The Topology of Covert Conflict

Interesting research paper by Shishir Nagaraja and Ross Anderson. Implications for warfare, terrorism, and peer-to-peer file sharing:

Abstract:

Often an attacker tries to disconnect a network by destroying nodes or edges, while the defender counters using various resilience mechanisms. Examples include a music industry body attempting to close down a peer-to-peer file-sharing network; medics attempting to halt the spread of an infectious disease by selective vaccination; and a police agency trying to decapitate a terrorist organisation. Albert, Jeong and Barabási famously analysed the static case, and showed that vertex-order attacks are effective against scale-free networks. We extend this work to the dynamic case by developing a framework based on evolutionary game theory to explore the interaction of attack and defence strategies. We show, first, that naive defences don’t work against vertex-order attack; second, that defences based on simple redundancy don’t work much better, but that defences based on cliques work well; third, that attacks based on centrality work better against clique defences than vertex-order attacks do; and fourth, that defences based on complex strategies such as delegation plus clique resist centrality attacks better than simple clique defences. Our models thus build a bridge between network analysis and evolutionary game theory, and provide a framework for analysing defence and attack in networks where topology matters. They suggest definitions of efficiency of attack and defence, and may even explain the evolution of insurgent organisations from networks of cells to a more virtual leadership that facilitates operations rather than directing them. Finally, we draw some conclusions and present possible directions for future research.

Posted on February 6, 2006 at 7:03 AM • 6 Comments

Comments

Clive RobinsonFebruary 6, 2006 1:00 PM

It's an interesting paper, but you need to read other papers by Ross Anderson to fully get your head around it.

MithrandirFebruary 6, 2006 2:35 PM

@Clive

I think I managed to grok it fully with minimal background. It's very well-written.

It's an interesting problem, and I sort of wonder whether it would make an interesting game, in the actually having fun with it sense.

A KiwiFebruary 6, 2006 3:05 PM

yes - interesting.

Its application to say p2p networks however would be non-trival. As always. Most of the defense strategies require signifcant cooperation from the nodes, and in a p2p this is not always the case. eg bittorrent and leachers.

However it would be interesting to note how these networks form anyway. I know from my own work on p2p networks (i'm in NZ) that there are a number of well conected "underground" networks, that are only loosely contected to each other. Like a clique really. But the more "public" networks are pretty much scale free. Theres bound to be some good litrature thats more applicable than this, but that will have to wait for now.

AnonymousFebruary 6, 2006 7:27 PM

interesting paper, but how in the world can you put terrorist, music industry and fileshares into a paper abstract? The just mist to mention nazis...

nihilisticFebruary 8, 2006 3:24 AM

I love Anderson's papers; they are always extremely well written and thought provoking.

UnthinkingApril 30, 2006 3:32 AM

The papers coming out of Anderson's laboratory show why it is important for computer scientists to learn to write English. I read "Security Engineering" three times, for the sheer joy of the language, before I noticed that I was listed in the references.
If you can't write about something clearly and perspicuously then you probably don't really understand it.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient Systems, Inc.