6,391 research outputs found
An efficient heuristic for calculating a protected path with specified nodes
The problem of determining a path between two nodes in a network that must visit specific intermediate nodes arises in a number of contexts. For example, one might require traffic to visit nodes where it can be monitored by deep packet inspection for security reasons. In this paper a new recursive heuristic is proposed for finding the shortest loopless path, from a source node to a target node, that visits a specified set of nodes in a network. In order to provide survivability to failures along the path, the proposed heuristic is modified to ensure that the calculated path can be protected by a node-disjoint backup path. The performance of the heuristic, calculating a path with and without protection, is evaluated by comparing with an integer linear programming (ILP) formulation for each of the considered problems. The ILP solver may fail to obtain a solution in a reasonable amount of time, especially in large networks, which justifies the need for effective, computationally efficient heuristics for solving these problems. Our numerical results are also compared with previous heuristics in the literature
ILP formulations for p-cycle design without candidate cycle enumeration
The concept of p-cycle (preconfigured protection cycle) allows fast and efficient span protection in wavelength division multiplexing (WDM) mesh networks. To design p-cycles for a given network, conventional algorithms need to enumerate cycles in the network to form a candidate set, and then use an integer linear program (ILP) to find a set of p-cycles from the candidate set. Because the size of the candidate set increases exponentially with the network size, candidate cycle enumeration introduces a huge number of ILP variables and slows down the optimization process. In this paper, we focus on p-cycle design without candidate cycle enumeration. Three ILPs for solving the problem of spare capacity placement (SCP) are first formulated. They are based on recursion, flow conservation, and cycle exclusion, respectively. We show that the number of ILP variables/constraints in our cycle exclusion approach only increases linearly with the network size. Then, based on cycle exclusion, we formulate an ILP for solving the joint capacity placement (JCP) problem. Numerical results show that our ILPs are very efficient in generating p-cycle solutions. © 2009 IEEE.published_or_final_versio
Optimizing IGP Link Costs for Improving IP-level Resilience
Recently, major vendors have introduced new router
platforms to the market that support fast IP-level failure pro-
tection out of the box. The implementations are based on the
IP Fast ReRoute–Loop Free Alternates (LFA) standard. LFA
is simple, unobtrusive, and easily deployable. This simplicity,
however, comes at a severe price, in that LFA usually cannot
protect all possible failure scenarios. In this paper, we give new
graph theoretical tools for analyzing LFA failure case coverage
and we seek ways for improvement. In particular, we investigate
how to optimize IGP link costs to maximize the number of
protected failure scenarios, we show that this problem is NP-
complete even in a very restricted formulation, and we give exact
and approximate algorithms to solve it. Our simulation studies
show that a deliberate selection of IGP costs can bring many
networks close to complete LFA-based protection
Recommended from our members
Risk mitigation decisions for it security
Enterprises must manage their information risk as part of their larger operational risk management program. Managers must choose how to control for such information risk. This article defines the flow risk reduction problem and presents a formal model using a workflow framework. Three different control placement methods are introduced to solve the problem, and a comparative analysis is presented using a robust test set of 162 simulations. One year of simulated attacks is used to validate the quality of the solutions. We find that the math programming control placement method yields substantial improvements in terms of risk reduction and risk reduction on investment when compared to heuristics that would typically be used by managers to solve the problem. The contribution of this research is to provide managers with methods to substantially reduce information and security risks, while obtaining significantly better returns on their security investments. By using a workflow approach to control placement, which guides the manager to examine the entire infrastructure in a holistic manner, this research is unique in that it enables information risk to be examined strategically. © 2014 ACM
BlockTag: Design and applications of a tagging system for blockchain analysis
Annotating blockchains with auxiliary data is useful for many applications.
For example, e-crime investigations of illegal Tor hidden services, such as
Silk Road, often involve linking Bitcoin addresses, from which money is sent or
received, to user accounts and related online activities. We present BlockTag,
an open-source tagging system for blockchains that facilitates such tasks. We
describe BlockTag's design and present three analyses that illustrate its
capabilities in the context of privacy research and law enforcement
- …