Optimal serverless networks

attacks, complexity and

some approximate

algorithms

Carlos Aguirre Maeso

Escuela Politécnica Superior

Universidad Autónoma de Madrid

Network attacks● An attack is a set of objects of a network

(nodes and/or edges) that are disabled removed (from the graph).

● The goal of a given attack is to produce the maximum possible damage in terms of connectivity.

Network attacks● The connectivity (resistance) of the graph after

the attack can be measured in different ways.• Number of nodes that are disconnected from a given

source node (server networks) (Aura et al.)

• Size of the biggest connected component (Albert-

Barabasi).

● The efficiency (damage) of an attack algorithm

for a given graph is the inverse of the resistance

of the graph to the attack

Model of communication network

●

V={v1⋯v∣V∣}is the set of nodes

E={e1⋯e∣E∣}:V×V {0,1}is the set of edges

c :V∪E Z∢∪{∞}is a cost function

s : V [ 0,1 ] is a significance function

We model a communication network as a cuadruple

CN={V,E,c,s}:

Network attacks● The cost function indicates how much costs

to a possible enemy to disable the element

● The relevance function indicates the

importance of the element, and therefore

how bad is that other nodes of the network

become disconnected with this node

Network attacks● The cost of a given attack is the sum of the

costs of the elements that are removed

from the graph.

● The relevance of a set of nodes is the sum

of the relevances of the nodes in the set.

Network attacks● For a given graph, we define the core of the

graph as the connected component with the

highest importance.

● We define the damage produced over a

communication network as the sum of the

significances of the elements that do not belong

to the core after the attack.

● The resistence of the network to the attack is

defined as the size of the core.

Optimal network attacks● Now, the problem op the optimal attack can

be stablished in the following terms:● Problem OPT_ATTACK: Given a serverless

communication network CN and two fixed

values C and D, does there exist an attack A

such as C(A) <= C and $D(A) >= D ?

Optimal network attacks● We look for attacks that produce the

maximal damage with the minimum cost.

● The problem of finding such attack is NP-

Complete (Aguirre et al.) even in the easier

case of bidirectional links, unbreakable

edges (nodes), identical cost for all nodes

(edges) and indentical importance for all

the nodes.

NP-Completness● NP-Complete problems are problems that

verify two conditions● It is very hard to find a solution.

● But If we are presented a possible solution it is

easy to check if this solution meets the

conditions of the problem.

● This conditions makes this problems very

suitable for approximate algorithms.

NP● In the OPT_ATTACK problem is very easy to check

is a possible solution meets the conditions of the

problem● We count the cost of the attack O(|E|)

● We find the connected components after the attack O(|E|+|

V|log|V|)

● We find the biggest connected component O(|V|)

● The damage now can be computed in O(|V|)

● To check if a possible solution meets the condition of

the problem takes a time O(|E|+|V|log|V|).

Completness● To show the completness of the problem, we stablish

a polynomical reduction of this problem to other

known complete problem.

● For the OPT_ATTACK problem we stablish a

polynomical reduction with the problem of the

bisection of a graph.

● As the bisection problem is complete, our problem is

also complete.

CompletnessLemma: The original graph G has a bisection of size B <= |V|2/4

if and only if the serverles communication network G' has an

attack A with D(A)>= 1/2(|V|3/4+|V|)+|V|/2 and

C(A) <= 1/2(|V|3/4+|V|)+B.

Sketch of the proof:

For the only if part take as attack the edges of the bisection plus

the edges of the paths from the extra node to one of the sides of

G.

For the if part show that is such attacks exists the numbers of

nodes that are discconected from the extra node s cant not be

higher that |V|/2 or lower than |V|/2.

CompletnessThe same theorem can be stablished for attacks where only

edges can be attacked. For a graph G consider the following

graph G'

where only the white nodes can be attacked and apply the

previous theorem.

Approximate Algorithms for Attacks

● Random Walks, Brownian methods.

● Minimal Cuts (Shamir)

● Random Failure (Albert-Barabasi)

● Maximal node degree (Albert-Barabasi)

● Minimal All-Paths (Newman).

● Minimal Single Path (Aguirre et al.)

Random Attack (Failure)

Failure

j= 1

while j < n

node=aleat(V)

V = V - node

j++

End Failure

Failure has a computational complexity O(n)

Degree Based Attack

AttackDegree

j= 1

while j < n

node=MostConected(V)

V = V - node

j++

End Attack

● AttackDegree has a computational complexity O(n2)

MinPath Based AttackAttackMinPath

j= 1

while j < n

For each u in V

ind[u]=0

For each u,v in V

C = minimal path from u to v

for each node k in C

ind[k]++

node= k such as the value ind[k] is maximum

V = V - node

j++

End AttackMinPath

MinPath has a computational complexity O(n3), this order can be reduced by selecting only a subset of the set of pairs of nodes in the graph

Graph topologies

● A given attack algorithm has different efficiencies in

different kinds of graphs.

● This means that before selecting an attack algorithm is

usually a good idea to know what kind of graph is going

to be attacked and select the best attack algorithm for

that graph.

● The graphs are classified using their intrinsic metrics

Metrics

● Esparsity (E/V)

● Node degree distribution

● Average degree (<k>)

● Cluster Coefficient (C)

● Characteristic Path (L)

● Number of biconnected components (B)

1830.7518.77HIERARCHIC

NETW. 4280.05615.808POWER GRID

60.0043.89RANDOM

10.01863.409SCALE-FREE

10.1573.744MIXED

10.62614.2SMALL-WORLD

10.643125.438RING-LATTICE

BCL

Network models

● Random Networks

● Regular Networks (Rings, grids)

● Small-World

● Scale Free

● Hierarchical networks

● Real Networks

Small-World

Ring

Scale-Free

Mix

Random

Hierarchic

Power Grid

Failure

Attack Degree

Attack Flow