On New Approaches of Assessing Network Vulnerability: Hardness and Approximation Thang N

1 On New Approaches of Assessing Network Vulnerability: Hardness and Approximation Thang N. Dinh, Ying Xuan, My T. Thai, Member, IEEE, Panos M. Pardalos, Member, IEEE, Taieb Znati, Member, IEEE

Abstract—Society relies heavily on its networked physical infrastructure and information systems. Accurately assessing the vulnerability of these systems against disruptive events is vital for planning and risk management. Existing approaches to vulnerability assessments of large-scale systems mainly focus on investigating inhomogeneous properties of the underlying graph elements. These measures and the associated heuristic solutions are limited in evaluating the vulnerability of large-scale network topologies. Furthermore, these approaches often fail to provide performance guarantees of the proposed solutions. In this paper, we propose a vulnerability measure, pairwise connectivity, and use it to formulate network vulnerability assessment as a graph-theoretical optimization problem, referred to as β-disruptor. The objective is to identify the minimum set of critical network elements, namely nodes and edges, whose removal results in a speciﬁc degradation of the network global pairwise connectivity. We prove the NP-Completeness and inapproximability of this problem, and propose an O(log n log log n) pseudo- approximation algorithm to computing the set of critical nodes and an O(log1.5 n) pseudo-approximation algorithm for computing the set of critical edges. The results of an extensive simulation-based experiment show the feasibility of our proposed vulnerability assessment framework and the efﬁciency of the proposed approximation algorithms in comparison with other approaches.

Index Terms—Network vulnerability, Pairwise connectivity, Hardness, Approximation algorithm. !

1 INTRODUCTION ONNECTIVITY plays a vital role in network per- tal a network element is to the survivability of the net- formance and is fundamental to vulnerability C work when faced with disruptive events. A number assessment. Disruptive events, ranging from natural of these studies proposed global graph measures, such disasters to malicious attacks, can drastically com- as cyclomatic number, maximum network circuits, α- promise the network’s ability to meet its quality-of- index, β-index and γ-index, as a single index to capture service(QoS) requirements, if not cause widespread the network structure. The global index, derived from service outages and potentially total network break- the basic properties of the graph, namely the number down [1], [2], [3], [4], [5], [6]. Robust network design of vertices, edges and pairwise shortest paths, is then and management strategies to deal with unexpected used to assess and compare the vulnerability of dif- events must be in place to account for potential dis- ferent networks. Although relatively straightforward ruptions to network connectivity. A critical aspect of to calculate, global measures can neither be rigorously these strategies is their ability to pro-actively assess mapped to the over network connectivity nor reveal network vulnerability to disruptive events, in order the set of most critical vertices and edges. Such a to protect network elements1 against natural disaster shortcoming limits considerably their suitability for and malicious human acts and mitigate the impact of assessing network vulnerability. Other research stud- such acts on network performance and survivability. ies proposed local nodal centrality [7], such as degree Over the last few years, a considerable amount of centrality, betweenness centrality and closeness cen- research effort has focused on developing approaches trality, as a local network measure for network vul- and methods to assess network vulnerability to dis- nerability. These local measures, which emphasize the ruptive events [1]. Central to these research studies is relative topological characteristics of individual edges the use of graph theoretic measures to determine how vi- and nodes within a network, are used to identify and quantify critical network elements of the network, • T. N. Dinh, Y. Xuan, M. T. Thai are with the Dept. of Comp. & Info. and evaluate network vulnerability. Unfortunately, the Sci. & Eng., University of Florida, Gainesville, FL, 32611. inability of local network measures to capture global E-mail: {tdinh, yxuan, mythai}@cise.ufl.edu. network connectivity raises concerns about their va- • Panos M. Pardalos is with Industrial and System Engineering Dept., University of Florida at Gainesville, FL, 32611. lidity to accurately assess network vulnerability and Email: pardalos@ufl.edu. reveal the global damage that may be inflicted on the • T. Znati is with Computer Science Dept., University of Pittsburgh, network when subjected to failures and attacks. Pittsburgh, PA 15215. Email: [email protected]. In this paper, we propose a new framework for accurately assessing network vulnerability. The basic 1. In this paper, the term ”network elements” is used to refer tenet of our approach is to model the network as a network nodes, communications links or a combination thereof. connected directed graph and explore the number of

2 necessary disruptive events, in terms of connectivity failures between pairs of nodes, that can cause a specific level of network disruption. To this end, we quantify the connectivity of each node pair as 1 if the pair is strongly connected and as 0 otherwise. (a) (b) The pairwise connectivity quantification is then used Fig. 1. After the “central” vertex (in black) with maximum out-going to determine the minimized set of network elements degree is removed, network (a) is still strongly connected while (b) whose removal from the graph incurs a specific level is fragmented; however in fact, only removing one vertex (in grey) is of network disruption. It is worth noting that the enough to destroy network (a). the pairwise connectivity measure correlates with the insight into network structure and robustness in var- number of network elements to be removed for the ious operating environments. Several recent studies network to incur a level of disruption. As such, the in the context of wireless networks have focused on measure can be used not only to assess the vul- the impact of node and edge removal on network nerability of the network against disruptive events, connectivity[8][9][10]. It is worth noting that most of but equally important to evaluate the global damage these studies are not concerned with quantifying the different levels of disruptive events may cause. level of network disconnectivity, a weaker objective Based on the concept of pairwise connectivity, net- than that of the β-disruptor framework. We argue work vulnerability assessment can be formulated as a that quantifying network connectivity is essential to graph-theoretical optimization problem: Find a min- assessing network vulnerability to disruptive events imized set of network elements whose removal causes a and evaluate the level of fragmentation these events specific level of network pairwise degradation. The min- may inflict on the network. A scale-free network, for imized set of network elements is thereafter referred example, can tolerate high random failure rates, as to as β-disruptor, where 0 ≤ β < 1 denotes the the failure of boundary vertices may not significantly fraction of pairwise connectivity degradation that reduce the network connectivity even though the is caused by the failure of the minimized set ele- entire graph becomes disconnected [11]. Furthermore, ments. Two new optimization problems, namely β- different disruption levels may be caused by different vertex disruptor and β-edge disruptor, are introduced network elements. The node centrality based vul- and proved to be NP-complete. We also propose nerability assessment framework, for example, only two pseudo-approximation algorithms, with provable identifies a set of nodes with non-increasing degrees performance bounds, to these optimization problems, with no consideration of the disruption level the thereby ensuring the feasibility of the proposed net- removal of these sets of nodes may cause. The ability work vulnerability assessment framework. to quantify the disconnectivity level, a unique feature The advantage of the β-disruptor based framework, of β-disruptor framework, is valuable in assessing in comparison with node centrality based frame- accurately network vulnerability to disruptive events works, can be briefly illustrated using Fig.1, where and predicting the impact of these events on network two strongly connected networks, A and B, with 7 operations. vertices each, are depicted. Using node degree central- The main contributions of this paper are as follows: ity as a vulnerability measure, reveals that removing • A novel, pairwise-connectivity-centric framework the black vertex with maximum outgoing degree 5 in for investigating vulnerability assessment as an Fig. 1-(a) leaves the network A still strongly connected optimization problem, referred to as β-disruptor, with 5 vertices; whereas, removing the black vertex on general graphs. Two versions of the problem, with maximum outgoing degree 4 in Fig. 1-(b) parti- namely β-vertex disruptor and β-edge disruptor, are tions the graph into two strongly connected compo- considered; nents. Therefore, the node-centrality based assessment • A proof of the NP-completeness of the two leads to the conclusion that A is less vulnerable than versions of the β-disruptor problem, including B. The analysis of the network vulnerability based on the proof that no polynomial-time approximation the proposed framework, however, shows that delet- scheme (PTAS) exists for β-vertex disruptor; A 3 ing only the grey vertex in is sufficient to decrease • An O(log 2 n) pseudo-approximation algorithm the overall network connectivity to 0. Furthermore, for β-vertex disruptor and an O(log n log log n) the analysis shows that at least 3 vertices in B must pseudo-approximation algorithm for β-edge dis- be removed to reduce the overall connectivity of the ruptor. These algorithms can be applied to both network to 0. It is clear, therefore, that the β-disruptor homogeneous networks and heterogeneous net- framework leads to the more accurate conclusion that works with unidirectional links and non-uniform network A is in fact more vulnerable than network B. nodal properties.

Another aspect of the proposed framework is the 1.1 Model and Definitions ability to explore different levels of disruption (differ- Besides the homogeneous network model consisting ent values of β), which can be used to gain deeper of uniform nodes and bidirectional links, the hetero- 3 geneous network model, where various interacting in comparing different networks, the graph attributes, elements of different kinds are connected through in some cases, cannot be calculated in polynomial- unidirectional links with non-uniform expenses, finds time for dense networks. Furthermore, the functions numerous applications nowadays [12], [13], [14], but do not reveal the set of most critical vertices and as well, exhibits multiple difficulties for optimization edges in the network. As such, they may not be and maintenance. In the light of this, we abstract our suitable to assess the network vulnerability, in terms general network model as a directed graph G(V,E), of connectivity. where V refers to a set of nodes and E refers to a set Several research studies, using concepts similar to of unidirectional links. The expense of each directed our pairwise connectivity, have been recently inves- edge (u, v) between vertex u and v is quantified as a tigated in [15], [16], [17], including average pairwise nonnegative value c(u, v), for all the m = |E| links connectivity, pairwise connected ratio and cohesion. None among n = |V | nodes. As mentioned above, our of these studies, however, formulate network vulnera- evaluation over the network vulnerability is based bility as an optimization problem. Using an optimiza- on the value of overall pairwise connectivity in the tion based approach to network vulnerability enables abstracted graph, which is defined as follows: given a framework, where the hardness of the problem can any vertex pair (u, v) ∈ V × V in the graph, we say be characterized and approximation algorithms with that they are connected iff there exists paths between performance guarantees can be derived. Moreover, u and v in both directions in G, i.e., strongly connected the problem β-disruptor studied in this paper take to each other. The pairwise connectivity p(u, v) is into account the roles of all edges and vertices in quantified as 1 if this pair is connected, 0 otherwise. the global network connectivity, thereby providing Since the main purpose of network lies in connecting the basis for a thorough analysis of the proposed all the interacting elements, we study on the aggregate vulnerability framework. pairwise connectivity between all pairs, that is, the Finally, a number of research studies focused on a sum of quantified pairwise connectivity, which we subproblem of the vulnerability assessment problem, P denote as P(G) = u,v∈V ×V p(u, v) for graph G. namely the Critical Vertex/Edge, where the main n Apparently P(G) is maximized at 2 when G is a objective is to determine the minimum number of strongly connected graph. Based on this, we have: vertices/edges whose removal disconnects the graph. Definition 1: (Edge disruptor) Given 0 ≤ β ≤ 1, a Several heuristics were proposed to address this prob- subset S ⊂ E in G = (V,E) is a β-edge disruptor if the lem, including in the context of wireless networks overall pairwise connectivity in the G[E \S], obtained [8][9][10]. The proposed heuristics, however, do not n by removing S from G, is no more than β 2 . By provide performance guarantees. Furthermore, the minimizing the cost of such edges in S, we have the research studies in wireless environments focus on β-edge disruptor problem, i.e., find a minimized β-edge what elements of the graph cause the network to be disruptor in a strongly connected graph G(V,E). disconnected, with no useful insight into the level of Similarly, we define β-vertex disruptor and its corre- fragmentation caused by disruptive events of differ- sponding optimization problem: ent scale and impact. As such, these approaches are β-vertex disruptor problem: Given a strongly con- limited in assessing network vulnerability accurately. nected graph G(V,E) and a fixed number 0 ≤ β ≤ 1, find a subset S ⊆ V with the minimum size such that 2 HARDNESS RESULTS the total pairwise connectivity in G[V \S], obtained by n In this section we show that both the β-edge dis- removing S from G, is no more than β 2 . Such a set S is called β-vertex disruptor. ruptor and β-vertex disruptor in directed graph are NP-complete which thus have no polynomial time 1.2 Related Work exact algorithms unless P = NP. We state a stronger Several research efforts have sought to address net- result that both problems are NP-complete even in work vulnerability assessment using local network undirected graph with unit cost edges. measures focused on the centrality of a vertex in Note that only in this section we consider the prob- the graph, including degree centrality, betweenness, lem for undirected graph G(V,E). All results in other closeness, and eigenvector centrality [7]. While these sections are studied on directed graphs, thus solving metrics can provide some insight into network vul- both homogeneous and heterogeneous networks. nerability, they are are typically not accurate and in 2.1 NP-completeness of β-edge disruptor most cases fail to reveal the level of network disruption for different levels of attacks. Global graph We use a reduction from the balanced cut problem. measures have also been proposed to assess network Definition 2: A cut hS, V \ Si corresponding to a vulnerability. These measures are mainly functions of subset S ∈ V in G is the set of edges with exactly graph properties, such as the number of vertices and one endpoint in S. The cost of a cut is the sum of its edges, operational O-D pairs, operational paths, and edges’ costs (or simply its cardinality in the case all minimum shortest paths [1], [2], [3]. Although useful edges have unit costs). We often denote V \ S by S¯. 4 ሺǡሻ n2 n2 ͳ ͳ to b c + 1 vertices in C1 and b c + 1 vertices in C2 ǯ 4 4 Ǥ ʹ so that degree difference of nodes in the cliques are at Ǥ most one. We illustrate the construction of H(V ,E ) Ǥ H H Ǥ in Figure 2. Ǥ We show that there is a f-balanced cut of size k Ǥ 1 ǯͳ in G iff H has an -edge disruptor of size K = 2 ʹ ʹ n2 n2 n b 4 c + 1 + k where 0 ≤ k ≤ b 4 c. Note that the cost of any cut hS, V \ Si in G is at most |S||V \ S| ≤ Fig. 2. Construction of H(VH ,EH ) from G(V,E) 2 (|S|+|V \S|) n2 b 4 c = b 4 c. Finding a min cut in the graph is polynomial solv- On one hand, an f-balanced cut S, S¯ of size k able [18]. However, if one asks for a somewhat “bal- in G induces a cut C1 ∪ S, C2 ∪ S¯ with size exactly anced” cut of minimum size, the problem becomes 2 n b n c + 1 + k. If we select the cut as the disruptor, intractable. A balanced cut is defined as following: 4 1 N Definition 3: (Balanced cut) An f-balanced cut of the pairwise connectivity will be at most 2 2 . + + H 1 a graph G(V,E), where f : Z → R , asks us to On the other hand, assume that has an 2 -edge 2 find a cut S, S¯ with the minimum size such that disruptor of size K = n b n c + 1 + k. Remove ¯ 4 min{|S|, |S|} ≥ f(|V |). the edges in the disruptor to reduce the pairwise 1 1 N Abusing notations, for 0 < c ≤ 2 , we also use c- connectivity to at most . Since cutting n nodes in S, S¯ 2 2 balanced cut to find the cut with the minimum C1 or C2 from the cliques requires removing at least size such that min{|S|, |S¯|} ≥ c|V |. We will use the n2 n2 0 n(b c − n) > n b c + 1 + k edges, let C ⊆ C1 following results on balanced cut shown in [19]: 3 4 1 C0 ⊆ C Corollary 1: (Monotony) Let g be a function with and 2 2 be giant connected subsets that induce connected subgraphs in C1 and C2. These subsets 0 0 0 ≤ g(n) − g(n − 1) ≤ 1 must satisfy |C1| + |C2| > |C1| + |C2| − n. Denote by X ,X the subsets of nodes in V that are connected Then f(n) ≤ g(n) for all n, implies f-balanced cut is 1 2 to C0 and C0 respectively. We have X ∩ X = ∅ polynomially reducible to g-balanced cut. 1 2 1 2 otherwise C0 and C0 will be connected; then, the Corollary 2: (Upper bound) αn-balanced cut is NP- 1 2 pairwise connectivity will exceed 1 N. complete for α, > 0. 2 2 We will modify the disruptor without increasing its It follows from Corollaries 1 and 2 that for every f = size and the pairwise connectivity such that no nodes Ω(αn) f-balanced cut is NP-complete. We are ready in the the cliques are cut off i.e. we alter the disruptor to prove the NP-completeness of β-edge disruptor: until C0 = C and C0 = C . For each u ∈ C \ C0 Theorem 1: (β-edge disruptor NP-completeness) β- 1 1 2 2 1 1 remove from the disruptor all edges connecting u to edge disruptor in undirected graph is NP-complete 0 C1 and add to the disruptor all edges connecting u even if all edges have unit weights. 0 to X2. This will attach u to C1 while reducing the Proof: We prove the result for the special case n2 1 (b c − n) − n when β = . For other values of β the proof can go size of the disruptor at least 3 . At the 2 v ∈ X through with a slight modification of the reduction. same time select an arbitrary node 1 and add to the disruptor all remaining v’s adjacent edges. This We shall assume that n, the number of nodes is a 2 3 n sufficient large number (for our proof n > 10 ). increases the size of the disruptor at most (b 4 c+1)+n while making v isolated. By doing so we decrease the Consider the decision version of the problem 2 2 size of the disruptor by (b n c − n) − n − ((b n c + 1) + 1 1 3 4 -ED = {hG, Ki | G has a -edge disruptor of size K} n) > 0. In addition, the pairwise connectivity will not 2 2 0 increase as we connect u to C1 and at the same time 1 0 To show that 2 -ED is in NP-complete we must show disconnect v from C1. that it is in NP and that all NP-problems are poly- If X1 = ∅, we can select v ∈ X2 as in that 0 0 nomial time reducible to it. The first part is easy; case |C2 ∪ X2| > |C1 ∪ X1| that makes sure the given a candidate subset of edges, we can easily pairwise connectivity will not increase. We repeat β 0 check in polynomial time if it is a -edge disruptor the same process for every node in C2 \ C2. Since K 0 0 of size . To prove the second part, we show that |(C1 \C1)∪(C2 \C2)| < n, the whole process finishes in 1 0 0 f-balanced cut is polynomial time reducible to 2 -ED less than n steps and results in C = C1 and C = C2. q 1 2 n2 n− 2b 3 c+n We will prove that X1∪X2 = V i.e. hX1,X2i induces where f = b 2 c. a cut in G. Assume not, the cost to separate C1 ∪ X1 Let G(V,E) be a graph in which one seeks to find 2 C ∪X b n c+1)(|V −X |+|V − a f-balanced cut of size k. Construct the following from 2 2 will be at least ( 4 1 n2 n2 graph H(VH ,EH ): VH = V ∪ C1 ∪ C2 where C1,C2 X2|) = (b 4 c+1)(2n−|X1|−|X2|) ≥ (b 4 c+1)(n+1) > n2 n2 are two cliques of size b 3 c. Denote by N = |VH | = n b 4 c + 1 + k that is a contradiction. n2 2b 3 c + n the total number of nodes in H. In addition Since X1 ∪ X2 = V we have that the disruptor to edges in G, C1, and C2, connect each vertex v ∈ V induces a cut in G. To have the pairwise connectivity 5

level 1 1 N (C ∪ X ) (C ∪ X ) t at most 2 2 both √1 1 and 2 2 must 0 N− N have size at least 2 . If follows that X1 and X2 level 2 q 2 n− 2b n c+n t1 t2 3 … … must have size at least f(n) = b 2 c. The cost of the cut induced by hX ,X i in G will be level 3 1 2 t n2 n2 3 t4 n b 4 c + 1 + k − n(b 4 c + 1) = k. … … level4l 4 t5 t6 2.2 Hardness of β-vertex disruptor … … … … Theorem 2: β-vertex disruptor in undirected graph Fig. 3. A part of a decomposition tree. F = {t2, t3, t5, t6} is NP-complete. is a G-partitionable. The corresponding partition Proof: We present a polynomial-time reduction {V (t2),V (t3),V (t5),V (t6)} in G can be obtained by using from Vertex Cover (VC), an NP-hard problem [20]: cuts at ancestors of nodes in F i.e. t0, t1, t4. Instance: Given a graph G and a positive integer k. Question: Does G have a VC of size at most k? 11). Our decomposition tree is a rooted binary tree to a decision version of β-vertex disruptor when β = 0 whose leaves represent nodes in G. G k Instance: Given a graph and a positive integer Definition 4: Given a directed graph G(V,E) and a G β Question: Does have a -vertex disruptor of size subset of vertices S ⊂ V . We denote the set of edges k β = 0 at most when ? outgoing from S by δ+(S); the set of edges incoming Pairwise connectivity equals zeros if and only if the to S by δ−(S). A cut (S, V \S) in G is defined as δ+(S). complement set of the disruptor is an independent set A c-balanced cut is a cut (S, V \ S) s.t. min{|S|, |V \ or in other words the disruptor must be a VC. S|} ≥ c|V |. The directed c-balanced cut problem is to Theorem 3: Unless P = NP, β-vertex disruptor can- find the minimum c-balanced cut. not be approximated within a factor of 1.36. (S, V \ S) (u, v) ∈ Proof: We use the same reduction in Theorem 2. Note that a cut separate pairs S × (V \ S) v u Assume that we can approximate β-vertex disrup- as paths from to cannot exist i.e. no S V \ S tor within a factor less than 1.36 when β = 0. In SCC can contain vertex in both and . [21], Dinur and Safra showed that approximating VC The decomposition procedure is as follows. We start within constant factor less than 1.36 is NP-hard. Since with the tree T containing only one root node t0. We we have an one-to-one mapping between the set of associate the root node t0 with the vertex set V of vertex disruptors when β = 0 and the set of VCs, it G i.e. V (t0) = V (G). For each node ti ∈ T whose follows that we can approximate VC within a factor V (ti) contains more than one vertex and V (ti) has not less than 1.36 (contradiction). been partitioned, we partition the subgraph G[V (ti)] induced by V (ti) in G using a c-balanced cut algo- 3 APPROXIMATING β-EDGE DISRUPTOR rithm. In detail, we use the directed c-balanced cut USING TREE DECOMPOSITION algorithm presented in [22] that finds in polynomial√ 3 0 O(log 2 n) time a c -balanced cut within a factor of O( log n) In this section, we present an pseudo- 0 approximation algorithm for the β-edge disruptor from the optimal c-balanced cut for c = αc and fixed q β problem in the case when all edges have uniform cost constant α. The constant c is chosen to be 1 − β0 . i.e. c(u, v) = 1 ∀(u, v) ∈ E(G). Formally, our algorithm Create two child nodes ti1, ti2 of ti in T corresponding 0 finds in a uniform directed graph G a β -edge dis- to two sets of vertices of G[V (t )] separated by the cut. 3 i ruptor whose the cost is at most O(log 2 n)OPTβ−ED, We associate with ti a cut cost cost(ti) equal to the 0 β 0 cost of the c-balanced cut. where 4 < β < β and OPTβ−ED is the cost of an optimal β-edge disruptor. We define the root node t0 to be on level 1. If a node As shown in Algorithm 1, the proposal algorithm is on level l, all its children are defined to be on level consists of two main steps. First, we constructs a l + 1. Note that collections of subsets of vertices in G decomposition tree of G by recursively partitioning that correspond to nodes in a same level of T induces the graph into two halves with directed c-balanced a partition in G. cut. Second, we solve the problem on the obtained tree One important parameter of the decomposition tree using a dynamic programming algorithm and transfer is the height i.e. the maximum level of nodes in T . this solution to the original graph. These two main Using balanced cuts guarantees a small height of the steps are explained in the next two sections. tree that in turn leads to a small approximation ratio. 3.1 Balanced Tree-Decomposition When separating V (ti) using the balanced cut, the size 0 of the larger part is at most (1 − c )|V (ti)|. Hence, we A tree decomposition of a graph is a recursive parti- can prove by induction that if a node ti is on level tioning of the node set into smaller and smaller pieces k, the size of the corresponding collection V (ti) is at until each piece contains only one single node. We most |V | × (1 − c0)k−1. It follows that the tree’s height show the tree construction in Algorithm 1 (line 1 to is at most O(− log1−c0 n) = O(log n). 6

X Algorithm 1. β-edge Disruptor then P(F ) = P(G[V (tu)]). We wish to find F so Input: Uniform edges’ weight directed graph G = (V,E) tu∈F 0n and 0 ≤ β < β0 < 1 that P(F ) ≤ β 2 i.e. the union of cuts to separate V (t ),V (t ),...,V (t ) β0 Output:A β0-edge disruptor of G. u1 u2 uk forms a -edge disruptor in G. Because of the suboptimal structure in T , finding /* Construct the decomposition tree */ q such a G-partitionable subset F in VT with the min- 1. c ← 1 − β . β0 imum cost(F ) can be done in O(n3) using dynamic 2. T (VT ,ET ) ← ({t0}, φ), V (t0) ← V (G), l(t0) = 1 programming. ∃ t |V (t )| ≥ 2 3. while unvisited i with i do Denote cost(ti, p) the minimum cut cost to make the 4. Mark ti visited, create new child nodes ti1, ti2 of ti. pairwise connectivity in G[V (ti)] equal to p using only 5. VT ← VT ∪ {ti1, ti2} cuts corresponding to nodes in the subtree rooted at 6. ET ← ET ∪ {(ti, ti1), (ti, ti2)} ti. The minimum cost for a G-partitionable subset F 0 7. Separate G[V (ti)] using directed c-balanced cut. that induces a β -edge disruptor of G is then opt 8. Associate V (ti1),V (ti2) with two separated components. T 0 = min 0 n {cost(t0, p)}, where t0 is the root β p≤β (2) 9. cost(ti) ← The cost of the balanced cut node in T . G We can easily derive the recursive formula: /* Find the minimum cost -partitionable */  10. Traverse T in post-order, for each ti ∈ T do  0 if P(G[V (ti)]) ≤ p 0n cost(ti, p) = 11. for p ← 0 to β 2 min cost(ti1, π) + cost(ti2, p − π) + cost(ti) if not π≤p 12. if P(G ) ≤ p then cost(ti, p) ← 0 [V (ti)] where ti1, ti2 are children of ti. 13. else cost(ti, p) ← min{cost(ti1, p1)+ In the first case, when P(G[V (ti)]) ≤ p we cut no cost(ti2, p2) + cost(ti) | p1 + p2 = p} edges in G[V (ti)] hence, cost(ti, p) = 0. Otherwise, we opt opt 14. Find Fβ0 associating with Tβ0 = min 0 n {cost(t0, p)} try all possible combinations of pairwise connectivity p≤β 2 opt π in V (ti1) and p − π in V (ti2). The combination with 15. Return union of c-balanced cuts at ti ∈ A(Fβ0 ). the smallest cut cost is then selected. opt 3 T ≤ O(log 2 n) We now prove that β0 Optβ-ED, 3.2 Algorithm β where Optβ-ED denotes the cost of the optimal -edge In this section, we present the second main step which disruptor in G. uses the dynamic programming to search for the Lemma 1: There exists a G-partitionable subset of T right set of nodes in T that induces an cost-efficient that induces a β0-edge disruptor whose cost is at most G 3 partition in whose pairwise connectivity is at most O log 2 n Opt . β0n. The details of this step are shown in Algorithm β-ED 2 Proof: Let Dβ be an optimal β-edge disruptor in 1 (lines 12 to 18). G C = {C ,C , ..., C } of size Optβ-ED and β 1 2 k be the set Denote a set F = {tu1 , tu2 , . . . , tuk } ⊂ VT of SCCs, after removing Dβ from G. where VT is the set of vertices in T so that We construct a G-partitionable subset XT as in the V (tu1 ),V (tu2 ),...,V (tuk ) is a partition of V (G) i.e. k Algorithm 2. We traverse tree T in preorder i.e. every ] parent will be visited before its children. For each V (G) = Vu . We say such a subset F is G- h t t X h=1 node i, we select i into T if there exists some partitionable. Denote by A(ti) the set of ancestors of component Cj ∈ Cβ that |V (ti) ∩ Cj| ≥ (1 − c)|V (ti)| [ ti in T and A(F ) = A(ti). It is clear that a F is and no ancestors of ti have been selected into XT . We can verify that XT satisfies two mentioned con- ti∈F G-partitionable if and only if F satisfies: ditions of a G-partitionable subset. For each Cj ∈ Cβ, define 1) ∀ti, tj ∈ F : ti ∈/ A(tj) and tj ∈/ A(ti) N(Cj ) = {ti ∈ T : |V (ti) ∩ Cj | ≥ (1 − c)|V (ti)|}. 2) ∀ti ∈ VT , ti is a leaf: A(ti) ∩ F 6= φ In case F is G-partitionable, we can separate Since V (ti), ti ∈ T are disjoint subsets. We have V (tu ),V (tu ),...,V (tu ) in G by performing the ! 1 2 k X |V (ti)| P(X ) ≤ cuts corresponding to ancestors of node in F dur- T 2 ing the tree construction. For example in Fig- ti∈XT 1 X X 2 n ure 3, we show a decomposition tree with a G- = |V (t )| − 2 i 2 partitionable set {t2, t3, t5, t6}. The corresponding par- Cj ∈Cβ ti∈N(Cj ) 2 tition {V (t2),V (t3),V (t5),V (t6)} in G can be ob- 1 X X n ≤ |V (ti)| − tained by cutting V (t0),V (t1),V (t4) successively us- 2 2 ing balanced cuts in the tree construction. The cut Cj ∈Cβ ti∈N(Cj ) 1 X p 2 n cost, hence, will be cost(t0) + cost(t1) + cost(t4). ≤ β0/β|C | − 2 j 2 In general, the total cost of all the cuts to sep- Cj ∈Cβ ! arate V (tu1 ),V (tu2 ),...,V (tuk ) will be cost(F ) = 0 β 1 X 2 0 n X < |C | − n ≤ β cost(tu). The pairwise connectivity of G is β 2 j 2 Cj ∈Cβ tu∈A(F ) 7

3 Algorithm 2. Find a good G-partitionable subset of T solving an semideﬁnite programming with Ω(n ) con- that induces a β0-edge disruptor in G straints. Finding the optimal solution using Dynamic 5 Initialization: XT ← φ; Preorder-Selection(t0). Programming takes O(n ). Hence, the overall time O(n9.5) Preorder-Selection(tu) complexity is .

1: if (∃Cj ∈ Cβ : |V (tu) ∩ Cj | ≥ (1 − c)|V (tu)|) then 4 β-VERTEX DISRUPTOR 2: XT ← XT ∪ {tu} We present a polynomial time algorithm (Algo- 0 3: else let tu1, tu2 be children of tu, rithm 3) that finds a β -vertex disruptor in the di- 4: Preorder-Selection(tu1) rected graph G(V,E) whose the size is at most 5: Preorder-Selection(tu2) O(log n log log n) times the optimal β-vertex disruptor 02 6: end if where 0 < β < β . The algorithm involves in two phases. In the first phase, we split each vertex v ∈ V 3 + − 2 v v Finally we show that cost(XT ) ≤ O(log n)Opt . into two vertices and while putting an edge β-ED − + h(T ) T Li from v to v and show that removing v in G has Let denote by the height of and T the set of + − nodes at the ith level in TG. We have: the same effects as removing edge (v → v ) in the new graph. In the second phase, we try to decompose h(T) X X the new graph into SCCs capping the sizes of the cost(XT ) = cost(tu) (1) largest component while minimizing the number of i=1 t ∈ Li ∩A(X ) u ( T T ) removed edges. We relax the constraints on the size of each component until the set of cut edges induces If t ∈ A(X ) then t is not selected to X . Hence, u T u T a β0-vertex disruptor in the original graph G. there exists C ∈ C so that |V (t )∩C | < (1−c)|V (t )| j u j u Given a directed graph G(V,E) for which we want (otherwise t was selected into X as it satisfied the u T to find a small β0-vertex disruptor, we split each vertex conditions in the line 3, Algorithm 2). To guarantee β0 in G into two new vertices to obtain a new directed c < 1 − c c < 1/2 β > 0 0 , we need i.e. 4 . graph G (V ,E0) where Since the edges in Dβ separate Cj from the other 0 − + SCCs, they also separates Cj ∩ V (tu) from V (tu) \ Cj V = { v , v | v ∈ V } 0 − + in G[V (tu)]. Denote by δ(tu,Dβ) the set of edges in E = {(v → v ) | v ∈ V } D C ∩ V (t ) V (t ) \ C G + − β separating j u from u j in [V (tu)]. ∪ {(u → v ) | (u → v) ∈ E} Obviously, δ(tu,Dβ) is a directed c-balanced cut of G The new graph G0(V 0,E0) will have twice the number [V (tu)]. Since,√ the cut we used in the tree construction G |V 0| = 2|V | = 2n is only O( log n) times√ the optimal c-balanced cut. We of vertices in i.e. . An example for have cost(tu) ≤ O( log n)|δ(tu,Dβ)|. the first phase is shown in Figure 4. 0 − Recall that if two nodes tu, tv are on a same level We set the costs of all edges in EV = {(v → then V (tu) and V (tv) are disjoint subsets. It follows v+) | v ∈ V } to 1 and other edges in E0 to +∞ so that that δ(tu,Dβ) and δ(tv,Dβ) are also disjoint sets. only edges in E0 can be selected in an edge disruptor Therefore, the cut cost at the ith level V set. In implementation, it is safe to set the costs of X E0 O(n) cost(tu) edges not in V to noting that by paying a cost 0 t ∈ Li ∩A(X ) of 2n we can effectively disconnect all edges in EV . u ( T T ) 0 0 p X Consider a directed edge disruptor set De ⊂ E ≤ O( log n) |δ(tu,Dβ )| 0 that contains only edge in EV . We have a one-to-one i tu∈(L ∩A(XT )) 0 − T correspondence between De to a set Dv = {v | (v → p [ + 0 ≤ O( log n)| δ(tu,Dβ )| v ) ∈ De} in G(V,E) which is a vertex disruptor 0 i tu∈(L ∩A(XT )) set in G. Since G and G have different maximum T (n−1)n (2n−1)2n p pairwise connectivity, for G and for = O( log n)Opt 2 2 β-ED G0, the fractions of pairwise connectivity remaining 0 0 Since the number of levels h(T ) = O(log n), by Eq. 1 in G and G after removing Dv and De are, however, 3 not exactly equal to each other. we have cost(XT ) ≤ O(log 2 n)Opt . β-ED In the second phase of Algorithm 3, when sepa- Since there exists a G-partitionable subset of T rating a graph into SCCs, the smaller the sizes of that induces a β0-edge disruptor whose cost is no 3 SCCs, the smaller pairwise connectivity in the graph. O log 2 n more than Optβ-ED as shown in Lemma 1 However, the smaller the maximum size of each SCC, and the dynamic programming always finds the best the more edges to be cut. We perform binary search to latent solution in T , the following theorem follows. find a right upper bound for size of each SCC in G0. Theorem 4: Algorithm 1 achieves a pseudo- 3 In the algorithm, the lower bound and upper bound approximation ratio of O(log 2 n) for the β-edges of the size of each SCC are denoted by β|V 0| and β|V 0| disruptor problem. respectively. At each step we try to find a minimum Time complexity: Construction of the decomposition capacity edge set in G0(V 0,E0) whose removal parti- tree takes O(n9.5). The major portion of time is for tions the graph into strongly connected components of 8

+ Algorithm 3. β0-vertex disruptor to some SCC of size at least 2 i.e. v lies on 0 Input: Directed graph G = (V,E) and fixed 0 < β0 < 1. some cycle in G . Because the only incoming + − − Output:A β0-vertex disruptor of G edge to v is from v . It follows that v is − + 1. G0(V 0,E0) ← (φ, φ) preceding v+ on that cycle. Let u , u be the + 2. ∀v ∈ V : V 0 ← V 0 ∪ {v+, v−} successive vertices of v on that cycle. We have u v G 3. ∀v ∈ V : E0 ← E0 ∪ {(v− → v+)}, c(v−, v+) ← 1 and belong to a same SCC in which yields a contradiction. Similarly, v− cannot lie on any 4. ∀(u → v) ∈ E : E0 ← E0 ∪ {u+ → v−}, c(u+, v−) ← ∞ cycle in G0. 5. β ← 0, β ← 1 0 − + 3) SCC Ci ⊂ Vconnected ↔ SCC Ci = {v , v | v ∈ 6. DV ← V (G) Ci}. This can be shown using a similar argument 7. while (β − β > ) do v ∈ V β + β to that in the case single. 8. β˜ ← b c × 2 D0 β˜ 0 0 Since e is a -separator, the sizes of SCCs in 9. Find De ⊂ E to separate G into strongly connected 0 0 0 ˜ G [E \De] are at most β 2n. It follows that the sizes components of sizes at most β˜|V 0| using algorithm in [23] ˜ of SCCs in G[V \D ] are bounded by βn. Denote the + − v 10. Dv ← {v ∈ V (G) | (v → v ) ∈ De} set of SCCs in G[V \Dv ] by C with the convention that P(G ) ≤ βn then 11. if [V \Dv ] 2 vertices in Dv become singleton SCC in G[V \Dv ]. Thus, 12. β = β˜ we have: n ! 13. Remove nodes from Dv as long as P(G[V \D ]) ≤ β v 2 X |Ci| 1 X 2 P(G[V \D ]) = = |Ci| − |V | 14. if |DV | > |Dv| then DV = Dv v 2 2 C ∈C C ∈C 15. else β = β˜ i i 1 X 18.end while ≤ β˜|V |)|C | − |V | 2 i 19. Return DV Ci∈C ! ! 1 |V | |V | = β˜|V |2 − |V | ≤ β˜ < β0 ˜ 0 ˜ β + β 2 2 2 size at most β|V |, where β = b 2 c × . We round β˜ the value of to the nearest multiple of so that This guarantees that the binary search always finds the number of steps for the binary search is bounded 0 1 a β -vertex disruptor and completes the proof. by log . The problem of finding a minimum capacity 0 Theorem 5: Algorithm 3 always finds a β -vertex edge set to decompose a graph of size n into strongly disruptor whose the size is at most O(log n log log n) connected components of size at most ρn is known 02 times the optimal β-vertex disruptor for β > β > 0. as ρ-separator problem. We use here the algorithm Proof: It follows from the Lemma 2 that Algorithm presented in [23] that for a fixed > 0 finds a ρ- 0 3 terminates with a β -vertex disruptor Dv. At some separator in directed graph G whose value is at most ˜ 1 step the capacity of Dv equals to the capacity of β- O 2 . log n log log n times Opt where (ρ−)-separator separator D0 in G0 where β˜ is at least β0 − according Opt (ρ − ) e (ρ−)-separator is the cost of the optimal - to Lemma 2 and the binary search scheme. The cost separator. Finally, we derive the cut vertices in G from of the separator is at most O (log n log log n) times the the cut edges in G0 to obtain the β0-vertex disruptor. Opt(β˜−)-separator using the algorithm in [23]. Lemma 2: Algorithm 3 always terminates with a β0- Consider an optimal (β02 − 9)-vertex disruptor D0 vertex disruptor. v of G and its corresponding edge disruptor D0 in G0. Proof: We show that whenever β˜ ≤ β0 then the e Denote the cost of that optimal vertex disruptor by D β0 corresponding v found in Algorithm 3 is a -vertex Opt G C 0 0 (β02−9)-VD. If there exists in [V \Dv ] a SCC i disruptor in G. Consider the edge disruptor De in G 0 1 0 so that |Ci| > (β − 2)n then P(G[V \Dv ]) > 2 ((β − induced by Dv. We first show the mapping between 0 02 n 0 0 0 2)n − 2)((β − 2)n − 1) > (β − 9) 2 when n > SCCs in G[V \D ] and SCCs in G [E \D ], the graph 0 v e 20(β +1) 0 0 0 . Hence, every SCC in G 0 have size at obtained by removing De from G . Partition the vertex [V \Dv ] 0 0 0 0 set V of G into: (1) Dv: the set of removed nodes most (β −2)(2n) i.e. De is an (β −2)-separator in G . Opt ≥ Opt 0 (2) Vsingle: the set of nodes that are not in any cycle It follows that (β02−9)-VD (β −2)-separator 0 i.e. they are SCCs of size one (3)Vconnected: union in G . ˜ 0 of remaining SCCs that sizes are at least two, say Since β − ≥ β −2, we have Opt(β˜−)-separator ≤ Ul Opt 0 ≤ Opt Vconnected = i=1 Ci, |Ci| ≥ 2. Vertices in Vconnected (β −2)-separator (β02−9)-VD. 0 belong to at least one cycle in G. The size of the vertex disruptor |Dv| = |De| is We have following corresponding SCCs in at most O (log n log log n) times Opt(β˜−)-separator. 0 0 0 0 G [E \De]: Thus, the size of found β -vertex disruptor Dv is at + − 02 1) v ∈ Dv ↔ SCCs {v } and {v }. Since after re- most O(log n log log n) times the optimal (β − 9)- moving (v− → v+) v+ does not have incoming vertex disruptor. As we can choose arbitrary small , edges and v− does not have outgoing edges. setting β = β02 − 9 completes the proof. + − 9 2) v ∈ Vsingle ↔ SCCs {v } and {v }. Since v does Time complexity: Finding the separator costs O(n ) + 1 9 not lie on any cycle in G. Assume v belong [23]. Hence, the total time complexity is O(log n ). u- v- u v 1 ∞ 1 u+ v+ (a) (b)

+ + u v 0 u v ∞ Lemma 3, De induces in G a β-vertex disruptor Dv of 1 1 - the same cost. We shall prove that u v- + ∞ w ∞ 0 w Opt (G ) ≤ Opt (G) + γ0, 1 β−ED β−VD

w- (a) (b) where Optβ−VD(G) is the cost of a minimum β-vertex disruptor in G and γ0 is some positive constant. It follows that the cost of Dv will be at most Fig. 4. Conversion from the node version in a directed graph (a) into the edge version in a directed graph (b) f(n) · (Optβ−VD(G) + λ0) ≤ (1 + )f(n)Optβ−VD(G)

γ0 However, in our experiments, the algorithm takes Here, we assume that Optβ−VD(G) > otherwise γ0 +2 much less than its worst-case running time. we can find Optβ−VD(G) in time O(n ). From an optimal β-vertex disruptor of G, con- 4.1 Approximating edge disruptor is at least as ∗ 0 struct its corresponding edge disruptor De in G . hard as approximating vertex disruptor 0 ∗ 2n 0 If P(G [E \ De ] ≤ β 2 then Optβ−ED(G ) ≤ We show that an approximation algorithm for gen- Optβ−VD(G) and we yield the proof. Thus, we con- 0 ∗ 2n eral directed edge disruptor yields an approximation sider the case P(G [E \ De ] > β 2 . 0 ∗ algorithm for directed vertex disruptor with (almost) Among SCCs of G [E \ De ], there must be a SCC 0 ∗ −1β2n the same approximation ratio. of size at least β2n or else G [E \ De ] ≤ β 2 ≤ Lemma 3: β 2n l 1 m A -edge disruptor set in the directed β (contradiction). Remove γ0 = vertices from 0 2 β graph G induces the same cost β-vertex disruptor set 0 ∗ that SCC. The pairwise connectivity in G [E \ De ] will in G. 1 1 1 0 decrease at least (β2n − β ) β = 2n − β2 ≥ n for Proof: We use Dv and De for vertex disruptor in 0 sufficient large n. From Eq. 2 in Lemma 4, the pairwise G and edge disruptor in G . connectivity after removing vertices will be less than 0 0 0 2n Given P(G [E \De]) ≤ β 2 we need to prove that: ! ! P(G ) ≤ βn n = |V | 1 2n 2n [V \Dv ] 2 where . (β + ) − n ≤ β . 2n − 1 2 2 Assume G[V \Dv ] has l SCCs of size at least 2, say 0 0 0 Ci, i = 1 . . . l. The corresponding SCCs in G [E \De] 0 0 Therefore, after removing at most γ0 vertices from will be Ci, i = 1 . . . l where |Ci| = 2|Ci|. ∗ 2k k De , we get a β-edge disruptor. Hence, ( 2 ) (2) k(n−k) 0 Since 2n − n = (n−1)n(2n−1) ≥ 0, for all 0 ≤ k ≤ Optβ−ED(G ) ≤ Optβ−VD(G) + γ0. ( 2 ) (2) 0 l |Ci| l |Ci| P(G[V \Dv ]) X 2 X 2 5 EXPERIMENTAL STUDY n. We have n = n ≤ 2n ≤ β (2) i=1 2 i=1 2 In this section, we discuss a set of experiments de- Lemma 4: A β-vertex disruptor set in G induces the signed to gain insight into the performance of the same cost (β+)-edge disruptor set in G0 for any > 0. pseudo-approximation in different settings. In the first Proof: We use the same notations in the proof of set of experiments, we compare the performance of P(G ) ≤ βn Lemma 3. Given [V \Dv ] 2 we need to prove the pseudo-approximation algorithm (Algorithm 3) 0 0 0 2n that: P(G [E \De]) ≤ (β + ) 2 . We have: to the performance of an optimal solution obtained

0 0 0 l by solving an Integer programming formulation of P(G [E \D ]) X |Ci|(n − |Ci|) P(G[V \D ]) e = + v the problem. To this end, we generate two types of 2n (n − 1)n(2n − 1) n 2 i=1 2 networks: random networks, based on Erdos-Renyi´ Pl P(G[V \Dv ]) 1 |Ci| model, and power-law networks, based on Barabasi-´ = 1 − + i=1 n 2n − 1 n(2n − 1) 2 Albert model. For each type of network, we generate 1 different instances of networks, with a number of < β + < β + (2) 2n − 1 nodes ranging from 30 to 100. The edge densities of the generated networks are around 10%. The exper- when n ≥ b 1+ c + 1. 2 iments were carried out on an an 8-core, 2.2 Ghz, Theorem 6: Given a factor f(n) polynomial time machine, and 64 GB memory. approximation algorithm for β-edge disruptor, there The size of the disruptors found by Algorithm 3 exists a factor (1 + )f(n) polynomial time approxi- and the optimal disruptors, respectively, are presented mation algorithm for β-vertex disruptor where > 0 in Tables 1 and 2. The results clearly show that is an arbitrary small constant. the pseudo-approximation algorithm produces near- Proof: Let G be a directed graph with uniform optimal solutions in all cases, with an optimal solution vertex costs in which we wish to ﬁnd a β-vertex in more than 50% of the cases,shown in boldfaced in disruptor. Construct G0 as described at the beginning the table. of this Section. Apply the given approximation algorithm to ﬁnd In particular, the results show that our algorithm 0 0 in G a β-edge disruptor, denoted by De, with the performs extremely well on power-law networks. It 0 0 cost at most f(n) · Optβ−ED(G ), where Optβ−ED(G ) misses the optimal solution in only one case, when is the cost of a minimum β-edge disruptor in G0. From the number of vertices is 90. The results also show 10

Degree Centrality node-centrality based schemes to the performance of Betweeness Centrality Eigenvector Centrality the proposed ‘pseudo-approximation algorithm. Of 1000 Approximation particular focus is the ability of the scheme to accurately assess the network vulnerability in term of overall network connectivity. The methods used in 100 this comparative study include:

Size of disruptors 1) Degree Centrality: The algorithm sequentially removes the node with the maximum degree until 10 the pairwise connectivity in the graph becomes n less than β 2 .

0 % 20 % 40 % 60 % 80 % 100 % 2) Betweenness Centrality: The algorithm repeatedly Network connectivity level removes the node with the maximum betweeness centrality, until the pairwise connectivity in Fig. 5. Disruptors found by different methods in the Western States the graph becomes less than βn. Recall that Power Grid of the United States at different levels of disruption. 2 the betweeness, Bt(v) for node v is expressed P σst(v) as Bt(v) = s6=v6=t∈V where σst is the that, for a random network and a power-law network s6=t σst of roughly the same size, the size of disruptor in number of shortest paths from s to t, and σst(v) the power-law network is signiﬁcantly smaller (ap- is the number of shortest paths from s to t that proximately 50%) than that in the random network, pass through a node v. thereby indicating an extremely high degree of power- 3) Eigenvector Centrality: In this algorithm, nodes law network vulnerability to attacks [24]. The running are removed in descending order of their eigen- time for solving the Integer programming increases vector centrality values, using a default damping from few minutes to 10 hours for the largest test cases, factor of 0.85 [26]. while in the longest run, the pseudo-approximation Figure 5 shows the vulnerability reported by dif- algorithm takes only 29 seconds. ferent methods for various levels of disruption. The results show that the network is surprisingly vulnera- TABLE 1 ble to targeted attacks. For example, reducing network Size of disruptor on Erdos-Renyi´ networks at 60% connectivity. connectivity by 40%, only requires the destruction of 0.16% of the stations. Reducing connectivity in Vertex 30 40 50 60 70 80 90 100 random and power-law networks by the same level, Edge 43 78 122 177 241 316 400 495 however, requires, on average, the destruction of 13% Optimal 2 4 7 9 11 12 16 18 and 3% of the network nodes, respectively. The results Approx 3 4 8 9 11 13 16 19 also show that the destruction of only 1% of stations dramatically disrupt network operations and reduces TABLE 2 the power grid by 90%. Size of disruptor on Barabasi–Albert´ networks at 60% connectivity. With regard to assessing overall network vulnerability, the results show that node-centrality based Vertex 30 40 50 60 70 80 90 100 methods perform poorly. None of these methods is Edge 54 131 189 208 245 262 354 445 able to evaluate correctly the vulnerability of the Optimal 1 3 5 6 6 5 7 9 power grid. Their disruptor sizes are 6 to 20 times Approx 1 3 5 6 6 5 10 9 larger than the corresponding ones produced by the pseudo-approximation algorithm. This clearly limits In the second set of experiments, we study a net- their usage in assessing the vulnerability of large- work of 4941 nodes and 6594 edges representing the scale, critical infrastructure such as the power grid. topology of the Western States Power Grid of the It is also worth noting that, because of high clus- United States. The network exhibits high clustering tering property, nodes that lie within clusters in the with small path lengths, indicating a high vulnerabil- network, often have high betweenness values. Intu- ity to attacks [25]. Finding an optimal disruptor for itively, it is, therefore, expected the the Betweenness such a large network, using Integer Programming, Centrality method would easily identify those nodes is clearly intractable. To overcome this shortcom- as highly risk nodes. Surprisingly, the performance ing, an approximation algorithm, which uses a row- of this method was worse than that of the Degree generation technique to reduce excessive amount of Centrality method. constraints, was developed. Using this algorithm, the 6 CONCLUSION experiments were run on a clusters of 20 nodes, where each node is equipped with an 8-core, 2.2 Ghz, and In this paper, a novel framework, based on network 64 GB memory. pairwise connectivity, to assess network vulnerabil- In this study, we compare the performance of the ity is proposed. The framework provides the basis 11

to investigate network vulnerability as optimization [20] Michael R. Garey and David S. Johnson. Computers and problem, referred to as the β-disruptor, whose objec- Intractability; A Guide to the Theory of NP-Completeness. W. H. Freeman & Co., New York, NY, USA, 1990. tive is to determine the the minimum number of network [21] I. Dinur and S. Safra. On the hardness of approximating elements – nodes and vertices – that must be removed to minimum vertex cover. Annals of Mathematics, 162:2005, 2004. reduce the network pairwise connectivity to a speciﬁc level. [22] A. Agarwal, M. Charikar, K. Makarychev, and Y. Makarychev. O(log n) approximation algorithms for min uncut, min 2cnf We present hardness results related to this problem, deletion, and directed cut problems. In STOC, pages 573–581, including the NP-Completeness and inapproximabil- New York, NY, USA, 2005. ACM. ity, along with two pseudo-approximation algorithms [23] G. Even, J. S. Naor, S. Rao, and B. Schieber. Divide-and- conquer approximation algorithms via spreading metrics. J. with provable performance bounds. The accuracy of of ACM, 47(4):585–616, 2000. our framework compared with existing measurements [24] R. Albert, H. Jeong, and A. Barabasi. Error and attack tolerance are validated through a series of experiments of both of complex networks. Nature, 406(6794):378–382, July 2000. [25] D. J. Watts and S. H. Strogatz. Collective dynamics of ’small- simulated and real networks. The results show that world’ networks. Nature, 393(6684):440–442, June 1998. β-disruptor framework exhibits higher accuracy in [26] L. Page, S. Brin, R. Motwani, and T. Winograd. The pagerank assessing network vulnerability than schemes based citation ranking: Bringing order to the web. Technical report, Stanford InfoLab, 1999. on node centrality metrics. Thang N. Dinh received the BA degree in In- formation Technology from Vietnam National Uni- REFERENCES versity, Hanoi, Vietnam in 2007. He is currently a PhD student at the Department of Computer and [1] Tony H. Grubesic, Timothy C. Matisziw, Alan T. Murray, Information Science and Engineering, University of and Diane Snediker. Comparative approaches for assessing Florida, under the supervision of Dr. My T. Thai. His network vulnerability. Inter. Regional Sci. Review, 31, 2008. research focuses on designing combinatorial opti- [2] R. Church, M. Scaparra, and R. Middleton. Identifying critical mization methods for dynamic complex networks and mobile ad hoc network including network vul- infrastructure: the median and covering facility interdiction nerability, dynamic community structure, and fast problems. Ann Assoc Am Geogr, 94(3):491–502, 2004. information propagation. [3] A. Murray, T. Matisziw, and T. Grubesic. Multimethodological Ying Xuan received the BE degree in computer approaches to network vulnerability analysis. Growth Change, engineering from the University of Science and 2008. Technology of China, Anhui, China, in 2006. He is [4] A. Sen, S. Murthy, and S. Banerjee. Region-based connectivity now a PhD candidate at the Department of Com- - a new paradigm for design of fault-tolerant networks. In puter and Information Science and Engineering, University of Florida, under the supervision of Dr. HPSR, 2009. My T. Thai. His research topics include applied [5] S. Neumayer, G. Zussman, R. Cohen, and E. Modiano. Assess- group testing theory, social networking and network ing the vulnerability of the ﬁber infrastructure to disasters. In vulnerability. INFOCOM, 2009. [6] Charles J. Colbourn. The Combinatorics of Network Reliability. My T. Thai received her PhD degree in computer Oxford University Press, Inc., New York, NY, USA, 1987. science from the University of Minnesota, Twin [7] Stephen P. Borgatti and Martin G. Everett. A graph-theoretic Cities, in 2006. She is an associate professor in the perspective on centrality. Social Networks, 28(4):466–484, 2006. Department of Computer and Information Sciences [8] D. Goyal and J. Caffery. Partitioning avoidance in mobile and Engineering at the University of Florida. Her current research interests include algorithms and ad hoc networks using network survivability concepts. ISCC, optimization on network science and engineering. page 553, 2002. She also serves as an associate editor for the [9] M. Hauspie, J. Carle, and D. Simplot. Partition detection Journal of Combinatorial Optimization (JOCO) and in mobile ad hoc networks using multiple disjoint paths set. Optimization Letters and a conference chair of CO- Workshop of Objects, Models and Multimedia technology, 2003. COON 2010 and several workshops in an area of [10] M. Jorgic, I. Stojmenovic, M. Hauspie, and D. Simplot-Ryl. network science. She is a recipient of DoD Young Investigator Awards and Localized algorithms for detection of critical nodes and links NSF CAREER awards. She is a member of the IEEE. Panos M. Pardalos is a Distinguished Profes- for connectivity in ad hoc networks. 3rd IFIP MED-HOC-NET sor of Industrial and Systems Engineering at the Workshop, 2004. University of Florida. He is the director of the Center [11] A. Barabasi, R. Albert, and H. Jeong. Scale-free characteristics for Applied Optimization. Dr. Pardalos obtained a of random networks: the topology of the world-wide web. PhD degree from the University of Minnesota in Physica A, 281, 2000. Computer and Information Sciences. Dr. Pardalos [12] Y. J. Suh, D. J. Kim, W. S. Lim, and J. Y. Baek. Method for is the editor-in-chief of the “Journal of Global Op- supporting quality of service in heterogeneous networks, 2009. timization,” and of the journals “Optimization Let- [13] T. Lehman, J. Sobieski, and B. Jabbari. Dragon: a framework ters,” “Computational Management Science,” and “Energy Systems.” for service provisioning in heterogeneous grid networks. IEEE Communication Magazines, 2006. Taieb Znati Taieb Znati received the MS de- [14] V. Mhatre and C. Rosenberg. Homogeneous vs heterogeneous gree in computer science from Purdue University clustered sensor networks: a comparative study. IEEE ICC, in 1984, and the PhD degree in computer science 2004. from Michigan State University in 1988. He is a [15] Fangting Sun and Mark A. Shayman. On pairwise connectivity professor in the Department of Computer Science, of wireless multihop networks. International Journal of Security with a joint appointment in Telecommunications in the Department of Information Science, University and Networks, 2(1/2):37–49, 2007. of Pittsburgh. He currently serves as the director [16] A. Arulselvan, Clayton W. Commander, L. Elefteriadou, and of the Computer and Network Systems (CNS) Di- Panos M. Pardalos. Detecting critical nodes in sparse graphs. vision at the National Science Foundation (NSF). Computers & Operations Research, 36(7):2193–2200, 2009. From 2000 to 2004, he served as a senior program [17] Stephen P. Borgatti. Identifying sets of key players in a social director for networking research at NSF. He also served as the committee network. Computational & Mathematical Organization Theory, chairperson of the Information Technology Research (ITR) Program and an 12(1):21–34, 2006. NSF-wide research initiative in information technology. His current research interests are on network science and engineering, with the focus on the design [18] M. Stoer and F. Wagner. A simple min-cut algorithm. J. of of scalable, robust, and reliable network architectures and protocols for wired ACM, 44(4):585–591, 1997. and wireless communication networks. He is a recipient of several research [19] D. Wagner and F. Wagner. Between min cut and graph bisec- grants from government agencies and from industry. He is frequently invited to tion. In MFCS, pages 744–750, London, UK, 1993. Springer- present keynotes in networking and distributed conferences both in the United Verlag. States and abroad. He is a member of the IEEE.