A Framework for Network Vulnerability Analysis

With increasing faults and attacks on the Internet infrastructure, there is an urgent need to develop techniques to analyze network and service vulnerability under organized fault attacks. Network vulnerability refers to the impact of attacks and faults on network and system behaviors. An accurate vulnerability analysis requires a deep understanding of failure modes and effects on each of the network components and the knowledge of how these components are inter-related at each point in time to various applications in a networked system. In this paper we present an agent based network vulnerability analysis framework and show how our framework can be used to analyze and quantify the system vulnerability under a Distributed Denial of Service (DDOS) attack scenario. Our approach can be described in terms of three steps: 1) Vulnerability Metrics – In this step we identify the metrics to be used to analyze the network vulnerability; 2) System State Characterization – In this step we define the thresholds to be used to characterize the node/system state to be in one of three states: Normal State, Uncertain State, and Vulnerable State and 3) Vulnerability Index Evaluation – In this step we evaluate the vulnerability of the network or application with respect to the vulnerability metrics defined in the first step. The vulnerability index can also be used as an indicator to trigger proactive and survivable methodologies to aid fast recovery at the earliest possible stages.