Topology Awareness on Network Damage Assessment and Control Strategies Generation

Threatens faced by large-scale network attacks, it is of great importance to exert an emergency response, in order to mitigate the further hazardous caused by network attacks. To implement a reasonable control strategy, a minimal set of routers is computed in a network that can be used to control and reduce damage done by a large-scale attack such as worm or DDOS attacks. Our work focuses on large network while previous works focus on LANs. We proposed rules to choose these routers based on the network topology and based on risk assessment. Many topological factors are considered into the control strategy process, the control router sets selecting algorithm based on entropy was put forward. According to the incidents distribution on the topology, the factor of macroscopic epidemic status is proposed by the method of quantitative and qualitative analysis, which offers administrators the direct decisive advice to prevent network security event from overspreading and minimize the costs. At last, the experiment effectively proved the evaluation framework and the control algorithm.