特征混淆：一种新的网络拓扑混淆防御方法

IF 6.7 2区计算机科学 Q1 ENGINEERING, MULTIDISCIPLINARY

IEEE Transactions on Network Science and Engineering Pub Date : 2024-11-18 DOI:10.1109/TNSE.2024.3501396

Ziliang Zhu;Guopu Zhu;Yu Zhang;Jiantao Shi;Xiaoxia Huang;Yuguang Fang

{"title":"特征混淆：一种新的网络拓扑混淆防御方法","authors":"Ziliang Zhu;Guopu Zhu;Yu Zhang;Jiantao Shi;Xiaoxia Huang;Yuguang Fang","doi":"10.1109/TNSE.2024.3501396","DOIUrl":null,"url":null,"abstract":"Link flooding attack is a kind of attack based on the topology information of a network. Sophisticated attackers tend to conduct network reconnaissance before they launch effective attacks to infer key information about the whole network. Existing active defense methods against link flooding attacks either focus on protecting the key links within the network or safeguarding the key nodes with the simple degree centrality. This paper proposes a novel network topology obfuscation method called EigenObfu to protect the key nodes. Instead of using the degree centrality in existing defense methods, our eigenvector centrality-based EigenObfu comprehensively utilizes network topology information and better measures the importance of nodes in a network. EigenObfu is designed to output a secure obfuscated topology suitable for networks, regardless of their sizes, by hiding important nodes while maintaining connectivity and ensuring the protection of key nodes. We evaluate EigenObfu through several comparison experiments on nine different topologies. The results confirm the effectiveness of our method.","PeriodicalId":54229,"journal":{"name":"IEEE Transactions on Network Science and Engineering","volume":"12 1","pages":"451-462"},"PeriodicalIF":6.7000,"publicationDate":"2024-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"EigenObfu: A Novel Network Topology Obfuscation Defense Method\",\"authors\":\"Ziliang Zhu;Guopu Zhu;Yu Zhang;Jiantao Shi;Xiaoxia Huang;Yuguang Fang\",\"doi\":\"10.1109/TNSE.2024.3501396\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Link flooding attack is a kind of attack based on the topology information of a network. Sophisticated attackers tend to conduct network reconnaissance before they launch effective attacks to infer key information about the whole network. Existing active defense methods against link flooding attacks either focus on protecting the key links within the network or safeguarding the key nodes with the simple degree centrality. This paper proposes a novel network topology obfuscation method called EigenObfu to protect the key nodes. Instead of using the degree centrality in existing defense methods, our eigenvector centrality-based EigenObfu comprehensively utilizes network topology information and better measures the importance of nodes in a network. EigenObfu is designed to output a secure obfuscated topology suitable for networks, regardless of their sizes, by hiding important nodes while maintaining connectivity and ensuring the protection of key nodes. We evaluate EigenObfu through several comparison experiments on nine different topologies. The results confirm the effectiveness of our method.\",\"PeriodicalId\":54229,\"journal\":{\"name\":\"IEEE Transactions on Network Science and Engineering\",\"volume\":\"12 1\",\"pages\":\"451-462\"},\"PeriodicalIF\":6.7000,\"publicationDate\":\"2024-11-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Network Science and Engineering\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10756619/\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"ENGINEERING, MULTIDISCIPLINARY\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Network Science and Engineering","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10756619/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, MULTIDISCIPLINARY","Score":null,"Total":0}

引用次数: 0

摘要

链路泛洪攻击是一种基于网络拓扑信息的攻击。老练的攻击者在发动有效攻击前，往往会进行网络侦察，推断出整个网络的关键信息。现有的链路泛洪攻击主动防御方法要么侧重于保护网络内的关键链路，要么采用简单度中心性保护关键节点。本文提出了一种新的网络拓扑混淆方法——特征混淆，以保护关键节点。与现有防御方法中使用度中心性不同的是，我们基于特征向量中心性的特征向量集综合利用了网络拓扑信息，更好地度量了网络中节点的重要性。EigenObfu旨在通过隐藏重要节点，同时保持连接并确保关键节点的保护，输出适合网络的安全混淆拓扑，无论其大小。我们通过在9种不同拓扑结构上的几个比较实验来评估EigenObfu。结果证实了该方法的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

EigenObfu: A Novel Network Topology Obfuscation Defense Method

Link flooding attack is a kind of attack based on the topology information of a network. Sophisticated attackers tend to conduct network reconnaissance before they launch effective attacks to infer key information about the whole network. Existing active defense methods against link flooding attacks either focus on protecting the key links within the network or safeguarding the key nodes with the simple degree centrality. This paper proposes a novel network topology obfuscation method called EigenObfu to protect the key nodes. Instead of using the degree centrality in existing defense methods, our eigenvector centrality-based EigenObfu comprehensively utilizes network topology information and better measures the importance of nodes in a network. EigenObfu is designed to output a secure obfuscated topology suitable for networks, regardless of their sizes, by hiding important nodes while maintaining connectivity and ensuring the protection of key nodes. We evaluate EigenObfu through several comparison experiments on nine different topologies. The results confirm the effectiveness of our method.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Transactions on Network Science and Engineering Engineering-Control and Systems Engineering

CiteScore

12.60

自引率

9.10%

发文量

393

期刊介绍： The proposed journal, called the IEEE Transactions on Network Science and Engineering (TNSE), is committed to timely publishing of peer-reviewed technical articles that deal with the theory and applications of network science and the interconnections among the elements in a system that form a network. In particular, the IEEE Transactions on Network Science and Engineering publishes articles on understanding, prediction, and control of structures and behaviors of networks at the fundamental level. The types of networks covered include physical or engineered networks, information networks, biological networks, semantic networks, economic networks, social networks, and ecological networks. Aimed at discovering common principles that govern network structures, network functionalities and behaviors of networks, the journal seeks articles on understanding, prediction, and control of structures and behaviors of networks. Another trans-disciplinary focus of the IEEE Transactions on Network Science and Engineering is the interactions between and co-evolution of different genres of networks.