16 research outputs found
ΠΡΠ΅Π½ΠΊΠ° ΠΊΠΈΠ±Π΅ΡΡΡΡΠΎΠΉΡΠΈΠ²ΠΎΡΡΠΈ ΠΊΠΎΠΌΠΏΡΡΡΠ΅ΡΠ½ΡΡ ΡΠ΅ΡΠ΅ΠΉ Π½Π° ΠΎΡΠ½ΠΎΠ²Π΅ ΠΌΠΎΠ΄Π΅Π»ΠΈΡΠΎΠ²Π°Π½ΠΈΡ ΠΊΠΈΠ±Π΅ΡΠ°ΡΠ°ΠΊ ΠΌΠ΅ΡΠΎΠ΄ΠΎΠΌ ΠΏΡΠ΅ΠΎΠ±ΡΠ°Π·ΠΎΠ²Π°Π½ΠΈΡ ΡΡΠΎΡ Π°ΡΡΠΈΡΠ΅ΡΠΊΠΈΡ ΡΠ΅ΡΠ΅ΠΉ
The paper offers an approach for assessment of cyber-resilience of computer networks based on analytical simulation of computer attacks using a stochastic networks conversion method. The concept of cyber-resilience of computer networks is justified. The mathematical foundations of its assessment, allowing to calculate cyber-resilience indices by means of analytical expressions, are considered. The coefficient of serviceability on cyber-resilience is offered to be used as the key such indicator. The considered approach assumes the creation of analytical models of cyber-attacks. The method of the stochastic networks conversion is applied to create analytical models of cyber-attacks. The time distribution function and average time to implement cyber-attacks are the simulation results. These estimates are used then to search cyber-resilience indices. The experimental results of analytical simulation which showed that the offered approach has rather high accuracy and stability of the received solutions are givenΠ ΡΡΠ°ΡΡΠ΅ ΠΏΡΠ΅Π΄Π»ΠΎΠΆΠ΅Π½ ΠΏΠΎΠ΄Ρ
ΠΎΠ΄ ΠΊ ΠΎΡΠ΅Π½ΠΊΠ΅ ΠΊΠΈΠ±Π΅ΡΡΡΡΠΎΠΉΡΠΈΠ²ΠΎΡΡΠΈ ΠΊΠΎΠΌΠΏΡΡΡΠ΅ΡΠ½ΡΡ
ΡΠ΅ΡΠ΅ΠΉ, ΠΎΡΠ½ΠΎΠ²Π°Π½Π½ΡΠΉ Π½Π° Π°Π½Π°Π»ΠΈΡΠΈΡΠ΅ΡΠΊΠΎΠΌ ΠΌΠΎΠ΄Π΅Π»ΠΈΡΠΎΠ²Π°Π½ΠΈΠΈ ΠΊΠΎΠΌΠΏΡΡΡΠ΅ΡΠ½ΡΡ
Π°ΡΠ°ΠΊ Ρ ΠΏΡΠΈΠΌΠ΅Π½Π΅Π½ΠΈΠ΅ΠΌ ΠΌΠ΅ΡΠΎΠ΄Π° ΠΏΡΠ΅ΠΎΠ±ΡΠ°Π·ΠΎΠ²Π°Π½ΠΈΡ ΡΡΠΎΡ
Π°ΡΡΠΈΡΠ΅ΡΠΊΠΈΡ
ΡΠ΅ΡΠ΅ΠΉ. ΠΠ±ΠΎΡΠ½ΠΎΠ²ΡΠ²Π°Π΅ΡΡΡ ΠΏΠΎΠ½ΡΡΠΈΠ΅ ΠΊΠΈΠ±Π΅ΡΡ-ΡΡΠΎΠΉΡΠΈΠ²ΠΎΡΡΠΈ ΠΊΠΎΠΌΠΏΡΡΡΠ΅ΡΠ½ΡΡ
ΡΠ΅ΡΠ΅ΠΉ. Π Π°ΡΡΠΌΠ°ΡΡΠΈΠ²Π°ΡΡΡΡ ΠΌΠ°ΡΠ΅ΠΌΠ°ΡΠΈΡΠ΅ΡΠΊΠΈΠ΅ ΠΎΡΠ½ΠΎΠ²Ρ ΡΠ°ΠΊΠΎΠΉ ΠΎΡΠ΅Π½ΠΊΠΈ, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡΡΠΈΠ΅ Ρ ΠΏΠΎΠΌΠΎΡΡΡ Π°Π½Π°Π»ΠΈΡΠΈΡΠ΅ΡΠΊΠΈΡ
Π²ΡΡΠ°ΠΆΠ΅Π½ΠΈΠΉ Π²ΡΡΠΈΡΠ»ΠΈΡΡ ΠΏΠΎΠΊΠ°Π·Π°ΡΠ΅Π»ΠΈ ΠΊΠΈΠ±Π΅ΡΡΡΡΠΎΠΉΡΠΈΠ²ΠΎΡΡΠΈ. Π ΠΊΠ°ΡΠ΅ΡΡΠ²Π΅ ΠΎΡΠ½ΠΎΠ²Π½ΠΎΠ³ΠΎ ΠΏΠΎΠΊΠ°Π·Π°ΡΠ΅Π»Ρ ΠΏΡΠ΅Π΄Π»Π°Π³Π°Π΅ΡΡΡ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΡ ΠΊΠΎΡΡΡΠΈΡΠΈΠ΅Π½Ρ ΠΈΡΠΏΡΠ°Π²Π½ΠΎΠ³ΠΎ Π΄Π΅ΠΉΡΡΠ²ΠΈΡ ΠΏΠΎ ΠΊΠΈΠ±Π΅ΡΡΡΡΠΎΠΉΡΠΈΠ²ΠΎΡΡΠΈ. Π Π°ΡΡΠΌΠ°ΡΡΠΈΠ²Π°Π΅ΠΌΡΠΉ ΠΏΠΎΠ΄Ρ
ΠΎΠ΄ ΠΏΡΠ΅Π΄ΠΏΠΎΠ»Π°Π³Π°Π΅Ρ ΠΏΠΎΡΡΡΠΎΠ΅Π½ΠΈΠ΅ Π°Π½Π°Π»ΠΈΡΠΈΡΠ΅ΡΠΊΠΈΡ
ΠΌΠΎΠ΄Π΅Π»Π΅ΠΉ ΡΠ΅Π°Π»ΠΈΠ·Π°ΡΠΈΠΈ ΠΊΠΎΠΌΠΏΡΡΡΠ΅ΡΠ½ΡΡ
Π°ΡΠ°ΠΊ. ΠΠ»Ρ ΠΏΠΎΡΡΡΠΎΠ΅Π½ΠΈΡ Π°Π½Π°Π»ΠΈΡΠΈΡΠ΅ΡΠΊΠΈΡ
ΠΌΠΎΠ΄Π΅Π»Π΅ΠΉ ΠΊΠΈΠ±Π΅ΡΠ°ΡΠ°ΠΊ ΠΏΡΠΈΠΌΠ΅Π½ΡΠ΅ΡΡΡ ΠΌΠ΅ΡΠΎΠ΄ ΠΏΡΠ΅ΠΎΠ±ΡΠ°Π·ΠΎΠ²Π°Π½ΠΈΡ ΡΡΠΎΡ
Π°ΡΡΠΈΡΠ΅ΡΠΊΠΈΡ
ΡΠ΅ΡΠ΅ΠΉ. Π Π΅Π·ΡΠ»ΡΡΠ°ΡΠΎΠΌ ΠΌΠΎΠ΄Π΅Π»ΠΈΡΠΎΠ²Π°Π½ΠΈΡ ΡΠ²Π»ΡΠ΅ΡΡΡ ΡΡΠ½ΠΊΡΠΈΡ ΡΠ°ΡΠΏΡΠ΅Π΄Π΅Π»Π΅Π½ΠΈΡ Π²ΡΠ΅ΠΌΠ΅Π½ΠΈ ΠΈ ΡΡΠ΅Π΄Π½Π΅Π΅ Π²ΡΠ΅ΠΌΡ ΡΠ΅Π°Π»ΠΈΠ·Π°ΡΠΈΠΈ ΠΊΠΈΠ±Π΅ΡΠ°ΡΠ°ΠΊΠΈ. ΠΡΠΈ ΠΎΡΠ΅Π½ΠΊΠΈ ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΡΡΡΡ Π·Π°ΡΠ΅ΠΌ Π΄Π»Ρ Π½Π°Ρ
ΠΎΠΆΠ΄Π΅Π½ΠΈΡ ΠΏΠΎΠΊΠ°Π·Π°ΡΠ΅Π»Π΅ΠΉ ΠΊΠΈΠ±Π΅ΡΡΡΡΠΎΠΉΡΠΈΠ²ΠΎΡΡΠΈ. ΠΡΠΈΠ²Π΅Π΄Π΅Π½Ρ ΡΠΊΡΠΏΠ΅ΡΠΈΠΌΠ΅Π½ΡΠ°Π»ΡΠ½ΡΠ΅ ΡΠ΅Π·ΡΠ»ΡΡΠ°ΡΡ Π°Π½Π°Π»ΠΈΡΠΈΡΠ΅ΡΠΊΠΎΠ³ΠΎ ΠΌΠΎΠ΄Π΅Π»ΠΈΡΠΎΠ²Π°Π½ΠΈΡ, ΠΊΠΎΡΠΎΡΡΠ΅ ΠΏΠΎΠΊΠ°Π·Π°Π»ΠΈ, ΡΡΠΎ ΠΏΡΠ΅Π΄Π»ΠΎΠΆΠ΅Π½Π½ΡΠΉ ΠΏΠΎΠ΄Ρ
ΠΎΠ΄ ΠΎΠ±Π»Π°Π΄Π°Π΅Ρ Π΄ΠΎΡΡΠ°ΡΠΎΡΠ½ΠΎ Π²ΡΡΠΎΠΊΠΎΠΉ ΡΠΎΡΠ½ΠΎΡΡΡΡ ΠΈ ΡΡΡΠΎΠΉΡΠΈΠ²ΠΎΡΡΡΡ ΠΏΠΎΠ»ΡΡΠ°Π΅ΠΌΡΡ
ΡΠ΅ΡΠ΅Π½ΠΈΠΉ
Miuz: measuring the impact of disconnecting a node
International audienceIn this article we present Miuz, a robustness index for complex networks. Miuz measures the impact of disconnecting a node from the network while comparing the sizes of the remaining connected components. Strictly speaking, Miuz for a node is defined as the inverse of the size of the largest connected component divided by the sum of the sizes of the remaining ones. We tested our index in attack strategies where the nodes are disconnected in decreasing order of a specified metric. We considered Miuz and other well-known centrality measures such as betweenness, degree , and harmonic centrality. All of these metrics were compared regarding the behavior of the robust-ness (R-index) during the attacks. In an attempt to simulate the internet backbone, the attacks were performed in complex networks with power-law degree distributions (scale-free networks). Preliminary results show that attacks based on disconnecting a few number of nodes Miuz are more dangerous (decreasing the robustness) than the same attacks based on other centrality measures. We believe that Miuz, as well as other measures based on the size of the largest connected component, provides a good addition to other robustness metrics for complex networks
Modelling and Design of Resilient Networks under Challenges
Communication networks, in particular the Internet, face a variety of challenges that can disrupt our daily lives resulting in the loss of human lives and significant financial costs in the worst cases. We define challenges as external events that trigger faults that eventually result in service failures. Understanding these challenges accordingly is essential for improvement of the current networks and for designing Future Internet architectures. This dissertation presents a taxonomy of challenges that can help evaluate design choices for the current and Future Internet. Graph models to analyse critical infrastructures are examined and a multilevel graph model is developed to study interdependencies between different networks. Furthermore, graph-theoretic heuristic optimisation algorithms are developed. These heuristic algorithms add links to increase the resilience of networks in the least costly manner and they are computationally less expensive than an exhaustive search algorithm. The performance of networks under random failures, targeted attacks, and correlated area-based challenges are evaluated by the challenge simulation module that we developed. The GpENI Future Internet testbed is used to conduct experiments to evaluate the performance of the heuristic algorithms developed
End-to-End Resilience Mechanisms for Network Transport Protocols
The universal reliance on and hence the need for resilience in network communications has been well established. Current transport protocols are designed to provide fixed mechanisms for error remediation (if any), using techniques such as ARQ, and offer little or no adaptability to underlying network conditions, or to different sets of application requirements. The ubiquitous TCP transport protocol makes too many assumptions about underlying layers to provide resilient end-to-end service in all network scenarios, especially those which include significant heterogeneity. Additionally the properties of reliability, performability, availability, dependability, and survivability are not explicitly addressed in the design, so there is no support for resilience. This dissertation presents considerations which must be taken in designing new resilience mechanisms for future transport protocols to meet service requirements in the face of various attacks and challenges. The primary mechanisms addressed include diverse end-to-end paths, and multi-mode operation for changing network conditions
System importance measures: A new approach to resilient systems-of-systems
Resilience is the ability to withstand and recover rapidly from disruptions. While this attribute has been the focus of research in several fields, in the case of system-of-systems (SoSs), addressing resilience is particularly interesting and challenging. As infrastructure SoSs, such as power, transportation, and communication networks, grow in complexity and interconnectivity, measuring and improving the resilience of these SoSs is vital in terms of safety and providing uninterrupted services. ^ The characteristics of systems-of-systems make analysis and design of resilience challenging. However, these features also offer opportunities to make SoSs resilient using unconventional methods. In this research, we present a new approach to the process of resilience design. The core idea behind the proposed design process is a set of system importance measures (SIMs) that identify systems crucial to overall resilience. Using the results from the SIMs, we determine appropriate strategies from a list of design principles to improve SoS resilience. The main contribution of this research is the development of an aid to design that provides specific guidance on where and how resources need to be targeted. Based on the needs of an SoS, decision-makers can iterate through the design process to identify a set of practical and effective design improvements. ^ We use two case studies to demonstrate how the SIM-based design process can inform decision-making in the context of SoS resilience. The first case study focuses on a naval warfare SoS and describes how the resilience framework can leverage existing simulation models to support end-to-end design. We proceed through stages of the design approach using an agent-based model (ABM) that enables us to demonstrate how simulation tools and analytical models help determine the necessary inputs for the design process and, subsequently, inform decision-making regarding SoS resilience. ^ The second case study considers the urban transportation network in Boston. This case study focuses on interpreting the results of the resilience framework and on describing how they can be used to guide design choices in large infrastructure networks. We use different resilience maps to highlight the range of design-related information that can be obtained from the framework. ^ Specific advantages of the SIM-based resilience design include: (1) incorporates SoS- specific features within existing risk-based design processes - the SIMs determine the relative importance of different systems based on their impacts on SoS-level performance, and suggestions for resilience improvement draw from design options that leverage SoS- specific characteristics, such as the ability to adapt quickly (such as add new systems or re-task existing ones) and to provide partial recovery of performance in the aftermath of a disruption; (2) allows rapid understanding of different areas of concern within the SoS - the visual nature of the resilience map (a key outcome of the SIM analysis) provides a useful way to summarize the current resilience of the SoS as well as point to key systems of concern; and (3) provides a platform for multiple analysts and decision- makers to study, modify, discuss and documentoptions for SoS