As a tool to infer the internal state of a network that cannot be measured directly, network tomography has been extensively studied under the assumption that the measurements truthfully reflect the end-to-end performance of measurement paths, which makes the resulting solutions vulnerable to manipulated measurements. In this work, we investigate the impact of manipulated measurements via a recently proposed attack model called the stealthy DeGrading of Service (DGoS) attack, which aims at maximally degrading the performance of targeted paths without exposing the manipulated links to network tomography. While existing studies on this attack assumed that network tomography only measures the paths actively used for data transfer (via passive measurements), our model allows network tomography to measure a larger set of paths, e.g., by sending probes on some paths not carrying data flows. By developing and analyzing the optimal attack strategy, we quantify the maximum damage of such an attack. We further develop a defense strategy by formulating and solving a Stackelberg game to select the best set of measurement paths under a budget constraint. Our evaluations on real topologies validate the efficacy of the proposed defense strategy while identifying areas for further improvement.

中文翻译：

---

针对网络断层扫描的隐形 DGoS 攻击：主动测量的作用


作为推断无法直接测量的网络内部状态的工具，网络层析成像技术在测量真实反映测量路径的端到端性能的假设下得到了广泛的研究，这使得所得的解决方案容易受到操纵。测量。在这项工作中，我们通过最近提出的一种称为隐形服务降级（DGoS）攻击的攻击模型来调查操纵测量的影响，该攻击模型旨在最大限度地降低目标路径的性能，而不会将操纵的链接暴露给网络断层扫描。虽然关于这种攻击的现有研究假设网络断层扫描仅测量主动用于数据传输的路径（通过被动测量），但我们的模型允许网络断层扫描测量更大的路径集，例如，通过在不承载数据流的某些路径上发送探针。通过开发和分析最佳攻击策略，我们量化了此类攻击的最大损害。我们通过制定和解决 Stackelberg 博弈来进一步开发防御策略，以在预算约束下选择最佳的测量路径集。我们对真实拓扑的评估验证了所提出的防御策略的有效性，同时确定了需要进一步改进的领域。