On New Approaches of Assessing Network Vulnerability: Hardness and Approximation Thang N

On New Approaches of Assessing Network Vulnerability: Hardness and Approximation Thang N

1 On New Approaches of Assessing Network Vulnerability: Hardness and Approximation Thang N. Dinh, Ying Xuan, My T. Thai, Member, IEEE, Panos M. Pardalos, Member, IEEE, Taieb Znati, Member, IEEE Abstract—Society relies heavily on its networked physical infrastructure and information systems. Accurately assessing the vulnerability of these systems against disruptive events is vital for planning and risk management. Existing approaches to vulnerability assessments of large-scale systems mainly focus on investigating inhomogeneous properties of the underlying graph elements. These measures and the associated heuristic solutions are limited in evaluating the vulnerability of large-scale network topologies. Furthermore, these approaches often fail to provide performance guarantees of the proposed solutions. In this paper, we propose a vulnerability measure, pairwise connectivity, and use it to formulate network vulnerability assessment as a graph-theoretical optimization problem, referred to as β-disruptor. The objective is to identify the minimum set of critical network elements, namely nodes and edges, whose removal results in a specific degradation of the network global pairwise connectivity. We prove the NP-Completeness and inapproximability of this problem, and propose an O(log n log log n) pseudo- approximation algorithm to computing the set of critical nodes and an O(log1:5 n) pseudo-approximation algorithm for computing the set of critical edges. The results of an extensive simulation-based experiment show the feasibility of our proposed vulnerability assessment framework and the efficiency of the proposed approximation algorithms in comparison with other approaches. Index Terms—Network vulnerability, Pairwise connectivity, Hardness, Approximation algorithm. F 1 INTRODUCTION ONNECTIVITY plays a vital role in network per- tal a network element is to the survivability of the net- formance and is fundamental to vulnerability C work when faced with disruptive events. A number assessment. Disruptive events, ranging from natural of these studies proposed global graph measures, such disasters to malicious attacks, can drastically com- as cyclomatic number, maximum network circuits, α- promise the network’s ability to meet its quality-of- index, β-index and γ-index, as a single index to capture service(QoS) requirements, if not cause widespread the network structure. The global index, derived from service outages and potentially total network break- the basic properties of the graph, namely the number down [1], [2], [3], [4], [5], [6]. Robust network design of vertices, edges and pairwise shortest paths, is then and management strategies to deal with unexpected used to assess and compare the vulnerability of dif- events must be in place to account for potential dis- ferent networks. Although relatively straightforward ruptions to network connectivity. A critical aspect of to calculate, global measures can neither be rigorously these strategies is their ability to pro-actively assess mapped to the over network connectivity nor reveal network vulnerability to disruptive events, in order the set of most critical vertices and edges. Such a to protect network elements1 against natural disaster shortcoming limits considerably their suitability for and malicious human acts and mitigate the impact of assessing network vulnerability. Other research stud- such acts on network performance and survivability. ies proposed local nodal centrality [7], such as degree Over the last few years, a considerable amount of centrality, betweenness centrality and closeness cen- research effort has focused on developing approaches trality, as a local network measure for network vul- and methods to assess network vulnerability to dis- nerability. These local measures, which emphasize the ruptive events [1]. Central to these research studies is relative topological characteristics of individual edges the use of graph theoretic measures to determine how vi- and nodes within a network, are used to identify and quantify critical network elements of the network, • T. N. Dinh, Y. Xuan, M. T. Thai are with the Dept. of Comp. & Info. and evaluate network vulnerability. Unfortunately, the Sci. & Eng., University of Florida, Gainesville, FL, 32611. inability of local network measures to capture global E-mail: ftdinh, yxuan, [email protected]fl.edu. network connectivity raises concerns about their va- • Panos M. Pardalos is with Industrial and System Engineering Dept., University of Florida at Gainesville, FL, 32611. lidity to accurately assess network vulnerability and Email: pardalos@ufl.edu. reveal the global damage that may be inflicted on the • T. Znati is with Computer Science Dept., University of Pittsburgh, network when subjected to failures and attacks. Pittsburgh, PA 15215. Email: [email protected]. In this paper, we propose a new framework for accurately assessing network vulnerability. The basic 1. In this paper, the term ”network elements” is used to refer tenet of our approach is to model the network as a network nodes, communications links or a combination thereof. connected directed graph and explore the number of 2 necessary disruptive events, in terms of connectivity failures between pairs of nodes, that can cause a specific level of network disruption. To this end, we quantify the connectivity of each node pair as 1 if the pair is strongly connected and as 0 otherwise. (a) (b) The pairwise connectivity quantification is then used Fig. 1. After the “central” vertex (in black) with maximum out-going to determine the minimized set of network elements degree is removed, network (a) is still strongly connected while (b) whose removal from the graph incurs a specific level is fragmented; however in fact, only removing one vertex (in grey) is of network disruption. It is worth noting that the enough to destroy network (a). the pairwise connectivity measure correlates with the insight into network structure and robustness in var- number of network elements to be removed for the ious operating environments. Several recent studies network to incur a level of disruption. As such, the in the context of wireless networks have focused on measure can be used not only to assess the vul- the impact of node and edge removal on network nerability of the network against disruptive events, connectivity[8][9][10]. It is worth noting that most of but equally important to evaluate the global damage these studies are not concerned with quantifying the different levels of disruptive events may cause. level of network disconnectivity, a weaker objective Based on the concept of pairwise connectivity, net- than that of the β-disruptor framework. We argue work vulnerability assessment can be formulated as a that quantifying network connectivity is essential to graph-theoretical optimization problem: Find a min- assessing network vulnerability to disruptive events imized set of network elements whose removal causes a and evaluate the level of fragmentation these events specific level of network pairwise degradation. The min- may inflict on the network. A scale-free network, for imized set of network elements is thereafter referred example, can tolerate high random failure rates, as to as β-disruptor, where 0 ≤ β < 1 denotes the the failure of boundary vertices may not significantly fraction of pairwise connectivity degradation that reduce the network connectivity even though the is caused by the failure of the minimized set ele- entire graph becomes disconnected [11]. Furthermore, ments. Two new optimization problems, namely β- different disruption levels may be caused by different vertex disruptor and β-edge disruptor, are introduced network elements. The node centrality based vul- and proved to be NP-complete. We also propose nerability assessment framework, for example, only two pseudo-approximation algorithms, with provable identifies a set of nodes with non-increasing degrees performance bounds, to these optimization problems, with no consideration of the disruption level the thereby ensuring the feasibility of the proposed net- removal of these sets of nodes may cause. The ability work vulnerability assessment framework. to quantify the disconnectivity level, a unique feature The advantage of the β-disruptor based framework, of β-disruptor framework, is valuable in assessing in comparison with node centrality based frame- accurately network vulnerability to disruptive events works, can be briefly illustrated using Fig.1, where and predicting the impact of these events on network two strongly connected networks, A and B, with 7 operations. vertices each, are depicted. Using node degree central- The main contributions of this paper are as follows: ity as a vulnerability measure, reveals that removing • A novel, pairwise-connectivity-centric framework the black vertex with maximum outgoing degree 5 in for investigating vulnerability assessment as an Fig. 1-(a) leaves the network A still strongly connected optimization problem, referred to as β-disruptor, with 5 vertices; whereas, removing the black vertex on general graphs. Two versions of the problem, with maximum outgoing degree 4 in Fig. 1-(b) parti- namely β-vertex disruptor and β-edge disruptor, are tions the graph into two strongly connected compo- considered; nents. Therefore, the node-centrality based assessment • A proof of the NP-completeness of the two leads to the conclusion that A is less vulnerable than versions of the β-disruptor problem, including B. The analysis of the network vulnerability based on the proof that no

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    11 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us