Topology Awareness on Network Damage Assessment and Control Strategies Generation

Topology Awareness on Network Damage Assessment and Control Strategies Generation

Threatens faced by large-scale network attacks, it is of great importance to exert an emergency response, in order to mitigate the further hazardous caused by network attacks. To implement a reasonable control strategy, a minimal set of routers is computed in a network that can be used to control an...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Hui He, Hongli Zhang, Lihua Yin, Yongtan Liu
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Communication system control
Computer networks
Computer science
Computer worms
Control strategy
Electronic mail
Emergency response
Entropy
Intrusion detection
Large-scale systems
Network security
Network topology
Process control
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Threatens faced by large-scale network attacks, it is of great importance to exert an emergency response, in order to mitigate the further hazardous caused by network attacks. To implement a reasonable control strategy, a minimal set of routers is computed in a network that can be used to control and reduce damage done by a large-scale attack such as worm or DDOS attacks. Our work focuses on large network while previous works focus on LANs. We proposed rules to choose these routers based on the network topology and based on risk assessment. Many topological factors are considered into the control strategy process, the control router sets selecting algorithm based on entropy was put forward. According to the incidents distribution on the topology, the factor of macroscopic epidemic status is proposed by the method of quantitative and qualitative analysis, which offers administrators the direct decisive advice to prevent network security event from overspreading and minimize the costs. At last, the experiment effectively proved the evaluation framework and the control algorithm.
DOI:10.1109/ICICSE.2009.50