The K-observer problem in computer networks

For any non-negative integer K, a K-observer P of a network N is a set of nodes in N such that each message, that travels at least K hops in N, is handled (and so observed) by at least one node in P. A K-observer P of a network N is minimum iff the number of nodes in P is less than or equal the number of nodes in every K-observer of N. The nodes in a minimum K-observer of a network N can be used to monitor the message traffic in network N, detect denial-of-service attacks, and act as firewalls to identify and discard attack messages. This paper considers the problem of constructing a minimum K-observer for any given network. We show that the problem is NP-hard for general networks, and give linear-time algorithms for constructing minimum or near-minimum K-observers for special classes of networks: trees, rings, L-rings, and large grids.

[1]  Yu Gu,et al.  Disjoint-Path Facility Location: Theory and Practice , 2011, ALENEX.

[2]  Lili Qiu,et al.  Overlay Node Placement: Analysis, Algorithms and Impact on Applications , 2007, 27th International Conference on Distributed Computing Systems (ICDCS '07).

[3]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[4]  V. Chvátal A combinatorial theorem in plane geometry , 1975 .

[5]  Hrishikesh B. Acharya,et al.  Firewall modules and modular firewalls , 2010, The 18th IEEE International Conference on Network Protocols.

[6]  TsengYu-Chee,et al.  The coverage problem in a wireless sensor network , 2005 .

[7]  Lili Qiu,et al.  On the placement of Web server replicas , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[8]  Ronald L. Rivest,et al.  Introduction to Algorithms, Second Edition , 2001 .

[9]  Robert Tappan Morris,et al.  Span: An Energy-Efficient Coordination Algorithm for Topology Maintenance in Ad Hoc Wireless Networks , 2001, MobiCom '01.

[10]  Kenneth L. Calvert,et al.  Modeling Internet topology , 1997, IEEE Commun. Mag..

[11]  Richard M. Karp,et al.  Reducibility Among Combinatorial Problems , 1972, 50 Years of Integer Programming.

[12]  Mohamed G. Gouda,et al.  A model of stateful firewalls and its properties , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).

[13]  Sung-Ju Lee,et al.  Wireless Ad Hoc Multicast Routing with Mobility Prediction , 2001, Mob. Networks Appl..

[14]  Miodrag Potkonjak,et al.  Coverage problems in wireless ad-hoc sensor networks , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[15]  Michalis Faloutsos,et al.  On power-law relationships of the Internet topology , 1999, SIGCOMM '99.

[16]  J. Jewkes,et al.  Theory of Location of Industries. , 1933 .

[17]  Dan Pei,et al.  TowerDefense: Deployment strategies for battling against IP prefix hijacking , 2010, The 18th IEEE International Conference on Network Protocols.

[18]  Peng-Jun Wan,et al.  Message-optimal connected dominating sets in mobile ad hoc networks , 2002, MobiHoc '02.

[19]  Ronald L. Rivest,et al.  Introduction to Algorithms , 1990 .

[20]  Raymond E. Miller,et al.  Complexity of Computer Computations , 1972 .

[21]  Peng-Jun Wan,et al.  Distributed Construction of Connected Dominating Set in Wireless Ad Hoc Networks , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.

[22]  Yu-Chee Tseng,et al.  The Coverage Problem in a Wireless Sensor Network , 2003, WSNA '03.

[23]  Jonathan Cole Smith,et al.  A packet filter placement problem with application to defense against spoofed denial of service attacks , 2007, Eur. J. Oper. Res..

[24]  Ehab Al-Shaer,et al.  Automated pseudo-live testing of firewall configuration enforcement , 2009, IEEE Journal on Selected Areas in Communications.