An essential aspect to the evaluation of network resilience and design of resilient networks is to understand how various architectures, designs, and protocol respond to challenges. These challenges to normal operation include:
- unintentional misconfiguration or operational mistakes
- large scale natural disasters such as hurricanes, tsunami, floods, earthquakes
- attacks from an intelligent adversary
- environmental challenges
- unusual but legitimate traffic
- service failure at a lower level
In order to simulate a wide variety of challenges, complex simulation scripts are needed that model both the network topology, protocols, as well as the challenges. Challenge simulation requires manual and careful modification of the simulation script, for example by disabling links and nodes for the duration of the challenge. For c challenges to n networks this requires c×n simulation files.
We are looking at a new approach that decouples the network model from the challenge description, resulting in c challenge descriptions applied to n networks, for a total of c+n input files, thus increased efficiency of simulation generation. This is accomplished by feeding network topology (via an adjacency matrix) and geographical coordinates of nodes to C++ based ns-3 simulation script.
We model a challenge as an area A over a network for a time interval (ti , tj ).
The challenge geometry defines the area A over which the challenge is applied to the network.
- n-sided polygon: (x0 , y0 ), (x1 , y1 ), … (xn–1 , yn–1 )
- circle with center at (x0 , y0 ) and radius r
- ellipse foci at (x1 , y1 ), (x2 , y2 ) and semi-axes a , b
We define the challenge type to define the way in which the challenge affects the network.
- node out or link down
- wireless link attenuation or jamming
- traffic attacks (DoS and DDoS)
- link type (e.g. wired/wireless)
- node class (e.g. important peering node)
Challenge Module to ns-3 Simulation Models
Challenges to Wired Networks
Wired networks pose various challenges. Various challenge scenarios can be represented as:
- random link failures (e.g. link cut, service failure at a lower level)
- random node failure (e.g. operational misconfiguration, unusual but legitimate traffic)
- malicious attacks (e.g. DoS or DDoS)
- large-scale natural disasters (e.g. earthquake, tsunami, hurricane)
Challenges to Wireless Networks
Wireless networks consist of a set of independent nodes. These nodes communicate with other nodes that lie in their transmission range. The challenges attempt to isolate the network by shutting the nodes down. We will mainly analyze the effect of the challenges in the area A over which the challenge is applied to the network. The challenges mainly include
- Denial of service attacks
- Wireless link attenuation
- Radio jamming in the network
Resilience Analysis of Networks
Resilience of any network topology can be analysed based on the text-based configuration files fed into the simulation script. The network topology can be organic or synthetically generated. We used KU-LoCGen to generate synthetic topologies. Preliminary analysis shows that attacks based on betweenness of nodes impacts the PDR more than random node failures.
Challenge area can be fed to the simulation script as n-sided polygon. A sample of three polygon areas applied to the Sprint network (inferred from Rocketfuel) is shown below. The impact is linear with the number of nodes being affected.
The impact of an increased area-based challenge can be analysed. With increasing area size, the impact of challenge increases.
Presentations and Publications
Egemen K. Çetinkaya, Dan Broyles, Amit Dandekar, Sripriya Srinivasan, and James P.G. Sterbenz Джеймс Ф.Г. Штербэнз,
“Modelling Communication Network Challenges for Future Internet Resilience, Survivability, and Disruption Tolerance: A Simulation-Based Approach”,
Springer Telecommunication Systems Journal,
(online September 2011)
- Keywords: Internet resilience, survivability, disruption tolerance, dependability and performability, reliability and availability; ns-3 simulation; failure analysis; challenge modeling; threats and vulnerabilities; network logical and physical topology; correlated failures
- Abstract: “Communication networks play a vital role in our daily lives and they have become a critical infrastructure. However, networks in general, and the Internet in particular face a number of challenges to normal operation, including attacks and large-scale disasters, as well as due to mobility and the characteristics of wireless communication channels. Understanding network challenges and their impact can help us to optimise existing networks and improve the design of future networks; therefore it is imperative to have a framework and methodology to study them. In this paper, we present a framework to evaluate network dependability and performability in the face of challenges. We use a simulation-based approach to analyse the effects of perturbations to normal operation of networks. We analyse Sprint logical and physical topologies, synthetically generated topologies, and present a wireless example to demonstrate a wide spectrum of challenges. This framework can simulate challenges on logical or physical topologies with realistic node coordinates using the ns-3 discrete event simulator. The framework models failures, which can be static or dynamic that can temporally and spatially evolve. We show that the impact of network challenges depends on the duration, the number of network elements in a challenge area, and the importance of the nodes in a challenge area. We also show the differences between modelling the logical router-level and physical topologies. Finally, we discuss mitigation strategies to alleviate the impact of challenges.”
Egemen K. Çetinkaya, Dan Broyles, Amit Dandekar, Sripriya Srinivasan, and James P.G. Sterbenz Джеймс Ф.Г. Стербэнз,
“A Comprehensive Framework to Simulate Network Attacks and Challenges”,
IEEE/IFIP Second International Workshop on Reliable Networks Design and Modeling (RNDM'10),
Moscow, Russia, October 2010, pp. 538–544.
- Keywords: Internet resilience, survivability, dependability, performability; challenge, attack, disaster, correlated failure; network topology, critical infrastructure; ns-3 simulation, modelling
- Abstract: “Communication networks have evolved tremendously over the past several decades, offering a multitude of services while becoming an essential critical infrastructure in our daily lives. Networks in general, and the Internet in particular face a number of challenges to normal operation, including attacks and large-scale disasters, as well as due to the characteristics of the mobile wireless communication environment. It is therefore vital to have a framework and methodology for understanding the impact of challenges to harden current networks and improve the design of future networks. In this paper, we present a framework to evaluate network dependability and performability in the face of challenges. This framework uses ns-3 simulation as the methodology for analysis of the effects of perturbations to normal operation of the networks, with a challenge specification applied to the network topology. This framework can simulate both static and dynamic challenges based on the failure or wireless-impairment of individual components, as well as modelling geographically-correlated failures. We demonstrate this framework with the Sprint Rocketfuel and synthetically generated topologies as well as a wireless example, to show that this framework can provide valuable insight for the analysis and design of resilient networks.”
James P.G. Sterbenz Джеймс Ф.Г. Штербэнз, Egemen K. Çetinkaya, Mahmood Abdul Hameed, Abdul Jabbar, Qian Shi, Justin P. Rohrer,
“Evaluation of Network Resilience, Survivability, and Disruption Tolerance: Analysis, Topology Generation, Simulation, and Experimentation (invited paper)”,
Springer Telecommunication Systems Journal,
(online December 2011)
- Keywords: resilient survivable disruption-tolerant network, dependability performability, diverse topology generation, network analysis experimentation, ns-3 simulation methodology
- Abstract: “As the Internet becomes increasingly important to all aspects of society, the consequences of disruption become increasingly severe. Thus it is critical to increase the resilience and survivability of future networks. We define resilience as the ability of the network to provide desired service even when challenged by attacks, large-scale disasters, and other failures. This paper describes a comprehensive methodology to evaluate network resilience using a combination of topology generation, analytical, simulation, and experimental emulation techniques with the goal of improving the resilience and survivability of the Future Internet.”
James P.G. Sterbenz, Egemen K. Çetinkaya, Mahmood A. Hameed, Abdul Jabbar, and Justin P. Rohrer,
“Modelling and Analysis of Network Resilience (invited paper)”,
The Third IEEE International Conference on Communication Systems and Networks (COMSNETS),
Bangalore, India, January 2011, pp. 1–10
- Keywords: Future Internet architecture, resilience, survivability, performability, dependability, topology, population, attack, disaster, challenge, metrics, generation, simulation, modelling
- Abstract: “As the Internet becomes increasingly important to all aspects of society, the consequences of disruption become increasingly severe. Thus it is critical to increase the resilience and survivability of the future network. We define resilience as the ability of the network to provide desired service even when challenged by attacks, large-scale disasters, and other failures. This paper describes a comprehensive methodology to evaluate network resilience using a combination of analytical and simulation techniques with the goal of improving the resilience and survivability of the Future Internet.”
Egemen K. Çetinkaya, Justin P. Rohrer, and James P.G. Sterbenz,
“Resilience Modelling of Networks against Adaptive Challenges”,
IWSOS Student Poster, Delft, March 2012.
Egemen K. Çetinkaya, Dan Broyles, Amit Dandekar, Sripriya Srinivasan, and James P.G. Sterbenz,
Challenge Simulation Module for Evaluating Resilience,
ITTC IAB poster, The University of Kansas, June 2010.
Rabat Mahmood, Abdul Jabbar, Egemen K. Çetinkaya, and James P.G. Sterbenz,
Challenge Simulation Module for Evaluating Resilience,
ITTC IAB poster, The University of Kansas, April 2009.
We developed an ns-3 script to read external adjacency matrix and node coordinates files, and set-up the network accordingly. The sample code is merged into the development tree on 20 October 2010 and will be part of ns-3.10 standard release.
Graduate Research Assistants
James P.G. Sterbenz* (PI)
*The University of Kansas