Stealthy DGoS Attack Against Network Tomography: The Role of Active Measurements

Abstract

As a tool to infer the internal state of a network that cannot be measured directly, network tomography has been extensively studied under the assumption that the measurements truthfully reflect the end-to-end performance of measurement paths, which makes the resulting solutions vulnerable to manipulated measurements. In this work, we investigate the impact of manipulated measurements via a recently proposed attack model called the stealthy DeGrading of Service (DGoS) attack , which aims at maximally degrading the performance of targeted paths without exposing the manipulated links to network tomography. While existing studies on this attack assumed that network tomography only measures the paths actively used for data transfer (via passive measurements), our model allows network tomography to measure a larger set of paths, e.g., by sending probes on some paths not carrying data flows. By developing and analyzing the optimal attack strategy, we quantify the maximum damage of such an attack. We further develop a defense strategy by formulating and solving a Stackelberg game to select the best set of measurement paths under a budget constraint. Our evaluations on real topologies validate the efficacy of the proposed defense strategy while identifying areas for further improvement.