Schneier on Security

A blog covering security and security technology.

« Cartoon on Spamming | Main | A Model Regime of Privacy Protection »

February 6, 2006

The Topology of Covert Conflict

Interesting research paper by Shishir Nagaraja and Ross Anderson. Implications for warfare, terrorism, and peer-to-peer file sharing:

Abstract:
Often an attacker tries to disconnect a network by destroying nodes or edges, while the defender counters using various resilience mechanisms. Examples include a music industry body attempting to close down a peer-to-peer file-sharing network; medics attempting to halt the spread of an infectious disease by selective vaccination; and a police agency trying to decapitate a terrorist organisation. Albert, Jeong and Barabási famously analysed the static case, and showed that vertex-order attacks are effective against scale-free networks. We extend this work to the dynamic case by developing a framework based on evolutionary game theory to explore the interaction of attack and defence strategies. We show, first, that naive defences don’t work against vertex-order attack; second, that defences based on simple redundancy don’t work much better, but that defences based on cliques work well; third, that attacks based on centrality work better against clique defences than vertex-order attacks do; and fourth, that defences based on complex strategies such as delegation plus clique resist centrality attacks better than simple clique defences. Our models thus build a bridge between network analysis and evolutionary game theory, and provide a framework for analysing defence and attack in networks where topology matters. They suggest definitions of efficiency of attack and defence, and may even explain the evolution of insurgent organisations from networks of cells to a more virtual leadership that facilitates operations rather than directing them. Finally, we draw some conclusions and present possible directions for future research.

Posted on February 6, 2006 at 7:03 AM • 6 Comments • View Blog Reactions

To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.

Comments

It's an interesting paper, but you need to read other papers by Ross Anderson to fully get your head around it.

Posted by: Clive Robinson at February 6, 2006 1:00 PM

@Clive

I think I managed to grok it fully with minimal background. It's very well-written.

It's an interesting problem, and I sort of wonder whether it would make an interesting game, in the actually having fun with it sense.

Posted by: Mithrandir at February 6, 2006 2:35 PM

yes - interesting.

Its application to say p2p networks however would be non-trival. As always. Most of the defense strategies require signifcant cooperation from the nodes, and in a p2p this is not always the case. eg bittorrent and leachers.

However it would be interesting to note how these networks form anyway. I know from my own work on p2p networks (i'm in NZ) that there are a number of well conected "underground" networks, that are only loosely contected to each other. Like a clique really. But the more "public" networks are pretty much scale free. Theres bound to be some good litrature thats more applicable than this, but that will have to wait for now.

Posted by: A Kiwi at February 6, 2006 3:05 PM

interesting paper, but how in the world can you put terrorist, music industry and fileshares into a paper abstract? The just mist to mention nazis...

Posted by: Anonymous at February 6, 2006 7:27 PM

I love Anderson's papers; they are always extremely well written and thought provoking.

Posted by: nihilistic at February 8, 2006 3:24 AM

The papers coming out of Anderson's laboratory show why it is important for computer scientists to learn to write English. I read "Security Engineering" three times, for the sheer joy of the language, before I noticed that I was listed in the references.
If you can't write about something clearly and perspicuously then you probably don't really understand it.

Posted by: Unthinking at April 30, 2006 3:32 AM