|
Published Articles >> Table of Contents >> Abstract
12th IEEE International Conference on Network Protocols (ICNP'04)
pp. 218-227
Trading Resiliency for Security: Model and Algorithms
Tian Bu, Bell Laboratories
Samphel Norden, Bell Laboratories
Thomas Woo, Bell Laboratories
Full Article Text:
  
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICNP.2004.1348112
Send link to a friend
| Abstract |
|
An attack-resistant network is a purpose-built network to survive attacks; by construction, it should be both resilient and secure. Resiliency is the ability to provide alternative communication paths should one path become disrupted due to failures or attacks; while security is the ability to contain and limit the impact of compromises. Interestingly, these two can present conflicting demands. In this paper, we provide a first formulation of a new class of problems focusing on the engineering of attack-resistant networks. Our model considers both resiliency and security, and uses a notion of blocking probability as a rigorous measure for evaluating different network constructions. We propose several efficient approximation algorithms for computing blocking probability and provide bounds for their errors. Based on these algorithms, we introduce a family of heuristics to guide the construction of optimal attack-resistant networks with minimum blocking probabilities. We also present extensive results to evaluate and demonstrate the near-optimal performance of our heuristics and approximation algorithms.
|
 Additional Information
|
Citation:
Tian Bu, Samphel Norden, Thomas Woo,
"Trading Resiliency for Security: Model and Algorithms,"
icnp,
pp. 218-227,
12th IEEE International Conference on Network Protocols (ICNP'04),
2004
|
|
