(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 7, October 2010
Improved Computer Networks ResilienceUsing Social Behavior
Yehia H. Khalil
1,2
, Walaa M. Sheta
1
1
Dept. of Virtual Reality & Computer GraphicsInformatics Research Institute, MuCSAT New Borg El-Arab, Egyptyehia.khalil@louisville.edu,wsheta@mucsat.sci.eg
Adel S. Elmaghraby
2
Dept. Computer Science and Computer EngineeringUniversity of LouisvilleLouisville, KY, USAadel@louisville.edu
Abstract
—
Current information systems face many challengesin terms of malicious activities, hacking threats and naturaldisasters. A key challenge is to design a resilientcommunication networks that can provide high performancelevel with minimum disconnected points and delay. This paperpresents a novel approach to discover the most criticalnetwork’s nodes based on social network analysis (SNA) whichhave been used for social studies and recently have been widelyused in many domains. The main focus of social networkanalysis is to study the “relations” between network nodes. Inprinciple, critical network’s nodes will be identified based ontheir magnitude for the network in terms of centrality: Degree,Betweens and Closeness. The results show that using socialnetwork analysis enhances computer network resilience byidentifying the critical elements of communication network.
(Abstract)
Keywords- Network Resilience; Social Network Analysis; Redundancy; Critical Cyber Infrastructure. (key words)
I.
I
NTRODUCTION
Computer networks are a combination of severalresources: software, hardware and others. A resilientcomputer network refers to the ability of the network tooperate and provide services with minimum delay under sever operational conditions and the ability to recover of thefailure within acceptable time range. A diversity of failureswhich can cause local or wide disconnection, failures used to be caused by downtime of devices or miner power outage,yet other categories such as natural disasters, and maliciousactivates both for software or hardware elements had beenadded to the list [1].Resilience is a very basic and significant prerequisite for any information system, the term Resilience has been definedin several domains. The main characteristics of any resilientsystem are: continuity of service delivery under unexpectedoperational environment and speed recovery from any failure[2]. Subsequently, a resilient computer network is thenetwork which provides high data transfer rate withminimum latency. Building a resilient computer network involve several considerations: identifying critical elements, provide alternatives, develop recovery policies andmechanisms.The main focus of this work is to investigate the use of social network analysis for identifying computer networkscritical elements. So network managers, planner anddesigners can develop better recovery plans and selectedelements to be redundant.Social network is a social construction made of nodessuch as individuals, organizations, etc. which are called"nodes/stars" which are attached to each other by one or many connections/relations such as financial exchange,similar interest, common experiences, etc. [3] the followingFig.1 illustrates a simple social network.
Figure 1. Simple Social Network Example
As shown, each entity can be connected to any number of entities; also the relation between the entities can be onedirection or bi-direction based on the relations type. [4]The conventional data representations differ on socialnetworks in several aspects such as: the focus of socialnetwork is the relation between elements and the ability to build layers based on the amount of details targeted to bestudy, for example the relation between the governmentorganizations can be represented by one network and another layer can represent the relation between the departmentswithin the same organization. In addition, figure 1illsturatethe relations between the entities are very clear in terms of level of the relations as visualized by the link width alsowhich entity are connected to all or some of the nods whichreflects the entity magnitude which highlight the difference between the difference between the social network representation and other data representations.Social network analysis has been used for several years asanalysis tool of social relation between humans in thesociology domain as humans tend to group based their interest, experience and etc.
208http://sites.google.com/site/ijcsis/ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 7, October 2010
II.
B
ACKGROUND
This section demonstrates the computer networksresilience and social network analysis concepts.
A.
Computer Networks Resilience
As a matter of fact, everything in our life relies oncommunications and computer networks represent a large portion of it. Currently our computer networks are notresilient or secure enough to face the strategic vulnerabilitiesof the nation [5]. Generally, the computers, servers, etcwhich are connected to the network are attacked for severalreasons. However, using certain techniques such as usingvirtual privet network (VPN), encryption, firewalls, and other techniques can eliminate many of those attacks. Yet hackers,natural disasters can target other network elements such arerouters, in many cases hackers amid to shutdown routers todevelop discontinuity holes or developing maliciousactivities affect network performance and security [6].A major step in building resilient network is identifyingthe critical elements which would need extra attention andsecure them using the appropriate techniques. Network managers, designer and planners tend to use redundancy toavoid network failures. The following figure (Fig. 2)illustrates how redundancy can enhance network resilience.
Figure 2. Network Example
As Fig. 2 shows, there are six nodes connected throughseven links. At any time one of the links or the nodes can bedown, the best way to ensure resilience is to redundant all theserver and create a full connect network (Mesh).Unfortunately, that would be a very expensive solution notmany can afford. The second approach is to determine themost important critical elements which need to be redundantand develop policies and algorithms for speedy activation for the backup devices.
B.
Social Network Analysis
Social network analysis is an emerging set of techniquesand schemes for data analysis, many researchers andscientists introduced several definitions based on their domain of interest. For example
Hannemann
proposed: “
Asocial network is a set of actors that may have relationshipswith one another. Networks can have few or many actors(nodes), and one or more kinds of relations (edges) between pairs of actors.
” [7]The major deviation for social network analysis over theother traditional approaches is its focus is to analyzeinformation based on the relation between data entities.Social network can be represented as matrices or graphs; the plus of using graph is the ability to represent different typesof relations between the nods. One of the important conceptsof social networks analysis is the hierarchical analysis, asthe analysis can be proceed on different levels: Node,Dyadic, Triadic, Subset, and Network level [8]. However,the focus of the majority of research work is narrowed to thenode and network level.At network level, network density can be obtained bydividing the number of relations by the number all possiblerelations, the result various between 0 and 1and the higher ratio the denser network [8]. Another level would be thenode level where it more concern about how important is thenode? How popular is the node? Is it a central node?Within the context of social networks the term power/centrality refers to the impact of this node on othersnods, and what would be the consequence in case of removing this node. Social network analysis offers threemeasurements for centrality: Degree centrality, Closenesscentrality and Betweenness centrality [9] [10]
.
Degree Centrality
: the degree centrality of a node A (DC
a
)is number of connections/relations the node has. Thenode/actor with higher number of relations or ties maintainsa higher traffic (in/out).
n jiji
a N DC
1
)(
Where:
DC (N
i
): Degree Centrality of node N
i
,
A
:
an adjacent matrix of relations network,
n:
number of nodes.
Centrality closeness
:
indicates how a node N
i
close to theother nodes, depending on the application closeness wouldhave different ways to be calculated. In computer networksscenario, our target will be physical distance.
n j jii
N N d N CC
1
),(/1)(
Where:
CC (N
i
): Closeness of N
i
,
d(N
i
, N
j
)
:
absolute distance between node N
i
and node N
j
,
n:
number of nodes.
Centrality Betweenness
: it measure characterizes of nodesas having a powerful positional i.e. a node is frequentlyshown in communication paths between any other nodes.
k jk jik ji
P N P N CB
,,,
)()(
Where:
CB (N
i
): Betweeness of N
i
,
P
j,k
(N
i
)
:
shortest path between N
j
, N
k
and has N
i
on it
P
j,k
: shortest path between N
j
, N
k
The following section will illustrate the network resilience problem and the proposed approach to enhance it.
209http://sites.google.com/site/ijcsis/ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 7, October 2010
III.
P
ROBLEM STATEMENT
Computer networks are the core on any informationsystem, the ability of any network to maintain an acceptableservice level throughout malicious activities is calledresilience [5]. Anchored in resilience definition, building aresilient computer network consolidates two main aspects:I.
Device’s redundancy: installing backup devices,such as power supplies, routers, switches, etc. thatkicks in when the primary fails.II.
Develop recovery methodologies and Policies: howto use the backup systems to ensure minimumquality of services (QoS) variation in case of emergency.Venders will tell that we need to go with full redundancywhich is great but that will requires large investments andalso is complex for monitoring or management purposes.Therefore selecting the critical elements to be redundant is avital process, calculating the probability of system failure isone of the well known approaches for redundancy as themore duplication the less failure probability [11].By enlarge this approach have several drawbacks such as:assuming failure independency and non-realistic estimationof different probability weights. The uses of social network analysis provide more realistic information about nodesimportance and consider the correlation between devicesfailure.Several routing and networking parameters can beaffected when one of the routers fail down such as network latency, routing tables size, and packet drop rate. In thisstudy we will focus on network latency as it can reflect theoverall network performance. The failure of a critical router or node should cause a huge change on network latency, sowith no backup devices installed scenario the methodologyis to evaluate network latency change to validate the socialnetwork analysis approach.IV.
E
XPERIMENTS
The main purpose of those experiments it is to validate theability of social network analysis methods at identifyingcritical routers within a network.
Experiments configuration
: for illustration purpose, thesimulation scenarios were based on a modified version of the University of Louisville computer routers infrastructureas shown in the Fig. 3 [12]. The physical topology wasimported to the OPNET simulation tool, also network trafficwere collected between network routers and exported to thesimulation tool.
Testing scenarios
: For testing purpose, malicious activeswere simulated either by injecting the system withoverloading traffic or implementing a node failure. A traffic broadcasting node was hocked up to the network toimplement both scenarios, the traffic generation processfollows the Exponential distribution with
λ
=0.025and 1 asshown on Fig 4.
Figure 3. University of Louisville Gigabyte Backbone(Source: Miller Information Technology Center, U. of Louisville)
Figure 4. Traffic Generation Node Configurations
For validation purpose, simulation will run with tworouters fail/recovery scenario and network latencyinformation will be collected. As shown in the followingfigures: Fig. 5 shows the modified network and Fig. 6 showsnetwork latency has two cases of variation (A, B) althoughthat the failed/recover routers have the samecapacity/configuration/manufactures, it was shown that eachone has affected the network latency differentially.
Figure 5. Network Topology
210http://sites.google.com/site/ijcsis/ISSN 1947-5500
Search History:
Result 00 of 00
00 results for result for
p.
Improved Computer Networks resilience Using Social Behavior
Current information systems face many challenges in terms of malicious activities, hacking threats and natural disasters. A key challenge is to design a resilient communication networks that can provide high performance level with minimum disconnected points…
(More)
602
Reads
1
Readcasts
1
Embed Views
More From This User
Notes
Load more
