Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented...
-
Upload
joleen-walsh -
Category
Documents
-
view
220 -
download
0
Transcript of Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented...
![Page 1: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/1.jpg)
Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)
Presented by Erion Lin
![Page 2: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/2.jpg)
Outline
Problem DescriptionModelSolution Approach
![Page 3: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/3.jpg)
Problem Description
![Page 4: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/4.jpg)
Problem Description
Assume the budget allocation policy is given, we want to know the minimal attack cost for an attacker to compromise a network.
The system is survivable if there is at least one available path for each critical OD-pair.
![Page 5: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/5.jpg)
Problem Assumptions
The survivability metric is measured as the connectivity of the given critical OD-pairs.
The attacker and the defender have complete information about the targeted network topology.
The defender’s budget allocation strategy is a given parameter.
![Page 6: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/6.jpg)
Problem Assumptions (Cont’d)
The objective of the attacker is to minimize the total attack cost of destroying all paths between one of the critical OD-pairs.
We consider node attacks only. (No link attacks are considered). If a node is attacked, its outgoing links are not functional.
We consider malicious attacks only. (No random failures are considered.)
![Page 7: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/7.jpg)
Model
![Page 8: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/8.jpg)
Model Description
Given Network topology A set of critical OD-pairs Total defense budget for the defender
![Page 9: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/9.jpg)
Model Description (Cont’d)
Objective: To minimize the total cost of an attack
Subject to: There is no available path for one of the critical
OD-pairs to communicate.
To determine: Which nodes will be attacked
![Page 10: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/10.jpg)
Given Parameters
![Page 11: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/11.jpg)
Decision Variables
![Page 12: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/12.jpg)
Formulation
Objective Function
subject to ii i
yi V
Min y a
l ic y M , ii V l OUT (IP 1.1)
Link cost representation
wl l pl ll L l L
t c c
,wp P w W (IP 1.2)
w
p pl wlp P
x t
,w W l L (IP 1.3)
wl lw W l L
M t c
(IP 1.4)
![Page 13: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/13.jpg)
Formulation (Cont.)
subject to (cont.)
0 1px or ,wp P w W (IP 1.6)
0 1iy or i V (IP 1.7)
0 1wlt or ,w W l L (IP 1.8)
1w
pp P
x
w W (IP 1.5)
![Page 14: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/14.jpg)
Reformulation
We reformulate the problem with one assumption and one argument.
Assumption
Argument the optimality condition for the defender holds if
and only if the total budget B is fully used.
,i ia b i V
The threshold attack cost to compromise a node equals to the allocated budget on it.
![Page 15: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/15.jpg)
Reformulation (Cont.)
Objective Function
subject to ii i
yi V
Min y b
l ic y M , ii V l OUT (IP 2.1)
Link cost representation
wl l pl ll L l L
t c c
,wp P w W (IP 2.2)
,w W l L (IP 2.3)
wl lw W l L
M t c
(IP 2.4)
w
p pl wlp P
x t
![Page 16: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/16.jpg)
Reformulation (Cont.)
subject to (cont.)
1w
pp P
x
w W (IP 2.5)
0 1px or ,wp P w W (IP 2.6)
0 1iy or i V (IP 2.7)
0 1wlt or ,w W l L (IP 2.8)
or lc M .l L (IP 2.9)
![Page 17: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/17.jpg)
Solution Approach
![Page 18: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/18.jpg)
Max-Flow Min-Cut Theorem
The maximum value of the flow from a source node to a sink node t in a capacitated network equals the minimum capacity among all s-t cuts.
Therefore, we gain a byproduct of the minimum cut from the maximum flow algorithm.
![Page 19: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/19.jpg)
Genetic Augmenting Path Algorithm
![Page 20: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/20.jpg)
Example
![Page 21: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/21.jpg)
Example (cont.)
![Page 22: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/22.jpg)
Questions
How to identify an augmenting path or show that the network contains no such path?
Whether the algorithm terminates in finite number of iterations?
Labeling algorithm is a specific implementation.
![Page 23: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/23.jpg)
Exists if the residual capacity of the arc is not zero
The Labeling Algorithm
![Page 24: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/24.jpg)
![Page 25: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/25.jpg)
S-T Cut
A cut is a partition of the node N into two subsets S and =N – S.
We refer to a cut as an s-t cut if .S
s S and t S
![Page 26: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/26.jpg)
Example of an S-T Cut
![Page 27: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/27.jpg)
Theorem
The maximum value of the flow from a source node s to a sink node t in a capacitated network equals the minimum capacity among all s-t cuts.
Proof. When the labeling algorithm terminates, it also
discovered a minimum cut.
![Page 28: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/28.jpg)
Theorem (Cont’d)
A flow x* is a maximum flow if and only of the residual network G(x*) contains no augmenting path.
Proof. If the residual network G(x*) contains an augme
nting path, clearly the flow x* is not a maximum flow.
![Page 29: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/29.jpg)
Node Splitting
300300
![Page 30: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/30.jpg)
Solution Approach
Combine max-flow min-cut theorem and node splitting method.
![Page 31: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/31.jpg)
Example
300
200
50
400
70
![Page 32: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/32.jpg)
Example (Cont’d)
300
50
200
70
400
Infinite Capacity
-200
-200
-200
-50
-50 -50
-50
Max Flow and Min Cut: 250
![Page 33: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/33.jpg)
Time Complexity Analysis
Labeling Algorithm :O((|N|+|L|)xn) n: number of augmentations
Consider w OD-pairs O(|W|x(|N|+|L|)xn)
![Page 34: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.](https://reader030.fdocuments.net/reader030/viewer/2022032709/56649ed15503460f94be0449/html5/thumbnails/34.jpg)
Thanks for Your Listening