1. Introduction
With the development of information and communication technologies, more and more functional systems have begun to be built based on information networks. Thanks to the high-speed and massive data transmission of the information network, the scale and efficiency of the functional system has been greatly increased. It makes the multi-layer network system represented by Internet of Things (IoT) widely used in various fields such as energy, health care, communication, transportation and manufacturing [
1]. The combination of networks of different layers makes the whole system have far more powerful and intelligent functions than ever before. However, the high integration and connectivity of IoT make them more vulnerable to malicious attacks [
2,
3,
4]. An error or failure of a certain layer may have serious effects on the entire system, and the malicious attacks on the system may be carried out from multiple layers, e.g., the cascading failures of the Italian smart grid on 28 September 2003 [
5] and the Stuxnet worm against Iranian nuclear facilities [
6]. The great significance and vulnerability of IoT has inspired researchers to pay attention to the security protection of them. Recent literature has carried out relevant research on the security of IoT and other layered network systems from different perspectives [
7,
8,
9,
10,
11,
12,
13,
14].
On some occasions, we need to interdict the layered network of functional systems to defend against malicious attacks. For example, criminals invade the IoT and occupy some important devices, attempting to issue malicious instructions to destroy key facilities. The network operators hope to delay the criminals’ attack by interdicting some links to buy time for the deployment of heavyweight countermeasures [
9]. Such malicious attacks usually spread through direct connections in the network, expand the scope of influence, and ultimately achieve functional damage. To characterize the propagation behavior of malicious attacks in layered network systems such as IoT and to study the defense strategy, a suitable network model is necessary. The logical–physical network model (Concept of logical–physical network. Retrieved from
https://www.ibm.com/support/knowledgecenter/en/SSPHQG_7.2/concept/ha_concepts_physical_logical.html), which provides us a proper approach to modeling IoT and other real layered network systems, is used in this paper. IoT is a huge network which combines functional devices with the Internet [
15]. In IoT, there are functional collaboration and dependency relationships among smart devices such as information-sensing devices, information-processing devices, information-fusion devices, and effectors. In the framework of logical–physical network models, the network formed by these devices and relationships describes how the system performs tasks and achieves functions, and we call it the logical-layer network. Before being functionally connected, these devices need to be physically connected through the Internet, i.e., they need to transfer information through the actual communication network, which we call the physical-layer network. The specific realization of system functions, on the logical layer, needs devices to cooperate according to certain organizational rules; on the physical layer, needs devices to transmit information through actual communication pathways.
Figure 1 shows how the functional processes in the logical-layer network correspond to real physical communication paths, and the difference from the single-layer case.
A specific system function, which is determined by a starting node and an ending node , may have different implementations on the logical layer, and these logical implementations may correspond to different communication paths. In the sense of optimization, the communication paths are designed to be shortest (i.e., has minimum delay).
How to deploy an effective interdiction strategy when the logical–physical network suffers malicious intrusion is worthy of attention. Appropriate interdiction strategies can earn sufficient time for network operators, and the optimization of interdiction strategies, which we call the logical–physical network shortest-path interdiction (LPNSPI) problem, is exactly what we want to solve in this paper. LPNSPI is a zero-sum game involving two players: an attacker and a defender. The attacker’s goal is to find a path which has minimum delay between a particular origin–destination pair in the logical-layer network, and the defender aims to delay the path as much as possible by interdicting connections in the physical-layer network. LPNSPI is an expansion and supplement of the shortest-path network interdiction (SPNI), which is a derivative of the network interdiction problem (NIP), on logical–physical networks. As an important issue in network attack and defense, NIP has applications in various fields, such as the supply-chain network [
16], infrastructure protection [
17], interdicting nuclear proliferation [
18], etc.
NIP is also a useful model for researching the protection of IoT, e.g., the defensive resource allocation [
15] and adversarial outbreak detection [
19]. Numerous variations of NIP have been proposed and studied to meet different hypotheses under particular scenarios [
16,
17,
20,
21,
22,
23,
24]. Among the many types of NIP, SPNI is a classic and important branch. Generally, SPNI can be described as
maximizing the shortest path and may be formulated as a bi-level mixed-integer program. Researchers have applied the SPNI model to transportation [
25,
26], port security, border patrol and other aspects [
27]. However, most of the literature about SPNI focuses on the single-layer network where interdiction and pathfinding happen in the same layer [
28,
29]. In LPNSPI, interdiction is applied on the physical layer, but the path that the attacker wants to minimize is on the logical layer. With the physical-layer network alone, it is impossible to judge whether a path meets the functional requirements; with the logical-layer network alone, it is impossible to confirm the specific delay of links in the network and the effect of interdiction. The separation of these two layers brings about the non-linearity of the objective function (In
Section 2, we present the non-linearity in LPNSPI. The two-layer structure leads to the product term of decision variables in the objective function (Equation (
7))), and also make the traditional single-layer NIP solving methods unable to be directly applied to LPNSPI. Recently the layered network interdiction problem has attracted more attention. Kennedy [
30] studied the maximum flow interdiction problem in a kind of multi-layer network where different layers are connected by sharing some common elements (nodes or edges). Wei et al. [
31] studied the shortest-path interdiction problem in a kind of bi-layer network where the interdiction effects on one layer can be determined by the interdiction on the other layer through logical operations. Baycik et al. [
32] studied the interdiction problem in layered physical and information flow networks. In this problem, a physical node can only be used when the flow passing through its corresponding information-layer node is more than a particular demand. Compared to this research, LPNSPI has a completely different setting on the inter-layer relationships of logical–physical networks, which pays more attention to the relationships between logical functions and physical communication paths.
Table 1 briefly compares some of the characteristics of LPNSPI and layered network interdiction problems mentioned above.
In this paper, we propose the LPNSPI game and model it as a bi-level integer program. We reformulate the problem and develop a Benders decomposition algorithm framework to solve LPNSPI. There are two major approaches to solve SPNI problems: the decomposition method and the dual method. The advantages of the decomposition approach have been mentioned in [
33], and as shown in
Table 1, the dual method is not suitable for LPNSPI. Then we propose a Layer-Mapping module to reduce unnecessary calculations of the decomposition algorithm. Also, a Random-Search module is developed to accelerate the convergence of the algorithm with a given approximate ratio. Simulation experiments are designed, and the computational results prove the significant efficiency of Layer-Mapping and Random-Search. Finally, we test our algorithms in a real bi-layer IoT network, and our improving methods perform well in both solving time and interdiction effects.
The paper is organized as follows. In
Section 2, the LPNSPI model is defined and formulated. In
Section 3, a basic decomposition algorithm is developed after reformulation. Layer-Mapping is introduced in
Section 4, and Random-Search is proposed in
Section 5.
Section 6 provides the experimental results. Conclusions are in
Section 7.
2. Shortest Path Interdiction Problem in Logical–Physical Networks
The LPNSPI problem involves two different networks: the logical-layer network which represents the flow of information between logical entities, and the physical-layer network which represents the actual transmission path of information in a physical environment. Throughout the present work, we use normal symbols to represent scalars, and bold symbols for vectors/matrices. The logical-layer network is defined as a directed graph , where represents the set of logical nodes and represents the set of logical arcs. Each logical node corresponds to a logical entity such as a person, a unit, an organization, etc. Each logical arc represents an allowed information transfer direction between logical nodes. The direction of a logical link is generally defined by artificial rules (such as process rules, hierarchy rules, etc.) rather than natural ones. For instance, in the logical network, two nodes are adjacent because they may have a direct functional dependency (the proper functioning of node i depends on the processed information provided by node j) rather than because they have a direct physical connection. Unlike a logical-layer network, a physical-layer network is defined as a bidirected graph , where represents the set of physical nodes and represents the set of physical arcs. Physical arcs are bidirected because they correspond to connections in the actual physical environment, such as road connections, routing connection, and so on. These connections are not directional in themselves and the flow of information on them can be two-way. Each logical node has a corresponding physical node , but not necessarily the other way around (many nodes in the physical network serve only as information transfer nodes and are not necessary to perform system functions). Each physical arc has a cost of communication for the attacker, which will be increased to if the arc is interdicted by the defender. In addition, for the defender, the corresponding resource consumption of interdicting is denoted as . The total interdiction resource for the defender is R. The communication cost of a logical arc is the total communication cost of a path that the attacker choose to travel in the physical-layer network, the corresponding node of endpoints of the logical arc being the start node and end node of the physical path.
In this problem, we assume both the attacker and the defender have complete information about the network. The defender pre-deploys the defense strategy according to the attacker’s source node
and target node
, and blocks some edges in the network. Subsequently, the attacker develops an optimal attack plan to minimize the communication cost from the starting node to the target node. Let
(the vector form is denoted by bold
) denote the defender’s interdiction strategy on
, and let
(the vector form is denoted by bold
) denote the attacker’s pathfinding variable on the logical layer. Then the attacker’s problem can be formulated as follows:
where
is the weight of the logical link
, i.e., the minimum total cost of its corresponding paths on the physical layer:
where
(Let
denotes the matrix form) is the pathfinding variable which indicates whether
is chosen in the corresponding physical path of
.
when the physical arc
is interdicted and
otherwise.
indicates that
is in the physical shortest path corresponding to
.
and
represent respectively the arc set directed out of and into node
.
and
are respectively the corresponding physical nodes of
and
. Constraint (2) and (5) are the flow-balance constraints. In practice,
can be calculated by using common shortest-path algorithms such as the Dijkstra algorithm.
We define
as the total communication cost from
to
. Then the defender’s problem of maximizing
, which is exactly the LPNSPI problem, can be formulated as follows
where
is the reverse arc of
and constraint (10) indicates that the interdiction of an arc is effective for both directions. Constraint (11) is the resource constraint for the defender, where we use
as the resource limit because of the counting for both directions. It is noted that the objective function (7) is nonlinear, which results from the mapping relationship between the physical-layer network and the logical-layer network. A Benders decomposition algorithm framework and related improvement methods are proposed in this paper.
3. Basic Decomposition Algorithm for LPNSPI
The problem of shortest-path network interdiction can be naturally divided into two processes: blocking resource deployment process and pathfinding process. These two processes respectively correspond to the max operation and min operation in (7), and correspond to the master problem and subproblem of the Benders decomposition algorithm. Let
denote the vector of
and
.
denotes an
–
path on the physical layer and
denotes a collection of
–
paths. The master problem and the subproblem of LPNSPI are defined as follows:
In contrast to the case in a single-layer network, does not necessarily represent a simple path. For the attacker, searching a path with minimum communication cost will lead to the shortest path in the logical layer, which is definitely a simple path. Although the corresponding path in physical and may have repeated arcs, the attacker cannot avoid going through them because the topology of logical layer specifies the process that the attacker must follow to achieve his goal.
Let Z denote the set of shortest physical layer paths that all simple - paths in logical layer correspond. Notice that is always established, then [Master()] is an equivalent formulation of [LPNSPI] when . Benders decomposition algorithm fixes and in turn, and iteratively solves the master problem and subproblem in turn. [Master()] fixes the set of feasible paths and solves an optimal interdiction strategy from the aspect of the defender, while [Sub()] gives an optimal path selection with fixed logical-layer network status, standing at the angle of the attacker.
Israeli and Wood [
33] proposed two types of “supervalid inequalities” (SVI) constraints to strengthen the LP relation of the master problem of Benders decomposition for the shortest-path interdiction problem of single-layer networks. These inequalities are constructed after the subproblem gives a currently optimal path and added to the master problem as constraints. SVIs are based on the following idea: they may make some solutions infeasible but are guaranteed not to eliminate any optimal solutions unless the incumbent is itself optimal; by reducing the size of the feasible region, SVIs accelerate the master problem. These inequalities can be extended to the logical–physical networks, and the proofs are basically the same with the single-layer case. The master problem containing SVIs is as follows:
where
for
and the sequence
.
is the descending order of the sequence
(the number of terms is
H).
. Constraint (21) is the Type-I SVI and Constraint (22) is the Type-II SVI. For detailed introduction and related proofs of SVI, please refer to [
33].
Because of the logical–physical structure, [Sub(
)] contains nonlinear terms and cannot be solved directly. However, we can divide the solution process into two steps: first, calculate the current communication cost
of the logical layer links with the current interdiction strategy
, and then calculate the shortest path of the logical layer. Here we rewrite the subproblem as follows:
We denote the matrix
obtained when calculating
as
, and denote the current logical path given by [Sub(
)-LM] as
, then we have
. [Sub(
)-LM] is also a necessary reformulation of the subproblem in order to use Layer-Mapping, which we will introduce in the next section. Now we give the basic decomposition algorithm for LPNSPI:
Algorithm 1 Basic Benders decomposition algorithm for LPNSPI |
|
Input : An instance of LPNSPI |
Output: An optimal interdiction plan |
|
1: |
2: while
do |
3: Calculate and according to using (4)-(6) |
4: Solve [Sub()-LM] for and the objective value |
5: ; ; |
6:
if
then |
7: ; ;
|
8: end if |
9:
if
then |
10: break; |
11: end if |
12: Solve [Master()-SVI] for and the objective value ;
|
13: ;
|
14: end while |
15:
|
16:
return
|
The correctness of Algorithm 1 is based on the following facts: gives a lower bound on the attacker’s optimal objective value and gives a upper bound on the defender’s optimal objective value. Although the actual path in the physical layer may no longer be a simple path in the case of layered network, the corresponding path in logical layer is certainly simple, whose number is finite. The number of possible interdiction plans is also finite. In addition, once and are fixed, is fixed, which means that the algorithm converges in a finite number of iterations.
4. Layer-Mapping Module
As shown in Algorithm 1, during the iteration of the decomposition algorithm, the current interdiction strategy changes when the master problem finds a better solution. In addition, the change of the interdiction strategy results in the change of the network status which can be represented by and : indicates the weights of logical links and indicates the corresponding relationships between logical links and physical paths. Once the current network status ( and ) is determined, we can solve a relatively simple subproblem [Sub()-LM] ([Sub()-LM] shares the same representation form with the subproblem of the single-layer case ) and give the currently optimal logical path . However, this process (line 3 in Algorithm 1) contains a lot of double counting during the iteration because we recalculate and for every logical link and physical arc in each iteration. It inspires us to add a Layer-Mapping module between the master problem and the subproblem to find the specific changes of the network status when changes.
Since the interdiction impact
is positive, interdicting a physical arc will not shorten any physical shortest path. So, the change of
has no effect on a physical shortest path (that means this path is still shortest) if no arc of it is interdicted. Let
denote an initial interdiction strategy. Let
denote the corresponding weights (communication costs) of logical links and let
denote the corresponding path-mapping matrix
. When the interdiction strategy changes to
which satisfies
, we need only to recalculate
and
for logical link
if there exists a physical arc
which makes
. In practice, we set
to
, and thus
indicates the initial network status when there is no interdiction. When the resource limit makes the number of physical arcs that can be interdicted simultaneously much smaller than the edge number of the physical network, layer-mapping will significantly reduce the weight calculations for logical links.
Algorithm 2 Layer-Mapping |
|
Input: Initial interdiction strategy ; initial network status and ; the new interdiction strategy |
Output: The new network status and ;
|
|
1: Initialize and |
2:
|
3:
for
do |
4: flag ← 0;
|
5:
for
do |
6:
if
then |
7: Calculate and using (4)-(6);
|
8: flag ← 1; |
9: break;
|
10: end if |
11: end for |
12: if flag = 0 then |
13:
|
14: end if |
15: end for |
16: return and |
in Layer-Mapping is the vector of
when
is fixed (it can also be explained as the
th row vector of matrix
), and
shares the same representation. Layer-Mapping intuitively shows the change of the mapping status of the logical–physical network when interdiction happens, which not only avoids the non-linearity of the objective function from explicitly appearing in the decomposition algorithm, but also speeds up the solution of the subproblem. For simplicity, we call this module Layer-Mapping(
,
), where
is the initial interdiction strategy and
is the new one. Applying Layer-Mapping to the basic decomposition algorithm, we get Algorithm 3.
Algorithm 3 Improved decomposition algorithm with Layer-Mapping |
|
Input: An instance of LPNSPI
|
Output: An optimal interdiction plan |
|
1:
|
2:
while
do |
3:
if
then |
4: ; Calculate and using (4)-(6);
|
5: ;
|
6: else |
7: Solve Layer-Mapping(,) for and ;
|
8: end if |
9: Solve [Sub()-LM] for and the objective value |
10: ; ;
|
11:
if
then |
12: ; ;
|
13: end if |
14:
if
then |
15: break;
|
16: end if |
17: if [Master()-SVI] is feasible then |
18: Solve [Master()-SVI] for and the objective value ;
|
19: ;
|
20: else |
21: break;
|
22: end if |
23: end while |
24:
|
25:
return
|
5. A Random-Search Method for Accelerating Convergence
To accelerate the convergence speed of the decomposition algorithm, we try to use the information of
obtained by the subproblem as much as possible in each iteration to limit the feasible domain of the master problem. We propose a Random-Search procedure to increase the number of paths added to
for each iteration, which shares the basic idea of Local-Search proposed by Wood [
33] in the NIP of a single-layer network. We hope to find more near-optimal paths in one iteration. However, the existence of inter-layer relationships in multi-layer networks makes the search for near-optimal paths complicated, and the time cost of finding all near-optimal paths in each iteration, which is what Local-Search does, is not small in the face of the large-scale layered network. The process of Random-Search is described as follows. The total communication consumption of these paths is limited by a set constant
and the current lower bound
. Let
denote an near-optimal path found by Random-Search and let
denote the communication cost of this path with an interdiction plan
, of which the initial value is set to
. For a path
found by the subproblem, Random-Search first selects one of its edges (denoted as
) at random and interdict it, i.e., set
and provisionally set
. Then, for each edge
in logical layer, recalculate the weight
of it if
. As for the edges of the logical layer that satisfy
, their weights will not change.
does not appear in the physical paths they correspond, so the blocking of
will not change the mapping relationship between them and these paths. Please note that the process of recalculating
can be represented by Layer-Mapping(
,
). The shortest path calculated based on the updated edge weights is a near-optimal path. If the total weight of the path newly found is no more than
, the path will be added into
as
. After that, Random-Search will choose a new edge
of the path
to interdict and repeat the searching process. The process ends when the blocking of edge
leads
.
Figure 2 shows the execution of Random-Search.
As is naturally established, adding constraint to the master problem will not eliminate any optimal solution. We can still use [Master()-SVI] with the extended by Random-Search even if (22) and (23) are not supervalid (for convenience, we name these inequalities “-SVIs”). Since we keep in every iteration, adding corresponding -SVIs to [Master()-SVI] will finally lead to an approximate objective value which satisfies . We give the properties of -SVIs and prove it as follows.
Theorem 1. For an interdiction plan given by [Master()] during an iteration of Algorithm 2, let denote a feasible solution of [Sub()] that may be non-optimal. Let and let denote the global optimal objective value of [Master(Z)]. Then Type-I inequality does not eliminate all optimal solutions of [Master(Z)] unless the incumbent solution leads to a lower bound , providing that .
Proof of Theorem 1. Let
denote the global optimal solution of the defender’s interdiction plan. Assuming that
during an iteration, if Type-I inequality
eliminates all optimal solutions, which means
, then
□
In fact, the two types of SVIs and their corollaries can be modified to apply to a non-optimal pathfinding result if is an approximate optimal solution of the current subproblem [Sub()]. The modified inequalities are not supervalid, which means that the inequalities may eliminate all optimal solutions. However, when this happens, we will already have an approximate global optimal interdiction solution.
Corollary 1. For a feasible solution of [Sub()], which leads to an objective value . Order the so that . Then, if for , the Type-I inequality of Theorem 1 can be tightened to
Proof of Corollary 1. Assuming that
, then
□
Theorem 2. For an interdiction plan given by [Master()] during an iteration of Algorithm 2, let denote a feasible solution of [Sub()] that may be non-optimal. Let . Then, the Type-II inequality does not eliminate all optimal solutions of [Master(Z)] unless the incumbent solution leads to a lower bound , providing that .
Proof of Theorem 2. Assuming that
, if Type-II inequality
eliminates all optimal solutions, which means
, we can obtain that
because all elements in vector
are 0 or 1. Then
□
Corollary 2. For a Type-II inequality , let and let be any subset of such that . Then, the Type-II SVI of Theorem 2 can be tightened to , where for all and 0 otherwise.
Proof of Corollary 2. Assuming that
, if Type-II inequality
eliminates all optimal solutions, which means
, let
, then
□
Based on Algorithm 3, we add the Random-Search module and get Algorithm 4 as follows:
Algorithm 4 Improved decomposition algorithm with Layer-Mapping and Random-Search |
|
Input: An instance of LPNSPI and a tolerable approximation ratio |
Output: A tolerable near-optimal interdiction plan |
|
1:
|
2:
while
do |
3:
if
then |
4: ; Calculate and using (4)-(6);
|
5: ;
|
6: else |
7: Solve Layer-Mapping(,) for and ;
|
8: end if |
9: Solve [Sub()-LM] for and the objective value ;
|
10: ; ;
|
11:
if
then |
12: ; ;
|
13: end if |
14:
if
then |
15: break;
|
16: end if |
17: Solve Random-Search() for ;
|
18: ;
|
19: if [Master()-SVI] is feasible then |
20: Solve [Master()-SVI] for and the objective value ;
|
21: ;
|
22: else |
23: break;
|
24:
end if |
25: end while |
26:
|
27:
return
|
6. Computational Experiments
We tested our algorithms in a set of generated layered networks with directed random networks as their logical layers. Random networks, small-world networks, scale-free networks and grid networks are used as physical layer in these instances. The network in the logical layer are smaller than the physical-layer network in each instance, and each node of the logical layer correspond a randomly selected node of the physical layer, which means that these two nodes share the same entity. We generated random networks by connecting newly added nodes to previous nodes with a certain probability p. p is adjusted for each instance to ensure that all the random networks have the same expected average degree. The small-world networks are generated by first constructing a nearest-neighbor coupling network and then reconnecting the edges with different probabilities. For the scale-free case, we first generate a small random network, and then assign the connection probabilities according to the degrees of nodes, and finally preferentially connect the newly added nodes to the nodes with better connectivity in the light of the probabilities. As for the grid networks, conventional square lattice networks are used. The communication costs of edges s and the interdiction increments s in physical layer are integers that are randomly distributed on [1, 20] and [200, 1000], respectively. The resource consumption of interdiction is set to in practice. A time limit of 3600 s is set for each experiment.
Table 2 shows the parameters of the test problems we used. The blank cells repeat values from cells above. The numbers in the brackets of the column “
” and column “
” represent the average degree of the generated networks. For each problem we generated ten instances. We programmed the algorithms presented above using the MATLAB toolbox YALMIP and CPLEX 12.8 callable library. Computation is performed on a Windows 10 64-bit laptop with an Intel Core i7-9700K CPU (3.60 GHZ) and 16 GB of RAM.
The value of
in Algorithm 4 is set as 1.05, 1.10 and 1.15, respectively, and the error range of the corresponding optimal objective value is 95.2%, 90.9% and 87.0%. The basic results for LPNSPI are shown in
Table 3. The column “instance” represents the number of instances we used for comparison in the problem of a certain scale.
T, average solution time in seconds;
, the standard deviation of the solution time;
N, average iteration times;
, the standard deviation of the iteration times. The numbers in brackets of the column “
T” indicate the number of the instances which were solved within 3600 s. The “–”s of the same rows indicates “not applicable” because there was at least one instance which was not successfully solved within the allotted time. It can be intuitively seen from
Table 3 that the Layer-Mapping module make Algorithm 3 much faster than the basic decomposition algorithm with almost the same number of iterations, especially when the scale of the physical layer is large. However, despite this, Algorithm 3 cannot solve all the instances within the stipulated time. Combining Random-Search with Layer-Mapping, Algorithm 3 takes significantly less time and fewer iterations, and successfully solved all the instances. It should be noted that among the ten instances of ’gn1000’, there are two extreme instances, which increase the average solving time of ’gn1000’ problem (even more than the average solving time of ’gn2000’). However, it does not affect the comparison between the performance of different algorithms.
To analyze the specific running time of each part (i.e., the master problem, the subproblem and the Random-Search part) of the three algorithms, we selected some “easy” instances of the hardest problems of each network type in
Table 3 (that is, rd20000, sf20000, sw20000 , gn1000 and gn2000), where “easy" means that all three algorithms can solve the problem within 3600 s. The results are shown in
Table 4.
is the running time of the master problem;
is the running time of the subproblem;
is the time spent on Random-Search. Initialization, formatting, and other parts of the program only account for a small portion of the time and are not listed.
is the average error rate of the results obtained by Algorithm 4, and the numbers in parentheses indicate the number of instances where Algorithm 3 find a near-optimal solution rather than an exact optimal solution.
is the standard deviation of
. As
Table 4 shows, Algorithm 3 takes almost the same time in solving the master problem as Algorithm 1, but takes much less time to solve the subproblem. With Random-Search, Algorithm 3 greatly reduces the time of the master problem and the subproblem, but it also takes a considerable amount of time in Random-Search to find near-optimal paths.
A suitable value of allows Random-Search to find a large number of near-optimal paths, but at the same time, the final result may have some errors from the actual optimal solution. In our test instances, Algorithm 3 solved many instances accurately, with an overall average accuracy of more than 99.7%. Of course, we can set the value of to 0, which will make the final result the global optimal solution, but also make it difficult for Random-Search to find near-optimal paths. We tested Algorithm 3 on the case when , and found that the running time results are not so satisfying because much fewer near-optimal paths were found.
To study the effect of the value of
on the solution speed of Algorithm 3, we set three cases of
,
, and
, and tested the algorithm on all the instances of the problems in
Table 4.
Table 5 compares the algorithm time, number of iterations, and errors of the near-optimal solution in the three cases. We used all ten instances of each problem when comparing the running time and the number of iterations of the algorithm. However, for “rd20000”, “sf20000” and “sw20000”, there were instances where Algorithm 1 and Algorithm 2 could not give the exact optimal results. The numbers in parentheses in the column “Err” indicate the number of instances used in calculating the average error rate and the number of non-optimal solutions given by Algorithm 3. For example, “0.25%(2 in 8)” means that in 8 verifiable instances, Algorithm 3 gives 2 approximate solutions (and 6 exact solutions), with an average error of 0.25%.
Due to the randomness of the pathfinding results of Random-Search, the number of near-optimal paths found in a specific iteration will fluctuate, and the contribution of these paths and the corresponding SVIs to the master problem is also uncertain. In some instances, the algorithm took more time with a larger
than with a smaller one. However, in general, as
Table 5 shows, a slightly larger
makes the algorithm converge faster.
Furthermore, we examine our improving methods in commercial data of a bi-layer network which is obtained from scanning over the Internet. This bi-layer network includes a physical layer of 36,409 nodes and 49,084 edges, and a logical layer of 32,490 nodes and 51,340 edges. The physical nodes contain switching equipment, terminal equipment, storage equipment, control equipment, etc., and they are connected by physical links which consist of optical fibers, twisted-pair lines, coaxial cables, wireless media links, etc. On the logical layer, nodes represent operating systems and other software, and links represent information transfers, remote logins, network sessions, etc. The network structure is shown in
Figure 3.
After data cleaning of the original network (remove isolated nodes and connected components which do not include the source-destination pair), we designed experiments to test the changes of the algorithm running time and blocking effect with the increase of interdiction resources. The time limit is set to 3600 s.
As shown in
Table 6, the processing time of the algorithms increases rapidly when the number of interdicted edges (
R) grows larger. Both Algorithm 3 and Algorithm 4 solve the problem with much less time than Algorithm 1 (benchmark) when interdicted edges are no more than 8, which confirms the effectiveness of Layer-Mapping. As a large number of near-optimal paths are found by Random-Search, when
R is small, the solution of Algorithm 3 is faster than that of Algorithm 4. However, when
R grows up to 9, neither Algorithm 1 nor Algorithm 3 can solve the problem within 3600 s. Algorithm 3 with both Layer-Mapping and Random-Search successfully solves the problem when
R is no more than 12. The interdiction effects of the three algorithms are compared in
Figure 4. The objective function, which is the length of the shortest
-
path, increases when
R grows. We find that even if the
in Algorithm 4 is set to 1.15, which leads to a potential error range of 87%, accurate optimal solutions are found in comparable cases (i.e., when
R is no more than 8).