Stealthy DGoS Attack: DeGrading of Service Under the Watch of Network Tomography

作     者：Chiu, Cho-Chun He, Ting 

作者机构：Penn State Univ Dept Comp Sci & Engn University Pk PA 16801 USA 

出 版 物：《IEEE-ACM TRANSACTIONS ON NETWORKING》 (IEEE/ACM网络汇刊)

年 卷 期：2021年第29卷第3期

页      面：1294-1307页

核心收录：

学科分类：0810[工学-信息与通信工程] 0808[工学-电气工程] 08[工学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：NSF Direct For Computer & Info Scie & Enginr Division of Computing and Communication Foundations Funding Source: National Science Foundation 

主　　题：Tomography Measurement Monitoring Delays Approximation algorithms Optimization Current measurement Network tomography denial of service attack combinatorial optimization approximation algorithm 

摘      要：Network tomography is a powerful tool to monitor the internal state of a closed network that cannot be measured directly, with broad applications in the Internet, overlay networks, and all-optical networks. However, existing network tomography solutions all assume that the measurements are trust-worthy, leaving open how effective they are in an adversarial environment with possibly manipulated measurements. To understand the fundamental limit of network tomography in such a setting, we formulate and analyze a novel type of attack that aims at maximally degrading the performance of targeted paths without being localized by network tomography. By analyzing properties of the optimal attack strategy, we formulate novel combinatorial optimizations to design the optimal attack strategy, which are then linked to well-known NP-hard problems and approximation algorithms. As a byproduct, our algorithms also identify approximations of the most vulnerable set of links that once manipulated, can inflict the maximum performance degradation. Our evaluations on real topologies demonstrate the large potential damage of such attacks, signaling the need of new defenses.