Network tomography is a powerful tool to monitor the internal state of a closed network that cannot be measured directly, with broad applications in the Internet, overlay networks, and all-optical networks. However, existing network tomography solutions all assume that the measurements are trust-worthy, leaving open how effective they are in an adversarial environment with possibly manipulated measurements. To understand the fundamental limit of network tomography in such a setting, we formulate and analyze a novel type of attack that aims at maximally degrading the performance of targeted paths without being localized by network tomography. By analyzing properties of the optimal attack strategy, we formulate novel combinatorial optimizations to design the optimal attack strategy, which are then linked to well-known NP-hard problems and approximation algorithms. As a byproduct, our algorithms also identify approximations of the most vulnerable set of links that once manipulated, can inflict the maximum performance degradation. Our evaluations on real topologies demonstrate the large potential damage of such attacks, signaling the need of new defenses.

中文翻译：

---

隐身 DGoS 攻击：网络断层扫描监视下的服务降级

网络断层扫描是监控无法直接测量的封闭网络内部状态的强大工具，在互联网、覆盖网络和全光网络中有着广泛的应用。然而，现有的网络断层扫描解决方案都假设测量值是值得信赖的，因此它们在可能被操纵的测量值的对抗性环境中的有效性是开放的。为了了解网络断层扫描在这种情况下的基本限制，我们制定并分析了一种新型攻击，旨在最大限度地降低目标路径的性能，而不会被网络断层扫描定位。通过分析最优攻击策略的特性，我们制定了新的组合优化来设计最优攻击策略，然后将它们链接到众所周知的 NP-hard 问题和近似算法。作为副产品，我们的算法还识别了最易受攻击的一组链接的近似值，这些链接一旦被操纵，就会造成最大的性能下降。我们对真实拓扑的评估证明了此类攻击的巨大潜在损害，表明需要新的防御措施。