Introduction

Complex networks represent interconnected systems [1], comprising entities like nodes or vertices linked by edges or connections, delineated in graph theory [2]. These networks manifest in various domains, encompassing global communications or intricate societal interactions [3, 4]. Within these networks, centrality measures play pivotal roles in evaluating node significance. Betweenness centrality identifies nodes crucial for connecting disparate parts of the network, while bridging centrality highlights nodes acting as vital bridges between different segments. These centrality metrics serve as linchpins in understanding network structures and behaviors, essential in devising strategies for network fortification against potential threats, considering the susceptibility of such complex systems to cyber attacks. The interdisciplinary nature of studying these networks draws methodologies from mathematics, physics, computer science, and sociology, enabling comprehensive analyses [5] and strategies vital for safeguarding these intricate systems from vulnerabilities and disruptions. However, Complex networks are known to be sturdy to random attacks and prone to deliberate attacks. It is crucial to procure information about the vulnerability of these networks and to secure the weakness by making them robust [6, 7]. Hence, a network is robust if it is more connected and can tolerate attacks.

The existing work predominantly focuses on static networks when devising attack strategies, potentially overlooking vulnerabilities that can cause network collapse. Moreover, while various centrality-based attacks have been proposed, there remains a notable gap in exploring bridging centrality, especially in terms of defense strategies. Bridging nodes [8], akin to influential individuals in social dynamics or crucial elements in epidemiology, hold pivotal roles in networks. Their removal can significantly impact network stability. Historically, strategies involving the elimination of socially connected individuals or ringleaders in criminal gangs mirror the importance of these bridging nodes. However, despite their significance, research exploring bridging-based defense strategies or integrating bridging with betweenness for attack strategies is scarce in the literature. Most proposed attack and mitigation schemes primarily rely on other centrality metrics such as betweenness centrality [9] and degree centrality [10]. This highlights the need for further investigation into leveraging bridging centrality for both attack and defense mechanisms to comprehensively fortify networks against potential threats.

Notably, prior research has predominantly focused on isolating nodes with the highest Betweenness centrality, employing exhaustive simulations to understand network vulnerabilities and potential attack strategies. However, this paper introduces a groundbreaking analysis delving into the realm of network attack and defense strategies by incorporating an additional centrality metric: bridging centrality. Moreover, it pioneers the innovative concept of a Bridging-Betweenness Fusion Attack, leveraging a combination of both Betweenness and bridging centrality metrics for a more comprehensive understanding of network vulnerabilities and defense mechanisms.

The main aim of this research is to identify critical nodes whose removal can cause the maximum damage and propose a defense strategy for such attacks to make a resilient network. Hence, the main contribution of this research work is

  • to analyze the network by launching certain attacks and defense strategies on it and to examine particular behavior of the network (analyzing how vulnerable and robust the network is against attacks and defense strategies).

  • From the attacker’s point of view, design more effective attacks that cause maximum damage to a network through intensive simulation on random networks.

  • From a defender’s point of view, designing an effective defense against many attacks is to add new links connecting low-centrality nodes to maintain the overall balance of the network.

  • to study the effectiveness of attack and defense techniques. Note that some attacks and defense techniques were already introduced while others were presented for the first time.

This work presents several notable advantages in the realm of complex network analysis. Firstly, it introduces an innovative approach by integrating both Betweenness and Bridging centrality metrics to explore attack and defense strategies within complex networks. This fusion allows for a more comprehensive evaluation of critical network components, surpassing the limitations of traditional single-metric methods. Secondly, the work emphasizes a dual contribution: advocating for high centrality node removal as an attacking strategy and proposing a recalculated node method following each removal. These novel strategies provide a fresh perspective on disrupting network structures and reevaluating network dynamics after attacks, potentially enhancing response strategies significantly. Additionally, this work introduces inventive defense techniques, involving the strategic addition of new nodes to lower centrality nodes post-attack to restore graph connectivity and fortify networks against disruptions. Moreover, this work ventures into unexplored territories by combining two centrality measures for attacks and introducing a defense strategy based on bridging centrality, expanding the scope of possible strategies in complex network analysis

The remaining paper structure is as follows: Section “Related work” reviewed some of the related work, Section “Modeling attack on complex networks” describes the modeling attack on complex networks, section “Proposed defense modelling on complex networks” is about modeling defense on complex networks, sections “Results” and “Experiment on real network” presents the results of our experiment on network and section “Conclusions and future work” is about the conclusion and future work.

Related work

Recent advances in the theory of networks provided us with the mathematical and computational tools to understand them better [11]. Frequently, the topology of a network has particular features, for example, vertex order distribution, characteristics path lengths, and clustering, which can be classified in terms of its evaluation. For example, networks that may solicit a power-law distribution of vertex order make them robust against random node failure because these networks grow by preferential attachment [12]. These models are related to security; for example, rulers have known for centuries that one can subjugate a conquered province more quickly if one eliminates the most socially connected individuals means damaging and destroying the one who is important [13].

Zanette et al. in [14] study the attacks on complex networks to identify the vulnerabilities of networks, which can be used either for protection (e.g., of infrastructures) or for destruction (e.g., in the control of epidemic diseases). Furthermore, it can give a direction in structuring more robust artificial networks (e.g., communication networks)). Most of these networks are robust to random failures but vulnerable to targeted attacks [15]. In some networks, the targeted node’s physical quantities or information flow is divided between adjacent nodes when the targeted node is attacked. That is known as a cascade-based attack when by attacking a node, its load is distributed among other nodes and then because of over-burdening, nodes start to fail.

Based on several metrics, targeted attacks are performed. Most of the attacks consider the importance of a node in the networks, which is also known as the centrality of the node. There are different types of centralities, such as betweenness, closeness, degree and bridging centrality. These centralities measure the importance of the node in particular ways (e.g., Betweenness centrality [16] measures the importance by shortest paths, Closeness centrality [17] measures the sum of the length of the shortest paths between the node and all other nodes in the graph, Degree centrality measure the importance of node by looking at the degree of the node and bridging centrality of a node is measured based on according to what a node densely connects connected components in a graph).

Albert et al. [18] showed scale-free networks behave reasonably well in case of errors/failures, but in a targeted attack, they are pretty unstable regarding attacking survivability. Holme et al. [19] studied the robustness of the network by attacking high degree and betweenness centrality [16] nodes. Mishkovski et al. [20] used degree centrality, betweenness centrality, and eigenvector centrality [21] for vulnerability assessment of complex networks based on optimal flow measurements under intentional node and edge attacks. It is measured based on starting information about the network or on recalculated information of the network to remove nodes or edges. Then, the vulnerability of the network is determined by measuring the maximum end-to-end throughput after the attack.

Wandel et al. [22] The breakdown of complicated networks is proposed using a unique technique. A random attack becomes a targeted attack iteratively. A wide range of random and real-world networks are evaluated. Faster yet still intensely competitive with interacting betweenness. Wang et al. [23] discussed nodes’ load distribution attribute (cascading breakdown) in scale-free networks, which is not considered in the literature. Swami Iyer et al. [24] proposed an attack using betweenness, degree, closeness and eigenvector centrality. Their proposed attack is based on two techniques; one is simultaneous, in which once all centrality measures are calculated, the attack is performed, and the other one is sequential, in which, after every node removal, all centralities are again recalculated.

Bellingeri et al. [25] explored the proficiency of attack strategies on network nodes while targeting a few complex models. As per the auxiliary properties of the network, Nie et al. [26] proposed two novel assault strategies, initial degree and betweenness and recomputed degree and betweenness. Bhave et al. [27] used different centrality metrics for attacking, which include degree, closeness, betweenness and edge betweenness centrality. The robustness of the network is measured after each iteration of the attack. Jiang et al. [28] presented one random and seven intentional attacks, three of which are centrality-based attacks. Zhang et al. [29] proposed centrality-based attacks using closeness and betweenness centrality with a limitation that their proposed attacks do not apply to the recalculation method.

To secure the network after attacks, numerous works on defense strategies exist against intentional attacks. As a countermeasure, authors proposed adding forward links and new edges rewiring before and after the attack [30, 31]. zhang et al. [32] work share common ground in terms of addressing complexities, proposing innovative strategies, and aiming for effectiveness and resilience within their respective domains of system analysis and defense. Stojanovi et al. [33] proposes innovative solution for complex system, emphasizing adaptability, practical application, and rigorous validation. Integrating fault-tolerant control strategies into network defense could enhance understanding of adaptable system behaviors in diverse settings. Song et al. [34] offers unique strategies to boost system resilience against attacks. Integrating insights from event-triggered strategies in neural networks could enhance defense mechanisms for maintaining performance during disruptions in complex networks. Nagaraja et al. [35] proposed both attack and defense strategies. New nodes and edges are rebuilt after an attack in the defense strategy. Domingo et al. and Kim et al. extended Nagaraja and Anderson’s work by proposing attack and defense methods on weighted and directed networks [36] and on different network topologies [37]. Several researchers reviewed progress [38] and theoretical analysis [39] on recommended attack and defense strategies.

Modeling attack on complex networks

The proposed technique can formally be represented as an attack operations, where the attacker will destroy the network. In the attack portion, an attacker will eliminate \(N_{a}\) nodes and their linked edges from the graph/network according to the attack strategy. As shown in Fig. 1, the attacker will first take the Adjacency list of the complex network as an input. In the second step, he will calculate the centrality according to our attack, either the Bridging or Betweenness of each node in a complex network; then in the third step, \(N_{a}\) (numbers of removing nodes), nodes with high centrality will be removed. In the fourth step, we again calculate the remaining graph to evaluate the damage (Mean Square Error) after the attack.

Fig. 1
figure 1

Attack modeling on complex network

Full size image

Therefore, to gauge the viability of attacks, we utilize the remaining shortest paths, the remaining connected components and the size of LCC (largest connected component). These performance evaluation indicators collectively offer a comprehensive assessment of the network’s resilience, integrity, and functionality after an attack. They provide quantifiable measures to gauge the impact of node removal based on centrality metrics. The choice enabling a deeper understanding of the attack’s repercussions on various aspects of the network structure and connectivity, aiding in the development of robust defense strategies.

Attack strategy

This paper will use the highest centrality removal by using bridging centrality, betweenness centrality and a combination of both as a metric. Nodes will be deleted sequentially and simultaneously. In a simultaneous attack, the whole network is calculated only once before the attack operation starts. In sequential attacks, the network is recalculated after every node removal. We look at the effectiveness of a pool of attack techniques. Some of which have just been described in the literature. While others are presented in this work for the first time. In the attack, the attack strategy will select \(N_{a}\) nodes to delete them from a graph an attack. The following six attack strategies are:

  1. 1.

    Attack on highest Betweenness node

  2. 2.

    Attack on highest Betweenness node with recalculation method

  3. 3.

    Attack on highest bridging node

  4. 4.

    Attack on the highest bridging node with recalculation method

  5. 5.

    Combining both Betweenness and bridging centrality

  6. 6.

    Combining both Betweenness and bridging centrality with the recalculated method

Where Betweenness centrality is denoted as \(C_{B}(v)\), bridging centrality as \(C_{r}(v)\) and bridging coefficient as BC(v)

Attack on highest Betweenness node

Calculate the Betweenness centrality of the whole graph/network. Sort the node list in decreasing order, denoted as seq [bet]. Highest Betweenness centrality node from the list seq [bet] will be picked, eliminate that node with its associated edges, and that step will be repeated \(N_{a}\) times. This attack is denoted as \(A^{bet}\).

Algorithm 1
figure a

Abet Attack: Betweenness-based Node Deletion

Full size image

Attack on highest Betweenness node with recalculation method

Calculate the Betweenness centrality of the whole graph/network. Sort the node list in decreasing order, denoted as seq [bet]. The highest Betweenness node from the list seq [bet] with its associated edges will be eliminated. Recalculate the Betweenness centrality of the remaining graph/network. Again sort them, and the highest Betweenness centrality node from the list seq [bet] with its associated edges will be eliminated, and this step will be repeated \(N_{a}\) times. This attack strategy is denoted as \(A_{R}^{bet}\)

Algorithm 2
figure b

AbetR Attack: Betweenness-based Node Deletion with Recalculation

Full size image

Attack on highest bridging node

Calculate the Bridging centrality of the whole graph/network. Sort the node list in decreasing order, denoted as seq [bri]. The highest Bridging centrality node from the list seq [bri] will be picked and deleted with its associated edges, and this step will be repeated \(N_{a}\) times. This attack strategy is denoted as \(A_{bri}\).

Algorithm 3
figure c

Abri Attack: Bridging-based Node Deletion

Full size image

Attack on the highest bridging node with recalculation method

Calculate the Bridging centrality of the whole graph/network. Sort the node list in decreasing order, denoted as seq [bri]. The highest Bridging node from the list seq [bri] with its associated edges will be eliminated. Recalculate the Bridging centrality of the remaining graph/network. Again sort them, and the highest Bridging centrality node from the list seq [bri] with its associated edges will be eliminated, and this step will be repeated \(N_{a}\) times. This attack strategy is denoted as \(A_{R}^{bri}\).

Algorithm 4
figure d

AbriR Attack: Bridging-based Node Deletion with Recalculation

Full size image

Bridging-betweenness fusion attack

Calculate the Bridging centrality and Betweenness centrality of the whole graph/network. Sort the node list in decreasing order, denoted as seq [bri] and seq [bet]. Highest bridging and Betweenness centrality node from seq [bri] and seq [bet] with their linked edges will be eliminated, and that step will be repeated \(N_{a, a}\) times. This attack is denoted as \(A_{bri, bet}\).

Algorithm 5
figure e

Abri,bet Attack: Bridging-Betweenness Fusion based Node Deletion

Full size image

Bridging-betweenness fusion attack with recalculated method

Calculate the Bridging centrality and the Betweenness centrality of the whole graph/network. Sort the node list in decreasing order, denoted as seq [bri] and seq [bet]. Highest bridging and Betweenness centrality node from seq [bri] and seq [bet] with their linked edges will be eliminated. Recalculate the Bridging centrality and Betweenness centrality of the whole graph/network. Again highest bridging centrality and Betweenness centrality node from the list seq [bri] and seq [bet] with its associated edges will be eliminated, and this step will be repeated \(N_{a, a}\) times. This attack strategy is denoted as \(A_{R}^{bri,bet}\)

Algorithm 6
figure f

Abri,betR Attack: Bridging-Betweenness Fusion based Node Deletion with Recalculation

Full size image

We use \(A^{bri}\), \(A^{bet}\), \(A_{R}^{bri}\), \(A_{R}^{bet}\), \(A_{bri, bet}\) and \(A_{R}^{bri, bet}\) to denote high-bridging centrality removal, high-Betweenness centrality removal, high-bridging centrality removal with the recalculated method, high-Betweenness centrality removal with the recalculated method, combining both bridging and Betweenness centrality removal and combining both bridging and Betweenness centrality removal with the recalculated method.

Proposed defense modelling on complex networks

The proposed technique can formally represent a defense operation, where the defender will recover the network after the attack. There are defense strategies for all attacks. In a defense phase, a defender will build \(N_{d}\) nodes by adding them simultaneously with e new edges to existing nodes in the graph/network according to the defense strategy. We assume the defender must determine which nodes and their associations have vanished.

As shown in Fig. 2, In the first step defender will take the damaged complex network as an input. In the second step, he/she will calculate the centrality of the remaining network, and in the last step, the defender will add \(N_{d}\) new nodes to existing low centrality nodes, either betweenness or bridging centrality depending on defense strategy with e new edges.

Fig. 2
figure 2

Defence modeling on complex network

Full size image

Defense strategy

In previous research, a mostly centrality-based defense based on Betweenness centrality. We look at the effectiveness of defense strategies. One of them has just been described in the literature. While the one presented in this work the first time.

  1. 1.

    Betweenness-based defense strategy

  2. 2.

    Bridging-based defense strategy

Betweenness-based defense strategy

\(N_{d}\) nodes create and then connect them simultaneously to existing nodes that have

$$\begin{aligned} minC_B (v)=_{(}svtV)(_{s}t (v))/_{s}t \end{aligned}$$

and already present in G with e new edges. In this defense strategy, new nodes will connect to the minor importance (Betweenness centrality) nodes (nodes whose Betweenness value > zero) to regain network functionality. Repeat this process \(N_{d}\) times.

Algorithm 7
figure g

Node Connection Defense Strategy based on Minimum Betweenness Centrality

Full size image

Bridging-based defense strategy

\(N_{d}\) nodes create and then connect them simultaneously to existing nodes that have

$$\begin{aligned} minCr(v)=BC(v) x C_b (v) \end{aligned}$$

and are already present in G with e new edges. In this defense strategy, new nodes will connect to the minor importance (Bridging centrality) nodes (nodes whose bridging value> zero) to regain network functionality. Repeat this process \(N_{d}\) times.

Algorithm 8
figure h

Node Connection Defense Strategy based on Minimum Bridging Centrality

Full size image

We use \(D^{bri}\) and \(D^{bet}\) to denote bridging-based defense and Betweenness based defense strategies, respectively.

Results

Proposed attacks strategies and defense strategies discussed in Sections “Modeling attack on complex networks” and “Proposed defense modelling on complex networks” is tested on random networks (\(G_{22}\), \(G_{50}\), \(G_{1000}\)). We denote \(G_{22}\) as random graph with 22 nodes, \(G_{50}\) as random graph with 50 nodes and \(G_{1000}\) as random graph with 1000 nodes. The networks used in the experiments and their properties are described in Fig. 3 and Table 1

Fig. 3
figure 3

Used networks during experiments

Full size image
Table 1 The Properties of the networks
Full size table

Given graph G, let the diameter is the largest distance between two nodes. The average shortest path length is the number of shortest paths in the network. The average number of neighbors shows the average connectivity of a node in the network. The density value lies between 0 and 1. It shows how densely the network is populated with edges. The isolated nodes are those nodes that have no neighbor node and edge. The network heterogeneity reflects the probability of a network containing hub nodes.

For experiments, we started with the original graphs in Fig. 3. Firstly, \(N_{a}\) nodes with their linked edges will be eliminated according to the attack strategy. Then in the defense case, \(N_{d}\) new nodes will be established and connected with e new edges and to existing low centrality nodes in the graph according to defense strategy, where e is the closest number rounded from avg (deg). The definition of parameters that are used in experiments is described in Table 2. The goal is to judge the quality of every attack and defense strategy during experiments.

Table 2 Summary of parameters in simulation
Full size table
Table 3 Summary of Attack strategies on \(G_{22}\) with \(N_{a}\) = 4
Full size table

With fixed \(N_{a}\) and \(N_{d}\). We can observe how the graph’s shortest paths, connected components, size of the largest connected component, network diameter, isolated nodes and network density change. For example, with \(N_a\) = \(N_d\) = 4 in \(G_{22}\) Table 3, \(N_a\) = \(N_d\) = 8 in \(G_{50}\) Table 4 and \(N_a\) = \(N_d\) = 180 in \(G_{1000}\) Table 5 Attack strategies on \(G_{22}\) in Table 3 are shown. In the case of the remaining shortest paths, remaining connected component and the size of the largest connected component, the best attack strategy is \(A^{bet}_{R}\), \(A^{bri}_{R}\), \(A^{bri, bet}_{R}\), \(A^{bet}\), \(A^{bri, bet}\) and least effective attack strategy was \(A^{bri}\). The results of defense strategies against all 6 attack strategies shows \(A^{bri}\) attack strategy, for \(D^{bri}\) defense strategy was best it recovered 63% shortest paths and 50% connected component when \(N_a\) = \(N_d\). For \(A^{bet}\) attack strategy, both defense strategies \(D^{bri}\) and \(D^{bet}\) were equally effective when \(N_a\) = \(N_d\) it recovered 100% shortest paths and 100% connected component. For \(A^{bri}_{R}\) attack strategy, \(D^{bet}\) defense strategy was more effective than \(D^{bri}\). \(D^{bet}\) defense strategy recovered 90% shortest paths and 50% connected component but \(D^{bri}\) defense strategy has just recovered 57% shortest path and 35% connected component when \(N_a\) = \(N_d\). For \(A^{bet}_{R}\) attack strategy, \(D^{bet}\) defense strategy was most effective rather than \(D^{bri}\) defense strategy. \(D^{bet}\) defense strategy recovered 66% shortest path and 34% connected component and \(D^{bri}\) defense strategy recovered 35% shortest paths 17% connected component. For \(A^{bri, bet}\) attack strategy, both defense strategies \(D^{bri}\) and \(D^{bet}\) were equally effective when \(N_a\) = \(N_d\) it recovered 100% shortest paths and 100% connected component and for \(A^{bri, bet}_{R}\) attack strategy, both defense strategies \(D^{bri}\) and \(D^{bet}\) was equally effective when \(N_a\) = \(N_d\) it recovered 32% shortest paths and 0% connected component.

Table 4 Summary of Attack strategies on \(G_{50}\) with \(N_{a}\) = 8
Full size table

Attack strategies on \(G_{50}\) in Table 4 show according to the remaining shortest paths and size of the largest connected component, the best attack strategy is \(A^{bet}_{R}\), \(A^{bri}_{R}\), \(A^{bri, bet}_{R}\), \(A^{bet}\), \(A^{bri, bet}\) and least effective attack strategy was \(A^{bri}\). In the case of the connected component, \(A^{bet}_{R}\) and \(A^{bet}\) are the top two best strategies because this strategy made most of the nodes isolated in the network. The results of defense strategies against all 6 attack strategies shows \(A^{bri}\) attack strategy, for both defense strategies \(D^{bri}\) and \(D^{bet}\) was equally effective when \(N_a\) = \(N_d\) it recovered 100% shortest paths and 100% connected component. For \(A^{bet}\) attack strategy, \(D^{bet}\) defense strategy recovered 63% shortest paths and 12% connected component but \(D^{bri}\) defense strategy is less effective in this case. For \(A^{bri}_{R}\) attack strategy, \(D^{bet}\) defense strategy is more effective than \(D^{bri}\). \(D^{bet}\) defense strategy recovered 100% shortest paths and 100% connected component but \(D^{bri}\) defense strategy has just recovered 69% shortest path and 60% connected component when \(N_a\) = \(N_d\). For \(A^{bet}_R\) attack strategy, both defense strategies \(D^{bri}\) and \(D^{bet}\) were equally effective when \(N_a\) = \(N_d\) it recovered \(73\%\) shortest paths and 37% connected component. For \(A^{bri, bet}\) attack strategy, both defense strategies \(D^{bri}\) and \(D^{bet}\) were equally effective when \(N_a\) = \(N_d\) it recovered 70% shortest paths and 12% connected component, and for \(A^{bri, bet}_{R}\) attack strategy, both defense strategies \(D^{bri}\) and \(D^{bet}\) was equally effective when \(N_a\) = \(N_d\) it recovered 100% shortest paths and 100% connected component.

Table 5 Summary of Attack strategies on \(G_{1000}\) with \(N_{a}\) = 180
Full size table

Attack strategies on \(G_{1000}\) with density = 0.002 Table 5. Results show that according to the remaining shortest paths and size of the largest connected component, the best attack strategy is \(A^{bet}_{R}\), \(A^{bri}_{R}\), \(A^{bri, bet}_{R}\), \(A^{bet}\), \(A^{bri, bet}\) and least effective attack strategy was \(A^{bri}\). In case of connected component \(A^{bet}_{R}\), \(A^{bri,bet}_{R}\) and \(A^{bri}_{R}\) is top three best attack strategies. The results of defense strategies against all 6 attack strategies shows \(A^{bri}\) attack strategy, for both defense strategies \(D^{bri}\) and \(D^{bet}\) was equally effective when \(N_a\) = \(N_d\) it recovered 95% shortest paths and 67% connected component. For \(A^{bet}\) attack strategy, both defense strategies \(D^{bri}\) and \(D^{bet}\) was equally effective when \(N_a\) = \(N_d\) it recovered 87% shortest paths but in case of connected component \(D^{bri}\) recovered 44% and \(D^{bet}\) recovered 43%. For \(A^{bri}_{R}\) attack strategy, \(D^{bri}\) defense strategy is more effective than \(D^{bet}\). \(D^{bri}\) defense strategy recovered 71% shortest paths and 82% connected component but \(D^{bet}\) defense strategy has just recovered 54% shortest path and 74% connected component when \(N_a\) = \(N_d\). For \(A^{bet}_{R}\) attack strategy, \(D^{bri}\) defense strategy is more effective than \(D^{bet}\). \(D^{bri}\) defense strategy recovered 9% shortest paths and 32% connected component but \(D^{bet}\) defense strategy has just recovered 6% shortest path and 32% connected component when \(N_a\) = \(N_d\). For \(A^{bri,bet}\) attack strategy, \(D^{bri}\) defense strategy is more effective than \(D^{bet}\). \(D^{bri}\) defense strategy recovered 91% shortest paths and 49% connected component but \(D^{bet}\) defense strategy has just recovered 88% shortest path and 46% connected component when \(N_a\) = \(N_d\) and for \(A^{bri,bet}_{R}\) attack strategy, \(D^{bri}\) defense strategy is more effective than \(D^{bet}\). \(D^{bri}\) defense strategy recovered 51% shortest paths and 65% connected component but \(D^{bet}\) defense strategy has just recovered 33% shortest path and \(60\%\) connected component when \(N_a\) = \(N_d\).

If density=0.002, a Bridging-based defense strategy is more effective than a Betweenness-based defense strategy.

Fig. 4
figure 4

a Changes in the size of LCC against all attack strategies, b Changes in connected components against all attack strategies, c Changes in shortest paths against all attack strategies on \(G_{22}\) (orange line \(A^{bri}\), blue line \(A^{bet}\), green line \(A^{bri}_{R}\), black line \(A^{bet}_{R}\), yellow line \(A^{bri, bet}\) and maroon line \(A^{bri, bet}_{R}\) )

Full size image
Fig. 5
figure 5

\(G_{22}\): shortest paths recovered against all 6 attack strategies with \(D_{bet}\) (orange line) and \(D_{bri}\) (blue line)

Full size image
Fig. 6
figure 6

G22: connected component recovered against all 6 attack strategies with \(D^{bet}\) (orange line) and \(D^{bri}\) (blue line) defense strategies

Full size image
Fig. 7
figure 7

a Changes in the size of LCC against all attack strategies, b Changes in connected components against all attack strategies, c Changes in shortest paths against all attack strategies on \(G_{50}\) (orange line \(A^{bri}\), blue line \(A^{bet}\), green line \(A^{bri}_{R}\), black line \(A^{bet}_{R}\), yellow line \(A^{bri, bet}\) and maroon line \(A^{bri, bet}_{R}\) )

Full size image
Fig. 8
figure 8

\(G_{50}\): shortest paths recovered against all 6 attack strategies with \(D^{bet}\) (orange line) and \(D^{bri}\) (blue line)

Full size image
Fig. 9
figure 9

\(G_{50}\): connected component recovered against all 6 attack strategies with \(D^{bet}\) (orange line) and \(D^{bri}\) (blue line)

Full size image
Fig. 10
figure 10

a Changes in the size of LCC against all attack strategies, b Changes in connected components against all attack strategies, c Changes in shortest paths against all attack strategies on \(G_{1000}\) (orange line \(A^{bri}\), blue line \(A^{bet}\), green line \(A^{bri}_{R}\), black line \(A^{bet}_{R}\), yellow line \(A^{bri, bet}\) and maroon line \(A^{bri, bet}_{R}\) )

Full size image
Fig. 11
figure 11

\(G_{1000}\): shortest paths recovered against all 6 attack strategies with \(D^{bet}\) (orange line) and \(D^{bri}\) (blue line)

Full size image
Fig. 12
figure 12

\(G_{1000}\): connected component recovered against all 6 attack strategies with \(D^{bet}\) (orange line) and \(D^{bri}\) (blue line)

Full size image

To find the best attack and defense strategies and also recognize how the network connectivity evolves in a particular network with the same number of \(N_{a}\) and \(N_{d}\) is our research. Figures 4, 7 and 10. From the attacker’s point of view, we can see \(A^{bet}_{R}\) is the best attack strategy. It performed very well according to the remaining shortest path, remaining connected component and size of the largest connected component. However, the \(A^{bri}\) attack strategy was the least effective. After the \(A^{bri}\) attack, the remaining connected component was mostly the same in most networks. But when density=0.002 even \(A^{bri}\) attack is much effective it decreased shortest paths to 7% from 100% (see Fig. 10 c)

From the defender’s point of view, Fig. 5 and 6\(D^{bet}\) defense strategy is more effective than \(D^{bri}\) defense strategy in recovering shortest paths and connected component in \(G_{22}\). Moreover, in \(G_{50}\), Fig. 8 shows both \(D^{bet}\) and \(D^{bri}\) defense strategy is mostly equal in recovering shortest paths, and Fig. 9b shows \(D^{bet}\) worked better in recovering connected component than \(D^{bri}\). In case of \(A^{bri}\) attack \(D^{bri}\) defense is effective, for \(A^{bet}\) and \(A^{bri}_{R}\) attacks, \(D^{bet}\) defense is best is recovered all damage. For \(A^{bet}_{R}\) attack, \(D^{bet}\) defense works better, but if we increase \(N_{d}\), this defense will work much better. For \(A^{bri,bet}\) attack, both \(D^{bet}\) and \(D^{bri}\) defense is equally better and for \(A^{bri,bet}_{R}\) attack, both \(D^{bet}\) and \(D^{bri}\) is equally effective. As can be seen in Figs. 5, 6, 8, 9, 11 and 12 about defense strategies is all proposed defense strategy works best if \(N_{a}\) = \(N_{d}\) or \(N_{a}\) \(N_{d}\) but if \(N_{a}\) \(N_{d}\) than defense strategies do not work better, but in Figs. 11 and 12\(D^{bri}\) defense strategy works better in recovering shortest path and connected component.

Experiment on real network

The experimental setup comprehensively evaluated the efficacy of our proposed attack and defense strategies using a real network dataset centered on ’Women International Day tweets,’ with specific network specifications detailed in Table 6. Upon implementing various attack and defense strategies, we closely analyzed their impacts on critical network metrics.

Table 6 Properties of real network
Full size table

Significant observations emerged, notably revealing the profound effects of certain attacks on the network’s structure. The Betweeness-Based Recalculation Attack \(A^{bet}_{R}\), a fusion of Betweeness-Bridging with Recalculation Method \(A^{bri,bet}_{R}\), and the Betweeness-Based Attack \(A^{bet}\) notably affected the size of the largest connected component and the total number of connected components. These findings correlate strongly with alterations observed in the average shortest path metric. Additionally, the Bridging-based Attack \(A^{bri}\) demonstrated substantial impact, particularly affecting the average shortest path metric Fig. 13

Our investigation into defense strategies against the six attacked graphs highlighted the remarkable efficacy of the Bridging-based Defense mechanism \(D^{bri}\) Figs. 14 and 15. This defense strategy proved highly proficient in restoring both the Connected Component and Average Shortest Path parameters, showcasing its resilience against the employed attack strategies."

Fig. 13
figure 13

a Changes in the size of LCC against all attack strategies, b Changes in connected components against all attack strategies, c Changes in shortest paths against all attack strategies on \(G_{Real Network}\) (orange line \(A^{bri}\), blue line \(A^{bet}\), green line \(A^{bet,Bri}\), Red line \(A^{bet}_{R}\), Purple line \(A^{bri}_{R}\) and brown line \(A^{bri, bet}_{R}\) )

Full size image
Fig. 14
figure 14

\(G_{Real Network}\): shortest paths recovered against all 6 attack strategies with \(D^{bet}\) (blue line) and \(D^{bri}\) (orange line)

Full size image
Fig. 15
figure 15

\(G_{Real Network}\): shortest paths recovered against all 6 attack strategies with \(D^{bet}\) (blue line) and \(D^{bri}\) (orange line)

Full size image

Conclusions and future work

Within the domain of complex networks, the emphasis on pinpointing crucial elements using centrality measures has been widespread, especially highlighting nodes exhibiting significant Betweenness centrality. This paper introduces a novel approach by analyzing attack and defense strategies using bridging centrality alongside the innovative Bridging-Betweenness Fusion Attack. Our contributions lie in utilizing high centrality removal as an attack strategy and proposing a recalculated node method post-removal, along with defense techniques involving new node additions to lower centrality nodes after attacks. While some techniques are established, like combining centrality measures for attacks and bridging-based defense, others are introduced for the first time. This innovative approach significantly fortifies complex networks against potential attacks, marking a notable advancement in enhancing their resilience. We aim to provide practical security solutions for entire networks. Table 7 summarizes the best attack against and defense against each network.

To summarize

  • The best attack strategy is an attack on high Betweenness centrality nodes with a recalculated method that is \(A_{R}^{bri}\). In the sense that it maximizes damage to network connectivity and leaves many isolated nodes, it also maximizes the cost of defense.

  • The best defense strategy, in general, is a Betweenness based defense strategy in case of \(N_{a}\) = \(N_{d}\) but if density \(<= 0.002\), then the bridging-based defense is more effective and works much better than Betweenness based defense

  • When density=0.002 than \(D^{bri}\) defense strategy is effective and if density \(> 0.016\) \(D^{bet}\) defense strategy is effective

  • If density \(<= 0.002\) than it will cause maximum damage to network even with \(A^{bri}\) attack strategy (bridging centrality-based attack and if density \(> 0.016\) \(D^{bet}\) defense strategy is effective

  • To maintain connectivity of network keep density \(>0.002\)

  • In simultaneous attacks attacker even removes isolated nodes from the network that can decrease its attack effect, but in sequential attacks, it is not possible.

  • In real network scenarios, the top two most effective attack strategies were \(A_{R}^{bet}\) and \(A_{R}^{bri,bet}\) When it came to defense strategies, \(D^{bri}\) proved to be the most effective.

Table 7 Summary of best attack against and defense against each network
Full size table

We plan to extend this work to examine new centralities and combinations of different centralities.

  • Exploring New Centrality Measures: Future research will delve into novel centrality measures and their combinations to further understand network structures. This exploration includes considering centrality measures such as Eigenvector centrality, known for capturing the influence of well-connected nodes, and exploring hybrid combinations like (betweenness + degree) or (degree + betweenness + bridging). Understanding how these combined measures might reveal different aspects of node importance within networks could significantly enhance our comprehension of network dynamics.

  • Extension to Multilevel Networks: Another crucial avenue for future investigation involves extending network models to encompass multilevel structures [40]. This extension seeks to represent diverse interaction types among entities within real-life social systems [41]. These interactions often occur across multiple dimensions or layers, leading to the emergence of multiplex networks or multi-layer networks. By accommodating such complexities in network structures, future research aims to offer more realistic and comprehensive models that accurately capture the intricate relationships and interactions within complex systems. Understanding how entities interact across various levels or dimensions within networks will provide deeper insights into the dynamics and functionalities of multiplex networks [42], contributing to a more nuanced understanding of complex systems in diverse domains