Abstract
It is crucial for large-scale communication networks such as the internet to be resilient against attacks such as censorship and surveillance, which pose a threat to free expression and free association. Self-organized networks such as the internet’s router network typically have heavy-tailed degree distributions, making them highly vulnerable to targeted attacks against central nodes. While cryptographic solutions exist, they fail to address the underlying topological problem, and remain vulnerable to man-in-the-middle attacks and coercion. Coercion-resistant, topological approaches to attack tolerance are needed to address the current vulnerability of communications infrastructure to censorship and surveillance. We present a novel concurrent multipath routing (CMR) algorithm for the wraparound butterfly network topology, as well as a highly attack-tolerant Structured Multipath Fault Tolerance (SMFT) architecture which incorporates the butterfly CMR algorithm. We also identify a previously unexplored relationship between network topology, trust transitivity, and attack-tolerance, and provide a framework for further exploration of this relationship. Our work is the first theoretical demonstration of a point-to-point communication network architecture that can resist coercion and other non-technical attacks, without requiring infinitely transitive trust. To address cases where the network structure cannot be fully controlled, we demonstrate how a snapshot of the internet’s router network can be partially rewired for greater attack-tolerance. More broadly, we hope that this work will serve as a starting point for the evelopment of additional topology-based attack-tolerant communication architectures to guard against the dangers of censorship and surveillance.
Highlights
Is it possible for any large-scale communication network to resist targeted attacks? The internet was originally designed to withstand targeted attacks [1], and the resilience of the internet has long been part of common wisdom [2]
We prove that the number of h-internally vertex disjoint paths between two nodes in a directed wrap-around butterfly network is exactly 2h, and present a scalable and efficient concurrent multipath routing (CMR) algorithm to find these paths, which can be combined with structured multipath fault tolerance (SMFT) to achieve a high level of attack-tolerance
We have found very few examples of CMR applied to adversarial fault tolerance in the existing literature, and all have focused on ad-hoc wireless sensor networks, without attention to the role of network structure
Summary
Is it possible for any large-scale communication network to resist targeted attacks? The internet was originally designed to withstand targeted (nuclear) attacks [1], and the resilience of the internet has long been part of common wisdom [2]. The action (known as a black hole attack) was intended to censor YouTube within Pakistan only, but resulted in a worldwide cascading failure when a router misconfiguration allowed the false routing information to propagate outside of Pakistan This incident exemplifies the type of attack requiring a topological approach. We prove that the number of h-internally vertex disjoint paths between two nodes in a directed wrap-around butterfly network is exactly 2h, and present a scalable and efficient concurrent multipath routing (CMR) algorithm to find these paths, which can be combined with SMFT to achieve a high level of attack-tolerance. We show that rewiring a the edges of the internet’s router network to resemble a butterfly network allows it to tolerate a higher number of failures without fragmenting, and increases the effective redundancy in the presence of a large number of adversarial faults.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
