Оценка киберустойчивости компьютерных сетей на основе моделирования кибератак методом преобразования стохастических сетей

The paper offers an approach for assessment of cyber-resilience of computer networks based on analytical simulation of computer attacks using a stochastic networks conversion method. The concept of cyber-resilience of computer networks is justified. The mathematical foundations of its assessment, allowing to calculate cyber-resilience indices by means of analytical expressions, are considered. The coefficient of serviceability on cyber-resilience is offered to be used as the key such indicator. The considered approach assumes the creation of analytical models of cyber-attacks. The method of the stochastic networks conversion is applied to create analytical models of cyber-attacks. The time distribution function and average time to implement cyber-attacks are the simulation results. These estimates are used then to search cyber-resilience indices. The experimental results of analytical simulation which showed that the offered approach has rather high accuracy and stability of the received solutions are givenВ статье предложен подход к оценке киберустойчивости компьютерных сетей, основанный на аналитическом моделировании компьютерных атак с применением метода преобразования стохастических сетей. Обосновывается понятие киберу-стойчивости компьютерных сетей. Рассматриваются математические основы такой оценки, позволяющие с помощью аналитических выражений вычислить показатели киберустойчивости. В качестве основного показателя предлагается использовать коэффициент исправного действия по киберустойчивости. Рассматриваемый подход предполагает построение аналитических моделей реализации компьютерных атак. Для построения аналитических моделей кибератак применяется метод преобразования стохастических сетей. Результатом моделирования является функция распределения времени и среднее время реализации кибератаки. Эти оценки используются затем для нахождения показателей киберустойчивости. Приведены экспериментальные результаты аналитического моделирования, которые показали, что предложенный подход обладает достаточно высокой точностью и устойчивостью получаемых решений

Miuz: measuring the impact of disconnecting a node

International audienceIn this article we present Miuz, a robustness index for complex networks. Miuz measures the impact of disconnecting a node from the network while comparing the sizes of the remaining connected components. Strictly speaking, Miuz for a node is defined as the inverse of the size of the largest connected component divided by the sum of the sizes of the remaining ones. We tested our index in attack strategies where the nodes are disconnected in decreasing order of a specified metric. We considered Miuz and other well-known centrality measures such as betweenness, degree , and harmonic centrality. All of these metrics were compared regarding the behavior of the robust-ness (R-index) during the attacks. In an attempt to simulate the internet backbone, the attacks were performed in complex networks with power-law degree distributions (scale-free networks). Preliminary results show that attacks based on disconnecting a few number of nodes Miuz are more dangerous (decreasing the robustness) than the same attacks based on other centrality measures. We believe that Miuz, as well as other measures based on the size of the largest connected component, provides a good addition to other robustness metrics for complex networks

Modelling and Design of Resilient Networks under Challenges

Communication networks, in particular the Internet, face a variety of challenges that can disrupt our daily lives resulting in the loss of human lives and significant financial costs in the worst cases. We define challenges as external events that trigger faults that eventually result in service failures. Understanding these challenges accordingly is essential for improvement of the current networks and for designing Future Internet architectures. This dissertation presents a taxonomy of challenges that can help evaluate design choices for the current and Future Internet. Graph models to analyse critical infrastructures are examined and a multilevel graph model is developed to study interdependencies between different networks. Furthermore, graph-theoretic heuristic optimisation algorithms are developed. These heuristic algorithms add links to increase the resilience of networks in the least costly manner and they are computationally less expensive than an exhaustive search algorithm. The performance of networks under random failures, targeted attacks, and correlated area-based challenges are evaluated by the challenge simulation module that we developed. The GpENI Future Internet testbed is used to conduct experiments to evaluate the performance of the heuristic algorithms developed

End-to-End Resilience Mechanisms for Network Transport Protocols

The universal reliance on and hence the need for resilience in network communications has been well established. Current transport protocols are designed to provide fixed mechanisms for error remediation (if any), using techniques such as ARQ, and offer little or no adaptability to underlying network conditions, or to different sets of application requirements. The ubiquitous TCP transport protocol makes too many assumptions about underlying layers to provide resilient end-to-end service in all network scenarios, especially those which include significant heterogeneity. Additionally the properties of reliability, performability, availability, dependability, and survivability are not explicitly addressed in the design, so there is no support for resilience. This dissertation presents considerations which must be taken in designing new resilience mechanisms for future transport protocols to meet service requirements in the face of various attacks and challenges. The primary mechanisms addressed include diverse end-to-end paths, and multi-mode operation for changing network conditions

System importance measures: A new approach to resilient systems-of-systems

Resilience is the ability to withstand and recover rapidly from disruptions. While this attribute has been the focus of research in several fields, in the case of system-of-systems (SoSs), addressing resilience is particularly interesting and challenging. As infrastructure SoSs, such as power, transportation, and communication networks, grow in complexity and interconnectivity, measuring and improving the resilience of these SoSs is vital in terms of safety and providing uninterrupted services. ^ The characteristics of systems-of-systems make analysis and design of resilience challenging. However, these features also offer opportunities to make SoSs resilient using unconventional methods. In this research, we present a new approach to the process of resilience design. The core idea behind the proposed design process is a set of system importance measures (SIMs) that identify systems crucial to overall resilience. Using the results from the SIMs, we determine appropriate strategies from a list of design principles to improve SoS resilience. The main contribution of this research is the development of an aid to design that provides specific guidance on where and how resources need to be targeted. Based on the needs of an SoS, decision-makers can iterate through the design process to identify a set of practical and effective design improvements. ^ We use two case studies to demonstrate how the SIM-based design process can inform decision-making in the context of SoS resilience. The first case study focuses on a naval warfare SoS and describes how the resilience framework can leverage existing simulation models to support end-to-end design. We proceed through stages of the design approach using an agent-based model (ABM) that enables us to demonstrate how simulation tools and analytical models help determine the necessary inputs for the design process and, subsequently, inform decision-making regarding SoS resilience. ^ The second case study considers the urban transportation network in Boston. This case study focuses on interpreting the results of the resilience framework and on describing how they can be used to guide design choices in large infrastructure networks. We use different resilience maps to highlight the range of design-related information that can be obtained from the framework. ^ Specific advantages of the SIM-based resilience design include: (1) incorporates SoS- specific features within existing risk-based design processes - the SIMs determine the relative importance of different systems based on their impacts on SoS-level performance, and suggestions for resilience improvement draw from design options that leverage SoS- specific characteristics, such as the ability to adapt quickly (such as add new systems or re-task existing ones) and to provide partial recovery of performance in the aftermath of a disruption; (2) allows rapid understanding of different areas of concern within the SoS - the visual nature of the resilience map (a key outcome of the SIM analysis) provides a useful way to summarize the current resilience of the SoS as well as point to key systems of concern; and (3) provides a platform for multiple analysts and decision- makers to study, modify, discuss and documentoptions for SoS