diff --git a/Chapter1.tex b/Chapter1.tex index f48087c..1028605 100644 --- a/Chapter1.tex +++ b/Chapter1.tex @@ -24,7 +24,7 @@ cyber-physical systems lies not only in the demand for cybersecurity of these sy additional compliance guidelines that must be followed, increasing the complexity required for examining compliance statuses. Compliance graphs are promising tools that can aid in minimizing the overhead caused by these systems and the regulations they must follow. A few alterations are required for attack graph generators to function as compliance graph generators, and these alterations -are discussed in Section \ref{CG-alter}. Compliance requirements are broad and varying, and can function as safety regulations, maintenance compliance, or any +are discussed in Section \ref{sec:CG-alter}. Compliance requirements are broad and varying, and can function as safety regulations, maintenance compliance, or any other regulatory compliance. In the same fashion as attack graphs, compliance graphs are exhaustive, and future system states can be analyzed to determine appropriate steps that need to be taken for preventative measures \cite{j_hale_compliance_nodate}. \TUsubsection{Defining Compliance Graphs} \label{sec:CG-alter} diff --git a/Chapter3.aux b/Chapter3.aux index 8b550ef..7906048 100644 --- a/Chapter3.aux +++ b/Chapter3.aux @@ -2,13 +2,18 @@ \@writefile{toc}{\contentsline {chapter}{\numberline {CHAPTER 3: }{\bf \uppercase {UTILITY EXTENSIONS TO THE RAGE ATTACK GRAPH GENERATOR}}}{8}{}\protected@file@percent } \@writefile{toc}{\contentsline {section}{\numberline {3.1}\bf Path Walking}{8}{}\protected@file@percent } \newlabel{sec:PW}{{3.1}{8}} -\@writefile{toc}{\contentsline {section}{\numberline {3.2}\bf Compound Operators}{8}{}\protected@file@percent } -\newlabel{sec:compops}{{3.2}{8}} -\citation{cook_rage_2018} \@writefile{lof}{\contentsline {figure}{\numberline {3.1}{\ignorespaces Path Walking to State 14\relax }}{9}{}\protected@file@percent } \providecommand*\caption@xref[2]{\@setref\relax\@undefined{#1}} \newlabel{fig:PW}{{3.1}{9}} -\@writefile{toc}{\contentsline {section}{\numberline {3.3}\bf Color Coding}{10}{}\protected@file@percent } +\@writefile{toc}{\contentsline {section}{\numberline {3.2}\bf Color Coding}{9}{}\protected@file@percent } +\@writefile{lof}{\contentsline {figure}{\numberline {3.2}{\ignorespaces Color Coding a Small Network Based on Violations\relax }}{10}{}\protected@file@percent } +\newlabel{fig:CC}{{3.2}{10}} +\citation{cook_rage_2018} +\@writefile{toc}{\contentsline {section}{\numberline {3.3}\bf Compound Operators}{11}{}\protected@file@percent } +\newlabel{sec:compops}{{3.3}{11}} +\citation{CVE-2019-10747} +\@writefile{toc}{\contentsline {section}{\numberline {3.4}\bf Relational Operators}{12}{}\protected@file@percent } +\newlabel{sec:relops}{{3.4}{12}} \citation{cook_rage_2018} \citation{li_concurrency_2019} \citation{li_combining_2019} @@ -16,17 +21,12 @@ \citation{ainsworth_graph_2016} \citation{berry_graph_2007} \citation{cook_rage_2018} -\@writefile{toc}{\contentsline {section}{\numberline {3.4}\bf Intermediate Database Storage}{11}{}\protected@file@percent } -\newlabel{sec:db-stor}{{3.4}{11}} -\@writefile{toc}{\contentsline {subsection}{\numberline {3.4.1}\it Memory Constraint Difficulties}{11}{}\protected@file@percent } -\@writefile{lof}{\contentsline {figure}{\numberline {3.2}{\ignorespaces Color Coding a Small Network Based on Violations\relax }}{12}{}\protected@file@percent } -\newlabel{fig:CC}{{3.2}{12}} +\@writefile{toc}{\contentsline {section}{\numberline {3.5}\bf Intermediate Database Storage}{13}{}\protected@file@percent } +\newlabel{sec:db-stor}{{3.5}{13}} +\@writefile{toc}{\contentsline {subsection}{\numberline {3.5.1}\it Memory Constraint Difficulties}{13}{}\protected@file@percent } \citation{zhang_boosting_2017} -\@writefile{toc}{\contentsline {subsection}{\numberline {3.4.2}\it Maximizing Performance with Intermediate Database Storage}{13}{}\protected@file@percent } -\citation{CVE-2019-10747} -\@writefile{toc}{\contentsline {subsection}{\numberline {3.4.3}\it Portability}{15}{}\protected@file@percent } -\@writefile{toc}{\contentsline {section}{\numberline {3.5}\bf Relational Operators}{15}{}\protected@file@percent } -\newlabel{sec:relops}{{3.5}{15}} +\@writefile{toc}{\contentsline {subsection}{\numberline {3.5.2}\it Maximizing Performance with Intermediate Database Storage}{14}{}\protected@file@percent } +\@writefile{toc}{\contentsline {subsection}{\numberline {3.5.3}\it Portability}{16}{}\protected@file@percent } \@setckpt{Chapter3}{ \setcounter{page}{17} \setcounter{equation}{0} @@ -39,7 +39,7 @@ \setcounter{part}{0} \setcounter{chapter}{3} \setcounter{section}{5} -\setcounter{subsection}{0} +\setcounter{subsection}{3} \setcounter{subsubsection}{0} \setcounter{paragraph}{0} \setcounter{subparagraph}{0} diff --git a/Chapter3.tex b/Chapter3.tex index 677ee4e..949c6e5 100644 --- a/Chapter3.tex +++ b/Chapter3.tex @@ -20,6 +20,21 @@ of the original attack graph. \label{fig:PW} \end{figure} +\TUsection{Color Coding} +As a visual aid for analysis purposes, color coding was another feature implemented as a postprocessing tool for RAGE. When viewing the output graph of RAGE, all states are +visibly identical in appearance apart from number of edges, edge IDs, and state IDs. To allow for visual differentiation, color coding can be enabled in the run script. +Color coding currently functions by working through the graph output text file, but it can be extended to read directly from the PostgreSQL database instead. The feature scans through the +output file, and locates states that have $``compliance$\_$vios > 0"$ or $``compliance$\_$vio = true"$. For states that meet these +properties, the color coding feature will add a color to the Graphviz DOT file through the $[color=COL]$ attribute for the given node, where \textit{COL} is assigned based on severity. +For this version of color coding, severity is determined by the total number of compliance violations a node has, but future versions can alter the severity measure through alternative means. +Figure \ref{fig:CC} displays an example graph that leverages color coding to easily identify problem states. +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./Chapter3_img/CC.png"} + \vspace{.2truein} \centerline{} + \caption{Color Coding a Small Network Based on Violations} + \label{fig:CC} +\end{figure} + \TUsection{Compound Operators} \label{sec:compops} Many of the graphs previously generated by RAGE comprise of states with features that can be fully enumerated. In many of these generated graphs, there was an established set of qualities that was used, with an established set of values. These typically have included $``compliance$\_$vio=true/false"$, @@ -45,20 +60,16 @@ to make, since compound operators are conducted on numeric values, and matches t Other changes involved updating classes (namely the Quality, EncodedQuality, ParameterizedQuality, NetworkState, and Keyvalue classes) to include a new member for the operator in question. Auxiliary functions related to this new member, such as prints and getters, were also added. In addition, preconditions were altered to include operator overloads to check the asset identifier, quality name, and quality values for the update process. -\TUsection{Color Coding} -As a visual aid for analysis purposes, color coding was another feature implemented as a postprocessing tool for RAGE. When viewing the output graph of RAGE, all states are -visibly identical in appearance apart from number of edges, edge IDs, and state IDs. To allow for visual differentiation, color coding can be enabled in the run script. -Color coding currently functions by working through the graph output text file, but it can be extended to read directly from the PostgreSQL database instead. The feature scans through the -output file, and locates states that have $``compliance$\_$vios = X"$ (where \textit{X} is a number greater than 0), or $``compliance$\_$vio = true"$. For states that meet these -properties, the color coding feature will add a color to the Graphviz DOT file through the $[color=COL]$ attribute for the given node, where \textit{COL} is assigned based on severity. -For this version of color coding, severity is determined by the total number of compliance violations a node has, but future versions can alter the severity measure through alternative means. -Figure \ref{fig:CC} displays an example graph that leverages color coding to easily identify problem states. -\begin{figure}[htp] - \includegraphics[width=\linewidth]{"./Chapter3_img/CC.png"} - \vspace{.2truein} \centerline{} - \caption{Color Coding a Small Network Based on Violations} - \label{fig:CC} -\end{figure} +\TUsection{Relational Operators} \label{sec:relops} +As discussed in Section \ref{sec:compops}, many of the graphs previously generated by RAGE comprise of states with an established set of qualities and values. These typically have included $``compliance$\_$vio=true/false"$, +$``root=true/false"$, or other general $``true/false"$ values or $``version=X"$ qualities. To further expand the dynamism of graph generation, it is important to distinguish when a quality has a value that satisfies a +relational comparison to an exploit. An example application for attack graphs can be seen through CVE-2019-10747, where ``set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1" \cite{CVE-2019-10747}. An example compliance graph application using the aforementioned car example can be seen in the Toyota Corolla Maintenance Schedule, which states an engine coolant replacement should be conducted after 24,000 miles. Prior to the implementation +of relational operators, to determine whether this exploit was applicable to a network state, multiple exploit qualities must be enumerated for all versions prior to 3.0.1. This would mean that the exploit needed to check if +\textit{version=3.0.0}, or \textit{version=2.0.0}, or \textit{version=1.0.0}, or \textit{version=0.4.3}, etc. For the compliance graph exploit check, this could lead to even worse scaling where checks needed to be conducted at a much more granular level like \textit{engine$\_$coolant$\_$miles=24001}, or \textit{engine$\_$coolant$\_$miles=24002}, or \textit{engine$\_$coolant$\_$miles=24003}, etc. This becomes increasingly tedious when there are many checks to perform, and this not only reduces readability, but is also more +prone to human error when creating the exploit files. Relational operators work to alleviate these difficulties. + +To implement the relational operators, operator overloads were placed into the Quality class. At the time of writing, the following are implemented: $==$, $<$, $>$, $\leq$, $\geq$. However, these operators do not take up room in the +encoding scheme, so additional operators can be freely implemented as needed. The overloads ensure that the Quality asset IDs and Quality names match, and then compares the Quality values based on the operator in question. \TUsection{Intermediate Database Storage}\label{sec:db-stor} \TUsubsection{Memory Constraint Difficulties} @@ -111,13 +122,4 @@ performance benefits of memory operations, since graph computation relies less o request option), and the intermediate database storage process would function in the same fashion. -\TUsection{Relational Operators} \label{sec:relops} -As discussed in Section \ref{sec:compops}, many of the graphs previously generated by RAGE comprise of states with an established set of qualities and values. These typically have included $``compliance$\_$vio=true/false"$, -$``root=true/false"$, or other general $``true/false"$ values or $``version=X"$ qualities. To further expand the dynamism of graph generation, it is important to distinguish when a quality has a value that satisfies a -relational comparison to an exploit. An example application for attack graphs can be seen through CVE-2019-10747, where ``set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1" \cite{CVE-2019-10747}. An example compliance graph application using the aforementioned car example can be seen in the Toyota Corolla Maintenance Schedule, which states an engine coolant replacement should be conducted after 24,000 miles. Prior to the implementation -of relational operators, to determine whether this exploit was applicable to a network state, multiple exploit qualities must be enumerated for all versions prior to 3.0.1. This would mean that the exploit needed to check if -\textit{version=3.0.0}, or \textit{version=2.0.0}, or \textit{version=1.0.0}, or \textit{version=0.4.3}, etc. For the compliance graph exploit check, this could lead to even worse scaling where checks needed to be conducted at a much more granular level like \textit{engine$\_$coolant$\_$miles=24001}, or \textit{engine$\_$coolant$\_$miles=24002}, or \textit{engine$\_$coolant$\_$miles=24003}, etc. This becomes increasingly tedious when there are many checks to perform, and this not only reduces readability, but is also more -prone to human error when creating the exploit files. Relational operators work to alleviate these difficulties. -To implement the relational operators, operator overloads were placed into the Quality class. At the time of writing, the following are implemented: $==$, $<$, $>$, $\leq$, $\geq$. However, these operators do not take up room in the -encoding scheme, so additional operators can be freely implemented as needed. The overloads ensure that the Quality asset IDs and Quality names match, and then compares the Quality values based on the operator in question. diff --git a/Chapter4.aux b/Chapter4.aux index 81bbf76..516bc12 100644 --- a/Chapter4.aux +++ b/Chapter4.aux @@ -10,20 +10,20 @@ \citation{cook_rage_2018} \@writefile{lof}{\contentsline {figure}{\numberline {4.1}{\ignorespaces A network without Synchronous Firing generating infeasible states\relax }}{18}{}\protected@file@percent } \newlabel{fig:non-sync_ex}{{4.1}{18}} -\@writefile{toc}{\contentsline {subsection}{\numberline {4.1.1}\it Synchronous Firing in Literature}{18}{}\protected@file@percent } +\@writefile{toc}{\contentsline {subsection}{\numberline {4.1.1}\it Related Synchronous Firing Work}{18}{}\protected@file@percent } \newlabel{sec:sync-lit}{{4.1.1}{18}} \citation{cook_rage_2018} \citation{louthan_hybrid_2011} -\@writefile{toc}{\contentsline {section}{\numberline {4.2}\bf Necessary Alterations}{19}{}\protected@file@percent } +\@writefile{toc}{\contentsline {section}{\numberline {4.2}\bf Necessary Alterations and Additions}{19}{}\protected@file@percent } \@writefile{toc}{\contentsline {subsection}{\numberline {4.2.1}\it GNU Bison and Flex}{19}{}\protected@file@percent } \@writefile{toc}{\contentsline {subsection}{\numberline {4.2.2}\it PostgreSQL}{20}{}\protected@file@percent } \@writefile{lof}{\contentsline {figure}{\numberline {4.2}{\ignorespaces Inclusion of Synchronous Firing into GNU Bison, GNU Flex, and the overall program\relax }}{21}{}\protected@file@percent } \newlabel{fig:bison-flex}{{4.2}{21}} \@writefile{toc}{\contentsline {subsection}{\numberline {4.2.3}\it Compound Operators}{21}{}\protected@file@percent } \@writefile{toc}{\contentsline {subsection}{\numberline {4.2.4}\it Graph Generation}{21}{}\protected@file@percent } -\@writefile{toc}{\contentsline {section}{\numberline {4.3}\bf Example Networks and Results}{22}{}\protected@file@percent } +\@writefile{toc}{\contentsline {section}{\numberline {4.3}\bf Experimental Networks and Results}{22}{}\protected@file@percent } \newlabel{sec:test-platform}{{4.3}{22}} -\@writefile{toc}{\contentsline {subsection}{\numberline {4.3.1}\it Example Networks}{22}{}\protected@file@percent } +\@writefile{toc}{\contentsline {subsection}{\numberline {4.3.1}\it Experimental Networks}{22}{}\protected@file@percent } \newlabel{sec:Sync-Test}{{4.3.1}{22}} \@writefile{lof}{\contentsline {figure}{\numberline {4.3}{\ignorespaces Synchronous Firing in the Graph Generation Process\relax }}{23}{}\protected@file@percent } \newlabel{fig:sync-fire}{{4.3}{23}} diff --git a/Chapter4.tex b/Chapter4.tex index 448fb08..924e085 100644 --- a/Chapter4.tex +++ b/Chapter4.tex @@ -25,7 +25,7 @@ from generating and exploring the unattainable states. Instead, a new feature ca The goal of the synchronous firing feature is to prevent the generation of unattainable states, while also not incurring a greater computational cost. This Chapter will discuss the development of this feature, discuss its references and inspiration in literature, and examine the results when using this feature in applicable networks. -\TUsubsection{Synchronous Firing in Literature} \label{sec:sync-lit} +\TUsubsection{Related Synchronous Firing Work} \label{sec:sync-lit} A form of synchronous firing is discussed by the author of \cite{louthan_hybrid_2011}, where it is described as grouped exploits. The functionality discussed by the author is similar: firing an exploit should be performed on all possible assets simultaneously. This was also described as synchronizing multiple exploits. The methodology is similar to the one implemented in this work, but there are notable differences. The first, is that the work performed by the author of \cite{louthan_hybrid_2011} utilizes global features with group features. Using the @@ -36,8 +36,8 @@ grouped exploit feature would attempt to fire all exploits on all applicable ass the applicable assets would. The last difference is that the work by the author of \cite{louthan_hybrid_2011} was developed in Python, since that was the language of the generator of the tool at the time. The work by the author of \cite{cook_rage_2018} led to new development of RAGE in C++ for performance enhancements, so the synchronous firing feature in this new work was likewise developed in C++. -\TUsection{Necessary Alterations} -For the implementation of the synchronous firing feature, there were four primary changes that were necessary. The first is a change in the lexical analyzer, the second involves multiple changes +\TUsection{Necessary Alterations and Additions} +For the implementation of the synchronous firing feature, there were four primary changes and additions that were necessary. The first is a change in the lexical analyzer, the second involves multiple changes to PostgreSQL, the third is the implementation of compound operators (as discussed in Section \ref{sec:compops}), and lastly is a change in the graph generation process. This Section will consist of subsections discussing the development of these four alterations. @@ -89,7 +89,7 @@ The implementation of synchronous firing in the graph generation process relies \end{figure} -\TUsection{Example Networks and Results} \label{sec:test-platform} +\TUsection{Experimental Networks and Results} \label{sec:test-platform} All data was collected on a 13 node cluster, with 12 nodes serving as dedicated compute nodes, and 1 node serving as the login node. Each compute node has a configuration as follows: \begin{itemize} \item{OS: CentOS release 6.9} @@ -100,7 +100,7 @@ All data was collected on a 13 node cluster, with 12 nodes serving as dedicated \end{itemize} All nodes are connected with a 10Gbps Infiniband interconnect. -\TUsubsection{Example Networks} \label{sec:Sync-Test} +\TUsubsection{Experimental Networks} \label{sec:Sync-Test} The example networks for testing the effectiveness of synchronous firing follow the compliance graph generation approach. These networks analyze two assets, both of which are identical 2006 Toyota Corolla cars with identical qualities. The generation examines both cars at their current states, and proceeds to advance in time by a pre-determined amount, up to a pre-determined limit. Each time increment updates each car by an identical amount of mileage. During the generation process, it is determined if a car is out of compliance either through mileage or time since its last maintenance in accordance with the Toyota Corolla Maintenance Schedule manual. In addition, the tests employ the use of ``services", where if a car is out of compliance, it will go through a correction process and reset the mileage and time since last service. Each test varies in the number of services used. The 1 Service test only employs one service, and it is dedicated to brake pads. The 2 Service test employs two services, where the first service is dedicated to the brake pads, and the second is for exhaust pipes. This process extends to the 3 and 4 Service tests. diff --git a/Chapter5.aux b/Chapter5.aux index fc50779..4c71b40 100644 --- a/Chapter5.aux +++ b/Chapter5.aux @@ -1,6 +1,6 @@ \relax \citation{pacheco_introduction_2011} -\@writefile{toc}{\contentsline {chapter}{\numberline {CHAPTER 5: }{\bf \uppercase {Utilization OF MESSAGE PASSING INTERFACE}}}{28}{}\protected@file@percent } +\@writefile{toc}{\contentsline {chapter}{\numberline {CHAPTER 5: }{\bf \uppercase {Parallelization Using MESSAGE PASSING INTERFACE}}}{28}{}\protected@file@percent } \newlabel{ch:MPI}{{5}{28}} \@writefile{toc}{\contentsline {section}{\numberline {5.1}\bf Introduction to MPI Utilization for Attack and Compliance Graph Generation}{28}{}\protected@file@percent } \@writefile{toc}{\contentsline {section}{\numberline {5.2}\bf Necessary Components}{28}{}\protected@file@percent } @@ -14,46 +14,46 @@ \@writefile{lof}{\contentsline {figure}{\numberline {5.1}{\ignorespaces Task Overview of the Attack and Compliance Graph Generation Process\relax }}{30}{}\protected@file@percent } \newlabel{fig:tasks}{{5.1}{30}} \@writefile{toc}{\contentsline {subsection}{\numberline {5.3.2}\it Algorithm Design}{31}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsubsection}{Communication Structure}{31}{}\protected@file@percent } +\@writefile{toc}{\contentsline {subsubsection}{\numberline {5.3.2.1}Communication Structure}{31}{}\protected@file@percent } \@writefile{lof}{\contentsline {figure}{\numberline {5.2}{\ignorespaces Node Allocation for each Task\relax }}{32}{}\protected@file@percent } \newlabel{fig:node-alloc}{{5.2}{32}} -\@writefile{toc}{\contentsline {subsubsection}{Task 0}{33}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsubsection}{Task 1}{33}{}\protected@file@percent } +\@writefile{toc}{\contentsline {subsubsection}{\numberline {5.3.2.2}Task 0}{33}{}\protected@file@percent } +\@writefile{toc}{\contentsline {subsubsection}{\numberline {5.3.2.3}Task 1}{33}{}\protected@file@percent } \@writefile{lof}{\contentsline {figure}{\numberline {5.3}{\ignorespaces Data Distribution of Task One\relax }}{34}{}\protected@file@percent } \newlabel{fig:Task1-Data-Dist}{{5.3}{34}} -\@writefile{toc}{\contentsline {subsubsection}{Task 2}{34}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsubsection}{Task 3}{34}{}\protected@file@percent } +\@writefile{toc}{\contentsline {subsubsection}{\numberline {5.3.2.4}Task 2}{34}{}\protected@file@percent } +\@writefile{toc}{\contentsline {subsubsection}{\numberline {5.3.2.5}Task 3}{34}{}\protected@file@percent } \@writefile{lof}{\contentsline {figure}{\numberline {5.4}{\ignorespaces Communication From Task 1 to Task 2 when the Number of Nodes Allocated is Equal\relax }}{35}{}\protected@file@percent } \newlabel{fig:Task1-Case1}{{5.4}{35}} \@writefile{lof}{\contentsline {figure}{\numberline {5.5}{\ignorespaces Communication From Task 1 to Task 2 when Task 1 Has More Nodes Allocated\relax }}{36}{}\protected@file@percent } \newlabel{fig:Task1-Case2}{{5.5}{36}} -\@writefile{toc}{\contentsline {subsubsection}{Task 4 and Task 5}{36}{}\protected@file@percent } -\newlabel{sec:T4T5}{{5.3.2}{36}} +\@writefile{toc}{\contentsline {subsubsection}{\numberline {5.3.2.6}Task 4 and Task 5}{36}{}\protected@file@percent } +\newlabel{sec:T4T5}{{5.3.2.6}{36}} \@writefile{lot}{\contentsline {table}{\numberline {5.1}{\ignorespaces MPI Tags for the MPI Tasking Approach\relax }}{37}{}\protected@file@percent } \newlabel{table:tasking-tag}{{5.1}{37}} -\@writefile{toc}{\contentsline {subsubsection}{MPI Tags}{37}{}\protected@file@percent } -\newlabel{sec:tasking-tag}{{5.3.2}{37}} +\@writefile{toc}{\contentsline {subsubsection}{\numberline {5.3.2.7}MPI Tags}{37}{}\protected@file@percent } +\newlabel{sec:tasking-tag}{{5.3.2.7}{37}} \@writefile{toc}{\contentsline {subsection}{\numberline {5.3.3}\it Performance Expectations and Use Cases}{37}{}\protected@file@percent } \newlabel{sec:Task-perf-expec}{{5.3.3}{37}} \@writefile{toc}{\contentsline {subsection}{\numberline {5.3.4}\it Results}{38}{}\protected@file@percent } \newlabel{sec:Tasking-Results}{{5.3.4}{38}} -\@writefile{lof}{\contentsline {figure}{\numberline {5.6}{\ignorespaces Example of a Not Applicable Exploit for the MPI Tasking Testing\relax }}{39}{}\protected@file@percent } -\newlabel{fig:NA-exp}{{5.6}{39}} +\citation{li_concurrency_2019} +\@writefile{toc}{\contentsline {section}{\numberline {5.4}\bf Subgraphing Approach}{39}{}\protected@file@percent } +\newlabel{sec:Subgraphing_Approach}{{5.4}{39}} +\@writefile{lof}{\contentsline {figure}{\numberline {5.6}{\ignorespaces Example of a Not Applicable Exploit for the MPI Tasking Testing\relax }}{40}{}\protected@file@percent } +\newlabel{fig:NA-exp}{{5.6}{40}} \@writefile{lof}{\contentsline {figure}{\numberline {5.7}{\ignorespaces Speedup and Efficiency of the MPI Tasking Approach for a Varying Number of Compute Nodes with an Increasing Problem Size\relax }}{40}{}\protected@file@percent } \newlabel{fig:Spd-Eff-Task}{{5.7}{40}} -\citation{li_concurrency_2019} -\@writefile{toc}{\contentsline {section}{\numberline {5.4}\bf Subgraphing Approach}{41}{}\protected@file@percent } -\newlabel{sec:Subgraphing_Approach}{{5.4}{41}} \@writefile{toc}{\contentsline {subsection}{\numberline {5.4.1}\it Introduction to the Subgraphing Approach}{41}{}\protected@file@percent } \@writefile{toc}{\contentsline {subsection}{\numberline {5.4.2}\it Algorithm Design}{41}{}\protected@file@percent } \@writefile{lof}{\contentsline {figure}{\numberline {5.8}{\ignorespaces Example Graph Using the MPI Subgraphing Approach\relax }}{42}{}\protected@file@percent } \newlabel{fig:subg}{{5.8}{42}} -\@writefile{toc}{\contentsline {subsubsection}{Worker Nodes}{42}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsubsection}{Root Node}{43}{}\protected@file@percent } +\@writefile{toc}{\contentsline {subsubsection}{\numberline {5.4.2.1}Worker Nodes}{42}{}\protected@file@percent } +\@writefile{toc}{\contentsline {subsubsection}{\numberline {5.4.2.2}Root Node}{43}{}\protected@file@percent } \@writefile{lof}{\contentsline {figure}{\numberline {5.9}{\ignorespaces Frontier Merging and Data Distribution Process\relax }}{44}{}\protected@file@percent } \newlabel{fig:front-merg}{{5.9}{44}} -\@writefile{toc}{\contentsline {subsubsection}{Database Node}{44}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsubsection}{MPI Tags}{44}{}\protected@file@percent } +\@writefile{toc}{\contentsline {subsubsection}{\numberline {5.4.2.3}Database Node}{44}{}\protected@file@percent } +\@writefile{toc}{\contentsline {subsubsection}{\numberline {5.4.2.4}MPI Tags}{44}{}\protected@file@percent } \@writefile{toc}{\contentsline {subsection}{\numberline {5.4.3}\it Performance Expectations and Use Cases}{44}{}\protected@file@percent } \newlabel{sec:perf_expec_subg}{{5.4.3}{44}} \citation{lawrence_livermore_national_laboratory_mpip_nodate} diff --git a/Chapter5.tex b/Chapter5.tex index fa25e55..d933040 100644 --- a/Chapter5.tex +++ b/Chapter5.tex @@ -1,4 +1,4 @@ -\TUchapter{Utilization OF MESSAGE PASSING INTERFACE} \label{ch:MPI} +\TUchapter{Parallelization Using MESSAGE PASSING INTERFACE} \label{ch:MPI} \TUsection{Introduction to MPI Utilization for Attack and Compliance Graph Generation} Previous works for graph generation, and specifically for attack graph generation, have seen promising results as discussed in Sections \ref{sec:gen_improv} and \ref{sec:related_works}. This work attempts to further those efforts and extend RAGE to function on distributed computing environments to take advantage of the increased computing power using message-passing. As mentioned by the author of \cite{pacheco_introduction_2011}, MPI is the most widely used message-passing API, and this work intended to utilize an API that was not only familiar and accessible, but versatile and powerful for parallelizing RAGE for distributed computing platforms. This Chapter discusses two approaches for parallelism: task parallelism in Section \ref{sec:Tasking-Approach}, and data parallelism in Section \ref{sec:Subgraphing_Approach}. All approaches in this work utilize OpenMPI for the MPI implementation. diff --git a/Schrick-Noah_MS-Thesis.aux b/Schrick-Noah_MS-Thesis.aux index ce8680a..3ab7e92 100644 --- a/Schrick-Noah_MS-Thesis.aux +++ b/Schrick-Noah_MS-Thesis.aux @@ -6,13 +6,13 @@ \@writefile{toc}{{\hfill \ }} \@writefile{toc}{\contentsline {section}{\hspace {-\parindent }ACKNOWLEDGEMENTS}{v}{}\protected@file@percent } \@writefile{toc}{{\hfill \ }} -\@writefile{toc}{\contentsline {section}{\hspace {-\parindent }TABLE OF CONTENTS}{vii}{}\protected@file@percent } +\@writefile{toc}{\contentsline {section}{\hspace {-\parindent }TABLE OF CONTENTS}{viii}{}\protected@file@percent } \@writefile{toc}{{\hfill \ }} \@writefile{lot}{{\vspace {\baselineskip }}} -\@writefile{toc}{\contentsline {section}{\hspace {-\parindent }LIST OF TABLES}{viii}{}\protected@file@percent } +\@writefile{toc}{\contentsline {section}{\hspace {-\parindent }LIST OF TABLES}{ix}{}\protected@file@percent } \@writefile{toc}{{\hfill \ }} \@writefile{lof}{{\vspace {\baselineskip }}} -\@writefile{toc}{\contentsline {section}{\hspace {-\parindent }LIST OF FIGURES}{x}{}\protected@file@percent } +\@writefile{toc}{\contentsline {section}{\hspace {-\parindent }LIST OF FIGURES}{xi}{}\protected@file@percent } \@input{Chapter1.aux} \@input{Chapter2.aux} \@input{Chapter3.aux} @@ -58,4 +58,4 @@ \bibcite{pacheco_introduction_2011}{31} \bibcite{lawrence_livermore_national_laboratory_mpip_nodate}{32} \bibstyle{ieeetr} -\gdef \@abspage@last{71} +\gdef \@abspage@last{72} diff --git a/Schrick-Noah_MS-Thesis.lof b/Schrick-Noah_MS-Thesis.lof index 1f1cfc1..4483eb8 100644 --- a/Schrick-Noah_MS-Thesis.lof +++ b/Schrick-Noah_MS-Thesis.lof @@ -1,6 +1,6 @@ {\vspace {\baselineskip }} \contentsline {figure}{\numberline {3.1}{\ignorespaces Path Walking to State 14\relax }}{9}{}% -\contentsline {figure}{\numberline {3.2}{\ignorespaces Color Coding a Small Network Based on Violations\relax }}{12}{}% +\contentsline {figure}{\numberline {3.2}{\ignorespaces Color Coding a Small Network Based on Violations\relax }}{10}{}% \contentsline {figure}{\numberline {4.1}{\ignorespaces A network without Synchronous Firing generating infeasible states\relax }}{18}{}% \contentsline {figure}{\numberline {4.2}{\ignorespaces Inclusion of Synchronous Firing into GNU Bison, GNU Flex, and the overall program\relax }}{21}{}% \contentsline {figure}{\numberline {4.3}{\ignorespaces Synchronous Firing in the Graph Generation Process\relax }}{23}{}% @@ -11,7 +11,7 @@ \contentsline {figure}{\numberline {5.3}{\ignorespaces Data Distribution of Task One\relax }}{34}{}% \contentsline {figure}{\numberline {5.4}{\ignorespaces Communication From Task 1 to Task 2 when the Number of Nodes Allocated is Equal\relax }}{35}{}% \contentsline {figure}{\numberline {5.5}{\ignorespaces Communication From Task 1 to Task 2 when Task 1 Has More Nodes Allocated\relax }}{36}{}% -\contentsline {figure}{\numberline {5.6}{\ignorespaces Example of a Not Applicable Exploit for the MPI Tasking Testing\relax }}{39}{}% +\contentsline {figure}{\numberline {5.6}{\ignorespaces Example of a Not Applicable Exploit for the MPI Tasking Testing\relax }}{40}{}% \contentsline {figure}{\numberline {5.7}{\ignorespaces Speedup and Efficiency of the MPI Tasking Approach for a Varying Number of Compute Nodes with an Increasing Problem Size\relax }}{40}{}% \contentsline {figure}{\numberline {5.8}{\ignorespaces Example Graph Using the MPI Subgraphing Approach\relax }}{42}{}% \contentsline {figure}{\numberline {5.9}{\ignorespaces Frontier Merging and Data Distribution Process\relax }}{44}{}% diff --git a/Schrick-Noah_MS-Thesis.log b/Schrick-Noah_MS-Thesis.log index a6b51fa..5fe4a7a 100644 --- a/Schrick-Noah_MS-Thesis.log +++ b/Schrick-Noah_MS-Thesis.log @@ -1,4 +1,4 @@ -This is pdfTeX, Version 3.141592653-2.6-1.40.23 (TeX Live 2021/Arch Linux) (preloaded format=pdflatex 2022.3.21) 28 MAR 2022 03:00 +This is pdfTeX, Version 3.141592653-2.6-1.40.23 (TeX Live 2021/Arch Linux) (preloaded format=pdflatex 2022.3.21) 28 MAR 2022 16:22 entering extended mode restricted \write18 enabled. %&-line parsing enabled. @@ -241,24 +241,29 @@ Overfull \hbox (1.75291pt too wide) in paragraph at lines 24--24 [6 -]) +] +Overfull \hbox (1.5755pt too wide) in paragraph at lines 44--44 + [] []\OT1/cmr/bx/n/12 PARALLELIZATION US-ING MES-SAGE PASS-ING IN-TER- + [] + +) \tf@toc=\write3 \openout3 = `Schrick-Noah_MS-Thesis.toc'. - [7] (./Schrick-Noah_MS-Thesis.lot) + [7] [8] (./Schrick-Noah_MS-Thesis.lot) \tf@lot=\write4 \openout4 = `Schrick-Noah_MS-Thesis.lot'. - [8 + [9 ] (./Schrick-Noah_MS-Thesis.lof -[9 +[10 ]) \tf@lof=\write5 \openout5 = `Schrick-Noah_MS-Thesis.lof'. - [10] + [11] \openout2 = `Chapter1.aux'. (./Chapter1.tex @@ -267,11 +272,7 @@ CHAPTER 1. -] - -LaTeX Warning: Reference `CG-alter' on page 2 undefined on input line 27. - -[2] [3]) [4] +] [2] [3]) [4] \openout2 = `Chapter2.aux'. (./Chapter2.tex @@ -286,29 +287,28 @@ CHAPTER 2. (./Chapter3.tex CHAPTER 3. -<./Chapter3_img/PW.png, id=63, 958.58125pt x 525.965pt> +<./Chapter3_img/PW.png, id=66, 958.58125pt x 525.965pt> File: ./Chapter3_img/PW.png Graphic file (type png) Package pdftex.def Info: ./Chapter3_img/PW.png used on input line 17. (pdftex.def) Requested size: 469.75499pt x 257.74918pt. +<./Chapter3_img/CC.png, id=67, 658.46pt x 527.9725pt> +File: ./Chapter3_img/CC.png Graphic file (type png) + +Package pdftex.def Info: ./Chapter3_img/CC.png used on input line 32. +(pdftex.def) Requested size: 469.75499pt x 376.66768pt. [8 -] [9 <./Chapter3_img/PW.png>] -<./Chapter3_img/CC.png, id=71, 658.46pt x 527.9725pt> -File: ./Chapter3_img/CC.png Graphic file (type png) - -Package pdftex.def Info: ./Chapter3_img/CC.png used on input line 57. -(pdftex.def) Requested size: 469.75499pt x 376.66768pt. - [10] [11] [12 <./Chapter3_img/CC.png>] [13] +] [9 <./Chapter3_img/PW.png>] [10 <./Chapter3_img/CC.png>] [11] [12] [13] [14] [15]) [16] \openout2 = `Chapter4.aux'. (./Chapter4.tex CHAPTER 4. -<./Chapter4_img/non-sync_ex.drawio.png, id=94, 1014.79124pt x 400.49625pt> +<./Chapter4_img/non-sync_ex.drawio.png, id=97, 1014.79124pt x 400.49625pt> File: ./Chapter4_img/non-sync_ex.drawio.png Graphic file (type png) Package pdftex.def Info: ./Chapter4_img/non-sync_ex.drawio.png used on input l @@ -325,37 +325,37 @@ Overfull \hbox (30.42026pt too wide) in paragraph at lines 49--49 , ()= [] -<./Chapter4_img/Bison-Flex.png, id=106, 1447.4075pt x 492.84125pt> +<./Chapter4_img/Bison-Flex.png, id=109, 1447.4075pt x 492.84125pt> File: ./Chapter4_img/Bison-Flex.png Graphic file (type png) Package pdftex.def Info: ./Chapter4_img/Bison-Flex.png used on input line 61. (pdftex.def) Requested size: 469.75499pt x 159.95341pt. [20] [21 <./Chapter4_img/Bison-Flex.png (PNG copy)>] -<./Chapter4_img/Sync-Fire.png, id=115, 489.83pt x 1052.93375pt> +<./Chapter4_img/Sync-Fire.png, id=118, 489.83pt x 1052.93375pt> File: ./Chapter4_img/Sync-Fire.png Graphic file (type png) Package pdftex.def Info: ./Chapter4_img/Sync-Fire.png used on input line 85. (pdftex.def) Requested size: 244.9144pt x 526.46559pt. [22] [23 <./Chapter4_img/Sync-Fire.png>] [24] -<./Chapter4_img/Sync-Runtime-Bar.png, id=126, 435.591pt x 238.491pt> +<./Chapter4_img/Sync-Runtime-Bar.png, id=129, 435.591pt x 238.491pt> File: ./Chapter4_img/Sync-Runtime-Bar.png Graphic file (type png) Package pdftex.def Info: ./Chapter4_img/Sync-Runtime-Bar.png used on input lin e 123. (pdftex.def) Requested size: 469.75499pt x 257.2098pt. -<./Chapter4_img/Sync-Runtime.png, id=127, 402.522pt x 236.082pt> +<./Chapter4_img/Sync-Runtime.png, id=130, 402.522pt x 236.082pt> File: ./Chapter4_img/Sync-Runtime.png Graphic file (type png) Package pdftex.def Info: ./Chapter4_img/Sync-Runtime.png used on input line 12 4. (pdftex.def) Requested size: 469.75499pt x 275.52676pt. -<./Chapter4_img/Sync-StateSpace-Bar.png, id=128, 434.058pt x 230.169pt> +<./Chapter4_img/Sync-StateSpace-Bar.png, id=131, 434.058pt x 230.169pt> File: ./Chapter4_img/Sync-StateSpace-Bar.png Graphic file (type png) Package pdftex.def Info: ./Chapter4_img/Sync-StateSpace-Bar.png used on input line 131. (pdftex.def) Requested size: 469.75499pt x 249.11264pt. -<./Chapter4_img/Sync-StateSpace.png, id=129, 402.741pt x 236.301pt> +<./Chapter4_img/Sync-StateSpace.png, id=132, 402.741pt x 236.301pt> File: ./Chapter4_img/Sync-StateSpace.png Graphic file (type png) Package pdftex.def Info: ./Chapter4_img/Sync-StateSpace.png used on input line @@ -374,33 +374,33 @@ CHAPTER 5. ] -<./Chapter5_img/horiz_task.drawio.png, id=147, 1181.41376pt x 785.93625pt> +<./Chapter5_img/horiz_task.drawio.png, id=150, 1181.41376pt x 785.93625pt> File: ./Chapter5_img/horiz_task.drawio.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/horiz_task.drawio.png used on input li ne 42. (pdftex.def) Requested size: 469.75499pt x 312.49811pt. [29] [30 <./Chapter5_img/horiz_task.drawio.png>] -<./Chapter5_img/node-alloc.png, id=155, 818.30719pt x 536.75531pt> +<./Chapter5_img/node-alloc.png, id=158, 818.30719pt x 536.75531pt> File: ./Chapter5_img/node-alloc.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/node-alloc.png used on input line 54. (pdftex.def) Requested size: 469.75499pt x 308.1323pt. [31] [32 <./Chapter5_img/node-alloc.PNG>] -<./Chapter5_img/Task1-Data-Dist.png, id=163, 1017.04968pt x 336.50719pt> +<./Chapter5_img/Task1-Data-Dist.png, id=167, 1017.04968pt x 336.50719pt> File: ./Chapter5_img/Task1-Data-Dist.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/Task1-Data-Dist.png used on input line 70. (pdftex.def) Requested size: 469.75499pt x 155.42674pt. [33] -<./Chapter5_img/Task1-Case1.png, id=168, 586.44093pt x 339.51843pt> +<./Chapter5_img/Task1-Case1.png, id=171, 586.44093pt x 339.51843pt> File: ./Chapter5_img/Task1-Case1.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/Task1-Case1.png used on input line 79. (pdftex.def) Requested size: 469.75499pt x 271.9622pt. -<./Chapter5_img/Task1-Case2.png, id=169, 702.37407pt x 414.79968pt> +<./Chapter5_img/Task1-Case2.png, id=172, 702.37407pt x 414.79968pt> File: ./Chapter5_img/Task1-Case2.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/Task1-Case2.png used on input line 86. @@ -413,33 +413,33 @@ LaTeX Warning: No positions in optional float specifier. Default added (so using `tbp') on input line 104. [37] [38] -<./Chapter5_img/NA.png, id=188, 369.38pt x 118.4425pt> +<./Chapter5_img/NA.png, id=192, 369.38pt x 118.4425pt> File: ./Chapter5_img/NA.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/NA.png used on input line 143. (pdftex.def) Requested size: 184.68954pt x 59.2211pt. -<./Chapter5_img/Speedup-Esize-Tasking.png, id=189, 620.208pt x 321.93pt> +<./Chapter5_img/Speedup-Esize-Tasking.png, id=193, 620.208pt x 321.93pt> File: ./Chapter5_img/Speedup-Esize-Tasking.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/Speedup-Esize-Tasking.png used on inpu t line 151. (pdftex.def) Requested size: 469.75499pt x 243.83916pt. -<./Chapter5_img/Eff-Esize-Tasking.png, id=190, 620.208pt x 322.149pt> +<./Chapter5_img/Eff-Esize-Tasking.png, id=194, 620.208pt x 322.149pt> File: ./Chapter5_img/Eff-Esize-Tasking.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/Eff-Esize-Tasking.png used on input li ne 152. (pdftex.def) Requested size: 469.75499pt x 244.00504pt. - [39 <./Chapter5_img/NA.png>] [40 <./Chapter5_img/Speedup-Esize-Tasking.png> <. -/Chapter5_img/Eff-Esize-Tasking.png>] [41] + [39] [40 <./Chapter5_img/NA.png> <./Chapter5_img/Speedup-Esize-Tasking.png> <. +/Chapter5_img/Eff-Esize-Tasking.png>] <./Chapter5_img/subgraphing.drawio.png, id=204, 824.07875pt x 743.77875pt> File: ./Chapter5_img/subgraphing.drawio.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/subgraphing.drawio.png used on input l ine 166. (pdftex.def) Requested size: 247.22552pt x 223.13535pt. - [42 <./Chapter5_img/subgraphing.drawio.png>] -<./Chapter5_img/front_merge.drawio.png, id=209, 1059.96pt x 465.74pt> + [41] [42 <./Chapter5_img/subgraphing.drawio.png>] +<./Chapter5_img/front_merge.drawio.png, id=212, 1059.96pt x 465.74pt> File: ./Chapter5_img/front_merge.drawio.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/front_merge.drawio.png used on input l @@ -451,19 +451,19 @@ LaTeX Warning: No positions in optional float specifier. Default added (so using `tbp') on input line 193. [44 <./Chapter5_img/front_merge.drawio.png>] -<./Chapter5_img/MPISubg_RT_No_DHT.png, id=217, 399.018pt x 250.098pt> +<./Chapter5_img/MPISubg_RT_No_DHT.png, id=221, 399.018pt x 250.098pt> File: ./Chapter5_img/MPISubg_RT_No_DHT.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/MPISubg_RT_No_DHT.png used on input li ne 221. (pdftex.def) Requested size: 469.75499pt x 294.44524pt. -<./Chapter5_img/no_DHT_Spd.png, id=218, 424.422pt x 249.003pt> +<./Chapter5_img/no_DHT_Spd.png, id=222, 424.422pt x 249.003pt> File: ./Chapter5_img/no_DHT_Spd.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/no_DHT_Spd.png used on input line 229. (pdftex.def) Requested size: 469.75499pt x 275.60631pt. -<./Chapter5_img/no_DHT_eff.png, id=219, 429.021pt x 249.222pt> +<./Chapter5_img/no_DHT_eff.png, id=223, 429.021pt x 249.222pt> File: ./Chapter5_img/no_DHT_eff.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/no_DHT_eff.png used on input line 230. @@ -471,29 +471,29 @@ Package pdftex.def Info: ./Chapter5_img/no_DHT_eff.png used on input line 230. (pdftex.def) Requested size: 469.75499pt x 272.8939pt. [45] [46 <./Chapter5_img/MPISubg_RT_No_DHT.png>] [47 <./Chapter5_img/no_DHT_Sp d.png> <./Chapter5_img/no_DHT_eff.png>] -<./Chapter5_img/dup.drawio.png, id=233, 824.07875pt x 743.77875pt> +<./Chapter5_img/dup.drawio.png, id=236, 824.07875pt x 743.77875pt> File: ./Chapter5_img/dup.drawio.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/dup.drawio.png used on input line 238. (pdftex.def) Requested size: 469.75499pt x 423.98099pt. -<./Chapter5_img/Dup_DHT.png, id=234, 796.065pt x 483.99pt> +<./Chapter5_img/Dup_DHT.png, id=237, 796.065pt x 483.99pt> File: ./Chapter5_img/Dup_DHT.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/Dup_DHT.png used on input line 245. (pdftex.def) Requested size: 469.75499pt x 285.59593pt. [48] [49 <./Chapter5_img/dup.drawio.png>] [50 <./Chapter5_img/Dup_DHT.png>] -<./Chapter5_img/DHT_Spd.png, id=246, 421.575pt x 233.235pt> +<./Chapter5_img/DHT_Spd.png, id=250, 421.575pt x 233.235pt> File: ./Chapter5_img/DHT_Spd.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/DHT_Spd.png used on input line 255. (pdftex.def) Requested size: 469.75499pt x 259.89395pt. -<./Chapter5_img/DHT_Eff.png, id=247, 422.889pt x 233.235pt> +<./Chapter5_img/DHT_Eff.png, id=251, 422.889pt x 233.235pt> File: ./Chapter5_img/DHT_Eff.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/DHT_Eff.png used on input line 256. (pdftex.def) Requested size: 469.75499pt x 259.08965pt. -<./Chapter5_img/DHT_noDHT.png, id=248, 806.577pt x 496.692pt> +<./Chapter5_img/DHT_noDHT.png, id=252, 806.577pt x 496.692pt> File: ./Chapter5_img/DHT_noDHT.png Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/DHT_noDHT.png used on input line 262. @@ -510,7 +510,7 @@ CHAPTER 6. ] -<./Chapter5_img/MPI-OpenMP-Blend.PNG, id=265, 1008.01593pt x 606.01407pt> +<./Chapter5_img/MPI-OpenMP-Blend.PNG, id=268, 1008.01593pt x 606.01407pt> File: ./Chapter5_img/MPI-OpenMP-Blend.PNG Graphic file (type png) Package pdftex.def Info: ./Chapter5_img/MPI-OpenMP-Blend.PNG used on input lin @@ -552,11 +552,7 @@ Underfull \hbox (badness 1383) in paragraph at lines 164--167 [] ) [61] (./Schrick-Noah_MS-Thesis.aux (./Chapter1.aux) (./Chapter2.aux) -(./Chapter3.aux) (./Chapter4.aux) (./Chapter5.aux) (./Chapter6.aux)) - -LaTeX Warning: There were undefined references. - - ) +(./Chapter3.aux) (./Chapter4.aux) (./Chapter5.aux) (./Chapter6.aux)) ) (\end occurred inside a group at level 6) ### semi simple group (level 6) entered at line 198 (\begingroup) @@ -567,13 +563,13 @@ LaTeX Warning: There were undefined references. ### semi simple group (level 1) entered at line 52 (\begingroup) ### bottom level Here is how much of TeX's memory you used: - 4442 strings out of 478276 - 82874 string characters out of 5853013 - 373013 words of memory out of 5000000 - 22552 multiletter control sequences out of 15000+600000 + 4441 strings out of 478276 + 82864 string characters out of 5853013 + 374018 words of memory out of 5000000 + 22551 multiletter control sequences out of 15000+600000 473155 words of font info for 41 fonts, out of 8000000 for 9000 1141 hyphenation exceptions out of 8191 - 67i,8n,77p,2301b,1440s stack positions out of 5000i,500n,10000p,200000b,80000s + 67i,8n,77p,2301b,1439s stack positions out of 5000i,500n,10000p,200000b,80000s {/usr/share/texmf-dist/fonts/enc/dvips/cm-super/cm-super-ts1.en c} -Output written on Schrick-Noah_MS-Thesis.pdf (71 pages, 2130300 bytes). +Output written on Schrick-Noah_MS-Thesis.pdf (72 pages, 2129906 bytes). PDF statistics: - 327 PDF objects out of 1000 (max. 8388607) - 184 compressed objects within 2 object streams + 330 PDF objects out of 1000 (max. 8388607) + 186 compressed objects within 2 object streams 0 named destinations out of 1000 (max. 500000) 141 words of extra memory for PDF output out of 10000 (max. 10000000) diff --git a/Schrick-Noah_MS-Thesis.pdf b/Schrick-Noah_MS-Thesis.pdf index d784a0f..d36f56d 100644 Binary files a/Schrick-Noah_MS-Thesis.pdf and b/Schrick-Noah_MS-Thesis.pdf differ diff --git a/Schrick-Noah_MS-Thesis.tex b/Schrick-Noah_MS-Thesis.tex index fa836ff..074a131 100644 --- a/Schrick-Noah_MS-Thesis.tex +++ b/Schrick-Noah_MS-Thesis.tex @@ -155,7 +155,7 @@ \fifthmember{} % as needed \sixthmember{} % as needed -\numofpages{71} % number of pages in the document +\numofpages{72} % number of pages in the document \numofchapters=6 % number of chapters in the document \lastchapter{Conclusions and Future Works} % the title of the last numbered chapter \numofabstractwords{196} % number of words in the abstract @@ -186,7 +186,7 @@ % % Place the text of the abstract here % -Attack graphs have historically been used to represent the state of a system or set of systems, and illustrate ways that attackers can carry out exploits to put the systems in a critical position. By refining the information and format of attack graphs, a similar process can be applied for compliance and regulation representations to illustrate ways that systems may violate or fall out of compliance in a format called compliance graphs. Like attack graphs, compliance graphs also suffer from the state space explosion problem, and generated graphs quickly become very large even for small networks. This work introduces extensions to an attack graph generator, RAGE, to support compliance graph generation, and these extensions have led to successfully generating compliance graphs that can then be analyzed through an independent process. Additional extensions have been introduced to support the utility of RAGE, and this includes the implementation of a synchronous firing feature to prevent generation of states where assets deviate from a shared, inseparable feature such as time. The attack graph generation algorithm has also been modified by two different approaches to expand the generation process to function for distributed computing environments using Message Passing Interface (MPI). +Attack graphs have historically been used to represent the state of a system or set of systems, and illustrate ways that attackers can carry out exploits to put the systems in a critical position. By refining the information and format of attack graphs, a similar process can be applied for compliance and regulation representations to illustrate ways that systems may violate or fall out of compliance in a format called compliance graphs. Like attack graphs, compliance graphs also suffer from the state space explosion problem, and generated graphs quickly become very large even for small networks. This work introduces extensions to an attack graph generator, RAGE attack graph engine (RAGE), to support compliance graph generation, and these extensions have led to successfully generating compliance graphs that can then be analyzed through an independent process. Additional extensions have been introduced to support the utility of RAGE, and this includes the implementation of a synchronous firing feature to prevent generation of states where assets deviate from a shared, inseparable feature such as time. The compliance graph generation algorithm has also been modified by two different approaches to expand the generation process to function for distributed computing environments using Message Passing Interface (MPI). \acknowledgementsp % diff --git a/Schrick-Noah_MS-Thesis.toc b/Schrick-Noah_MS-Thesis.toc index 5fa7e9d..7811d67 100644 --- a/Schrick-Noah_MS-Thesis.toc +++ b/Schrick-Noah_MS-Thesis.toc @@ -5,11 +5,11 @@ {\hfill \ } \contentsline {section}{\hspace {-\parindent }ACKNOWLEDGEMENTS}{v}{}% {\hfill \ } -\contentsline {section}{\hspace {-\parindent }TABLE OF CONTENTS}{vii}{}% +\contentsline {section}{\hspace {-\parindent }TABLE OF CONTENTS}{viii}{}% {\hfill \ } -\contentsline {section}{\hspace {-\parindent }LIST OF TABLES}{viii}{}% +\contentsline {section}{\hspace {-\parindent }LIST OF TABLES}{ix}{}% {\hfill \ } -\contentsline {section}{\hspace {-\parindent }LIST OF FIGURES}{x}{}% +\contentsline {section}{\hspace {-\parindent }LIST OF FIGURES}{xi}{}% \contentsline {chapter}{\numberline {CHAPTER 1: }{\bf \uppercase {INTRODUCTION}}}{1}{}% \contentsline {section}{\numberline {1.1}\bf Introduction to Attack Graphs}{1}{}% \contentsline {section}{\numberline {1.2}\bf Application to Compliance}{2}{}% @@ -23,47 +23,47 @@ \contentsline {section}{\numberline {2.3}\bf Improvements Specific to Attack Graph Generation}{6}{}% \contentsline {chapter}{\numberline {CHAPTER 3: }{\bf \uppercase {UTILITY EXTENSIONS TO THE RAGE ATTACK GRAPH GENERATOR}}}{8}{}% \contentsline {section}{\numberline {3.1}\bf Path Walking}{8}{}% -\contentsline {section}{\numberline {3.2}\bf Compound Operators}{8}{}% -\contentsline {section}{\numberline {3.3}\bf Color Coding}{10}{}% -\contentsline {section}{\numberline {3.4}\bf Intermediate Database Storage}{11}{}% -\contentsline {subsection}{\numberline {3.4.1}\it Memory Constraint Difficulties}{11}{}% -\contentsline {subsection}{\numberline {3.4.2}\it Maximizing Performance with Intermediate Database Storage}{13}{}% -\contentsline {subsection}{\numberline {3.4.3}\it Portability}{15}{}% -\contentsline {section}{\numberline {3.5}\bf Relational Operators}{15}{}% +\contentsline {section}{\numberline {3.2}\bf Color Coding}{9}{}% +\contentsline {section}{\numberline {3.3}\bf Compound Operators}{11}{}% +\contentsline {section}{\numberline {3.4}\bf Relational Operators}{12}{}% +\contentsline {section}{\numberline {3.5}\bf Intermediate Database Storage}{13}{}% +\contentsline {subsection}{\numberline {3.5.1}\it Memory Constraint Difficulties}{13}{}% +\contentsline {subsection}{\numberline {3.5.2}\it Maximizing Performance with Intermediate Database Storage}{14}{}% +\contentsline {subsection}{\numberline {3.5.3}\it Portability}{16}{}% \contentsline {chapter}{\numberline {CHAPTER 4: }{\bf \uppercase {SYNCHRONOUS FIRING}}}{17}{}% \contentsline {section}{\numberline {4.1}\bf Introduction}{17}{}% -\contentsline {subsection}{\numberline {4.1.1}\it Synchronous Firing in Literature}{18}{}% -\contentsline {section}{\numberline {4.2}\bf Necessary Alterations}{19}{}% +\contentsline {subsection}{\numberline {4.1.1}\it Related Synchronous Firing Work}{18}{}% +\contentsline {section}{\numberline {4.2}\bf Necessary Alterations and Additions}{19}{}% \contentsline {subsection}{\numberline {4.2.1}\it GNU Bison and Flex}{19}{}% \contentsline {subsection}{\numberline {4.2.2}\it PostgreSQL}{20}{}% \contentsline {subsection}{\numberline {4.2.3}\it Compound Operators}{21}{}% \contentsline {subsection}{\numberline {4.2.4}\it Graph Generation}{21}{}% -\contentsline {section}{\numberline {4.3}\bf Example Networks and Results}{22}{}% -\contentsline {subsection}{\numberline {4.3.1}\it Example Networks}{22}{}% +\contentsline {section}{\numberline {4.3}\bf Experimental Networks and Results}{22}{}% +\contentsline {subsection}{\numberline {4.3.1}\it Experimental Networks}{22}{}% \contentsline {subsection}{\numberline {4.3.2}\it Results}{24}{}% -\contentsline {chapter}{\numberline {CHAPTER 5: }{\bf \uppercase {Utilization OF MESSAGE PASSING INTERFACE}}}{28}{}% +\contentsline {chapter}{\numberline {CHAPTER 5: }{\bf \uppercase {Parallelization Using MESSAGE PASSING INTERFACE}}}{28}{}% \contentsline {section}{\numberline {5.1}\bf Introduction to MPI Utilization for Attack and Compliance Graph Generation}{28}{}% \contentsline {section}{\numberline {5.2}\bf Necessary Components}{28}{}% \contentsline {subsection}{\numberline {5.2.1}\it Serialization}{28}{}% \contentsline {section}{\numberline {5.3}\bf Tasking Approach}{29}{}% \contentsline {subsection}{\numberline {5.3.1}\it Introduction to the Tasking Approach}{29}{}% \contentsline {subsection}{\numberline {5.3.2}\it Algorithm Design}{31}{}% -\contentsline {subsubsection}{Communication Structure}{31}{}% -\contentsline {subsubsection}{Task 0}{33}{}% -\contentsline {subsubsection}{Task 1}{33}{}% -\contentsline {subsubsection}{Task 2}{34}{}% -\contentsline {subsubsection}{Task 3}{34}{}% -\contentsline {subsubsection}{Task 4 and Task 5}{36}{}% -\contentsline {subsubsection}{MPI Tags}{37}{}% +\contentsline {subsubsection}{\numberline {5.3.2.1}Communication Structure}{31}{}% +\contentsline {subsubsection}{\numberline {5.3.2.2}Task 0}{33}{}% +\contentsline {subsubsection}{\numberline {5.3.2.3}Task 1}{33}{}% +\contentsline {subsubsection}{\numberline {5.3.2.4}Task 2}{34}{}% +\contentsline {subsubsection}{\numberline {5.3.2.5}Task 3}{34}{}% +\contentsline {subsubsection}{\numberline {5.3.2.6}Task 4 and Task 5}{36}{}% +\contentsline {subsubsection}{\numberline {5.3.2.7}MPI Tags}{37}{}% \contentsline {subsection}{\numberline {5.3.3}\it Performance Expectations and Use Cases}{37}{}% \contentsline {subsection}{\numberline {5.3.4}\it Results}{38}{}% -\contentsline {section}{\numberline {5.4}\bf Subgraphing Approach}{41}{}% +\contentsline {section}{\numberline {5.4}\bf Subgraphing Approach}{39}{}% \contentsline {subsection}{\numberline {5.4.1}\it Introduction to the Subgraphing Approach}{41}{}% \contentsline {subsection}{\numberline {5.4.2}\it Algorithm Design}{41}{}% -\contentsline {subsubsection}{Worker Nodes}{42}{}% -\contentsline {subsubsection}{Root Node}{43}{}% -\contentsline {subsubsection}{Database Node}{44}{}% -\contentsline {subsubsection}{MPI Tags}{44}{}% +\contentsline {subsubsection}{\numberline {5.4.2.1}Worker Nodes}{42}{}% +\contentsline {subsubsection}{\numberline {5.4.2.2}Root Node}{43}{}% +\contentsline {subsubsection}{\numberline {5.4.2.3}Database Node}{44}{}% +\contentsline {subsubsection}{\numberline {5.4.2.4}MPI Tags}{44}{}% \contentsline {subsection}{\numberline {5.4.3}\it Performance Expectations and Use Cases}{44}{}% \contentsline {subsection}{\numberline {5.4.4}\it Results}{45}{}% \contentsline {chapter}{\numberline {CHAPTER 6: }{\bf \uppercase {CONCLUSIONS AND FUTURE WORKS}}}{54}{}% diff --git a/TUthesis.sty b/TUthesis.sty index 61354ac..c7e6ebb 100644 --- a/TUthesis.sty +++ b/TUthesis.sty @@ -141,8 +141,8 @@ % chapters, sections, subsections and subsub sections, but only the chapters and sections % will be numbered. % -\setcounter{tocdepth}{3} -\setcounter{secnumdepth}{2} +\setcounter{tocdepth}{4} +\setcounter{secnumdepth}{4} %%%%%%%%%%%%%%%%%%%%%%% % Test box for margins @@ -586,6 +586,8 @@ -.2ex}{0.1ex plus .2ex}{\normalsize\it}} \def\subsubsection{\@startsection{subsubsection}{3}{\parindent}{-3.25ex plus -1ex minus -.2ex}{-0.1ex plus .2ex}{\normalsize\rm}} +%\def\subsection{\@startsection{subsubsection}{3}{\z@}{-3.25ex plus -1ex minus +% -.2ex}{0.1ex plus .2ex}{\normalsize\it}} \def\paragraph{\@startsection{paragraph}{4}{\z@}{3.25ex plus 1ex minus .2ex}{-1em}{\normalsize\bf}} \def\subparagraph{\@startsection {subparagraph}{4}{\parindent}{3.25ex plus 1ex minus