noah/AG-CG-Network-Science
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Final pre-revision

Browse Source
This commit is contained in:
Noah L. Schrick 2023-01-17 15:16:53 -06:00
parent e9ad083f6b
commit 639790d1ec
8 changed files with 395 additions and 617 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
Bibliography.bib
View File

@ -18,14 +18,12 @@
file = {Combining OpenCL and MPI to Support Heterogeneous Computing on a Cluster:/home/noah/Zotero/storage/TXHCQ5S8/Combining OpenCL and MPI to Support Heterogeneous Computing on a Cluster.pdf:application/pdf},
}
@article{zeng_cyber_2017,
@phdthesis{zeng_cyber_2017,
title = {Cyber {Attack} {Analysis} {Based} on {Markov} {Process} {Model}},
author = {Zeng, Keming},
school = "The University of Tulsa",
year = {2017},
file = {keming_thesis:/home/noah/Zotero/storage/LQY2YWSR/keming_thesis.pdf:application/pdf},
address = "Tulsa, OK",
}
@inproceedings{baloyi_guidelines_2019,
@ -104,7 +102,6 @@
Journal = {BMC systems biology},
ISSN = {1752-0509},
Pages = {80},
Abstract = {<h4>Background</h4>Numerous centrality measures have been introduced to identify "central" nodes in large networks. The availability of a wide range of measures for ranking influential nodes leaves the user to decide which measure may best suit the analysis of a given network. The choice of a suitable measure is furthermore complicated by the impact of the network topology on ranking influential nodes by centrality measures. To approach this problem systematically, we examined the centrality profile of nodes of yeast protein-protein interaction networks (PPINs) in order to detect which centrality measure is succeeding in predicting influential proteins. We studied how different topological network features are reflected in a large set of commonly used centrality measures.<h4>Results</h4>We used yeast PPINs to compare 27 common of centrality measures. The measures characterize and assort influential nodes of the networks. We applied principal component analysis (PCA) and hierarchical clustering and found that the most informative measures depend on the network's topology. Interestingly, some measures had a high level of contribution in comparison to others in all PPINs, namely Latora closeness, Decay, Lin, Freeman closeness, Diffusion, Residual closeness and Average distance centralities.<h4>Conclusions</h4>The choice of a suitable set of centrality measures is crucial for inferring important functional properties of a network. We concluded that undertaking data reduction using unsupervised machine learning methods helps to choose appropriate variables (centrality measures). Hence, we proposed identifying the contribution proportions of the centrality measures with PCA as a prerequisite step of network analysis before inferring functional consequences, e.g., essentiality of a node.},
URL = {https://europepmc.org/articles/PMC6069823},
}
@ -186,7 +183,7 @@ volume = {2},
number = {1},
pages = {73-120},
year = {2005},
publisher = {Taylor & Francis},
publisher = "Taylor \& Francis",
doi = {10.1080/15427951.2005.10129098},
URL = {https://doi.org/10.1080/15427951.2005.10129098},
eprint = {https://doi.org/10.1080/15427951.2005.10129098}
@ -219,8 +216,39 @@ issn = {2692-1626},
url = {https://doi.org/10.1145/3491257},
doi = {10.1145/3491257},
abstract = {As an analytical tool in cyber-security, an attack graph (AG) is capable of discovering multi-stage attack vectors on target computer networks. Cyber-physical systems (CPSs) comprise a special type of network that not only contains computing devices but also integrates components that operate in the continuous domain, such as sensors and actuators. Using AGs on CPSs requires that the system models and exploit patterns capture both token- and real-valued information. In this paper, we describe a hybrid AG model for security analysis of CPSs and computer networks. Specifically, we focus on two issues related to applying the model in practice: efficient hybrid AG generation and techniques for information extraction from them. To address the first issue, we present an accelerated hybrid AG generator that employs parallel programming and high performance computing (HPC). We conduct performance tests on CPU and GPU platforms to characterize the efficiency of our parallel algorithms. To address the second issue, we introduce an analytical regimen based on centrality analysis and apply it to a hybrid AG generated for a target CPS system to discover effective vulnerability remediation solutions.},
note = {Just Accepted},
journal = {Digital Threats},
month = {oct},
keywords = {attack graph, breadth-first search, cyber-physical system, high performance computing}
}
@article{ZENITANI2023103081,
title = {Attack graph analysis: An explanatory guide},
journal = "Computers \& Security",
volume = {126},
pages = {103081},
year = {2023},
issn = {0167-4048},
doi = {https://doi.org/10.1016/j.cose.2022.103081},
url = {https://www.sciencedirect.com/science/article/pii/S0167404822004734},
author = {Kengo Zenitani},
keywords = {Attack graph, Exploit dependency graph, Cycle handling, Network security metrics, Network hardening, Bayesian attack graph},
abstract = {Attack graph analysis is a model-based approach for network-security analysis. It analyzes a directed graph called an attack graph. Usually, each node in it corresponds to a malicious event caused by attackers, and the edges correspond to the causal relations between events. We can obtain an attack graph from the network topology, its configuration, and the distribution of vulnerabilities. An attack graph gives us various information relevant to network security. Also, there are several relevant algorithms to find desirable security controls applicable to the network. Over twenty years of research have made much progress in this field. However, it comprises a breadth of definitions and discussions, and it is difficult for people new to this field to comprehend the key ideas. This article aims to briefly introduce this method to prospective researchers by summarizing their progress by selecting and reviewing foundational studies. We elaborate on the essential concepts, such as exploit dependency, AND/OR graph, monotonicity, and cycle handling.}
}
@article{Zeng2019SurveyOA,
title={Survey of Attack Graph Analysis Methods from the Perspective of Data and Knowledge Processing},
author={Jianping Zeng and Shuang Wu and Yanyu Chen and Rui Zeng and Chengrong Wu},
journal={Secur. Commun. Networks},
year={2019},
volume={2019},
pages={2031063:1-2031063:16}
}
@phdthesis{ming_diss,
author = {Li, Ming and Hawrylak, Peter and Hale, John},
title = "A System for Attack Graph Generation and Analysis",
school = "The University of Tulsa",
year = "2021",
type = "{PhD} dissertation",
address = "Tulsa, OK",
}

156
Schrick-Noah_CG-Network_Theory.aux
View File

@ -1,23 +1,6 @@
\relax
\providecommand\hyper@newdestlabel[2]{}
\providecommand\babel@aux[2]{}
\@nameuse{bbl@beforestart}
\providecommand\HyperFirstAtBeginDocument{\AtBeginDocument}
\HyperFirstAtBeginDocument{\ifx\hyper@anchor\@undefined
\global\let\oldcontentsline\contentsline
\gdef\contentsline#1#2#3#4{\oldcontentsline{#1}{#2}{#3}}
\global\let\oldnewlabel\newlabel
\gdef\newlabel#1#2{\newlabelxx{#1}#2}
\gdef\newlabelxx#1#2#3#4#5#6{\oldnewlabel{#1}{{#2}{#3}}}
\AtEndDocument{\ifx\hyper@anchor\@undefined
\let\contentsline\oldcontentsline
\let\newlabel\oldnewlabel
\fi}
\fi}
\global\let\hyper@last\relax
\gdef\HyperFirstAtBeginDocument#1{#1}
\providecommand\HyField@AuxAddToFields[1]{}
\providecommand\HyField@AuxAddToCoFields[2]{}
\citation{j_hale_compliance_nodate}
\citation{baloyi_guidelines_2019}
\citation{allman_complying_2006}
@ -25,9 +8,12 @@
\citation{Mieghem2018DirectedGA}
\citation{Mieghem2018DirectedGA}
\babel@aux{nil}{}
\@writefile{toc}{\contentsline {section}{\numberline {I}Introduction}{1}{section.1}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {I-A}}Compliance Graphs}{1}{subsection.1.1}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {I-B}}Difficulties of Attack and Compliance Graph Analysis}{1}{subsection.1.2}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {I}Introduction}{1}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {I-A}}Compliance Graphs}{1}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {I-B}}Difficulties of Attack and Compliance Graph Analysis}{1}{}\protected@file@percent }
\citation{ZENITANI2023103081}
\citation{Zeng2019SurveyOA}
\citation{ming_diss}
\citation{10.1145/3491257}
\citation{Guo2017HermitianAM}
\citation{Mieghem2018DirectedGA}
@ -35,81 +21,83 @@
\citation{noauthor_health_1996}
\citation{PCI}
\citation{PMID:30064421}
\@writefile{toc}{\contentsline {section}{\numberline {II}Related Works}{2}{section.2}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {III}Experimental Networks}{2}{section.3}\protected@file@percent }
\newlabel{sec:networks}{{III}{2}{Experimental Networks}{section.3}{}}
\@writefile{lot}{\contentsline {table}{\numberline {I}{\ignorespaces Network Properties for the Three Networks Utilized\relax }}{2}{table.1}\protected@file@percent }
\providecommand*\caption@xref[2]{\@setref\relax\@undefined{#1}}
\newlabel{table:networks}{{I}{2}{Network Properties for the Three Networks Utilized\relax }{table.1}{}}
\@writefile{toc}{\contentsline {section}{\numberline {IV}Centralities and their Contextualizations to Compliance Graphs}{2}{section.4}\protected@file@percent }
\newlabel{sec:centralities}{{IV}{2}{Centralities and their Contextualizations to Compliance Graphs}{section.4}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-A}}Introduction}{2}{subsection.4.1}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-B}}Degree}{2}{subsection.4.2}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-C}}Betweenness}{2}{subsection.4.3}\protected@file@percent }
\newlabel{sec:between}{{\mbox {IV-C}}{2}{Betweenness}{subsection.4.3}{}}
\@writefile{toc}{\contentsline {section}{\numberline {II}Related Works}{2}{}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {III}Experimental Networks}{2}{}\protected@file@percent }
\newlabel{sec:networks}{{III}{2}}
\@writefile{lot}{\contentsline {table}{\numberline {I}{\ignorespaces Network Properties for the Three Networks Utilized}}{2}{}\protected@file@percent }
\newlabel{table:networks}{{I}{2}}
\@writefile{toc}{\contentsline {section}{\numberline {IV}Centralities and their Contextualizations to Compliance Graphs}{2}{}\protected@file@percent }
\newlabel{sec:centralities}{{IV}{2}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-A}}Introduction}{2}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-B}}Degree}{2}{}\protected@file@percent }
\citation{Katz}
\citation{ModKatz}
\citation{K_Path_Edge}
\citation{PageRank}
\citation{Adapted_PageRank}
\newlabel{eq:between}{{1}{3}{Betweenness}{equation.4.1}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-D}}Katz}{3}{subsection.4.4}\protected@file@percent }
\newlabel{eq:Katz}{{2}{3}{Katz}{equation.4.2}{}}
\newlabel{eq:mod_katz}{{3}{3}{Katz}{equation.4.3}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-E}}K-Path Edge}{3}{subsection.4.5}\protected@file@percent }
\newlabel{eq:kpe}{{4}{3}{K-Path Edge}{equation.4.4}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-F}}Adapted Page Rank}{3}{subsection.4.6}\protected@file@percent }
\newlabel{eq:PR}{{5}{3}{Adapted Page Rank}{equation.4.5}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-C}}Betweenness}{3}{}\protected@file@percent }
\newlabel{sec:between}{{\mbox {IV-C}}{3}}
\newlabel{eq:between}{{1}{3}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-D}}Katz}{3}{}\protected@file@percent }
\newlabel{eq:Katz}{{2}{3}}
\newlabel{eq:mod_katz}{{3}{3}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-E}}K-Path Edge}{3}{}\protected@file@percent }
\newlabel{eq:kpe}{{4}{3}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-F}}Adapted Page Rank}{3}{}\protected@file@percent }
\citation{li_combining_2019}
\citation{zeng_cyber_2017}
\citation{dominance}
\newlabel{eq:APC}{{6}{4}{Adapted Page Rank}{equation.4.6}{}}
\@writefile{toc}{\contentsline {section}{\numberline {V}Transitive Closure}{4}{section.5}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {V-A}}Introduction and Application}{4}{subsection.5.1}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {VI}Dominant Tree}{4}{section.6}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {VI-A}}Introduction and Application}{4}{subsection.6.1}\protected@file@percent }
\@writefile{lof}{\contentsline {figure}{\numberline {1}{\ignorespaces Transitive Closure Illustration\relax }}{4}{figure.caption.1}\protected@file@percent }
\newlabel{fig:TC}{{1}{4}{Transitive Closure Illustration\relax }{figure.caption.1}{}}
\@writefile{lof}{\contentsline {figure}{\numberline {2}{\ignorespaces Example Network for Illustrating Dominance\relax }}{5}{figure.caption.2}\protected@file@percent }
\newlabel{fig:domNet}{{2}{5}{Example Network for Illustrating Dominance\relax }{figure.caption.2}{}}
\@writefile{lof}{\contentsline {figure}{\numberline {3}{\ignorespaces Dominant Tree Derived from the Network Displayed in Figure \ref {fig:domNet}\relax }}{5}{figure.caption.3}\protected@file@percent }
\newlabel{fig:domTree}{{3}{5}{Dominant Tree Derived from the Network Displayed in Figure \ref {fig:domNet}\relax }{figure.caption.3}{}}
\@writefile{lot}{\contentsline {table}{\numberline {II}{\ignorespaces Top 15 Nodes with Degree Centrality\relax }}{5}{table.2}\protected@file@percent }
\newlabel{table:car-deg}{{II}{5}{Top 15 Nodes with Degree Centrality\relax }{table.2}{}}
\@writefile{toc}{\contentsline {section}{\numberline {VII}Results and Result Analysis}{5}{section.7}\protected@file@percent }
\newlabel{sec:results}{{VII}{5}{Results and Result Analysis}{section.7}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {VII-A}}Results}{5}{subsection.7.1}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {VII-B}}Result Analysis}{5}{subsection.7.2}\protected@file@percent }
\@writefile{lot}{\contentsline {table}{\numberline {III}{\ignorespaces Top 15 Nodes with Katz Centrality\relax }}{6}{table.3}\protected@file@percent }
\newlabel{table:car-katz}{{III}{6}{Top 15 Nodes with Katz Centrality\relax }{table.3}{}}
\@writefile{lot}{\contentsline {table}{\numberline {IV}{\ignorespaces Top 15 Nodes with K-path Edge Centrality\relax }}{6}{table.4}\protected@file@percent }
\newlabel{table:car-kpe}{{IV}{6}{Top 15 Nodes with K-path Edge Centrality\relax }{table.4}{}}
\@writefile{lot}{\contentsline {table}{\numberline {V}{\ignorespaces Top 15 Nodes with PageRank Centrality\relax }}{6}{table.5}\protected@file@percent }
\newlabel{table:car-APC}{{V}{6}{Top 15 Nodes with PageRank Centrality\relax }{table.5}{}}
\@writefile{lot}{\contentsline {table}{\numberline {VI}{\ignorespaces Top 15 Nodes with Betweenness Centrality\relax }}{6}{table.6}\protected@file@percent }
\newlabel{table:car-betweenness}{{VI}{6}{Top 15 Nodes with Betweenness Centrality\relax }{table.6}{}}
\newlabel{eq:PR}{{5}{4}}
\newlabel{eq:APC}{{6}{4}}
\@writefile{toc}{\contentsline {section}{\numberline {V}Transitive Closure}{4}{}\protected@file@percent }
\@writefile{lof}{\contentsline {figure}{\numberline {1}{\ignorespaces Transitive Closure Illustration}}{4}{}\protected@file@percent }
\newlabel{fig:TC}{{1}{4}}
\@writefile{toc}{\contentsline {section}{\numberline {VI}Dominant Tree}{4}{}\protected@file@percent }
\@writefile{lof}{\contentsline {figure}{\numberline {2}{\ignorespaces Example Network for Illustrating Dominance}}{5}{}\protected@file@percent }
\newlabel{fig:domNet}{{2}{5}}
\@writefile{lof}{\contentsline {figure}{\numberline {3}{\ignorespaces Dominant Tree Derived from the Network Displayed in Figure \ref {fig:domNet}}}{5}{}\protected@file@percent }
\newlabel{fig:domTree}{{3}{5}}
\@writefile{lot}{\contentsline {table}{\numberline {II}{\ignorespaces Top 15 Nodes with Degree Centrality}}{5}{}\protected@file@percent }
\newlabel{table:car-deg}{{II}{5}}
\@writefile{toc}{\contentsline {section}{\numberline {VII}Results and Result Analysis}{5}{}\protected@file@percent }
\newlabel{sec:results}{{VII}{5}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {VII-A}}Results}{5}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {VII-B}}Result Analysis}{5}{}\protected@file@percent }
\@writefile{lot}{\contentsline {table}{\numberline {III}{\ignorespaces Top 15 Nodes with Katz Centrality}}{6}{}\protected@file@percent }
\newlabel{table:car-katz}{{III}{6}}
\@writefile{lot}{\contentsline {table}{\numberline {IV}{\ignorespaces Top 15 Nodes with K-path Edge Centrality}}{6}{}\protected@file@percent }
\newlabel{table:car-kpe}{{IV}{6}}
\@writefile{lot}{\contentsline {table}{\numberline {V}{\ignorespaces Top 15 Nodes with PageRank Centrality}}{6}{}\protected@file@percent }
\newlabel{table:car-APC}{{V}{6}}
\@writefile{lot}{\contentsline {table}{\numberline {VI}{\ignorespaces Top 15 Nodes with Betweenness Centrality}}{6}{}\protected@file@percent }
\newlabel{table:car-betweenness}{{VI}{6}}
\bibdata{Bibliography}
\bibcite{j_hale_compliance_nodate}{1}
\bibcite{baloyi_guidelines_2019}{2}
\bibcite{allman_complying_2006}{3}
\bibcite{newman2010networks}{4}
\bibcite{Mieghem2018DirectedGA}{5}
\bibcite{10.1145/3491257}{6}
\bibcite{Guo2017HermitianAM}{7}
\bibcite{Brualdi2010SpectraOD}{8}
\bibcite{noauthor_health_1996}{9}
\bibcite{PCI}{10}
\bibcite{PMID:30064421}{11}
\bibcite{Katz}{12}
\bibcite{K_Path_Edge}{13}
\bibcite{PageRank}{14}
\bibcite{Adapted_PageRank}{15}
\bibcite{li_combining_2019}{16}
\bibcite{zeng_cyber_2017}{17}
\bibcite{dominance}{18}
\bibcite{ZENITANI2023103081}{6}
\bibcite{Zeng2019SurveyOA}{7}
\bibcite{ming_diss}{8}
\bibcite{10.1145/3491257}{9}
\bibcite{Guo2017HermitianAM}{10}
\bibcite{Brualdi2010SpectraOD}{11}
\bibcite{noauthor_health_1996}{12}
\bibcite{PCI}{13}
\bibcite{PMID:30064421}{14}
\bibcite{Katz}{15}
\bibcite{ModKatz}{16}
\bibcite{K_Path_Edge}{17}
\bibcite{PageRank}{18}
\bibcite{Adapted_PageRank}{19}
\bibcite{li_combining_2019}{20}
\bibcite{zeng_cyber_2017}{21}
\bibcite{dominance}{22}
\@writefile{toc}{\contentsline {section}{\numberline {VIII}Conclusions and Future Work}{7}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {VIII-A}}Conclusions}{7}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {VIII-B}}Future Work}{7}{}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{Bibliography}{7}{}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{References}{7}{}\protected@file@percent }
\bibstyle{ieeetr}
\@writefile{toc}{\contentsline {section}{\numberline {VIII}Conclusions and Future Work}{7}{section.8}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {VIII-A}}Conclusions}{7}{subsection.8.1}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {VIII-B}}Future Work}{7}{subsection.8.2}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{Bibliography}{7}{subsection.8.2}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{References}{7}{section*.4}\protected@file@percent }
\gdef \@abspage@last{7}
\gdef \@abspage@last{8}

24
Schrick-Noah_CG-Network_Theory.bbl
View File

@ -23,10 +23,23 @@ M.~Newman, {\em Networks: An Introduction}.
\bibitem{Mieghem2018DirectedGA}
P.~V. Mieghem, ``Directed graphs and mysterious complex eigenvalues,'' 2018.
\bibitem{ZENITANI2023103081}
K.~Zenitani, ``Attack graph analysis: An explanatory guide,'' {\em Computers \&
Security}, vol.~126, p.~103081, 2023.
\bibitem{Zeng2019SurveyOA}
J.~Zeng, S.~Wu, Y.~Chen, R.~Zeng, and C.~Wu, ``Survey of attack graph analysis
methods from the perspective of data and knowledge processing,'' {\em Secur.
Commun. Networks}, vol.~2019, pp.~2031063:1--2031063:16, 2019.
\bibitem{ming_diss}
M.~Li, P.~Hawrylak, and J.~Hale, {\em A System for Attack Graph Generation and
Analysis}.
\newblock {PhD} dissertation, The University of Tulsa, Tulsa, OK, 2021.
\bibitem{10.1145/3491257}
M.~Li, P.~Hawrylak, and J.~Hale, ``Strategies for practical hybrid attack graph
generation and analysis,'' {\em Digital Threats}, oct 2021.
\newblock Just Accepted.
\bibitem{Guo2017HermitianAM}
K.~Guo and B.~Mohar, ``Hermitian adjacency matrix of digraphs and mixed
@ -57,6 +70,11 @@ M.~Ashtiani, A.~Salehzadeh-Yazdi, Z.~Razaghi-Moghadam, H.~Hennig,
L.~Katz, ``{A new status index derived from sociometric analysis},'' {\em
Psychometrika}, vol.~18, pp.~39--43, March 1953.
\bibitem{ModKatz}
M.~Ogura and V.~M. Preciado, ``Katz centrality of markovian temporal networks:
Analysis and optimization,'' {\em 2017 American Control Conference (ACC)},
pp.~5001--5006, 2017.
\bibitem{K_Path_Edge}
P.~D. Meo, E.~Ferrara, G.~Fiumara, and A.~Ricciardello, ``A novel measure of
edge centrality in social networks,'' {\em Knowledge-Based Systems}, vol.~30,
@ -79,8 +97,8 @@ M.~Li, P.~Hawrylak, and J.~Hale, ``Combining {OpenCL} and {MPI} to support
Proceeding Series}, 2019.
\bibitem{zeng_cyber_2017}
K.~Zeng, ``Cyber {Attack} {Analysis} {Based} on {Markov} {Process} {Model},''
2017.
K.~Zeng, {\em Cyber {Attack} {Analysis} {Based} on {Markov} {Process} {Model}}.
\newblock PhD thesis, The University of Tulsa, Tulsa, OK, 2017.
\bibitem{dominance}
R.~T. Prosser, ``Applications of boolean matrices to the analysis of flow

61
Schrick-Noah_CG-Network_Theory.blg
View File

@ -4,46 +4,45 @@ The top-level auxiliary file: Schrick-Noah_CG-Network_Theory.aux
The style file: ieeetr.bst
Database file #1: Bibliography.bib
Warning--empty booktitle in Mieghem2018DirectedGA
Warning--empty journal in zeng_cyber_2017
You've used 18 entries,
You've used 22 entries,
1876 wiz_defined-function locations,
587 strings with 6685 characters,
and the built_in function-call counts, 3949 in all, are:
= -- 382
> -- 141
611 strings with 7316 characters,
and the built_in function-call counts, 5311 in all, are:
= -- 537
> -- 181
< -- 0
+ -- 56
- -- 38
* -- 255
:= -- 563
add.period$ -- 22
call.type$ -- 18
change.case$ -- 17
+ -- 71
- -- 49
* -- 336
:= -- 738
add.period$ -- 27
call.type$ -- 22
change.case$ -- 20
chr.to.int$ -- 0
cite$ -- 20
duplicate$ -- 218
empty$ -- 405
format.name$ -- 38
if$ -- 979
cite$ -- 23
duplicate$ -- 292
empty$ -- 516
format.name$ -- 49
if$ -- 1325
int.to.chr$ -- 0
int.to.str$ -- 18
missing$ -- 16
newline$ -- 63
num.names$ -- 17
pop$ -- 74
int.to.str$ -- 22
missing$ -- 18
newline$ -- 76
num.names$ -- 21
pop$ -- 80
preamble$ -- 1
purify$ -- 0
quote$ -- 0
skip$ -- 134
skip$ -- 205
stack$ -- 0
substring$ -- 174
swap$ -- 77
substring$ -- 301
swap$ -- 124
text.length$ -- 0
text.prefix$ -- 0
top$ -- 0
type$ -- 0
warning$ -- 2
while$ -- 30
width$ -- 20
write$ -- 171
(There were 2 warnings)
warning$ -- 1
while$ -- 39
width$ -- 24
write$ -- 213
(There was 1 warning)

577
Schrick-Noah_CG-Network_Theory.log
View File

@ -1,8 +1,8 @@
This is pdfTeX, Version 3.141592653-2.6-1.40.24 (TeX Live 2022/Arch Linux) (preloaded format=pdflatex 2022.11.8) 17 JAN 2023 14:06
This is pdfTeX, Version 3.141592653-2.6-1.40.24 (TeX Live 2022/Arch Linux) (preloaded format=pdflatex 2022.11.8) 17 JAN 2023 15:09
entering extended mode
restricted \write18 enabled.
%&-line parsing enabled.
**Schrick-Noah_CG-Network_Theory.tex
**Schrick-Noah_CG-Network_Theory
(./Schrick-Noah_CG-Network_Theory.tex
LaTeX2e <2021-11-15> patch level 1
L3 programming layer <2022-04-10>
@ -116,12 +116,6 @@ LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <24> not available
) (/usr/share/texmf-dist/tex/latex/setspace/setspace.sty
Package: setspace 2011/12/19 v6.7a set line spacing
)
(/usr/share/texmf-dist/tex/latex/boxedminipage/boxedminipage.sty
Package: boxedminipage 2020/04/19 v1.1 Boxed LaTeX2e minipages
\bmp@box=\box52
\bmp@width=\skip50
\bmp@height=\skip51
)
(/usr/share/texmf-dist/tex/latex/graphics/graphicx.sty
Package: graphicx 2021/09/16 v1.2d Enhanced LaTeX Graphics (DPC,SPQR)
@ -146,86 +140,17 @@ File: pdftex.def 2020/10/05 v1.2a Graphics/color driver for pdftex
\Gin@req@height=\dimen162
\Gin@req@width=\dimen163
)
(/usr/share/texmf-dist/tex/latex/caption/subcaption.sty
Package: subcaption 2022/01/07 v1.5 Sub-captions (AR)
(/usr/share/texmf-dist/tex/latex/caption/caption.sty
Package: caption 2022/03/01 v3.6b Customizing captions (AR)
(/usr/share/texmf-dist/tex/latex/caption/caption3.sty
Package: caption3 2022/03/17 v2.3b caption3 kernel (AR)
\caption@tempdima=\dimen164
\captionmargin=\dimen165
\caption@leftmargin=\dimen166
\caption@rightmargin=\dimen167
\caption@width=\dimen168
\caption@indent=\dimen169
\caption@parindent=\dimen170
\caption@hangindent=\dimen171
Package caption Info: Unknown document class (or package),
(caption) standard defaults will be used.
Package caption Info: \@makecaption = \long macro:#1#2->\ifx \@captype \@IEEEta
blestring \footnotesize \bgroup \par \centering \@IEEEtabletopskipstrut {\norma
lfont \footnotesize #1}\\{\normalfont \footnotesize \scshape #2}\par \addvspace
{0.5\baselineskip }\egroup \@IEEEtablecaptionsepspace \else \@IEEEfigurecaptio
nsepspace \setbox \@tempboxa \hbox {\normalfont \footnotesize {#1.}\nobreakspac
e \nobreakspace #2}\ifdim \wd \@tempboxa >\hsize \setbox \@tempboxa \hbox {\nor
malfont \footnotesize {#1.}\nobreakspace \nobreakspace }\parbox [t]{\hsize }{\n
ormalfont \footnotesize \noindent \unhbox \@tempboxa #2}\else \ifCLASSOPTIONcon
ference \hbox to\hsize {\normalfont \footnotesize \hfil \box \@tempboxa \hfil }
\else \hbox to\hsize {\normalfont \footnotesize \box \@tempboxa \hfil }\fi \fi
\fi on input line 1176.
)
Package caption Warning: Unknown document class (or package),
(caption) standard defaults will be used.
See the caption package documentation for explanation.
\c@caption@flags=\count266
\c@continuedfloat=\count267
)
\c@subfigure=\count268
\c@subtable=\count269
) (/usr/share/texmf-dist/tex/latex/algorithms/algorithm.sty
Package: algorithm 2009/08/24 v0.1 Document Style `algorithm' - floating enviro
nment
(/usr/share/texmf-dist/tex/latex/float/float.sty
Package: float 2001/11/08 v1.3d Float enhancements (AL)
\c@float@type=\count270
\c@float@type=\count266
\float@exts=\toks18
\float@box=\box53
\float@box=\box52
\@float@everytoks=\toks19
\@floatcapt=\box54
\@floatcapt=\box53
)
(/usr/share/texmf-dist/tex/latex/base/ifthen.sty
Package: ifthen 2020/11/24 v1.1c Standard LaTeX ifthen package (DPC)
)
\@float@every@algorithm=\toks20
\c@algorithm=\count271
)
\@float@every@table=\toks21
\@float@every@table=\toks20
(/usr/share/texmf-dist/tex/latex/algorithmicx/algpseudocode.sty
Package: algpseudocode
(/usr/share/texmf-dist/tex/latex/algorithmicx/algorithmicx.sty
Package: algorithmicx 2005/04/27 v1.2 Algorithmicx
Document Style algorithmicx 1.2 - a greatly improved `algorithmic' style
\c@ALG@line=\count272
\c@ALG@rem=\count273
\c@ALG@nested=\count274
\ALG@tlm=\skip52
\ALG@thistlm=\skip53
\c@ALG@Lnr=\count275
\c@ALG@blocknr=\count276
\c@ALG@storecount=\count277
\c@ALG@tmpcounter=\count278
\ALG@tmplength=\skip54
)
Document Style - pseudocode environments for use with the `algorithmicx' style
) (/usr/share/texmf-dist/tex/generic/iftex/ifpdf.sty
(/usr/share/texmf-dist/tex/generic/iftex/ifpdf.sty
Package: ifpdf 2019/10/25 v3.4 ifpdf legacy package. Use iftex instead.
(/usr/share/texmf-dist/tex/generic/iftex/iftex.sty
@ -233,13 +158,13 @@ Package: iftex 2022/02/03 v1.0f TeX engine tests
))
(/usr/share/texmf-dist/tex/generic/babel/babel.sty
Package: babel 2022/02/26 3.73 The Babel package
\babel@savecnt=\count279
\U@D=\dimen172
\babel@savecnt=\count267
\U@D=\dimen164
\l@unhyphenated=\language87
(/usr/share/texmf-dist/tex/generic/babel/txtbabel.def)
\bbl@readstream=\read2
\bbl@dirlevel=\count280
\bbl@dirlevel=\count268
Package babel Info: You haven't specified a language. I'll use 'nil'
(babel) as the main language. Reported on input line 4305.
@ -250,175 +175,10 @@ Language: nil 2022/02/26 3.73 Nil language
(/usr/share/texmf-dist/tex/latex/doublestroke/dsfont.sty
Package: dsfont 1995/08/01 v0.1 Double stroke roman fonts
)
(/usr/share/texmf-dist/tex/latex/xcolor/xcolor.sty
Package: xcolor 2021/10/31 v2.13 LaTeX color extensions (UK)
(/usr/share/texmf-dist/tex/latex/graphics-cfg/color.cfg
File: color.cfg 2016/01/02 v1.6 sample color configuration
)
Package xcolor Info: Driver file: pdftex.def on input line 227.
(/usr/share/texmf-dist/tex/latex/colortbl/colortbl.sty
Package: colortbl 2020/01/04 v1.0e Color table columns (DPC)
(/usr/share/texmf-dist/tex/latex/tools/array.sty
Package: array 2021/10/04 v2.5f Tabular extension package (FMi)
\col@sep=\dimen173
\ar@mcellbox=\box55
\extrarowheight=\dimen174
\NC@list=\toks22
\extratabsurround=\skip55
\backup@length=\skip56
\ar@cellbox=\box56
)
\everycr=\toks23
\minrowclearance=\skip57
)
\rownum=\count281
Package xcolor Info: Model `cmy' substituted by `cmy0' on input line 1352.
Package xcolor Info: Model `hsb' substituted by `rgb' on input line 1356.
Package xcolor Info: Model `RGB' extended on input line 1368.
Package xcolor Info: Model `HTML' substituted by `rgb' on input line 1370.
Package xcolor Info: Model `Hsb' substituted by `hsb' on input line 1371.
Package xcolor Info: Model `tHsb' substituted by `hsb' on input line 1372.
Package xcolor Info: Model `HSB' substituted by `hsb' on input line 1373.
Package xcolor Info: Model `Gray' substituted by `gray' on input line 1374.
Package xcolor Info: Model `wave' substituted by `hsb' on input line 1375.
)
(/usr/share/texmf-dist/tex/latex/hyperref/hyperref.sty
Package: hyperref 2022-02-21 v7.00n Hypertext links for LaTeX
(/usr/share/texmf-dist/tex/generic/ltxcmds/ltxcmds.sty
Package: ltxcmds 2020-05-10 v1.25 LaTeX kernel commands for general use (HO)
)
(/usr/share/texmf-dist/tex/generic/pdftexcmds/pdftexcmds.sty
Package: pdftexcmds 2020-06-27 v0.33 Utility functions of pdfTeX for LuaTeX (HO
)
(/usr/share/texmf-dist/tex/generic/infwarerr/infwarerr.sty
Package: infwarerr 2019/12/03 v1.5 Providing info/warning/error messages (HO)
)
Package pdftexcmds Info: \pdf@primitive is available.
Package pdftexcmds Info: \pdf@ifprimitive is available.
Package pdftexcmds Info: \pdfdraftmode found.
)
(/usr/share/texmf-dist/tex/generic/kvsetkeys/kvsetkeys.sty
Package: kvsetkeys 2019/12/15 v1.18 Key value parser (HO)
)
(/usr/share/texmf-dist/tex/generic/kvdefinekeys/kvdefinekeys.sty
Package: kvdefinekeys 2019-12-19 v1.6 Define keys (HO)
)
(/usr/share/texmf-dist/tex/generic/pdfescape/pdfescape.sty
Package: pdfescape 2019/12/09 v1.15 Implements pdfTeX's escape features (HO)
)
(/usr/share/texmf-dist/tex/latex/hycolor/hycolor.sty
Package: hycolor 2020-01-27 v1.10 Color options for hyperref/bookmark (HO)
)
(/usr/share/texmf-dist/tex/latex/letltxmacro/letltxmacro.sty
Package: letltxmacro 2019/12/03 v1.6 Let assignment for LaTeX macros (HO)
)
(/usr/share/texmf-dist/tex/latex/auxhook/auxhook.sty
Package: auxhook 2019-12-17 v1.6 Hooks for auxiliary files (HO)
)
(/usr/share/texmf-dist/tex/latex/kvoptions/kvoptions.sty
Package: kvoptions 2020-10-07 v3.14 Key value format for package options (HO)
)
\@linkdim=\dimen175
\Hy@linkcounter=\count282
\Hy@pagecounter=\count283
(/usr/share/texmf-dist/tex/latex/hyperref/pd1enc.def
File: pd1enc.def 2022-02-21 v7.00n Hyperref: PDFDocEncoding definition (HO)
Now handling font encoding PD1 ...
... no UTF-8 mapping file for font encoding PD1
)
(/usr/share/texmf-dist/tex/generic/intcalc/intcalc.sty
Package: intcalc 2019/12/15 v1.3 Expandable calculations with integers (HO)
)
(/usr/share/texmf-dist/tex/generic/etexcmds/etexcmds.sty
Package: etexcmds 2019/12/15 v1.7 Avoid name clashes with e-TeX commands (HO)
)
\Hy@SavedSpaceFactor=\count284
(/usr/share/texmf-dist/tex/latex/hyperref/puenc.def
File: puenc.def 2022-02-21 v7.00n Hyperref: PDF Unicode definition (HO)
Now handling font encoding PU ...
... no UTF-8 mapping file for font encoding PU
)
Package hyperref Info: Hyper figures OFF on input line 4137.
Package hyperref Info: Link nesting OFF on input line 4142.
Package hyperref Info: Hyper index ON on input line 4145.
Package hyperref Info: Plain pages OFF on input line 4152.
Package hyperref Info: Backreferencing OFF on input line 4157.
Package hyperref Info: Implicit mode ON; LaTeX internals redefined.
Package hyperref Info: Bookmarks ON on input line 4390.
\c@Hy@tempcnt=\count285
(/usr/share/texmf-dist/tex/latex/url/url.sty
\Urlmuskip=\muskip16
Package: url 2013/09/16 ver 3.4 Verb mode for urls, etc.
)
LaTeX Info: Redefining \url on input line 4749.
\XeTeXLinkMargin=\dimen176
(/usr/share/texmf-dist/tex/generic/bitset/bitset.sty
Package: bitset 2019/12/09 v1.3 Handle bit-vector datatype (HO)
(/usr/share/texmf-dist/tex/generic/bigintcalc/bigintcalc.sty
Package: bigintcalc 2019/12/15 v1.5 Expandable calculations on big integers (HO
)
))
\Fld@menulength=\count286
\Field@Width=\dimen177
\Fld@charsize=\dimen178
Package hyperref Info: Hyper figures OFF on input line 6027.
Package hyperref Info: Link nesting OFF on input line 6032.
Package hyperref Info: Hyper index ON on input line 6035.
Package hyperref Info: backreferencing OFF on input line 6042.
Package hyperref Info: Link coloring OFF on input line 6047.
Package hyperref Info: Link coloring with OCG OFF on input line 6052.
Package hyperref Info: PDF/A mode OFF on input line 6057.
LaTeX Info: Redefining \ref on input line 6097.
LaTeX Info: Redefining \pageref on input line 6101.
(/usr/share/texmf-dist/tex/latex/base/atbegshi-ltx.sty
Package: atbegshi-ltx 2021/01/10 v1.0c Emulation of the original atbegshi
package with kernel methods
)
\Hy@abspage=\count287
\c@Item=\count288
\c@Hfootnote=\count289
)
Package hyperref Info: Driver (autodetected): hpdftex.
(/usr/share/texmf-dist/tex/latex/hyperref/hpdftex.def
File: hpdftex.def 2022-02-21 v7.00n Hyperref driver for pdfTeX
(/usr/share/texmf-dist/tex/latex/base/atveryend-ltx.sty
Package: atveryend-ltx 2020/08/19 v1.0a Emulation of the original atveryend pac
kage
with kernel methods
)
\Fld@listcount=\count290
\c@bookmark@seq@number=\count291
(/usr/share/texmf-dist/tex/latex/rerunfilecheck/rerunfilecheck.sty
Package: rerunfilecheck 2019/12/05 v1.9 Rerun checks for auxiliary files (HO)
(/usr/share/texmf-dist/tex/generic/uniquecounter/uniquecounter.sty
Package: uniquecounter 2019/12/15 v1.4 Provide unlimited unique counter (HO)
)
Package uniquecounter Info: New unique counter `rerunfilecheck' on input line 2
86.
)
\Hy@SectionHShift=\skip58
)
Package hyperref Info: Option `colorlinks' set `true' on input line 25.
(/usr/share/texmf-dist/tex/latex/base/inputenc.sty
Package: inputenc 2021/02/14 v1.3d Input encoding file
\inpenc@prehook=\toks24
\inpenc@posthook=\toks25
\inpenc@prehook=\toks21
\inpenc@posthook=\toks22
)
(/usr/share/texmf-dist/tex/latex/tools/indentfirst.sty
Package: indentfirst 1995/11/23 v1.03 Indent first paragraph (DPC)
@ -426,83 +186,101 @@ Package: indentfirst 1995/11/23 v1.03 Indent first paragraph (DPC)
(/usr/share/texmf-dist/tex/latex/tocloft/tocloft.sty
Package: tocloft 2017/08/31 v2.3i parameterised ToC, etc., typesetting
Package tocloft Info: The document has section divisions on input line 51.
\cftparskip=\skip59
\cftbeforetoctitleskip=\skip60
\cftaftertoctitleskip=\skip61
\cftbeforesecskip=\skip62
\cftsecindent=\skip63
\cftsecnumwidth=\skip64
\cftbeforesubsecskip=\skip65
\cftsubsecindent=\skip66
\cftsubsecnumwidth=\skip67
\cftbeforesubsubsecskip=\skip68
\cftsubsubsecindent=\skip69
\cftsubsubsecnumwidth=\skip70
\cftbeforeparaskip=\skip71
\cftparaindent=\skip72
\cftparanumwidth=\skip73
\cftbeforesubparaskip=\skip74
\cftsubparaindent=\skip75
\cftsubparanumwidth=\skip76
\cftbeforeloftitleskip=\skip77
\cftafterloftitleskip=\skip78
\cftbeforefigskip=\skip79
\cftfigindent=\skip80
\cftfignumwidth=\skip81
\c@lofdepth=\count292
\c@lotdepth=\count293
\cftbeforelottitleskip=\skip82
\cftafterlottitleskip=\skip83
\cftbeforetabskip=\skip84
\cfttabindent=\skip85
\cfttabnumwidth=\skip86
\cftparskip=\skip50
\cftbeforetoctitleskip=\skip51
\cftaftertoctitleskip=\skip52
\cftbeforesecskip=\skip53
\cftsecindent=\skip54
\cftsecnumwidth=\skip55
\cftbeforesubsecskip=\skip56
\cftsubsecindent=\skip57
\cftsubsecnumwidth=\skip58
\cftbeforesubsubsecskip=\skip59
\cftsubsubsecindent=\skip60
\cftsubsubsecnumwidth=\skip61
\cftbeforeparaskip=\skip62
\cftparaindent=\skip63
\cftparanumwidth=\skip64
\cftbeforesubparaskip=\skip65
\cftsubparaindent=\skip66
\cftsubparanumwidth=\skip67
\cftbeforeloftitleskip=\skip68
\cftafterloftitleskip=\skip69
\cftbeforefigskip=\skip70
\cftfigindent=\skip71
\cftfignumwidth=\skip72
\c@lofdepth=\count269
\c@lotdepth=\count270
\cftbeforelottitleskip=\skip73
\cftafterlottitleskip=\skip74
\cftbeforetabskip=\skip75
\cfttabindent=\skip76
\cfttabnumwidth=\skip77
)
(/usr/share/texmf-dist/tex/latex/l3backend/l3backend-pdftex.def
File: l3backend-pdftex.def 2022-04-14 L3 backend support: PDF output (pdfTeX)
\l__color_backend_stack_int=\count294
\l__pdf_internal_box=\box57
\l__color_backend_stack_int=\count271
\l__pdf_internal_box=\box54
)
(./Schrick-Noah_CG-Network_Theory.aux)
\openout1 = `Schrick-Noah_CG-Network_Theory.aux'.
LaTeX Font Info: Checking defaults for OML/cmm/m/it on input line 36.
LaTeX Font Info: ... okay on input line 36.
LaTeX Font Info: Checking defaults for OMS/cmsy/m/n on input line 36.
LaTeX Font Info: ... okay on input line 36.
LaTeX Font Info: Checking defaults for OT1/cmr/m/n on input line 36.
LaTeX Font Info: ... okay on input line 36.
LaTeX Font Info: Checking defaults for T1/cmr/m/n on input line 36.
LaTeX Font Info: ... okay on input line 36.
LaTeX Font Info: Checking defaults for TS1/cmr/m/n on input line 36.
LaTeX Font Info: ... okay on input line 36.
LaTeX Font Info: Checking defaults for OMX/cmex/m/n on input line 36.
LaTeX Font Info: ... okay on input line 36.
LaTeX Font Info: Checking defaults for U/cmr/m/n on input line 36.
LaTeX Font Info: ... okay on input line 36.
LaTeX Font Info: Checking defaults for PD1/pdf/m/n on input line 36.
LaTeX Font Info: ... okay on input line 36.
LaTeX Font Info: Checking defaults for PU/pdf/m/n on input line 36.
LaTeX Font Info: ... okay on input line 36.
LaTeX Font Info: Checking defaults for OML/cmm/m/it on input line 23.
LaTeX Font Info: ... okay on input line 23.
LaTeX Font Info: Checking defaults for OMS/cmsy/m/n on input line 23.
LaTeX Font Info: ... okay on input line 23.
LaTeX Font Info: Checking defaults for OT1/cmr/m/n on input line 23.
LaTeX Font Info: ... okay on input line 23.
LaTeX Font Info: Checking defaults for T1/cmr/m/n on input line 23.
LaTeX Font Info: ... okay on input line 23.
LaTeX Font Info: Checking defaults for TS1/cmr/m/n on input line 23.
LaTeX Font Info: ... okay on input line 23.
LaTeX Font Info: Checking defaults for OMX/cmex/m/n on input line 23.
LaTeX Font Info: ... okay on input line 23.
LaTeX Font Info: Checking defaults for U/cmr/m/n on input line 23.
LaTeX Font Info: ... okay on input line 23.
-- Lines per column: 56 (exact).
(/usr/share/texmf-dist/tex/context/base/mkii/supp-pdf.mkii
[Loading MPS to PDF converter (version 2006.09.02).]
\scratchcounter=\count295
\scratchdimen=\dimen179
\scratchbox=\box58
\nofMPsegments=\count296
\nofMParguments=\count297
\everyMPshowfont=\toks26
\MPscratchCnt=\count298
\MPscratchDim=\dimen180
\MPnumerator=\count299
\makeMPintoPDFobject=\count300
\everyMPtoPDFconversion=\toks27
\scratchcounter=\count272
\scratchdimen=\dimen165
\scratchbox=\box55
\nofMPsegments=\count273
\nofMParguments=\count274
\everyMPshowfont=\toks23
\MPscratchCnt=\count275
\MPscratchDim=\dimen166
\MPnumerator=\count276
\makeMPintoPDFobject=\count277
\everyMPtoPDFconversion=\toks24
) (/usr/share/texmf-dist/tex/latex/epstopdf-pkg/epstopdf-base.sty
Package: epstopdf-base 2020-01-24 v2.11 Base part for package epstopdf
(/usr/share/texmf-dist/tex/generic/infwarerr/infwarerr.sty
Package: infwarerr 2019/12/03 v1.5 Providing info/warning/error messages (HO)
)
(/usr/share/texmf-dist/tex/latex/grfext/grfext.sty
Package: grfext 2019/12/03 v1.3 Manage graphics extensions (HO)
(/usr/share/texmf-dist/tex/generic/kvdefinekeys/kvdefinekeys.sty
Package: kvdefinekeys 2019-12-19 v1.6 Define keys (HO)
))
(/usr/share/texmf-dist/tex/latex/kvoptions/kvoptions.sty
Package: kvoptions 2020-10-07 v3.14 Key value format for package options (HO)
(/usr/share/texmf-dist/tex/generic/ltxcmds/ltxcmds.sty
Package: ltxcmds 2020-05-10 v1.25 LaTeX kernel commands for general use (HO)
)
(/usr/share/texmf-dist/tex/generic/kvsetkeys/kvsetkeys.sty
Package: kvsetkeys 2019/12/15 v1.18 Key value parser (HO)
))
(/usr/share/texmf-dist/tex/generic/pdftexcmds/pdftexcmds.sty
Package: pdftexcmds 2020-06-27 v0.33 Utility functions of pdfTeX for LuaTeX (HO
)
Package pdftexcmds Info: \pdf@primitive is available.
Package pdftexcmds Info: \pdf@ifprimitive is available.
Package pdftexcmds Info: \pdfdraftmode found.
)
Package epstopdf-base Info: Redefining graphics rule for `.eps' on input line 4
85.
@ -515,54 +293,28 @@ G,.JBIG2,.JB2,.eps]
File: epstopdf-sys.cfg 2010/07/13 v1.3 Configuration of (r)epstopdf for TeX Liv
e
))
Package caption Info: Begin \AtBeginDocument code.
Package caption Info: float package is loaded.
Package caption Info: hyperref package is loaded.
Package caption Info: End \AtBeginDocument code.
Package hyperref Info: Link coloring ON on input line 36.
(/usr/share/texmf-dist/tex/latex/hyperref/nameref.sty
Package: nameref 2021-04-02 v2.47 Cross-referencing by name of section
(/usr/share/texmf-dist/tex/latex/refcount/refcount.sty
Package: refcount 2019/12/15 v3.6 Data extraction from label references (HO)
)
(/usr/share/texmf-dist/tex/generic/gettitlestring/gettitlestring.sty
Package: gettitlestring 2019/12/15 v1.6 Cleanup title references (HO)
)
\c@section@level=\count301
)
LaTeX Info: Redefining \ref on input line 36.
LaTeX Info: Redefining \pageref on input line 36.
LaTeX Info: Redefining \nameref on input line 36.
(./Schrick-Noah_CG-Network_Theory.out) (./Schrick-Noah_CG-Network_Theory.out)
\@outlinefile=\write3
\openout3 = `Schrick-Noah_CG-Network_Theory.out'.
Underfull \hbox (badness 2922) in paragraph at lines 64--67
Underfull \hbox (badness 2922) in paragraph at lines 51--54
[]\OT1/ptm/b/it/9 Abstract\OT1/ptm/b/n/9 ---Compliance graphs are generated gra
phs (or
[]
Underfull \hbox (badness 1371) in paragraph at lines 64--67
Underfull \hbox (badness 1371) in paragraph at lines 51--54
\OT1/ptm/b/n/9 can be used to identify possible correction or mitigation
[]
Underfull \hbox (badness 10000) in paragraph at lines 69--71
Underfull \hbox (badness 10000) in paragraph at lines 56--58
[]\OT1/ptm/b/it/9 Index Terms\OT1/ptm/b/n/9 ---Attack Graph; Compliance Graph;
[]
Underfull \hbox (badness 3128) in paragraph at lines 77--78
Underfull \hbox (badness 3128) in paragraph at lines 64--65
\OT1/ptm/m/n/10 compliance graphs is focused less on certain security
[]
Underfull \hbox (badness 1365) in paragraph at lines 82--83
Underfull \hbox (badness 1365) in paragraph at lines 69--70
\OT1/ptm/m/n/10 involved compared to their undirected counterparts. The
[]
@ -570,103 +322,109 @@ Underfull \hbox (badness 1365) in paragraph at lines 82--83
]
Underfull \hbox (badness 1688) in paragraph at lines 85--86
Underfull \hbox (badness 1688) in paragraph at lines 74--75
\OT1/ptm/m/n/10 work examining directed, undirected, and mixed graphs
[]
Underfull \hbox (badness 2698) in paragraph at lines 88--89
Underfull \hbox (badness 2698) in paragraph at lines 77--78
[]\OT1/ptm/m/n/10 The work conducted in this approach utilized three
[]
LaTeX Warning: No positions in optional float specifier.
Default added (so using `tbp') on input line 90.
Default added (so using `tbp') on input line 79.
LaTeX Font Info: External font `cmex10' loaded for size
(Font) <7> on input line 93.
(Font) <7> on input line 82.
LaTeX Font Info: External font `cmex10' loaded for size
(Font) <5> on input line 93.
(Font) <5> on input line 82.
Underfull \hbox (badness 1448) in paragraph at lines 106--107
\OT1/ptm/m/n/10 importance in networks. By determining the importance
Underfull \hbox (badness 1590) in paragraph at lines 95--96
\OT1/ptm/m/n/10 implemented in order to determine node importance in
[]
[2]
[2] [3]
LaTeX Font Info: Trying to load font information for U+dsrom on input line 1
56.
45.
(/usr/share/texmf-dist/tex/latex/doublestroke/Udsrom.fd
File: Udsrom.fd 1995/08/01 v0.1 Double stroke roman font definitions
) [3]
<./images/TC.png, id=177, 378.41376pt x 522.95375pt>
)
<./images/TC.png, id=23, 378.41376pt x 522.95375pt>
File: ./images/TC.png Graphic file (type png)
<use ./images/TC.png>
Package pdftex.def Info: ./images/TC.png used on input line 171.
Package pdftex.def Info: ./images/TC.png used on input line 159.
(pdftex.def) Requested size: 227.05pt x 313.77466pt.
<./images/dom_net.png, id=180, 319.1925pt x 432.61626pt>
<./images/dom_net.png, id=25, 319.1925pt x 432.61626pt>
File: ./images/dom_net.png Graphic file (type png)
<use ./images/dom_net.png>
Package pdftex.def Info: ./images/dom_net.png used on input line 187.
Package pdftex.def Info: ./images/dom_net.png used on input line 173.
(pdftex.def) Requested size: 191.51697pt x 259.57176pt.
<./images/dom_tree.png, id=181, 352.31625pt x 312.16624pt>
<./images/dom_tree.png, id=26, 352.31625pt x 312.16624pt>
File: ./images/dom_tree.png Graphic file (type png)
<use ./images/dom_tree.png>
Package pdftex.def Info: ./images/dom_tree.png used on input line 194.
Package pdftex.def Info: ./images/dom_tree.png used on input line 180.
(pdftex.def) Requested size: 211.39137pt x 187.3012pt.
[4 <./images/TC.png>]
LaTeX Warning: No positions in optional float specifier.
Default added (so using `tbp') on input line 207.
Default added (so using `tbp') on input line 193.
LaTeX Warning: No positions in optional float specifier.
Default added (so using `tbp') on input line 240.
Default added (so using `tbp') on input line 226.
LaTeX Warning: No positions in optional float specifier.
Default added (so using `tbp') on input line 273.
Default added (so using `tbp') on input line 259.
LaTeX Warning: No positions in optional float specifier.
Default added (so using `tbp') on input line 306.
Default added (so using `tbp') on input line 292.
LaTeX Warning: No positions in optional float specifier.
Default added (so using `tbp') on input line 339.
Default added (so using `tbp') on input line 325.
Underfull \hbox (badness 10000) in paragraph at lines 373--374
Underfull \hbox (badness 10000) in paragraph at lines 359--360
[]\OT1/ptm/m/n/10 When viewing the results of the car networks,
[]
Underfull \hbox (badness 1997) in paragraph at lines 373--374
Underfull \hbox (badness 1997) in paragraph at lines 359--360
\OT1/ptm/m/n/10 based on additional metrics, such as severity, cost, or
[]
[5 <./images/dom_net.png> <./images/dom_tree.png>]
Underfull \hbox (badness 3428) in paragraph at lines 375--376
Underfull \hbox (badness 3428) in paragraph at lines 361--362
\OT1/ptm/m/n/10 their original compliance graph rankings. As expected
[]
Underfull \hbox (badness 1789) in paragraph at lines 377--378
Underfull \vbox (badness 1147) has occurred while \output is active []
Underfull \hbox (badness 1789) in paragraph at lines 363--364
[]\OT1/ptm/m/n/10 For the dominant tree representation, it was initially
[]
Underfull \hbox (badness 3009) in paragraph at lines 377--378
Underfull \hbox (badness 3009) in paragraph at lines 363--364
\OT1/ptm/m/n/10 hypothesized that nodes ranked highly in the original
[]
Underfull \vbox (badness 1147) has occurred while \output is active []
[6]
Underfull \hbox (badness 1688) in paragraph at lines 381--382
Underfull \hbox (badness 1688) in paragraph at lines 367--368
\OT1/ptm/m/n/10 correction measures. In addition, transitive closures and
[]
Underfull \hbox (badness 2591) in paragraph at lines 384--385
\OT1/ptm/m/n/10 different networks along with various node importance
Underfull \hbox (badness 2913) in paragraph at lines 370--371
\OT1/ptm/m/n/10 importance rankings, it would be useful to artificially
[]
(./Schrick-Noah_CG-Network_Theory.bbl
@ -675,41 +433,46 @@ Underfull \hbox (badness 1442) in paragraph at lines 9--14
[]
Underfull \hbox (badness 3148) in paragraph at lines 36--38
Underfull \hbox (badness 3148) in paragraph at lines 49--51
[]\OT1/ptm/m/n/8 R. A. Brualdi, ``Spectra of digraphs,'' \OT1/ptm/m/it/8 Linear
Algebra and its
[]
Underfull \hbox (badness 10000) in paragraph at lines 40--43
Underfull \hbox (badness 10000) in paragraph at lines 53--56
[]\OT1/ptm/m/n/8 ``Health Insurance Portability and Accountability Act of
[]
Underfull \hbox (badness 10000) in paragraph at lines 40--43
Underfull \hbox (badness 10000) in paragraph at lines 53--56
\OT1/ptm/m/n/8 1996.'' Pub. L. No. 104-191. 1996 [Online]. Available:
[]
Underfull \hbox (badness 10000) in paragraph at lines 40--43
Underfull \hbox (badness 10000) in paragraph at lines 53--56
\OT1/ptm/m/n/8 https://www.govinfo.gov/content/pkg/PLAW-104publ191/html/PLAW-
[]
LaTeX Font Info: External font `cmex10' loaded for size
(Font) <8> on input line 48.
(Font) <8> on input line 61.
LaTeX Font Info: External font `cmex10' loaded for size
(Font) <6> on input line 48.
(Font) <6> on input line 61.
Underfull \hbox (badness 10000) in paragraph at lines 45--49
Underfull \hbox (badness 10000) in paragraph at lines 58--62
[]\OT1/ptm/m/n/8 P. S. S. Council, ``Payment Card Industry (PCI)
[]
Underfull \hbox (badness 10000) in paragraph at lines 45--49
Underfull \hbox (badness 10000) in paragraph at lines 58--62
\OT1/ptm/m/n/8 Data Security Standard,'' May 2018. Available:
[]
)
Underfull \hbox (badness 2698) in paragraph at lines 74--77
[]\OT1/ptm/m/n/8 M. Ogura and V. M. Preciado, ``Katz centrality of markovian
[]
[7])
** Conference Paper **
Before submitting the final camera ready copy, remember to:
@ -721,34 +484,32 @@ Before submitting the final camera ready copy, remember to:
uses only Type 1 fonts and that every step in the generation
process uses the appropriate paper size.
[7] (./Schrick-Noah_CG-Network_Theory.aux)
Package rerunfilecheck Info: File `Schrick-Noah_CG-Network_Theory.out' has not
changed.
(rerunfilecheck) Checksum: 4EDC27A4E0124511FE5F0D9F4460A407;3570.
)
[8
] (./Schrick-Noah_CG-Network_Theory.aux) )
Here is how much of TeX's memory you used:
13113 strings out of 478238
218238 string characters out of 5850456
581314 words of memory out of 5000000
31115 multiletter control sequences out of 15000+600000
4240 strings out of 478238
76909 string characters out of 5850456
447946 words of memory out of 5000000
22422 multiletter control sequences out of 15000+600000
503172 words of font info for 89 fonts, out of 8000000 for 9000
1141 hyphenation exceptions out of 8191
67i,9n,77p,1799b,338s stack positions out of 5000i,500n,10000p,200000b,80000s
{/usr/share/texmf-dist/fonts/enc/dvips/base/8r.enc}</usr/share/texmf-dist/fon
ts/type1/public/amsfonts/cm/cmex10.pfb></usr/share/texmf-dist/fonts/type1/publi
c/amsfonts/cm/cmmi10.pfb></usr/share/texmf-dist/fonts/type1/public/amsfonts/cm/
cmmi7.pfb></usr/share/texmf-dist/fonts/type1/public/amsfonts/cm/cmr10.pfb></usr
/share/texmf-dist/fonts/type1/public/amsfonts/cm/cmr7.pfb></usr/share/texmf-dis
t/fonts/type1/public/amsfonts/cm/cmsy10.pfb></usr/share/texmf-dist/fonts/type1/
public/amsfonts/cm/cmsy7.pfb></usr/share/texmf-dist/fonts/type1/public/doublest
roke/dsrom10.pfb></usr/share/texmf-dist/fonts/type1/urw/times/utmb8a.pfb></usr/
share/texmf-dist/fonts/type1/urw/times/utmbi8a.pfb></usr/share/texmf-dist/fonts
/type1/urw/times/utmr8a.pfb></usr/share/texmf-dist/fonts/type1/urw/times/utmri8
a.pfb>
Output written on Schrick-Noah_CG-Network_Theory.pdf (7 pages, 202591 bytes).
60i,9n,67p,1800b,261s stack positions out of 5000i,500n,10000p,200000b,80000s
{/usr/share/texmf-dist/fonts/enc/dvip
s/base/8r.enc}</usr/share/texmf-dist/fonts/type1/public/amsfonts/cm/cmex10.pfb>
</usr/share/texmf-dist/fonts/type1/public/amsfonts/cm/cmmi10.pfb></usr/share/te
xmf-dist/fonts/type1/public/amsfonts/cm/cmmi7.pfb></usr/share/texmf-dist/fonts/
type1/public/amsfonts/cm/cmr10.pfb></usr/share/texmf-dist/fonts/type1/public/am
sfonts/cm/cmr7.pfb></usr/share/texmf-dist/fonts/type1/public/amsfonts/cm/cmsy10
.pfb></usr/share/texmf-dist/fonts/type1/public/amsfonts/cm/cmsy7.pfb></usr/shar
e/texmf-dist/fonts/type1/public/doublestroke/dsrom10.pfb></usr/share/texmf-dist
/fonts/type1/urw/times/utmb8a.pfb></usr/share/texmf-dist/fonts/type1/urw/times/
utmbi8a.pfb></usr/share/texmf-dist/fonts/type1/urw/times/utmr8a.pfb></usr/share
/texmf-dist/fonts/type1/urw/times/utmri8a.pfb>
Output written on Schrick-Noah_CG-Network_Theory.pdf (8 pages, 198849 bytes).
PDF statistics:
291 PDF objects out of 1000 (max. 8388607)
248 compressed objects within 3 object streams
64 named destinations out of 1000 (max. 500000)
208 words of extra memory for PDF output out of 10000 (max. 10000000)
99 PDF objects out of 1000 (max. 8388607)
58 compressed objects within 1 object stream
0 named destinations out of 1000 (max. 500000)
16 words of extra memory for PDF output out of 10000 (max. 10000000)

20
Schrick-Noah_CG-Network_Theory.out
View File

@ -11,14 +11,12 @@
\BOOKMARK [2][-]{subsection.4.5}{\376\377\000K\000-\000P\000a\000t\000h\000\040\000E\000d\000g\000e}{section.4}% 11
\BOOKMARK [2][-]{subsection.4.6}{\376\377\000A\000d\000a\000p\000t\000e\000d\000\040\000P\000a\000g\000e\000\040\000R\000a\000n\000k}{section.4}% 12
\BOOKMARK [1][-]{section.5}{\376\377\000T\000r\000a\000n\000s\000i\000t\000i\000v\000e\000\040\000C\000l\000o\000s\000u\000r\000e}{}% 13
\BOOKMARK [2][-]{subsection.5.1}{\376\377\000I\000n\000t\000r\000o\000d\000u\000c\000t\000i\000o\000n\000\040\000a\000n\000d\000\040\000A\000p\000p\000l\000i\000c\000a\000t\000i\000o\000n}{section.5}% 14
\BOOKMARK [1][-]{section.6}{\376\377\000D\000o\000m\000i\000n\000a\000n\000t\000\040\000T\000r\000e\000e}{}% 15
\BOOKMARK [2][-]{subsection.6.1}{\376\377\000I\000n\000t\000r\000o\000d\000u\000c\000t\000i\000o\000n\000\040\000a\000n\000d\000\040\000A\000p\000p\000l\000i\000c\000a\000t\000i\000o\000n}{section.6}% 16
\BOOKMARK [1][-]{section.7}{\376\377\000R\000e\000s\000u\000l\000t\000s\000\040\000a\000n\000d\000\040\000R\000e\000s\000u\000l\000t\000\040\000A\000n\000a\000l\000y\000s\000i\000s}{}% 17
\BOOKMARK [2][-]{subsection.7.1}{\376\377\000R\000e\000s\000u\000l\000t\000s}{section.7}% 18
\BOOKMARK [2][-]{subsection.7.2}{\376\377\000R\000e\000s\000u\000l\000t\000\040\000A\000n\000a\000l\000y\000s\000i\000s}{section.7}% 19
\BOOKMARK [1][-]{section.8}{\376\377\000C\000o\000n\000c\000l\000u\000s\000i\000o\000n\000s\000\040\000a\000n\000d\000\040\000F\000u\000t\000u\000r\000e\000\040\000W\000o\000r\000k}{}% 20
\BOOKMARK [2][-]{subsection.8.1}{\376\377\000C\000o\000n\000c\000l\000u\000s\000i\000o\000n\000s}{section.8}% 21
\BOOKMARK [2][-]{subsection.8.2}{\376\377\000F\000u\000t\000u\000r\000e\000\040\000W\000o\000r\000k}{section.8}% 22
\BOOKMARK [1][-]{subsection.8.2}{\376\377\000B\000i\000b\000l\000i\000o\000g\000r\000a\000p\000h\000y}{}% 23
\BOOKMARK [1][-]{section*.4}{\376\377\000R\000e\000f\000e\000r\000e\000n\000c\000e\000s}{}% 24
\BOOKMARK [1][-]{section.6}{\376\377\000D\000o\000m\000i\000n\000a\000n\000t\000\040\000T\000r\000e\000e}{}% 14
\BOOKMARK [1][-]{section.7}{\376\377\000R\000e\000s\000u\000l\000t\000s\000\040\000a\000n\000d\000\040\000R\000e\000s\000u\000l\000t\000\040\000A\000n\000a\000l\000y\000s\000i\000s}{}% 15
\BOOKMARK [2][-]{subsection.7.1}{\376\377\000R\000e\000s\000u\000l\000t\000s}{section.7}% 16
\BOOKMARK [2][-]{subsection.7.2}{\376\377\000R\000e\000s\000u\000l\000t\000\040\000A\000n\000a\000l\000y\000s\000i\000s}{section.7}% 17
\BOOKMARK [1][-]{section.8}{\376\377\000C\000o\000n\000c\000l\000u\000s\000i\000o\000n\000s\000\040\000a\000n\000d\000\040\000F\000u\000t\000u\000r\000e\000\040\000W\000o\000r\000k}{}% 18
\BOOKMARK [2][-]{subsection.8.1}{\376\377\000C\000o\000n\000c\000l\000u\000s\000i\000o\000n\000s}{section.8}% 19
\BOOKMARK [2][-]{subsection.8.2}{\376\377\000F\000u\000t\000u\000r\000e\000\040\000W\000o\000r\000k}{section.8}% 20
\BOOKMARK [1][-]{subsection.8.2}{\376\377\000B\000i\000b\000l\000i\000o\000g\000r\000a\000p\000h\000y}{}% 21
\BOOKMARK [1][-]{section*.1}{\376\377\000R\000e\000f\000e\000r\000e\000n\000c\000e\000s}{}% 22

BIN
Schrick-Noah_CG-Network_Theory.pdf
View File

Binary file not shown.

30
Schrick-Noah_CG-Network_Theory.tex
View File

@ -1,28 +1,15 @@
\documentclass[conference]{IEEEtran}
\RequirePackage{setspace}
\usepackage{boxedminipage}
\usepackage{graphicx} % Images
\graphicspath{ {./images/} }
\usepackage{subcaption} % Captions on subfigures
\usepackage{algorithm} % Math and Big Oh
\usepackage{float} % Table captions on top
\floatstyle{plaintop}
\restylefloat{table}
\usepackage[noend]{algpseudocode}
\usepackage{ifpdf} % Detect PDF or DVI mode
\usepackage{babel} % Bibliography
\usepackage{dsfont} % mathbb
\usepackage[table,xcdraw]{xcolor} % Highlighted cells for tables
\usepackage[hidelinks]{hyperref} % Clickable TOC Links
\hypersetup{
colorlinks,
citecolor=black,
filecolor=black,
linkcolor=black,
urlcolor=black
}
\usepackage[utf8]{inputenc}
\usepackage{indentfirst}
@ -82,10 +69,12 @@ Compliance graphs begin with a root node that contains all the current informati
Compliance graphs, like attack graphs, are directed acyclic graphs, and analysis of directed graphs is notably more involved compared to their undirected counterparts. The primary contributor to the increased difficulty is due to the asymmetric adjacency matrix present in directed graphs. With undirected graphs, simplifications can be made in the analysis process both computationally and conceptually. Since the ``in" degrees are equal to the ``out" degrees, less work is required both in terms of parsing the adjacency matrix, but also in terms of determining importance of nodes. The author of \cite{newman2010networks} discusses that common analysis techniques such as eigenvector centrality is often unapplicable to directed acyclic graphs. As the author of \cite{Mieghem2018DirectedGA} discusses, the difficulty of directed graphs also extends to the graph Laplacian, where the definition for asymmetric adjacency matrices is not uniquely defined, and is based on either row or column sums computing to zero, but both cannot. The author of \cite{Mieghem2018DirectedGA} continues to discuss that directed graphs lead to complex eigenvalues, and can lead to adjacency matrices that are unable to be diagonalized. These challenges require different approaches for typical clustering or centrality measures.
\section{Related Works}
The author of \cite{10.1145/3491257} presents three centrality measures that were applied to various attack graphs. The centrality measures implemented were Katz, K-path Edge, and Adapted PageRank. Each of these centrality measures are applicable to the directed format of attack graphs, and conclusions were drawn regarding patching schemes for preventing exploits. As an approach for avoiding complex eigenvalues, the authors of \cite{Guo2017HermitianAM} present work examining directed, undirected, and mixed graphs using its Hermitian adjacency matrix. Other works, such as that discussed by the author of \cite{Mieghem2018DirectedGA}, include mathematical manipulation of directed graph spectra (originally presented by the author of \cite{Brualdi2010SpectraOD}) with Schur's Theorem to bound eigenvalues and allow for explicit computation, which can then be used for additional analysis metrics.
Though compliance graphs have not yet had formal analysis methodologies defined, they are analyzed similarly to attack graphs, which have various analysis approaches. The authors of \cite{ZENITANI2023103081} and the authors of \cite{Zeng2019SurveyOA} both present surveys on attack graph analysis that have been categorized by approach. These categories include analysis based on graph or network theory, Bayesian Networks, Markov Models, cost optimization, and uncertainty analysis. Each of these approaches have seen varying ranges of success across multiple subcategories.
Regarding network science approaches, the author of \cite{ming_diss} presents three centrality measures that were applied to various attack graphs. The centrality measures implemented were Katz, K-path Edge, and Adapted PageRank, with the authors of \cite{10.1145/3491257} expanding on the Adapted PageRank approach. Each of these centrality measures are applicable to the directed format of attack graphs, and conclusions were drawn regarding patching schemes for preventing exploits. As an approach for avoiding complex eigenvalues, the authors of \cite{Guo2017HermitianAM} present work examining directed, undirected, and mixed graphs using its Hermitian adjacency matrix. Other works, such as that discussed by the author of \cite{Mieghem2018DirectedGA}, include mathematical manipulation of directed graph spectra (originally presented by the author of \cite{Brualdi2010SpectraOD}) with Schur's Theorem to bound eigenvalues and allow for explicit computation, which can then be used for additional analysis metrics.
\section{Experimental Networks} \label{sec:networks}
The work conducted in this approach utilized three compliance graphs, with their properties displayed in Table \ref{table:networks}. Connectivity in this table refers to the mean degree, divided by the number of nodes in the network, multiplied by 100 to return a percentage. Network 1 is a vehicle maintenance network. This network has one car asset that is deemed ``brand new", and has zero mileage. This network is examined at its current state, and progresses through time with time steps of 1 month, up to 12 months total. At each time step the car gains mileage and increases its age property, and is reexamined to evaluate its standing in regards to its vehicular regulatory maintenance schedule. Network 2 is an artificial company network that is attempting to maintain HIPAA compliance \cite{noauthor_health_1996}. This network examines its standing in relation to security properties that are required per HIPAA guidelines, as well as employee cooperation to training and administrative policies. This network is also progressed through time to illustrate the company's standing in relation to yearly audits and trainings that must be followed. Employees are also added and removed through the network at set points during the time progression process. Network 3 is another artificial company network. This company is attempting to maintain PCI DSS compliance \cite{PCI}. This network generation was static and did not progress through time. This network examined the company and its current state, and examined a list of changes that could occur. These changes were primarily tied to security properties such as physical break-ins on the property, disabling firewalls, leaving default system settings, and encryption expiration.
The work conducted in this approach utilized three compliance graphs, with their properties displayed in Table \ref{table:networks}. Connectivity in this table refers to the mean degree, divided by the number of nodes in the network, multiplied by 100 to return a percentage. Network 1 is a vehicle maintenance network. This network has one car asset that is deemed ``brand new", and has zero mileage. This network is examined at its current state, and progresses through time with time steps of 1 month, up to 12 months total. At each time step the car gains mileage and increases its age property, and is reexamined to evaluate its standing in regards to its vehicular regulatory maintenance schedule. Network 2 is an artificial company network that is attempting to maintain HIPAA compliance \cite{noauthor_health_1996}. This network examines its standing in relation to security properties that are required per HIPAA guidelines, as well as employee cooperation to training and administrative policies. This network is also progressed through time to illustrate the company's standing in relation to yearly audits and trainings that must be followed. Employees are also added and removed through the network at set points during the time progression process. Network 3 is another artificial company network. This organization is attempting to maintain PCI DSS compliance \cite{PCI}. This network generation was static and did not progress through time. This network examined the company and its current state, and examined a list of changes that could occur. These changes were primarily tied to security properties such as physical break-ins on the property, disabling firewalls, leaving default system settings, and encryption expiration.
\begin{table}[]
\centering
@ -103,10 +92,10 @@ The work conducted in this approach utilized three compliance graphs, with their
\section{Centralities and their Contextualizations to Compliance Graphs} \label{sec:centralities}
\subsection{Introduction}
The author of \cite{PMID:30064421} provides a survey of centrality measures, and discusses how various centrality measures have been implemented and brought forth in order to determine node importance in networks. By determining the importance of nodes, various conclusions can be drawn regarding the network. In the case of compliance graphs, conclusions can be drawn regarding the prioritization of patching or correction schemes. If one node is known to lead to the creation of many other nodes, it may be said that a patch is imperative to prevent further opportunities for compliance violation. This work discusses five centrality measures, and discusses their application to compliance graphs.
The author of \cite{PMID:30064421} provides a survey of centrality measures, and discusses how various centrality measures have been implemented in order to determine node importance in networks. By determining the importance of nodes, various conclusions can be drawn regarding the network. In the case of compliance graphs, conclusions can be drawn regarding the prioritization of patching or correction schemes. If one node directs to many other nodes, a mitigation enforcement may be considered imperative to prevent further opportunities for compliance violation. This work discusses five centrality measures across various structural changes, and contextualizes their applications to compliance graphs.
\subsection{Degree}
Degree centrality is a trivial, localized measure of node importance based on the number of edges that a node has. In an undirected graph, the degree centrality is predicated solely on the number of edges. However, in the case of a directed graph, a distinction is drawn with a degree centrality oriented on the number of edges coming into a node, and another measure focused on the number of edges leaving a node. Both of these cases provide useful information for compliance graphs. When a node has a large number of other nodes it directs to, this node may be prioritized since it creates further opportunity for violation. When a node has a large number of edges pointing to it, this node may be prioritized since the probability that systems may enter this state is higher due to the increased number of possibilities that a system change could lead to this state.
Degree centrality is a trivial, localized measure of node importance based on the number of edges that a node has. In an undirected graph, the degree centrality is predicated solely on the number of edges. However, in the case of a directed graph, a distinction is drawn with a degree centrality oriented on the number of edges entering a node, and another measure focused on the number of edges leaving a node. Both of these cases provide useful information for compliance graphs. When a node has a large number of other nodes it directs to, this node may be prioritized since it creates further opportunity for violation. When a node has a large number of edges pointing to it, this node may be prioritized since the probability that systems may enter this state is higher due to the increased number of possibilities that a system change could lead to this state.
\subsection{Betweenness}\label{sec:between}
Betweenness centrality ranks node importance based on its ability to transfer information in a network. For all pairs of nodes in a network, a shortest path is determined. A node that is in this shortest path is considered to have importance. The total betweenness centrality is based on the number of shortest paths that pass through a given node. For compliance graphs, the shortest paths are useful to identify the quickest way (least number of steps) that systems may fall out of compliance. By prioritizing the nodes that fall in the highest number of shortest paths, correction schemes can be employed to prolong or prevent systems from falling out of compliance.
@ -126,7 +115,7 @@ Katz centrality was first introduced by the author of \cite{Katz}, and measures
\label{eq:Katz}
\end{equation}
Later works have expanded on the original Katz to include a $\beta$ vector that allows for additional scaling in the instance that prior knowledge of the network exists. The modified equation can be seen in Equation \ref{eq:mod_katz}.
Later works have expanded on the original Katz to include a $\beta$ vector that allows for additional scaling in the instance that prior knowledge of the network exists. The modified equation implemented by the authors of \cite{ModKatz} can be seen in Equation \ref{eq:mod_katz}.
\begin{equation}
\vec{x} = \left(I - \alpha A \right)^{-1}\vec{\beta}
@ -163,7 +152,6 @@ The adapted PageRank algorithm includes additional data that may be present in a
For compliance graphs, the Adapted Page Rank algorithm is useful for a few reasons. First, it is able to include user-defined data regarding the network. This could include scaling certain nodes to have greater weight, such as those known to be a compromised state. Second, since nodes are penalized for pointing to other nodes, this algorithm is useful for determining nodes that are likely to be visited. If a state has a greater in-degree, it may require greater prioritization since the system has a higher likelihood of falling into this state.
\section{Transitive Closure}
\subsection{Introduction and Application}
Transitive closure represents a transitive relation on a given binary set, and can be used to determine reachability of a given network. Figure \ref{fig:TC} displays an example output when performing transitive closure. In context of compliance graphs, it is useful to consider that an adversary (whether an internal or external malicious actor, poor policy execution by an organization, accidental misuse, or any other adversarial occurrence) could have no time constraints. That is, for any given state of the system or set of systems, an adversarial act could have ``infinite" time to perform a series of actions. If no prior knowledge is known about the network, it can be assumed that all changes performed on the systems are equally likely. In practice, specifying a probability that a change can occur has been performed through a Markov Decision Process, such as that seen by the authors of \cite{li_combining_2019} and \cite{zeng_cyber_2017}. When under these assumptions, it is useful to then consider which nodes are important, assuming they have 1-step reachability to any downstream node they may have a transitive connection to. This work identified a transitive closure for all networks described in
Section \ref{sec:networks}, and this transitive closure was then analyzed through the five centrality methods discussed in Section \ref{sec:centralities}. Results and a discussion of the results can be seen in Section \ref{sec:results}.
@ -177,8 +165,6 @@ Section \ref{sec:networks}, and this transitive closure was then analyzed throug
\section{Dominant Tree}
\subsection{Introduction and Application}
Dominance, as initially introduced by the author of \cite{dominance} in terms of flow, is defined as a node that is in every path to another node. If a node \textit{i} is a destination node, and every path to \textit{i} from a source node includes node \textit{j}, then node \textit{j} is said to dominate node \textit{i}. Figure 2 displays an example starting network. With node 1 as the source node, it is evident that node 2 immediately dominates nodes 3, 4, 5, and 6, since all messages from node 1 must pass through node 2. By definition, each node must also dominate itself, so node 2 also dominates node 2.
Following the properties of dominance, a dominator tree can be derived. In a dominator tree, each node has children that it immediately dominates. Immediate dominance is referred to nodes that strictly dominate a given node, but do not strictly dominate any other node that may strictly dominate a node. Figure 3 displays the dominant tree of the network seen in Figure 2.
@ -381,7 +367,7 @@ For the dominant tree representation, it was initially hypothesized that nodes r
Each centrality measure implemented in this work provides various information that is useful for identifying correction schemes based on a network science approach. The results from the centrality methods differ, and each network can determine which rankings should be preferred based on prior knowledge of the network and the overhead of implementing correction measures. In addition, transitive closures and dominant trees were derived from the original compliance graphs, and unique rankings were identified. Transitive closure rankings are useful for determining which nodes are most important when an adversarial action can be considered to have infinite time and resources to perform changes to the original system. Dominant tree rankings are useful for determining which nodes are most important from an information flow perspective, where adversarial actions must pass though a series of nodes to reach any other node in the network. By applying correction schemes to the bottlenecks of the network, it may be possible to eliminate branches of the dominant tree entirely, leading to a removal of nodes in the original compliance graph.
\subsection{Future Work}
Based on the results of this work, there is ample room to continue investigation of centrality methods for compliance graphs. With three compliance graphs generated for three different networks along with various node importance rankings, it would be useful to artificially implement correction schemes based on the rankings to see their effects on the compliance graph. Likewise, using a user-defined data matrix in centrality methods like PageRank, further research could examine how node importance varies based on user-defined metrics. Edge weights could also be assigned to the original compliance graphs to represent the probability that a given change in the network could occur. Edge weights would be reflected in the adjacency matrices of the graphs, and centrality methods could be reexamined to determine node importance when state transition probabilities are given. Transitive closures and dominant trees derived from the compliance graphs present a new approach for examining compliance graphs. Further research can be conducted to determine the effects of correction schemes when employed on nodes ranked highly in their respective centrality measures in these formats.
Based on the results of this work, there is considerable opportunity to continue investigation of centrality methods for compliance graphs. With three compliance graphs generated for three different applications, along with various node importance rankings, it would be useful to artificially implement correction schemes based on the rankings to see their effects on the compliance graph. Likewise, using a user-defined data matrix in centrality methods like PageRank, further research could examine how node importance varies based on user-defined metrics. Edge weights could also be assigned to the original compliance graphs to represent the probability that a given change in the network could occur. Edge weights would be reflected in the adjacency matrices of the graphs, and centrality methods could be reexamined to determine node importance when state transition probabilities are given. Transitive closures and dominant trees derived from the compliance graphs present a new approach for examining compliance graphs. Further research can be conducted to determine the effects of correction schemes when employed on nodes ranked highly in their respective centrality measures in these formats.
\addcontentsline{toc}{section}{Bibliography}
\bibliography{Bibliography}