Fundamental limit of network flow attacks
Massachusetts Institute of Technology. Department of Aeronautics and Astronautics.
MetadataShow full item record
A network flow-based attack refers to a cyber-attack where the adversary seeks to block user traffic from transmission by sending adversarial traffic that reduces the available user capacity. In this thesis, we explore the fundamental limits of network flow attacks by investigating its feasibility region defined by the minimum resource required for a successful attack and designing optimal attacking strategies that achieve the feasibility region. First, we consider the case where the target network uses fixed-path routing and the adversary injects traffic into the network, encroaching the capacity of the network links and thus reducing the capacity available to network users on the fixed paths. We propose a new network interdiction paradigm that captures this phenomenon by modeling the network as a capacitated graph with the user throughput given by the max-flow value on the fixed user paths.The adversary injects interdicting flows that reduces the capacity of the links (and hence the user throughput), and seeks to maximize the throughput reduction caused by the adversarial injection under a given flow budget. We show the NP-hardness of the problem of maximizing throughput reduction, and propose an efficient approximation algorithm that yields near optimal interdicting flows within a logarithmic factor by harnessing the submodularity of the problem. We further extend the algorithm to an approximation framework that can deal with the situation where the adversary does not have deterministic knowledge of the set of user paths but aims to maximize the worst case throughput reduction given that the set of user paths lies in certain collection of paths. Next, we turn to the scenario where the target network employs dynamic routing mechanisms such as Join-the-Shortest-Queue (JSQ) or Max-Weight.We start from single-hop server farm under JSQ routing, where the adversary attacks by injecting adversarial traffic to servers with the objective of blocking user traffic, i.e., causing user traffic to experience unbounded delay. We first characterize the feasibility region of the attack by presenting a necessary and sufficient condition on the rate of adversarial traffic rate for the attack to be successful. We then propose an adversarial injection policy that is, (i) optimal: it achieves a successful attack whenever the adversarial traffic rate is inside the feasibility region and (ii) oblivious: it does not rely on any knowledge of the network statistics. We further evaluate the performance of the injection policy. Finally, we extend our results to multi-hop.network employing Max-Weight routing.
Thesis: S.M., Massachusetts Institute of Technology, Department of Aeronautics and Astronautics, 2019Cataloged from PDF version of thesis.Includes bibliographical references (pages 107-110).
DepartmentMassachusetts Institute of Technology. Department of Aeronautics and Astronautics
Massachusetts Institute of Technology
Aeronautics and Astronautics.