Abstract
Defending of scapegoating attack is a critical problem in network tomography. Theoretically, the ideal defending scheme is to add monitoring paths to make all the links in the network be identifiable. This requires very high monitoring cost. To overcome this problem, this paper proposes a diagnosis-based defending scheme for scapegoating attack. A scapegoating attack can be launched only when the link set manipulated by the attacker cuts the probing paths going through the scapegoat links and is not traversed by any monitoring path. This cut set is called unobserved cut set (UCS). To defense, we propose to find the UCS and add the minimum number of probing paths to traverse the UCS. A minimum set cover model is proposed to select the least number of defense links to cover the UCS, and a polynomial time algorithm is proposed. Evaluations on various network dataset show the effectiveness of the proposed strategies.
Supported by the National Natural Science Foundation of China Grant No. 61972404, 12071478.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Chen, A., Cao, J., Bu, T.: Network Tomography: Identifiability and Fourier Domain Estimation, December 2007
Chiu, C.C., He, T.: Stealthy DGoS attack: degrading of service under the watch of network tomography. In: IEEE INFOCOM 2020 - IEEE Conference on Computer Communications, pp. 367–376. IEEE Press, Toronto, ON, Canada, July 2020
Constantin, L.: Attackers slip rogue, backdoored firmware onto Cisco routers | PCWorld. https://www.pcworld.com/article/2984084/attackers-install-highly-persistent-malware-implants-on-cisco-routers.html
Duffield, N., Presti, F.L., Paxson, V., Towsley, D.: Network loss tomography using striped unicast probes. IEEE/ACM Trans. Networking 14(4), 697–710 (2006). Conference name: IEEE/ACM Transactions on Networking
Erdös, P., Rényi, A.: On the evolution of random graphs. Publ. Mah. Inst. Hung. Acad. Sci 5, 17–60 (1960)
Knight, S., Nguyen, H.X., Falkner, N., Bowden, R., Roughan, M.: The internet topology zoo. IEEE J. Sel. Areas Commun. 29(9), 1765–1775 (2011)
Ma, L., He, T., Leung, K.K., Swami, A., Towsley, D.: Monitor placement for maximal identifiability in network tomography. In: IEEE INFOCOM 2014 - IEEE Conference on Computer Communications, pp. 1447–1455, April 2014. ISSN: 0743-166X
Ma, L., He, T., Leung, K., Swami, A., Towsley, D.: Identifiability of link metrics based on end-to-end path measurements, pp. 391–404, October 2013
Ma, L., He, T., Leung, K.K., Swami, A., Towsley, D.: Inferring link metrics from end-to-end path measurements: identifiability and monitor placement. IEEE/ACM Trans. Networking 22(4), 1351–1368 (2014)
Ma, L., He, T., Leung, K.K., Towsley, D., Swami, A.: Efficient identification of additive link metrics via network tomography. In: Proceedings - 2013 IEEE 33rd International Conference on Distributed Computing Systems, ICDCS 2013, pp. 581–590, December 2013
Ma, L., He, T., Swami, A., Towsley, D., Leung, K.K.: On optimal monitor placement for localizing node failures via network tomography. In: Performance Evaluation. Elsevier Science Publishers B. V. PUB568 Amsterdam, The Netherlands, The Netherlands, September 2015
Nguyen, H.X., Thiran, P.: The boolean solution to the congested IP link location problem: theory and practice. In: IEEE INFOCOM 2007–26th IEEE International Conference on Computer Communications, pp. 2117–2125, May 2007. ISSN: 0743-166X
Pepe, T., Puleri, M.: Network tomography: a novel algorithm for probing path selection. In: 2015 IEEE International Conference on Communications (ICC) (2015)
Qiao, Y., Jiao, J., Rao, Y., Ma, H.: Adaptive path selection for link loss inference in network tomography applications. PLOS ONE 11(10), e0163706 (2016). Public Library of Science
Tague, P., Poovendran, R.: Modeling node capture attacks in wireless sensor networks. In: 2008 46th Annual Allerton Conference on Communication, Control, and Computing, pp. 1221–1224, September 2008
Tati, S., Silvestri, S., He, T., Porta, T.L.: Robust network tomography in the presence of failures. In: 2014 IEEE 34th International Conference on Distributed Computing Systems, pp. 481–492, June 2014. ISSN: 1063-6927
Tati, S., Silvestri, S., He, T., Porta, T.L.: Robust network tomography in the presence of failures. In: 2014 IEEE 34th International Conference on Distributed Computing Systems, pp. 481–492 (2014)
Vazirani, V.V.: Approximation Algorithms. Springer, Heidelberg (2001). https://doi.org/10.1007/978-3-662-04565-7
Xu, X., Wang, Y., Xu, L., Li, D.: Locate vulnerable link set to launch minimum cost scapegoating attack in network tomography. Under review (2022)
Zhao, S., Lu, Z., Wang, C.: When seeing isn’t believing: on feasibility and detectability of scapegoating in network tomography. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. 172–182, June 2017. ISSN: 1063-6927
Zhao, Y., Govindan, R., Estrin, D.: Sensor network tomography: monitoring wireless sensor networks. ACM SIGCOMM Comput. Commun. Rev. 32, 64 (2001)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Xu, X., Wang, Y., Zhang, Y., Li, D. (2022). Defense of Scapegoating Attack in Network Tomography. In: Ni, Q., Wu, W. (eds) Algorithmic Aspects in Information and Management. AAIM 2022. Lecture Notes in Computer Science, vol 13513. Springer, Cham. https://doi.org/10.1007/978-3-031-16081-3_15
Download citation
DOI: https://doi.org/10.1007/978-3-031-16081-3_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-16080-6
Online ISBN: 978-3-031-16081-3
eBook Packages: Computer ScienceComputer Science (R0)