Active Virtual Network Management Prediction: Complexity as a Framework for Prediction, Optimization, and Assurance

Research into active networking has provided the incentive to re-visit what has traditionally been classified as distinct properties and characteristics of information transfer such as protocol versus service; at a more fundamental level this paper considers the blending of computation and communication by means of complexity. The specific service examined in this paper is network self-prediction enabled by Active Virtual Network Management Prediction. Computation/communication is analyzed via Kolmogorov Complexity. The result is a mechanism to understand and improve the performance of active networking and Active Virtual Network Management Prediction in particular. The Active Virtual Network Management Prediction mechanism allows information, in various states of algorithmic and static form, to be transported in the service of prediction for network management. The results are generally applicable to algorithmic transmission of information. Kolmogorov Complexity is used and experimentally validated as a theory describing the relationship among algorithmic compression, complexity, and prediction accuracy within an active network. Finally, the paper concludes with a complexity-based framework for Information Assurance that attempts to take a holistic view of vulnerability analysis

Reducing Cascading Failure Risk by Increasing Infrastructure Network Interdependency

Increased coupling between critical infrastructure networks, such as power and communication systems, will have important implications for the reliability and security of these systems. To understand the effects of power-communication coupling, several have studied interdependent network models and reported that increased coupling can increase system vulnerability. However, these results come from models that have substantially different mechanisms of cascading, relative to those found in actual power and communication networks. This paper reports on two sets of experiments that compare the network vulnerability implications resulting from simple topological models and models that more accurately capture the dynamics of cascading in power systems. First, we compare a simple model of topological contagion to a model of cascading in power systems and find that the power grid shows a much higher level of vulnerability, relative to the contagion model. Second, we compare a model of topological cascades in coupled networks to three different physics-based models of power grids coupled to communication networks. Again, the more accurate models suggest very different conclusions. In all but the most extreme case, the physics-based power grid models indicate that increased power-communication coupling decreases vulnerability. This is opposite from what one would conclude from the coupled topological model, in which zero coupling is optimal. Finally, an extreme case in which communication failures immediately cause grid failures, suggests that if systems are poorly designed, increased coupling can be harmful. Together these results suggest design strategies for reducing the risk of cascades in interdependent infrastructure systems

Power grids vulnerability: a complex network approach

Power grids exhibit patterns of reaction to outages similar to complex networks. Blackout sequences follow power laws, as complex systems operating near a critical point. Here, the tolerance of electric power grids to both accidental and malicious outages is analyzed in the framework of complex network theory. In particular, the quantity known as efficiency is modified by introducing a new concept of distance between nodes. As a result, a new parameter called net-ability is proposed to evaluate the performance of power grids. A comparison between efficiency and net-ability is provided by estimating the vulnerability of sample networks, in terms of both the metrics.Comment: 16 pages, 3 figures. Figure 2 and table II modified. Typos corrected. Version accepted for publication in Chao

A contrasting look at self-organization in the Internet and next-generation communication networks

This article examines contrasting notions of self-organization in the Internet and next-generation communication networks, by reviewing in some detail recent evidence regarding several of the more popular attempts to explain prominent features of Internet structure and behavior as "emergent phenomena." In these examples, what might appear to the nonexpert as "emergent self-organization" in the Internet actually results from well conceived (albeit perhaps ad hoc) design, with explanations that are mathematically rigorous, in agreement with engineering reality, and fully consistent with network measurements. These examples serve as concrete starting points from which networking researchers can assess whether or not explanations involving self-organization are relevant or appropriate in the context of next-generation communication networks, while also highlighting the main differences between approaches to self-organization that are rooted in engineering design vs. those inspired by statistical physics

Tiresias: Predicting Security Events Through Deep Learning

With the increased complexity of modern computer attacks, there is a need for defenders not only to detect malicious activity as it happens, but also to predict the specific steps that will be taken by an adversary when performing an attack. However this is still an open research problem, and previous research in predicting malicious events only looked at binary outcomes (e.g., whether an attack would happen or not), but not at the specific steps that an attacker would undertake. To fill this gap we present Tiresias, a system that leverages Recurrent Neural Networks (RNNs) to predict future events on a machine, based on previous observations. We test Tiresias on a dataset of 3.4 billion security events collected from a commercial intrusion prevention system, and show that our approach is effective in predicting the next event that will occur on a machine with a precision of up to 0.93. We also show that the models learned by Tiresias are reasonably stable over time, and provide a mechanism that can identify sudden drops in precision and trigger a retraining of the system. Finally, we show that the long-term memory typical of RNNs is key in performing event prediction, rendering simpler methods not up to the task