The robustness of a network's connectivity to other networks is often highly dependent on a few critical nodes and links that tie the network to the larger topology. The failure or degradation to such network bottlenecks can result in outages that may propagate throughout the network. Unfortunately, the presence of the bottlenecks also offers opportunities for targeted link flooding attacks (LFAs). Researchers have proposed a new and promising defense to counter LFAs, referred to as topology deception. This strategy centers on hindering the discovery of bottlenecks by presenting false trace responses to adversaries as they perform topological probing of the target network. Even though the goal of topology deception centers on obscuring critical links, node dependencies can be exploited by an adversary. However, current approaches do not consider a wide range of metrics that may reveal important and diverse aspects of network bottlenecks. Furthermore, existing approaches create a simple form of virtual topology, which is subject to relatively easy detection by the adversary, reducing its effectiveness. In this paper, we propose a comprehensive topology deception framework, which we refer to as BottleNet. Our suggested approach can analyze various network topology features both with respect to static and dynamic metrics and then use this information to identify bottlenecks, finally producing complex virtual topologies that are resilient to adversarial detection.

中文翻译：

---

BottleNet：使用基于 SDN 的拓扑欺骗隐藏网络瓶颈


网络与其他网络的连接的稳健性通常高度依赖于将网络与更大的拓扑连接起来的一些关键节点和链路。此类网络瓶颈的故障或性能下降可能会导致整个网络传播的中断。不幸的是，瓶颈的存在也为有针对性的链路洪泛攻击（LFA）提供了机会。研究人员提出了一种新的、有前途的防御方法来对抗 LFA，称为拓扑欺骗。该策略的核心是在对手对目标网络进行拓扑探测时向对手提供错误的跟踪响应，从而阻碍瓶颈的发现。尽管拓扑欺骗的目标集中在模糊关键链接上，但节点依赖性可能会被对手利用。然而，当前的方法没有考虑可能揭示网络瓶颈的重要和不同方面的广泛指标。此外，现有方法创建了一种简单形式的虚拟拓扑，这种形式很容易被对手检测到，从而降低了其有效性。在本文中，我们提出了一个全面的拓扑欺骗框架，我们将其称为 BottleNet。我们建议的方法可以分析静态和动态指标方面的各种网络拓扑特征，然后使用这些信息来识别瓶颈，最终生成能够抵抗对抗性检测的复杂虚拟拓扑。