TY - JOUR
T1 - Stealthy DGoS Attack
T2 - DeGrading of Service under the Watch of Network Tomography
AU - Chiu, Cho Chun
AU - He, Ting
N1 - Funding Information:
Manuscript received January 24, 2020; revised October 26, 2020 and December 13, 2020; accepted February 5, 2021; approved by IEEE/ACM TRANSACTIONS ON NETWORKING Editor W. Lou. Date of publication February 19, 2021; date of current version June 16, 2021. This work was supported by NSF under Award 1813219. A preliminary version of this work was presented at INFOCOM’20. (Corresponding author: Cho-Chun Chiu.) The authors are with the Department of Computer Science and Engineering, The Pennsylvania State University, University Park, PA 16801 USA (e-mail: cuc496@psu.edu; tzh58@psu.edu). Digital Object Identifier 10.1109/TNET.2021.3058230 Fig. 1. (a) network tomography in benign setting; (b) network tomography in adversarial setting.
Publisher Copyright:
© 1993-2012 IEEE.
PY - 2021/6
Y1 - 2021/6
N2 - Network tomography is a powerful tool to monitor the internal state of a closed network that cannot be measured directly, with broad applications in the Internet, overlay networks, and all-optical networks. However, existing network tomography solutions all assume that the measurements are trust-worthy, leaving open how effective they are in an adversarial environment with possibly manipulated measurements. To understand the fundamental limit of network tomography in such a setting, we formulate and analyze a novel type of attack that aims at maximally degrading the performance of targeted paths without being localized by network tomography. By analyzing properties of the optimal attack strategy, we formulate novel combinatorial optimizations to design the optimal attack strategy, which are then linked to well-known NP-hard problems and approximation algorithms. As a byproduct, our algorithms also identify approximations of the most vulnerable set of links that once manipulated, can inflict the maximum performance degradation. Our evaluations on real topologies demonstrate the large potential damage of such attacks, signaling the need of new defenses.
AB - Network tomography is a powerful tool to monitor the internal state of a closed network that cannot be measured directly, with broad applications in the Internet, overlay networks, and all-optical networks. However, existing network tomography solutions all assume that the measurements are trust-worthy, leaving open how effective they are in an adversarial environment with possibly manipulated measurements. To understand the fundamental limit of network tomography in such a setting, we formulate and analyze a novel type of attack that aims at maximally degrading the performance of targeted paths without being localized by network tomography. By analyzing properties of the optimal attack strategy, we formulate novel combinatorial optimizations to design the optimal attack strategy, which are then linked to well-known NP-hard problems and approximation algorithms. As a byproduct, our algorithms also identify approximations of the most vulnerable set of links that once manipulated, can inflict the maximum performance degradation. Our evaluations on real topologies demonstrate the large potential damage of such attacks, signaling the need of new defenses.
UR - http://www.scopus.com/inward/record.url?scp=85101775804&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85101775804&partnerID=8YFLogxK
U2 - 10.1109/TNET.2021.3058230
DO - 10.1109/TNET.2021.3058230
M3 - Article
AN - SCOPUS:85101775804
SN - 1063-6692
VL - 29
SP - 1294
EP - 1307
JO - IEEE/ACM Transactions on Networking
JF - IEEE/ACM Transactions on Networking
IS - 3
M1 - 9359492
ER -