Post on 02-Jan-2016
Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d)
Presented by Erion Lin
Outline
Problem DescriptionModelSolution Approach
Problem Description
Problem Description
Assume the budget allocation policy is given, we want to know the minimal attack cost for an attacker to compromise a network.
The system is survivable if there is at least one available path for each critical OD-pair.
Problem Assumptions
The survivability metric is measured as the connectivity of the given critical OD-pairs.
The attacker and the defender have complete information about the targeted network topology.
The defender’s budget allocation strategy is a given parameter.
Problem Assumptions (Cont’d)
The objective of the attacker is to minimize the total attack cost of destroying all paths between one of the critical OD-pairs.
We consider node attacks only. (No link attacks are considered). If a node is attacked, its outgoing links are not functional.
We consider malicious attacks only. (No random failures are considered.)
Model
Model Description
Given Network topology A set of critical OD-pairs Total defense budget for the defender
Model Description (Cont’d)
Objective: To minimize the total cost of an attack
Subject to: There is no available path for one of the critical
OD-pairs to communicate.
To determine: Which nodes will be attacked
Given Parameters
Decision Variables
Formulation
Objective Function
subject to ii i
yi V
Min y a
l ic y M , ii V l OUT (IP 1.1)
Link cost representation
wl l pl ll L l L
t c c
,wp P w W (IP 1.2)
w
p pl wlp P
x t
,w W l L (IP 1.3)
wl lw W l L
M t c
(IP 1.4)
Formulation (Cont.)
subject to (cont.)
0 1px or ,wp P w W (IP 1.6)
0 1iy or i V (IP 1.7)
0 1wlt or ,w W l L (IP 1.8)
1w
pp P
x
w W (IP 1.5)
Reformulation
We reformulate the problem with one assumption and one argument.
Assumption
Argument the optimality condition for the defender holds if
and only if the total budget B is fully used.
,i ia b i V
The threshold attack cost to compromise a node equals to the allocated budget on it.
Reformulation (Cont.)
Objective Function
subject to ii i
yi V
Min y b
l ic y M , ii V l OUT (IP 2.1)
Link cost representation
wl l pl ll L l L
t c c
,wp P w W (IP 2.2)
,w W l L (IP 2.3)
wl lw W l L
M t c
(IP 2.4)
w
p pl wlp P
x t
Reformulation (Cont.)
subject to (cont.)
1w
pp P
x
w W (IP 2.5)
0 1px or ,wp P w W (IP 2.6)
0 1iy or i V (IP 2.7)
0 1wlt or ,w W l L (IP 2.8)
or lc M .l L (IP 2.9)
Solution Approach
Max-Flow Min-Cut Theorem
The maximum value of the flow from a source node to a sink node t in a capacitated network equals the minimum capacity among all s-t cuts.
Therefore, we gain a byproduct of the minimum cut from the maximum flow algorithm.
Genetic Augmenting Path Algorithm
Example
Example (cont.)
Questions
How to identify an augmenting path or show that the network contains no such path?
Whether the algorithm terminates in finite number of iterations?
Labeling algorithm is a specific implementation.
Exists if the residual capacity of the arc is not zero
The Labeling Algorithm
S-T Cut
A cut is a partition of the node N into two subsets S and =N – S.
We refer to a cut as an s-t cut if .S
s S and t S
Example of an S-T Cut
Theorem
The maximum value of the flow from a source node s to a sink node t in a capacitated network equals the minimum capacity among all s-t cuts.
Proof. When the labeling algorithm terminates, it also
discovered a minimum cut.
Theorem (Cont’d)
A flow x* is a maximum flow if and only of the residual network G(x*) contains no augmenting path.
Proof. If the residual network G(x*) contains an augme
nting path, clearly the flow x* is not a maximum flow.
Node Splitting
300300
Solution Approach
Combine max-flow min-cut theorem and node splitting method.
Example
300
200
50
400
70
Example (Cont’d)
300
50
200
70
400
Infinite Capacity
-200
-200
-200
-50
-50 -50
-50
Max Flow and Min Cut: 250
Time Complexity Analysis
Labeling Algorithm :O((|N|+|L|)xn) n: number of augmentations
Consider w OD-pairs O(|W|x(|N|+|L|)xn)
Thanks for Your Listening