It is well known that profiling attacker behavior is an effective way to obtain insights into network attacks and to identify the systems and components that must be protected. This paper presents a novel integer linear programming formulation that models the strategy of an attacker who targets a set of nodes with the goal of compromising or destroying them. The attacker model considers the infliction of the greatest possible damage with minimal attacker effort. Specifically, it is assumed that the attacker is guided by three conflicting objectives: (i) maximization of the number of disconnected components; (ii) minimization of the size of the largest connected component; and (iii) minimization of the attack cost. Compared with other research in the area, the proposed formulation is much more descriptive but has less complexity; thus, it is very useful for predicting attacks and identifying the entities that must be protected. Since exact solutions of the formulation are computationally expensive for large problems, a heuristic algorithm is presented to obtain approximate solutions. Simulation results using a U.S. airport network dataset demonstrate the effectiveness and utility of the proposed approach.

Finding critical nodes in infrastructure networks

Faramondi L;Setola R;Oliva G
2018-01-01

Abstract

It is well known that profiling attacker behavior is an effective way to obtain insights into network attacks and to identify the systems and components that must be protected. This paper presents a novel integer linear programming formulation that models the strategy of an attacker who targets a set of nodes with the goal of compromising or destroying them. The attacker model considers the infliction of the greatest possible damage with minimal attacker effort. Specifically, it is assumed that the attacker is guided by three conflicting objectives: (i) maximization of the number of disconnected components; (ii) minimization of the size of the largest connected component; and (iii) minimization of the attack cost. Compared with other research in the area, the proposed formulation is much more descriptive but has less complexity; thus, it is very useful for predicting attacks and identifying the entities that must be protected. Since exact solutions of the formulation are computationally expensive for large problems, a heuristic algorithm is presented to obtain approximate solutions. Simulation results using a U.S. airport network dataset demonstrate the effectiveness and utility of the proposed approach.
Attacker Perspective; Attacker Profiling; Critical Infrastructure Networks; Critical Nodes
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.12610/1005
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 23
  • ???jsp.display-item.citation.isi??? ND
social impact