Finishing Intro and Related Works

Report/Bibliography.bib

@@ -179,6 +179,13 @@
 	year = {2013},
 }
 
+@phdthesis{ming_diss,
+	title = {{A} {System} for {Attack} {Graph} {Generation} and {Analysis}},
+	author = {Li, Ming},
+	school = {The {University} of {Tulsa}},
+	year = {2021},
+}
+
 @article{edmonds_design_nodate,
 	title = {Design of a {Large}-{Scale} {Hybrid}-{Parallel} {Graph} {Library}},
 	journal = {International Conference for High Performance Computing, Student Research Symposium},
@@ -1280,5 +1287,35 @@ of 27},
 	author = {PCI Security Standards Council}
 }
 
+@article{centrality_causal,
+	title = {Node centrality measures are a poor substitute for causal inference},
+	volume = {9},
+	issn = {6846},
+	doi = {10.1038/s41598-019-43033-9},
+	journal = {Scientific Reports},
+	author = {Dablander, Fabian and Hinne, Max},
+	year = {2019},
+}
 
+@inproceedings{Mieghem2018DirectedGA,
+  title={Directed graphs and mysterious complex eigenvalues},
+  author={Piet Van Mieghem},
+  year={2018}
+}
 
+@article{Guo2017HermitianAM,
+  title={Hermitian Adjacency Matrix of Digraphs and Mixed Graphs},
+  author={Krystal Guo and Bojan Mohar},
+  journal={Journal of Graph Theory},
+  year={2017},
+  volume={85}
+}
+
+@article{Brualdi2010SpectraOD,
+  title={Spectra of digraphs},
+  author={Richard A. Brualdi},
+  journal={Linear Algebra and its Applications},
+  year={2010},
+  volume={432},
+  pages={2181-2213}
+}

Report/Schrick-Noah_CS-7863_Final-Report.aux

@@ -1,36 +1,49 @@
 \relax 
 \providecommand\babel@aux[2]{}
 \@nameuse{bbl@beforestart}
+\babel@aux{nil}{}
 \citation{phillips_graph-based_1998}
 \citation{schneier_modeling_1999}
-\babel@aux{nil}{}
 \citation{j_hale_compliance_nodate}
 \citation{baloyi_guidelines_2019}
 \citation{allman_complying_2006}
 \@writefile{toc}{\contentsline {section}{\numberline {1}Introduction}{2}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsection}{\numberline {1.1}Attack Graphs}{2}{}\protected@file@percent }
 \@writefile{toc}{\contentsline {subsection}{\numberline {1.2}Compliance Graphs}{2}{}\protected@file@percent }
+\citation{Mieghem2018DirectedGA}
+\citation{Mieghem2018DirectedGA}
+\citation{ming_diss}
+\citation{Guo2017HermitianAM}
+\citation{Mieghem2018DirectedGA}
+\citation{Brualdi2010SpectraOD}
+\@writefile{toc}{\contentsline {subsection}{\numberline {1.3}Difficulties of Compliance Graph Analysis}{3}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {section}{\numberline {2}Related Works}{3}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {section}{\numberline {3}Experimental Networks}{4}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {section}{\numberline {4}Centralities}{5}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {subsection}{\numberline {4.1}Introduction}{5}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {subsection}{\numberline {4.2}Degree}{5}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {subsection}{\numberline {4.3}Betweenness}{5}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {subsection}{\numberline {4.4}Katz}{5}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {subsection}{\numberline {4.5}K-Path Edge}{5}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {subsection}{\numberline {4.6}Adapted Page Rank}{5}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {section}{\numberline {5}Transitive Closure}{5}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {subsection}{\numberline {5.1}Introduction}{5}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {subsection}{\numberline {5.2}Application}{5}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {section}{\numberline {6}Dominant Tree}{5}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {subsection}{\numberline {6.1}Introduction}{5}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {subsection}{\numberline {6.2}Application}{5}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {section}{\numberline {7}Results and Result Analysis}{5}{}\protected@file@percent }
+\@writefile{toc}{\contentsline {section}{\numberline {8}Conclusions and Future Work}{5}{}\protected@file@percent }
 \bibdata{Bibliography}
 \bibcite{phillips_graph-based_1998}{1}
-\@writefile{toc}{\contentsline {subsection}{\numberline {1.3}Difficulties of Compliance Graph Analysis}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {section}{\numberline {2}Related Works}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {section}{\numberline {3}Experimental Networks}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {section}{\numberline {4}Centralities}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {subsection}{\numberline {4.1}Introduction}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {subsection}{\numberline {4.2}Degree}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {subsection}{\numberline {4.3}Betweenness}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {subsection}{\numberline {4.4}Katz}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {subsection}{\numberline {4.5}K-Path Edge}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {subsection}{\numberline {4.6}Adapted Page Rank}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {section}{\numberline {5}Transitive Closure}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {subsection}{\numberline {5.1}Introduction}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {subsection}{\numberline {5.2}Application}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {section}{\numberline {6}Dominant Tree}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {subsection}{\numberline {6.1}Introduction}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {subsection}{\numberline {6.2}Application}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {section}{\numberline {7}Results and Result Analysis}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {section}{\numberline {8}Conclusions and Future Work}{4}{}\protected@file@percent }
-\@writefile{toc}{\contentsline {section}{Bibliography}{4}{}\protected@file@percent }
 \bibcite{schneier_modeling_1999}{2}
+\bibcite{j_hale_compliance_nodate}{3}
+\bibcite{baloyi_guidelines_2019}{4}
+\bibcite{allman_complying_2006}{5}
+\bibcite{Mieghem2018DirectedGA}{6}
+\bibcite{ming_diss}{7}
+\bibcite{Guo2017HermitianAM}{8}
+\bibcite{Brualdi2010SpectraOD}{9}
 \bibstyle{ieeetr}
-\gdef \@abspage@last{5}
+\@writefile{toc}{\contentsline {section}{Bibliography}{6}{}\protected@file@percent }
+\gdef \@abspage@last{6}

Report/Schrick-Noah_CS-7863_Final-Report.bbl

@@ -10,4 +10,35 @@ C.~Phillips and L.~P. Swiler, ``A graph-based system for network-vulnerability
 B.~Schneier, ``Modeling {Security} {Threats},'' {\em Dr. Dobb's Journal}, 1999.
 \newblock vol. 24, no.12.
 
+\bibitem{j_hale_compliance_nodate}
+{J. Hale}, P.~Hawrylak, and M.~Papa, ``Compliance {Method} for a
+  {Cyber}-{Physical} {System}.''
+\newblock U.S. Patent Number 9,471,789, Oct. 18, 2016.
+
+\bibitem{baloyi_guidelines_2019}
+N.~Baloyi and P.~Kotzé, ``Guidelines for {Data} {Privacy} {Compliance}: {A}
+  {Focus} on {Cyberphysical} {Systems} and {Internet} of {Things},'' in {\em
+  {SAICSIT} '19: {Proceedings} of the {South} {African} {Institute} of
+  {Computer} {Scientists} and {Information} {Technologists} 2019}, (Skukuza
+  South Africa), Association for Computing Machinery, 2019.
+
+\bibitem{allman_complying_2006}
+E.~Allman, ``Complying with {Compliance}: {Blowing} it off is not an option.,''
+  {\em ACM Queue}, vol.~4, no.~7, 2006.
+
+\bibitem{Mieghem2018DirectedGA}
+P.~V. Mieghem, ``Directed graphs and mysterious complex eigenvalues,'' 2018.
+
+\bibitem{ming_diss}
+M.~Li, {\em {A} {System} for {Attack} {Graph} {Generation} and {Analysis}}.
+\newblock PhD thesis, The {University} of {Tulsa}, 2021.
+
+\bibitem{Guo2017HermitianAM}
+K.~Guo and B.~Mohar, ``Hermitian adjacency matrix of digraphs and mixed
+  graphs,'' {\em Journal of Graph Theory}, vol.~85, 2017.
+
+\bibitem{Brualdi2010SpectraOD}
+R.~A. Brualdi, ``Spectra of digraphs,'' {\em Linear Algebra and its
+  Applications}, vol.~432, pp.~2181--2213, 2010.
+
 \end{thebibliography}

Report/Schrick-Noah_CS-7863_Final-Report.blg

@@ -3,44 +3,46 @@ Capacity: max_strings=200000, hash_size=200000, hash_prime=170003
 The top-level auxiliary file: Schrick-Noah_CS-7863_Final-Report.aux
 The style file: ieeetr.bst
 Database file #1: Bibliography.bib
-You've used 2 entries,
+Warning--empty booktitle in Mieghem2018DirectedGA
+You've used 9 entries,
             1876 wiz_defined-function locations,
-            491 strings with 3842 characters,
-and the built_in function-call counts, 464 in all, are:
-= -- 49
-> -- 12
+            534 strings with 4972 characters,
+and the built_in function-call counts, 1708 in all, are:
+= -- 166
+> -- 55
 < -- 0
-+ -- 5
-- -- 3
-* -- 28
-:= -- 76
-add.period$ -- 4
-call.type$ -- 2
-change.case$ -- 2
++ -- 23
+- -- 14
+* -- 104
+:= -- 261
+add.period$ -- 12
+call.type$ -- 9
+change.case$ -- 8
 chr.to.int$ -- 0
-cite$ -- 2
-duplicate$ -- 24
-empty$ -- 45
-format.name$ -- 3
-if$ -- 110
+cite$ -- 10
+duplicate$ -- 97
+empty$ -- 187
+format.name$ -- 14
+if$ -- 414
 int.to.chr$ -- 0
-int.to.str$ -- 2
-missing$ -- 2
-newline$ -- 11
-num.names$ -- 2
-pop$ -- 4
+int.to.str$ -- 9
+missing$ -- 7
+newline$ -- 34
+num.names$ -- 9
+pop$ -- 36
 preamble$ -- 1
 purify$ -- 0
 quote$ -- 0
-skip$ -- 13
+skip$ -- 42
 stack$ -- 0
-substring$ -- 24
-swap$ -- 8
+substring$ -- 60
+swap$ -- 23
 text.length$ -- 0
 text.prefix$ -- 0
 top$ -- 0
 type$ -- 0
-warning$ -- 0
-while$ -- 5
-width$ -- 3
-write$ -- 24
+warning$ -- 1
+while$ -- 14
+width$ -- 10
+write$ -- 88
+(There was 1 warning)

Report/Schrick-Noah_CS-7863_Final-Report.log

@@ -1,4 +1,4 @@
-This is pdfTeX, Version 3.141592653-2.6-1.40.24 (TeX Live 2022/Arch Linux) (preloaded format=pdflatex 2022.4.29)  2 MAY 2022 12:56
+This is pdfTeX, Version 3.141592653-2.6-1.40.24 (TeX Live 2022/Arch Linux) (preloaded format=pdflatex 2022.4.29)  2 MAY 2022 15:13
 entering extended mode
  restricted \write18 enabled.
  %&-line parsing enabled.
@@ -278,33 +278,21 @@ LaTeX Font Info:    External font `cmex10' loaded for size
 \tf@toc=\write3
 \openout3 = `Schrick-Noah_CS-7863_Final-Report.toc'.
 
+ [1
 
+{/var/lib/texmf/fonts/map/pdftex/updmap/pdftex.map}]
 Overfull \hbox (21.08397pt too wide) in paragraph at lines 33--34
 []\OT1/cmr/m/n/10 To address the rising risks of computing and threats to cyber
 security, vulnerability
  []
 
-[1
 
-{/var/lib/texmf/fonts/map/pdftex/updmap/pdftex.map}]
 Overfull \hbox (3.02843pt too wide) in paragraph at lines 35--36
 []\OT1/cmr/m/n/10 Attack graphs begin with a root node that contains all the cu
 rrent information
  []
 
 
-LaTeX Warning: Citation `j_hale_compliance_nodate' on page 2 undefined on input
- line 38.
-
-
-LaTeX Warning: Citation `baloyi_guidelines_2019' on page 2 undefined on input l
-ine 38.
-
-
-LaTeX Warning: Citation `allman_complying_2006' on page 2 undefined on input li
-ne 38.
-
-
 Overfull \hbox (2.19508pt too wide) in paragraph at lines 38--39
 []\OT1/cmr/m/n/10 Compliance graphs are an alternate form of attack graphs, uti
 lized specifically
@@ -328,33 +316,35 @@ Overfull \hbox (2.69524pt too wide) in paragraph at lines 40--41
 n, the information
  []
 
-[2] (./Schrick-Noah_CS-7863_Final-Report.bbl [3]
-Overfull \vbox (137.26349pt too high) has occurred while \output is active []
+[2]
+Overfull \hbox (18.35255pt too wide) in paragraph at lines 43--44
+\OT1/cmr/m/n/10 adjacency matrix present in directed graphs. With undirected gr
+aphs, simplifications
+ []
 
+[3] [4] [5] (./Schrick-Noah_CS-7863_Final-Report.bbl) [6
 
-[4]) [5] (./Schrick-Noah_CS-7863_Final-Report.aux)
-
-LaTeX Warning: There were undefined references.
-
- ) 
+]
+(./Schrick-Noah_CS-7863_Final-Report.aux) ) 
 Here is how much of TeX's memory you used:
- 5354 strings out of 478238
- 96179 string characters out of 5850456
- 398243 words of memory out of 5000000
- 23531 multiletter control sequences out of 15000+600000
+ 5362 strings out of 478238
+ 96336 string characters out of 5850456
+ 398271 words of memory out of 5000000
+ 23539 multiletter control sequences out of 15000+600000
  473860 words of font info for 43 fonts, out of 8000000 for 9000
  1141 hyphenation exceptions out of 8191
- 67i,6n,77p,920b,219s stack positions out of 5000i,500n,10000p,200000b,80000s
-</usr/share/texmf-dist/fonts/type1/public/amsfonts/cm/cmbx10.pfb></usr/share/
-texmf-dist/fonts/type1/public/amsfonts/cm/cmbx12.pfb></usr/share/texmf-dist/fon
-ts/type1/public/amsfonts/cm/cmr10.pfb></usr/share/texmf-dist/fonts/type1/public
-/amsfonts/cm/cmr12.pfb></usr/share/texmf-dist/fonts/type1/public/amsfonts/cm/cm
-r17.pfb></usr/share/texmf-dist/fonts/type1/public/amsfonts/cm/cmti10.pfb>
-Output written on Schrick-Noah_CS-7863_Final-Report.pdf (5 pages, 103964 bytes)
+ 67i,6n,77p,1123b,191s stack positions out of 5000i,500n,10000p,200000b,80000s
+</usr/share/texmf-dist/fonts/type1/p
+ublic/amsfonts/cm/cmbx10.pfb></usr/share/texmf-dist/fonts/type1/public/amsfonts
+/cm/cmbx12.pfb></usr/share/texmf-dist/fonts/type1/public/amsfonts/cm/cmr10.pfb>
+</usr/share/texmf-dist/fonts/type1/public/amsfonts/cm/cmr12.pfb></usr/share/tex
+mf-dist/fonts/type1/public/amsfonts/cm/cmr17.pfb></usr/share/texmf-dist/fonts/t
+ype1/public/amsfonts/cm/cmti10.pfb>
+Output written on Schrick-Noah_CS-7863_Final-Report.pdf (6 pages, 110956 bytes)
 .
 PDF statistics:
- 50 PDF objects out of 1000 (max. 8388607)
- 30 compressed objects within 1 object stream
+ 53 PDF objects out of 1000 (max. 8388607)
+ 32 compressed objects within 1 object stream
  0 named destinations out of 1000 (max. 500000)
  1 words of extra memory for PDF output out of 10000 (max. 10000000)
 

Report/Schrick-Noah_CS-7863_Final-Report.tex

@@ -40,10 +40,13 @@ Compliance graphs are an alternate form of attack graphs, utilized specifically
 The semantics of compliance graphs are similar to that of attack graphs, but with a few differences regarding the information at each state. While security and compliance statuses are related, the information that is analyzed in compliance graphs is focused less on certain security properties, and is expanded to also examine administrative policies and properties of systems. Since compliance and regulation is broad and can vary by industry and application, the information to analyze can range from safety regulations, maintenance compliance, or any other regulatory compliance. However, the graph structure of compliance graphs is identical to that of attack graphs, where edges represent a modification to the systems, and nodes represent all current information in the system.
 
 \subsection{Difficulties of Compliance Graph Analysis}
+Analysis of directed graphs is not as simple as their undirected counterparts, and attack and compliance graphs are directed acyclic graphs. The primary contributor to the increased difficulty is due to the asymmetric adjacency matrix present in directed graphs. With undirected graphs, simplifications can be made in the analysis process both computationally and conceptually. Since the ``in" degrees are equal to the ``out" degrees, less work is required both in terms of parsing the adjacency matrix, but also in terms of determining importance of nodes. As the author of \cite{Mieghem2018DirectedGA} discusses, the difficulty of directed graphs also extends to the graph Laplacian, where the definition for asymmetric adjacency matrices is not uniquely defined, and is based on either row or column sums computing to zero, but both cannot. The author of \cite{Mieghem2018DirectedGA} continues to discuss that directed graphs lead to complex eigenvalues, and can lead to adjacency matrices that are unable to be diagonalized. These challenges require different approaches for typical clustering or centrality measures.
 
 \section{Related Works}
+The author of \cite{ming_diss} presents three centrality measures that were applied to various attack graphs. The centrality measures implemented were Katz, K-path Edge, and Adapted PageRank. Each of these centrality measures are applicable to the directed format of attack graphs, and conclusions can be drawn regarding patching schemes for preventing exploits. As an approach for avoiding complex eigenvalues, the authors of \cite{Guo2017HermitianAM} present work examining directed, undirected, and mixed graphs using its Hermitian adjacency matrix. Other works, such as that discussed by the author of \cite{Mieghem2018DirectedGA} include mathematical manipulation of directed graph spectra (originally presented by the author of \cite{Brualdi2010SpectraOD}) with Schur's Theorem to bound eigenvalues and allow for explicit computation, which can then be used for additional analysis metrics. 
 
 \section{Experimental Networks}
+The work conducted in this approach
 
 \section{Centralities}
 \subsection{Introduction}
@@ -65,6 +68,8 @@ The semantics of compliance graphs are similar to that of attack graphs, but wit
 
 \section{Conclusions and Future Work}
 
+\clearpage
+
 \addcontentsline{toc}{section}{Bibliography}
 \bibliography{Bibliography}
 \bibliographystyle{ieeetr}

Report/Schrick-Noah_CS-7863_Final-Report.toc

@@ -2,22 +2,22 @@
 \contentsline {section}{\numberline {1}Introduction}{2}{}%
 \contentsline {subsection}{\numberline {1.1}Attack Graphs}{2}{}%
 \contentsline {subsection}{\numberline {1.2}Compliance Graphs}{2}{}%
-\contentsline {subsection}{\numberline {1.3}Difficulties of Compliance Graph Analysis}{4}{}%
-\contentsline {section}{\numberline {2}Related Works}{4}{}%
+\contentsline {subsection}{\numberline {1.3}Difficulties of Compliance Graph Analysis}{3}{}%
+\contentsline {section}{\numberline {2}Related Works}{3}{}%
 \contentsline {section}{\numberline {3}Experimental Networks}{4}{}%
-\contentsline {section}{\numberline {4}Centralities}{4}{}%
-\contentsline {subsection}{\numberline {4.1}Introduction}{4}{}%
-\contentsline {subsection}{\numberline {4.2}Degree}{4}{}%
-\contentsline {subsection}{\numberline {4.3}Betweenness}{4}{}%
-\contentsline {subsection}{\numberline {4.4}Katz}{4}{}%
-\contentsline {subsection}{\numberline {4.5}K-Path Edge}{4}{}%
-\contentsline {subsection}{\numberline {4.6}Adapted Page Rank}{4}{}%
-\contentsline {section}{\numberline {5}Transitive Closure}{4}{}%
-\contentsline {subsection}{\numberline {5.1}Introduction}{4}{}%
-\contentsline {subsection}{\numberline {5.2}Application}{4}{}%
-\contentsline {section}{\numberline {6}Dominant Tree}{4}{}%
-\contentsline {subsection}{\numberline {6.1}Introduction}{4}{}%
-\contentsline {subsection}{\numberline {6.2}Application}{4}{}%
-\contentsline {section}{\numberline {7}Results and Result Analysis}{4}{}%
-\contentsline {section}{\numberline {8}Conclusions and Future Work}{4}{}%
-\contentsline {section}{Bibliography}{4}{}%
+\contentsline {section}{\numberline {4}Centralities}{5}{}%
+\contentsline {subsection}{\numberline {4.1}Introduction}{5}{}%
+\contentsline {subsection}{\numberline {4.2}Degree}{5}{}%
+\contentsline {subsection}{\numberline {4.3}Betweenness}{5}{}%
+\contentsline {subsection}{\numberline {4.4}Katz}{5}{}%
+\contentsline {subsection}{\numberline {4.5}K-Path Edge}{5}{}%
+\contentsline {subsection}{\numberline {4.6}Adapted Page Rank}{5}{}%
+\contentsline {section}{\numberline {5}Transitive Closure}{5}{}%
+\contentsline {subsection}{\numberline {5.1}Introduction}{5}{}%
+\contentsline {subsection}{\numberline {5.2}Application}{5}{}%
+\contentsline {section}{\numberline {6}Dominant Tree}{5}{}%
+\contentsline {subsection}{\numberline {6.1}Introduction}{5}{}%
+\contentsline {subsection}{\numberline {6.2}Application}{5}{}%
+\contentsline {section}{\numberline {7}Results and Result Analysis}{5}{}%
+\contentsline {section}{\numberline {8}Conclusions and Future Work}{5}{}%
+\contentsline {section}{Bibliography}{6}{}%