old_Version/data/CG_Files/Network_3/DOTFILE.dot diff --git a/data/CG_Files/Network_3/PCI.nm b/Old_Version/data/CG_Files/Network_3/PCI.nm similarity index 100% rename from data/CG_Files/Network_3/PCI.nm rename to Old_Version/data/CG_Files/Network_3/PCI.nm diff --git a/data/CG_Files/Network_3/PCI.xp b/Old_Version/data/CG_Files/Network_3/PCI.xp similarity index 100% rename from data/CG_Files/Network_3/PCI.xp rename to Old_Version/data/CG_Files/Network_3/PCI.xp diff --git a/data/CG_Files/Network_3/edges.txt b/Old_Version/data/CG_Files/Network_3/edges.txt similarity index 100% rename from data/CG_Files/Network_3/edges.txt rename to Old_Version/data/CG_Files/Network_3/edges.txt diff --git a/data/CG_Files/manual_import.R b/Old_Version/data/CG_Files/manual_import.R similarity index 100% rename from data/CG_Files/manual_import.R rename to Old_Version/data/CG_Files/manual_import.R diff --git a/data/Formatted_Results.ods b/Old_Version/data/Formatted_Results.ods similarity index 100% rename from data/Formatted_Results.ods rename to Old_Version/data/Formatted_Results.ods diff --git a/data/results.csv b/Old_Version/data/results.csv similarity index 100% rename from data/results.csv rename to Old_Version/data/results.csv diff --git a/images/TC.drawio b/Old_Version/images/TC.drawio similarity index 100% rename from images/TC.drawio rename to Old_Version/images/TC.drawio diff --git a/Old_Version/images/TC.png b/Old_Version/images/TC.png new file mode 100644 index 0000000..cb93012 Binary files /dev/null and b/Old_Version/images/TC.png differ diff --git a/images/car-betweenness.png b/Old_Version/images/car-betweenness.png similarity index 100% rename from images/car-betweenness.png rename to Old_Version/images/car-betweenness.png diff --git a/images/car-degree.png b/Old_Version/images/car-degree.png similarity index 100% rename from images/car-degree.png rename to Old_Version/images/car-degree.png diff --git a/images/car-katz.png b/Old_Version/images/car-katz.png similarity index 100% rename from images/car-katz.png rename to Old_Version/images/car-katz.png diff --git a/images/car-kpe.png b/Old_Version/images/car-kpe.png similarity index 100% rename from images/car-kpe.png rename to Old_Version/images/car-kpe.png diff --git a/images/car-pagerank.png b/Old_Version/images/car-pagerank.png similarity index 100% rename from images/car-pagerank.png rename to Old_Version/images/car-pagerank.png diff --git a/images/dom_net.drawio b/Old_Version/images/dom_net.drawio similarity index 100% rename from images/dom_net.drawio rename to Old_Version/images/dom_net.drawio diff --git a/Old_Version/images/dom_net.png b/Old_Version/images/dom_net.png new file mode 100644 index 0000000..c021921 Binary files /dev/null and b/Old_Version/images/dom_net.png differ diff --git a/Old_Version/images/dom_net_unshaded.png b/Old_Version/images/dom_net_unshaded.png new file mode 100644 index 0000000..f73b650 Binary files /dev/null and b/Old_Version/images/dom_net_unshaded.png differ diff --git a/images/dom_tree.drawio b/Old_Version/images/dom_tree.drawio similarity index 100% rename from images/dom_tree.drawio rename to Old_Version/images/dom_tree.drawio diff --git a/Old_Version/images/dom_tree.png b/Old_Version/images/dom_tree.png new file mode 100644 index 0000000..de919a6 Binary files /dev/null and b/Old_Version/images/dom_tree.png differ diff --git a/Old_Version/images/dom_tree_unshaded.png b/Old_Version/images/dom_tree_unshaded.png new file mode 100644 index 0000000..c87fdf4 Binary files /dev/null and b/Old_Version/images/dom_tree_unshaded.png differ