maximization of network survivability against intelligent and malicious attacks (cont’d)
DESCRIPTION
Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d). Presented by Erion Lin. Outline. Problem Description Model Solution Approach. Problem Description. Problem Description. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/1.jpg)
Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)
Presented by Erion Lin
![Page 2: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/2.jpg)
Outline
Problem DescriptionModelSolution Approach
![Page 3: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/3.jpg)
Problem Description
![Page 4: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/4.jpg)
Problem Description
Assume the budget allocation policy is given, we want to know the minimal attack cost for an attacker to compromise a network.
The system is survivable if there is at least one available path for each critical OD-pair.
![Page 5: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/5.jpg)
Problem Assumptions
The survivability metric is measured as the connectivity of the given critical OD-pairs.
The attacker and the defender have complete information about the targeted network topology.
The defender’s budget allocation strategy is a given parameter.
![Page 6: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/6.jpg)
Problem Assumptions (Cont’d)
The objective of the attacker is to minimize the total attack cost of destroying all paths between one of the critical OD-pairs.
We consider node attacks only. (No link attacks are considered). If a node is attacked, its outgoing links are not functional.
We consider malicious attacks only. (No random failures are considered.)
![Page 7: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/7.jpg)
Model
![Page 8: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/8.jpg)
Model Description
Given Network topology A set of critical OD-pairs Total defense budget for the defender
![Page 9: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/9.jpg)
Model Description (Cont’d)
Objective: To minimize the total cost of an attack
Subject to: There is no available path for one of the critical
OD-pairs to communicate.
To determine: Which nodes will be attacked
![Page 10: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/10.jpg)
Given Parameters
![Page 11: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/11.jpg)
Decision Variables
![Page 12: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/12.jpg)
Formulation
Objective Function
subject to ii i
yi V
Min y a
l ic y M , ii V l OUT (IP 1.1)
Link cost representation
wl l pl ll L l L
t c c
,wp P w W (IP 1.2)
w
p pl wlp P
x t
,w W l L (IP 1.3)
wl lw W l L
M t c
(IP 1.4)
![Page 13: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/13.jpg)
Formulation (Cont.)
subject to (cont.)
0 1px or ,wp P w W (IP 1.6)
0 1iy or i V (IP 1.7)
0 1wlt or ,w W l L (IP 1.8)
1w
pp P
x
w W (IP 1.5)
![Page 14: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/14.jpg)
Reformulation
We reformulate the problem with one assumption and one argument.
Assumption
Argument the optimality condition for the defender holds if
and only if the total budget B is fully used.
,i ia b i V
The threshold attack cost to compromise a node equals to the allocated budget on it.
![Page 15: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/15.jpg)
Reformulation (Cont.)
Objective Function
subject to ii i
yi V
Min y b
l ic y M , ii V l OUT (IP 2.1)
Link cost representation
wl l pl ll L l L
t c c
,wp P w W (IP 2.2)
,w W l L (IP 2.3)
wl lw W l L
M t c
(IP 2.4)
w
p pl wlp P
x t
![Page 16: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/16.jpg)
Reformulation (Cont.)
subject to (cont.)
1w
pp P
x
w W (IP 2.5)
0 1px or ,wp P w W (IP 2.6)
0 1iy or i V (IP 2.7)
0 1wlt or ,w W l L (IP 2.8)
or lc M .l L (IP 2.9)
![Page 17: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/17.jpg)
Solution Approach
![Page 18: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/18.jpg)
Max-Flow Min-Cut Theorem
The maximum value of the flow from a source node to a sink node t in a capacitated network equals the minimum capacity among all s-t cuts.
Therefore, we gain a byproduct of the minimum cut from the maximum flow algorithm.
![Page 19: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/19.jpg)
Genetic Augmenting Path Algorithm
![Page 20: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/20.jpg)
Example
![Page 21: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/21.jpg)
Example (cont.)
![Page 22: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/22.jpg)
Questions
How to identify an augmenting path or show that the network contains no such path?
Whether the algorithm terminates in finite number of iterations?
Labeling algorithm is a specific implementation.
![Page 23: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/23.jpg)
Exists if the residual capacity of the arc is not zero
The Labeling Algorithm
![Page 24: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/24.jpg)
![Page 25: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/25.jpg)
S-T Cut
A cut is a partition of the node N into two subsets S and =N – S.
We refer to a cut as an s-t cut if .S
s S and t S
![Page 26: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/26.jpg)
Example of an S-T Cut
![Page 27: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/27.jpg)
Theorem
The maximum value of the flow from a source node s to a sink node t in a capacitated network equals the minimum capacity among all s-t cuts.
Proof. When the labeling algorithm terminates, it also
discovered a minimum cut.
![Page 28: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/28.jpg)
Theorem (Cont’d)
A flow x* is a maximum flow if and only of the residual network G(x*) contains no augmenting path.
Proof. If the residual network G(x*) contains an augme
nting path, clearly the flow x* is not a maximum flow.
![Page 29: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/29.jpg)
Node Splitting
300300
![Page 30: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/30.jpg)
Solution Approach
Combine max-flow min-cut theorem and node splitting method.
![Page 31: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/31.jpg)
Example
300
200
50
400
70
![Page 32: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/32.jpg)
Example (Cont’d)
300
50
200
70
400
Infinite Capacity
-200
-200
-200
-50
-50 -50
-50
Max Flow and Min Cut: 250
![Page 33: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/33.jpg)
Time Complexity Analysis
Labeling Algorithm :O((|N|+|L|)xn) n: number of augmentations
Consider w OD-pairs O(|W|x(|N|+|L|)xn)
![Page 34: Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)](https://reader035.vdocuments.us/reader035/viewer/2022070404/56813be2550346895da50db0/html5/thumbnails/34.jpg)
Thanks for Your Listening