Assane Gueye

Design of network topology in an adversarial environment

We study the strategic interaction between a network manager whose goal is to choose (as communication infrastructure) a spanning tree of a network given as an undirected graph, and an attacker who is capable of attacking a link in the network. We model their interaction as a zero-sum game and discuss a particular set of Nash equilibria. More specifically, we show that there always exists a Nash equilibrium under which the attacker targets a critical set of links. A set of links is called critical if it has maximum vulnerability, and the vulnerability of a set of links is defined as the minimum fraction of links the set has in common with a spanning tree. Using simple examples, we discuss the importance of critical subsets in the design of networks that are aimed to be robust against attackers. Finally, an algorithm is provided, to compute a critical subset of a given graph.

Security in networks: A game-theoretic approach

This paper explores network security as a game between attacker and defender. In this game, the attacker and defender both anticipate each other¿s best strategy. Thus, instead of focusing on the best response to an attack, the paper analyzes the Nash equilibrium for the joint strategies. The paper studies two types of problem. The first type concerns networks where the data can be modified by an intruder. Given the probability that such an intruder exists, the network user decides whether to trust the data he observes. When present, the intruder chooses how to corrupt the data. The second type models virus attacks. The virus designer decides how aggressive the virus should be and the defender chooses a mechanism to detect the virus. If the virus is too aggressive, it is easy to detect. Accordingly, there is an optimum level of aggressiveness.

Towards a Metric for Communication Network Vulnerability to Attacks: A Game Theoretic Approach

In this paper, we propose a quantification of the vulnerability of a communication network where links are subject to failures due to the actions of a strategic adversary. We model the adversarial nature of the problem as a 2-player game between a network manager who chooses a spanning tree of the network as communication infrastructure and an attacker who is trying to disrupt the communication by attacking a link. We use previously proposed models for the value of a network to derive payoffs of the players and propose the network’s expected loss-in-value as a metric for vulnerability. In the process, we generalize the notion of betweenness centrality: a metric largely used in Graph Theory to measure the relative importance of a link within a network. Furthermore, by computing and analyzing the Nash equilibria of the game, we determine the actions of both the attacker and the defender. The analysis reveals the existence of subsets of links that are more critical than the others. We characterize these critical subsets of links and compare them for the different network value models. The comparison shows that critical subsets depend both on the value model and on the connectivity of the network.

A Game-Theoretic Framework for Network Security Vulnerability Assessment and Mitigation

In this paper we propose and discuss a game-theoretic framework for (a) evaluating security vulnerability, (b) quantifying the corresponding Pareto optimal vulnerability/cost tradeoff, and (c) identifying the optimal operating point on this Pareto optimal frontier. We discuss our framework in the context of a flow-level model of Supply-Demand (S-D) network where we assume a sophisticated attacker attempting to disrupt the network flow. The vulnerability metric is determined by the Nash equilibrium payoff of the corresponding game. The vulnerability/cost tradeoff is derived by assuming that “the network” can reduce the security vulnerability at the cost of using more expensive flows and the optimal operating point is determined by “the network” preferences with respect to vulnerability and cost. We illustrate the proposed framework on examples through numerical investigations.

Network design game with both reliability and security failures

This paper investigates the connection between network reliability and security by modeling attacker-defender interactions as a game. We model the defenders network as an undirected graph with insecure and unreliable edges. The edges could either fail due to a random malfunction (fault), or due to a strategic attacker who aims to maximize the defenders loss (attack). In many environments, the defender faces prohibitive costs of isolating the type of failures, i.e., fault versus attack. In addition, delays in arrival of diagnostic information to the defender may prevent him to detect the type of failure. To account for such information deficiencies, we let the defender know only the relative frequencies of failures with different types. From our analysis, equilibrium depends on these relative frequencies, and on the exogenously given probability distribution of reliability failures on the edges. Thus, in presence of the aforementioned information deficiencies, reliability and security are interdependent, and we argue that defenders (managers) should co-design their defenses against faults and attacks.

Quantifying all-to-one network topology robustness under budget constraints

To design robust network topologies that resist strategic attacks, one must first be able to quantify robustness. In a recent line of research, the theory of network blocking games has been used to derive robustness metrics for topologies. However, these previous works did not consider the budget constraints of the network operator. In this paper, we introduce a budget limit on the operator and study two budget constraint formulations: the maximum and the expected cost constraints. For practical applications, the greatest challenge posed by blocking games is their computational complexity. Therefore, we show that the expected cost constraint formulation leads to games that can be solved efficiently, while the maximum cost constraint leads to NP-hard problems. As an illustrative example, this paper discusses the particular case of All-to-One (e.g., sensor or access) networks.

How to Choose Communication Links in an Adversarial Environment

Given the topology of a network, characterized by an undirected graph, we consider the following game situation: a network manager is choosing (as communication infrastructure) a spanning tree of the graph, and an attacker is trying to disrupt the communication tree by attacking one link of the network. Attacking a link has a certain cost for the attacker who also has the option of not attacking. We model the interaction between the network manager and the attacker as a bimatrix game and study the set of mixed strategy Nash equilibria. We define the notion of critical subset of links and determine the structure of a particular set of Nash equilibria when the attack cost is nonzero. In each NE of this set, the attacker targets edges in critical subsets and all edges in the same critical subset are attacked with the same probability. For the game of zero cost of attack considered in [8], we characterize the set of all Nash equilibria. Some implications of the results are discussed and a detailed proof of the NE theorem is provided.

A novel approach to bottleneck analysis in networks

In this paper, we devise a novel method for bottleneck analysis of UDP networks based on the concept of network utility maximization. To determine the losses on the links in a UDP network, we propose an optimization problem (geometric program) for which we find and prove conditions under which it accurately determines the true losses. We further extend this analysis to stochastic rates using stochastic optimization techniques and provide a new metric to flag bottleneck links. This method does not rely on time-consuming packet-level simulations, but is instead based on robust mathematical models. Alternatively, one could determine the losses by solving a fixed point problem and extend it to random rates using a Monte Carlo simulation. However, lack of knowledge of convergence makes it difficult to predict the end of such simulations. Our method is more advantageous as it involves solving an optimization problem, the solution to which can be numerically determined to the desired accuracy. Also, compared to a black and white approach between worst-case analysis and average-case analysis, our method offers network managers the flexibility of choosing the shades of gray in between.

On the Internet Connectivity in Africa

This study measures growth of Internet connectivity in Africa from 2010 to 2014 with a focus on inter-country relationships. An initial analysis reveals a modest increase in the number of participating countries but an explosive increase in the number of routers and network links. We then form the first country level topology maps of the African Internet and evaluate the robustness of the network. We study raw connectivity, pairwise shortest paths, and betweeness centrality, suggesting how improvements can be made to the inter-country African connectivity to enhance its robustness without reliance on paths traversing multiple continents.

NETWORK TOPOLOGY VULNERABILITY/COST TRADE-OFF: MODEL, APPLICATION, AND COMPUTATIONAL COMPLEXITY

Abstract Technological networks (e.g., telephone and sensor networks, Internet) have provided modern society with increased efficiency, but have also exposed us to the risks posed by their vulnerability to attacks. Mitigating these risks involves designing robust network topologies in situations where resources are economically constrained. In this study, we consider the vulnerability of network topologies from an economic viewpoint and propose security metrics, which are necessary for assessing the efficiency of our solutions. We define the vulnerability of a network as the potential loss in connectivity due to the actions of a strategic adversary. To derive vulnerability metrics, we revisit our recently introduced network blocking game models, which provide a framework for quantifying network topology vulnerability in adversarial environments. We assume that the network operator takes both security and economic goals into consideration. To model these goals, we generalize previous models by introducing usage costs and budget constraints for the operator. We study two natural constraint formulations, the maximum and the expected cost constraints, and derive the feasible vulnerability/cost region. Because the proposed metrics are based on game-theoretic models, computing them can be challenging. To elucidate these challenges, we provide a thorough complexity analysis for solving the proposed games.