On Parallel Real-Time Security Improvement Using Mixed-Integer Programming

On Parallel Real-Time Security Improvement Using Mixed-Integer Programming

Network security defenses evolve, responding to real-time attack incidents, modifying the underlying topology, or reallocating defense systems across the network. The present work emphasizes reducing the time to compute new optimal reallocations of defense systems, responding to emerging real-time r...

Full description

Bibliographic Details
Main Authors: Hussain M. J. Almohri, Layne T. Watson, Homa Alemzadeh, Mohammad Almutawa
Format: Article
Language:English
Published: IEEE 2021-01-01
Series:IEEE Access
Subjects:
Security management
parallel processing
tree graphs
mathematical programming
Online Access:https://ieeexplore.ieee.org/document/9402746/
id doaj-ba064a5a412b4dbc86509c4411cfedc7
record_format Article
spelling doaj-ba064a5a412b4dbc86509c4411cfedc72021-04-20T23:00:25ZengIEEEIEEE Access2169-35362021-01-019588245883710.1109/ACCESS.2021.30730899402746On Parallel Real-Time Security Improvement Using Mixed-Integer ProgrammingHussain M. J. Almohri0https://orcid.org/0000-0002-7738-5864Layne T. Watson1Homa Alemzadeh2Mohammad Almutawa3Department of Computer Science, Kuwait University, KuwaitDepartment of Computer Science, Virginia Polytechnic Institute and State University, Blacksburg, VA, USADepartment of Electrical and Computer Engineering, University of Virginia, Charlottesville, VA, USADepartment of Computer Science, Kuwait University, KuwaitNetwork security defenses evolve, responding to real-time attack incidents, modifying the underlying topology, or reallocating defense systems across the network. The present work emphasizes reducing the time to compute new optimal reallocations of defense systems, responding to emerging real-time remote attacks. The proposed heuristic method utilizes parallel processing by slicing the underlying graphical model representing the network topology, solving in parallel multiple mixed-integer programming problems corresponding to the created subgraphs, and producing an estimate of the optimal defense. The parallelized method to compute a new defense enables producing a response, in real-time, before remote attackers compromise a target machine in the network. Our prototype tool to compute a new defense, the high-performance security analyzer, has a speedup of at least 20 over solving the original problem using a serial algorithm, and with an insignificant difference between the performance of the (computed in parallel) approximately optimal defense and the (serially computed) optimal defense. A major conclusion is that further speedups will come from parallel integer programming algorithms rather than from graph partitioning.https://ieeexplore.ieee.org/document/9402746/Security managementparallel processingtree graphsmathematical programming
collection DOAJ
language English
format Article
sources DOAJ
author Hussain M. J. Almohri
Layne T. Watson
Homa Alemzadeh
Mohammad Almutawa
spellingShingle Hussain M. J. Almohri
Layne T. Watson
Homa Alemzadeh
Mohammad Almutawa
On Parallel Real-Time Security Improvement Using Mixed-Integer Programming
IEEE Access
Security management
parallel processing
tree graphs
mathematical programming
author_facet Hussain M. J. Almohri
Layne T. Watson
Homa Alemzadeh
Mohammad Almutawa
author_sort Hussain M. J. Almohri
title On Parallel Real-Time Security Improvement Using Mixed-Integer Programming
title_short On Parallel Real-Time Security Improvement Using Mixed-Integer Programming
title_full On Parallel Real-Time Security Improvement Using Mixed-Integer Programming
title_fullStr On Parallel Real-Time Security Improvement Using Mixed-Integer Programming
title_full_unstemmed On Parallel Real-Time Security Improvement Using Mixed-Integer Programming
title_sort on parallel real-time security improvement using mixed-integer programming
publisher IEEE
series IEEE Access
issn 2169-3536
publishDate 2021-01-01
description Network security defenses evolve, responding to real-time attack incidents, modifying the underlying topology, or reallocating defense systems across the network. The present work emphasizes reducing the time to compute new optimal reallocations of defense systems, responding to emerging real-time remote attacks. The proposed heuristic method utilizes parallel processing by slicing the underlying graphical model representing the network topology, solving in parallel multiple mixed-integer programming problems corresponding to the created subgraphs, and producing an estimate of the optimal defense. The parallelized method to compute a new defense enables producing a response, in real-time, before remote attackers compromise a target machine in the network. Our prototype tool to compute a new defense, the high-performance security analyzer, has a speedup of at least 20 over solving the original problem using a serial algorithm, and with an insignificant difference between the performance of the (computed in parallel) approximately optimal defense and the (serially computed) optimal defense. A major conclusion is that further speedups will come from parallel integer programming algorithms rather than from graph partitioning.
topic Security management
parallel processing
tree graphs
mathematical programming
url https://ieeexplore.ieee.org/document/9402746/
work_keys_str_mv AT hussainmjalmohri onparallelrealtimesecurityimprovementusingmixedintegerprogramming
AT laynetwatson onparallelrealtimesecurityimprovementusingmixedintegerprogramming
AT homaalemzadeh onparallelrealtimesecurityimprovementusingmixedintegerprogramming
AT mohammadalmutawa onparallelrealtimesecurityimprovementusingmixedintegerprogramming
_version_ 1721517407368904704

Similar Items