Advertisement

An Efficient Algorithm for Network Vulnerability Analysis Under Malicious Attacks

  • Toni Mancini
  • Federico Mari
  • Igor Melatti
  • Ivano Salvo
  • Enrico Tronci
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11177)

Abstract

Given a communication network, we address the problem of computing a lower bound to the transmission rate between two network nodes notwithstanding the presence of an intelligent malicious attacker with limited destructive power.

Formally, we are given a link capacitated network N with source node s and destination node t and a budget B for the attacker.

We want to compute the Guaranteed Maximum Flow from s to t when an attacker can remove at most B edges. This problem is known to be NP-hard for general networks.

For Internet-like networks we present an efficient ILP-based algorithm coupled with instance transformation techniques that allow us to solve the above problem for networks with more than 200 000 nodes and edges within a few minutes. To the best of our knowledge this is the first time that instances of this size for the above problem have been solved for Internet-like networks.

Notes

Acknowledgements

This work was partially supported by the following research projects/grants: Italian Ministry of University & Research (MIUR) grant “Dipartimenti di Eccellenza 2018–2022” (Dept. Computer Science, Sapienza Univ. of Rome); EC FP7 project SmartHG (Energy Demand Aware Open Services for Smart Grid Intelligent Automation, 317761); INdAM “GNCS Project 2018”.

References

  1. 1.
    Alimguzhin, V., Mari, F., Melatti, I., Salvo, I., Tronci, E.: Linearizing discrete time hybrid systems. IEEE TAC 62(10), 5357–5364 (2017)MathSciNetzbMATHGoogle Scholar
  2. 2.
    Aura, T., Bishop, M ., Sniegowski, D.: Analyzing single-server network inhibition. In: Proceedings of CSFW 2000, p. 108. IEEE (2000)Google Scholar
  3. 3.
    Aura, T., Nikander, P., Leiwo, J.: DOS-resistant authentication with client puzzles. In: Christianson, B., Malcolm, J.A., Crispo, B., Roe, M. (eds.) Security Protocols 2000. LNCS, vol. 2133, pp. 170–177. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44810-1_22CrossRefGoogle Scholar
  4. 4.
    Church, R.L., Scaparra, M.P., Middleton, R.S.: Identifying critical infrastructure: the median and covering facility interdiction problems. Ann. Assoc. Am. Geogr. 94(3), 491–502 (2004)CrossRefGoogle Scholar
  5. 5.
    Clarke, E.M., Grumberg, O., Peled, D.A.: Model Checking. MIT Press (1999)Google Scholar
  6. 6.
    Della Penna, G., Intrigila, B., Magazzeni, D., Melatti, I., Tronci, E.: CGMurphi: automatic synthesis of numerical controllers for nonlinear hybrid systems. Eur. J. Control 19(1), 14–36 (2013)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Evans, J.: Optimization Algorithms for Networks and Graphs. Routledge (2017)Google Scholar
  8. 8.
    Ha, D., Upadhyaya, S., Ngo, H., Pramanik, S., Chinchani, R., Mathew, S.: Insider threat analysis using information-centric modeling. In: Craiger, P., Shenoi, S. (eds.) DigitalForensics 2007. ITIFIP, vol. 242, pp. 55–73. Springer, New York (2007).  https://doi.org/10.1007/978-0-387-73742-3_4CrossRefGoogle Scholar
  9. 9.
    Hayes, B.P., Melatti, I., Mancini, T., Prodanovic, M., Tronci, E.: Residential demand management using individualised demand aware price policies. IEEE Trans. Smart Grid 8(3), 1284–1294 (2017)CrossRefGoogle Scholar
  10. 10.
    Hoos, H.H., Stützle, T.: Stochastic Local Search: Foundations and Applications. Elsevier (2004)Google Scholar
  11. 11.
    The Internet Mapping Project: http://www.cheswick.com/ches/map/
  12. 12.
    Jeong, H.S., Qiao, J., Abraham, D.M., Lawley, M., Richard, J.-P., Yih, Y.: Minimizing the consequences of intentional attack on water infrastructure. Comp.-Aided Civil Infrastructure Eng. 21, 79–92 (2006)CrossRefGoogle Scholar
  13. 13.
    Korkmaz, T., Krunz, M.: Multi-constrained optimal path selection. In: Proceedings of INFOCOM 2001, pp. 834–843 (2001)Google Scholar
  14. 14.
    Lin, Y., Austin, L.M., Burns, J.R.: An intelligent algorithm for mixed-integer programming models. Comp. Oper. Res. 19(6), 461–468 (1992)CrossRefGoogle Scholar
  15. 15.
    Mancini, T.: Now or Never: negotiating efficiently with unknown or untrusted counterparts. Fundam. Inform. 149(1–2), 61–100 (2016)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Mancini, T., Flener, P., Pearson, J.: Combinatorial problem solving over relational databases: view synthesis through constraint-based local search. In: Proceedings of SAC 2012. ACM (2012)Google Scholar
  17. 17.
    Mancini, T., Mari, F., Massini, A., Melatti, I., Merli, F., Tronci, E.: System level formal verification via model checking driven simulation. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 296–312. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-39799-8_21CrossRefGoogle Scholar
  18. 18.
    Mancini, T., et al.: Computing personalised treatments through in silico clinical trials. A case study on downregulation in assisted reproduction. In: Proceedings of RCRA 2018 (2018)Google Scholar
  19. 19.
    Mancini, T., Mari, F., Massini, A., Melatti, I., Salvo, I., Tronci, E.: On minimising the maximum expected verification time. IPL 122, 8–16 (2017)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Mancini, T., Mari, F., Massini, A., Melatti, I., Tronci, E.: Anytime system level verification via random exhaustive hardware in the loop simulation. In: Proceedings of DSD 2014. IEEE (2014)Google Scholar
  21. 21.
    Mancini, T., Mari, F., Massini, A., Melatti, I., Tronci, E.: System level formal verification via distributed multi-core hardware in the loop simulation. In: Proceedings of PDP 2014. IEEE (2014)Google Scholar
  22. 22.
    Mancini, T., Mari, F., Massini, A., Melatti, I., Tronci, E.: Anytime system level verification via parallel random exhaustive hardware in the loop simulation. Microprocess. Microsyst. 41, 12–28 (2016)CrossRefGoogle Scholar
  23. 23.
    Mancini, T., Mari, F., Massini, A., Melatti, I., Tronci, E.: SyLVaaS: system level formal verification as a service. Fundam. Inform. 149(1–2), 101–132 (2016)MathSciNetCrossRefGoogle Scholar
  24. 24.
    Mancini, T., et al.: Demand-aware price policy synthesis and verification services for smart grids. In: Proceedings of SmartGridComm 2014. IEEE (2014)Google Scholar
  25. 25.
    Mancini, T., et al.: Parallel statistical model checking for safety verification in smart grids. In: Proceedings of SmartGridComm 2018. IEEE (2018)Google Scholar
  26. 26.
    Mancini, T., et al.: User flexibility aware price policy synthesis for smart grids. In: Proceedings of DSD 2015. IEEE (2015)Google Scholar
  27. 27.
    Mancini, T., Tronci, E., Salvo, I., Mari, F., Massini, A., Melatti, I.: Computing biological model parameters by parallel statistical model checking. In: Ortuño, F., Rojas, I. (eds.) IWBBIO 2015. LNCS, vol. 9044, pp. 542–554. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-16480-9_52CrossRefGoogle Scholar
  28. 28.
    Mancini, T., et al.: Optimal fault-tolerant placement of relay nodes in a mission critical wireless network. In: Proceedings of RCRA 2018 (2018)Google Scholar
  29. 29.
    Mari, F., Melatti, I., Salvo, I., Tronci, E.: Model based synthesis of control software from system level formal specifications. ACM TOSEM 23(1), 6 (2014)CrossRefGoogle Scholar
  30. 30.
    Marques-Silva, J., Malik, S.: Propositional SAT solving. Handbook of Model Checking, pp. 247–275. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-10575-8_9CrossRefGoogle Scholar
  31. 31.
    Michel, L., Van Hentenryck, P.: Constraint-based local search. In: Martí, R., Panos, P., Resende, M. (eds.) Handbook of Heuristics, pp. 1–38. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-07153-4_7-1CrossRefGoogle Scholar
  32. 32.
    Murray, A.T., Grubesic, T.H.: Critical infrastructure protection: the vulnerability conundrum. Telemat. Inf. 29(1), 56–65 (2012)CrossRefGoogle Scholar
  33. 33.
    Phillips, C., Painton Swiler, L.: A graph-based system for network-vulnerability analysis. In: Proceedings of NSPW 1998, pp. 71–79. ACM (1998)Google Scholar
  34. 34.
    Phillips, C.A.: The network inhibition problem. In: Proceedings of STOC 1993, pp. 776–785. ACM (1993)Google Scholar
  35. 35.
    Shen, S.: Optimizing designs and operations of a single network or multiple interdependent infrastructures under stochastic arc disruption. Comput. Oper. Res. 40(11), 2677–2688 (2013)MathSciNetCrossRefGoogle Scholar
  36. 36.
    Smith, J.C., Prince, M., Geunes, J.: Modern network interdiction problems and algorithms. In: Pardalos, P.M., Du, D.-Z., Graham, R.L. (eds.) Handbook of Combinatorial Optimization, pp. 1949–1987. Springer, New York (2013).  https://doi.org/10.1007/978-1-4419-7997-1_61CrossRefGoogle Scholar
  37. 37.
    Tadayon, B., Smith, J.C.: Algorithms and complexity analysis for robust single-machine scheduling problems. J. Scheduling 18(6), 575–592 (2015)MathSciNetCrossRefGoogle Scholar
  38. 38.
    Tronci, E., et al.: Patient-specific models from inter-patient biological models and clinical records. In Proceedings of FMCAD 2014. IEEE (2014)Google Scholar
  39. 39.
    Wood, R.K.: Deterministic network interdiction. Math. Comp. Mod. 17(2), 1–18 (1993)MathSciNetCrossRefGoogle Scholar
  40. 40.
    Xiao, Y., Thulasiraman, K., Xue, G.: Constrained shortest link-disjoint paths selection: a network programming based approach. IEEE Trans. Circ. Sys. 53(5), 1174–1187 (2006)MathSciNetCrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Toni Mancini
    • 1
  • Federico Mari
    • 1
  • Igor Melatti
    • 1
  • Ivano Salvo
    • 1
  • Enrico Tronci
    • 1
  1. 1.Computer Science DepartmentSapienza University of RomeRomeItaly

Personalised recommendations