It is well known that profiling attacker behavior is an effective way to obtain insights into network attacks and to identify the systems and components that must be protected. This paper presents a novel integer linear programming formulation that models the strategy of an attacker who targets a set of nodes with the goal of compromising or destroying them. The attacker model considers the infliction of the greatest possible damage with minimal attacker effort. Specifically, it is assumed that the attacker is guided by three conflicting objectives: (i) maximization of the number of disconnected components; (ii) minimization of the size of the largest connected component; and (iii) minimization of the attack cost. Compared with other research in the area, the proposed formulation is much more descriptive but has less complexity; thus, it is very useful for predicting attacks and identifying the entities that must be protected. Since exact solutions of the formulation are computationally expensive for large problems, a heuristic algorithm is presented to obtain approximate solutions. Simulation results using a U.S. airport network dataset demonstrate the effectiveness and utility of the proposed approach.
Finding critical nodes in infrastructure networks
Faramondi L;Setola R;Oliva G
2018-01-01
Abstract
It is well known that profiling attacker behavior is an effective way to obtain insights into network attacks and to identify the systems and components that must be protected. This paper presents a novel integer linear programming formulation that models the strategy of an attacker who targets a set of nodes with the goal of compromising or destroying them. The attacker model considers the infliction of the greatest possible damage with minimal attacker effort. Specifically, it is assumed that the attacker is guided by three conflicting objectives: (i) maximization of the number of disconnected components; (ii) minimization of the size of the largest connected component; and (iii) minimization of the attack cost. Compared with other research in the area, the proposed formulation is much more descriptive but has less complexity; thus, it is very useful for predicting attacks and identifying the entities that must be protected. Since exact solutions of the formulation are computationally expensive for large problems, a heuristic algorithm is presented to obtain approximate solutions. Simulation results using a U.S. airport network dataset demonstrate the effectiveness and utility of the proposed approach.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
