Finding shortest and nearly shortest path nodes in large substantially incomplete networks

Dynamic processes on networks, be it information transfer in the Internet, contagious spreading in a social network, or neural signaling, take place along shortest or nearly shortest paths. Unfortunately, our maps of most large networks are substantially incomplete due to either the highly dynamic nature of networks, or high cost of network measurements, or both, rendering traditional path finding methods inefficient. We find that shortest paths in large real networks, such as the network of protein-protein interactions (PPI) and the Internet at the autonomous system (AS) level, are not random but are organized according to latent-geometric rules. If nodes of these networks are mapped to points in latent hyperbolic spaces, shortest paths in them align along geodesic curves connecting endpoint nodes. We find that this alignment is sufficiently strong to allow for the identification of shortest path nodes even in the case of substantially incomplete networks. We demonstrate the utility of latent-geometric path-finding in problems of cellular pathway reconstruction and communication security

Analysis of Organizational Vulnerability using Social Network Analysis and Attack Graph

The purpose of this paper is to develop an approach to analyze organizational vulnerability caused by its employees. The proposed approach is adapted from general attack graph analysis approach and social network analysis approach.  The attack graph, which is relationship graph in this proposed approach, is created from organization’s email logs and virus reports. The relationship graph is analyzed using shortest path analysis to discover all possible attack paths start from risky employees to target employee, and then grouped by path length for further actions based on security policy. The proposed approach was tested using datasets that are limited to only one month with assumption that weight on all edges are equal. This paper suggested further study to improve accuracy of the proposed approach using other mathematical methods such as shortest path analysis with weight or Markov Chains. The proposed approach could also be used by security audit in risk assessment process

Route optimization security in mobile IPv6 wireless networks: a test-bed experience

Route Optimization (RO) is standard in Mobile IPv6 (MIPv6) to route packets between Mobile Node (MN) and Correspondent Node (CN) using shortest possible path. It provides better bandwidth and faster transmission. RO greatly increases the security risk. In this paper, focus is given on enhanced security scheme in terms of RO based Test-bed evaluation experiment. An enhanced security algorithm is developed on top of MIPv6 RO to secure data. This algorithm is able to detect and prevent the attacker from modifying the data with using an encryption algorithm by cost of little bit increase but tolerable delay. The real-time network Test-bed is implemented to prove the efficiency of proposed method. The experimental results show that the proposed security scheme increases the security performance of the network. This gives advantage of safe communication that can significantly improve the data security of RO while maintaining the quality of other network performance

Efficient and Secure 5G Core Network Slice Provisioning Based on VIKOR Approach

Network slicing in 5G is expected to essentially change the way in which network operators deploy and manage vertical services with different performance requirements. Efficient and secure slice provisioning algorithms are important since network slices share the limited resources of the physical network. In this article, we first analyze the security issues in network slicing and formulate an Integer Linear Programming (ILP) model for secure 5G core network slice provisioning. Then, we propose a heuristic 5G core network slice provisioning algorithm called VIKOR-CNSP based on VIKOR, which is a multi-criteria decision making (MCDM) method. In the slice node provisioning stage, the node importance is ranked with the VIKOR approach by considering the node resource and topology attributes. The slice nodes are then provisioned according to the ranking results. In the slice link provisioning stage, the k shortest path algorithm is implemented to obtain the candidate physical paths for the slice link, and a strategy for selecting a candidate physical path is proposed to increase the slice acceptance ratio. The strategy first calculates the path factor P which is the product of the maximum link bandwidth utilization of the candidate physical path and its hop-count, and then chooses the candidate physical path with the smallest P to host the slice link. Extensive simulations show that the proposed algorithm can achieve the highest slice acceptance ratio and the largest provisioning revenue-to-cost ratio, satisfying the security constraints of 5G core network slice requests. f

Security enhancement of route optimization in mobile IPv6 networks

Mobile IPv6 (MIPv6) allows Mobile Node (MN) to be always addressable by its home address. Route Optimization (RO) is standard in MIPv6 to route packets between MN and Correspondent Node (CN) using shortest possible path. It provides better bandwidth and faster transmission. RO greatly increases the security risk. This is one of the main reasons that IPv6 is not implemented yet. However, IPSec is used to protect signaling between MN and Home Agent. In this paper, focus is given on enhanced security scheme in terms of RO based Test-bed evaluation experiment. An enhanced security algorithm is developed on top of MIPv6 RO to secure data and prepare a safe communication between MN and CN. This algorithm is able to detect and prevent the attacker from modifying the data with using an encryption algorithm by cost of little bit increase but tolerable delay. The real-time network Test-bed is implemented to prove the efficiency of proposed method. The experimental results show that the proposed security scheme increases the security performance of the network. This gives advantage of safe communication that can significantly improve the data security of RO while maintaining the quality of other network performance