Fundamental Limits of Routing Attack on Network Overload

TL;DR

This paper analyzes the threat of routing attacks on networks, developing algorithms to identify optimal attack strategies and assess overload risks, thereby aiding in network security and resilience.

Contribution

It introduces polynomial-time algorithms for optimal routing attack detection and approximation methods for overload maximization, advancing understanding of network vulnerability.

Findings

Optimal routing attack algorithms for multi-hop networks.

NP-hardness of maximizing throughput loss.

Heuristic algorithm for node hijacking selection.

Abstract

We quantify the threat of network adversaries to inducing \emph{network overload} through \emph{routing attacks}, where a subset of network nodes are hijacked by an adversary. We develop routing attacks on the hijacked nodes for two objectives related to overload: \emph{no-loss throughput minimization} and \emph{loss maximization}. The first objective attempts to identify a routing attack that minimizes the network's throughput that is guaranteed to survive. We develop a polynomial-time algorithm that can output the optimal routing attack in multi-hop networks with global information on the network's topology, and an algorithm with an approximation ratio of $2$ under partial information. The second objective attempts to maximize the throughput loss. We demonstrate that this problem is NP-hard, and develop two approximation algorithms with multiplicative and additive guarantees respectively in single-hop networks. We further investigate the adversary's optimal selection of nodes to hijack that can maximize network overload. We propose a heuristic polynomial-time algorithm to solve this NP-hard problem, and prove its optimality in special cases. We validate the near-optimal performance of the proposed algorithms over a wide range of network settings. Our results demonstrate that the proposed algorithms can accurately quantify the risk of overload given an arbitrary set of hijacked nodes and identify the critical nodes that should be protected against routing attacks.