Situational Awareness for Improving Network Resilience Management

Computer networks, widely used by enterprises and individuals nowadays, are still vulnerable when facing traffic injection, human mistakes, malicious attacks and other failures though we spend much more time and cost on security, dependability, performability, survivability, and risk assessment to make the network provide resilient services. This is because these measures are commonly viewed as closely related but a practical means of linking them is often not achieved. Network resilience research brings together all the planning that the network can be managed at a holistic view of resilience management. This paper focuses on network resilience management from “reactive” paradigm to a “proactive” one through Situational Awareness (SA) of internal factors of network and external ones of complex, dynamic and heterogeneous network environment. After surveying the research of network resilience and resilience assessment in the network, we give a model to discuss how to construct awareness of resilience issues which includes four stages. The first step is to get the situational elements about what we are interested in. Second, to understand what happened and what is going on in the networks, pattern learning and pattern matching are exploited to identify challenge. Then, to make proactive resilience management, we need to predict challenges and look for potential ones at this stage. At the fourth stage, resilience management can help take actions of remediation and recovery according to the policy of defender and attacker. After that, the two players’ behaviors of defender and attacker are modeled in the same model by using Extended Generalized Stochastic Game Nets (EGSGN) which combines Game theory into Stochastic Petri Nets. Finally, we give a case study to show how to use EGSGN to depict the network resilience situation in the same model.

[1]  Bruno Sousa,et al.  REF: Resilience Evaluation Framework , 2010, International Congress on Ultra Modern Telecommunications and Control Systems.

[2]  R. Martin,et al.  Resilience Analysis of Packet-Switched Communication Networks , 2009, IEEE/ACM Transactions on Networking.

[3]  Mica R. Endsley,et al.  Toward a Theory of Situation Awareness in Dynamic Systems , 1995, Hum. Factors.

[4]  Jean Goubault-Larrecq,et al.  A Logical Framework for Evaluating Network Resilience Against Faults and Attacks , 2007, ASIAN.

[5]  Achim Autenrieth,et al.  Differentiated resilience in IP based multilayer transport networks , 2003 .

[6]  Malgorzata Steinder,et al.  Probabilistic fault localization in communication systems using belief networks , 2004, IEEE/ACM Transactions on Networking.

[7]  Chen-Nee Chuah,et al.  A case for using service availability to characterize IP backbone topologies , 2006, Journal of Communications and Networks.

[8]  David Hutchison,et al.  Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines , 2010, Comput. Networks.

[9]  Azad M. Madni,et al.  Towards a Conceptual Framework for Resilience Engineering , 2009, IEEE Systems Journal.

[10]  Tim Bass,et al.  Intrusion detection systems and multisensor data fusion , 2000, CACM.

[11]  Tibor Cinkler,et al.  Quality of resilience as a network reliability characterization tool , 2009, IEEE Network.

[12]  Aun Haider,et al.  Recovery techniques in next generation networks , 2007, IEEE Communications Surveys & Tutorials.

[13]  Shi Qian,et al.  Evaluation of network resilience, survivability, and disruption tolerance: analysis, topology generation, simulation, and experimentation , 2013, Telecommun. Syst..

[14]  Bjarne E. Helvik,et al.  A survey of resilience differentiation frameworks in communication networks , 2007, IEEE Communications Surveys & Tutorials.

[15]  Jean-Luc Gaudiot,et al.  Network Resilience: A Measure of Network Fault Tolerance , 1990, IEEE Trans. Computers.

[16]  Erik M. Ferragut,et al.  Modeling cyber conflicts using an extended Petri Net formalism , 2011, 2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS).

[17]  David Hutchison,et al.  Towards Resilient Networks Using Situation Awareness , 2011 .

[18]  Suresh L. Konda,et al.  The Survivability of Network Systems: An Empirical Analysis , 2000 .

[19]  Anu Gokhale Computer and Network Security , 2002 .

[20]  Peng Ning,et al.  Reasoning about complementary intrusion evidence , 2004, 20th Annual Computer Security Applications Conference.

[21]  Jose B. Cruz,et al.  Game Theoretic Approach to Threat Prediction and Situation Awareness , 2006, 2006 9th International Conference on Information Fusion.

[22]  David Hutchison,et al.  A framework for the design and evaluation of network resilience management , 2012, 2012 IEEE Network Operations and Management Symposium.

[23]  Rick Dove,et al.  Patterns of Self-Organizing Agile Security for Resilient Network Situational Awareness and Sensemaking , 2011, 2011 Eighth International Conference on Information Technology: New Generations.

[24]  Andreas Mauthe,et al.  Policy-driven network simulation: a resilience case study , 2011, SAC '11.

[25]  Bernhard Plattner,et al.  Network resilience: a systematic approach , 2011, IEEE Communications Magazine.

[26]  Richard Ford,et al.  A hybrid cognitive-neurophysiological approach to resilient cyber security , 2010, 2010 - MILCOM 2010 MILITARY COMMUNICATIONS CONFERENCE.

[27]  David Hutchison,et al.  Challenge identification for network resilience , 2010, 6th EURO-NGI Conference on Next Generation Internet.