Attack-aware planning of transparent optical networks

https://doi.org/10.1016/j.osn.2015.03.005Get rights and content

Abstract

This work presents algorithms for the planning phase of wavelength division multiplexed (WDM) optical networks considering the impact of physical layer attacks. Since the signals in transparent WDM networks are transmitted all-optically without undergoing any Optical–Electrical–Optical (OEO) conversions, these networks are vulnerable to high-power jamming attacks. Due to crosstalk-induced interactions among different connections, malicious high-power signals can potentially spread widely in the network. To this end, it is necessary to plan an optical network in a way that the spread of an attack is minimized. In this work novel Integer Linear Programming (ILP) formulations are proposed that address the problem of routing and wavelength assignment (RWA) with the objective to minimize the propagation of the introduced high-power malicious signals. The physical layer attack propagation is modeled as interactions among connections through in-band and out-of-band channel crosstalk. In addition, Linear Programming (LP) relaxation techniques and heuristic algorithms are used to handle larger network instances. Performance results indicate that the proposed algorithms perform close to the traditional RWA algorithms in terms of total wavelength utilization of the network, while at the same time providing security against high-power jamming attacks by minimizing the total number of in-band and out-of-band lightpath interactions.

Introduction

In all-optical wavelength division multiplexed (WDM) networks data are transmitted through lightpaths, which may span multiple consecutive fibers. A lightpath is realized by determining a path between the source and the destination of a connection and allocating a free wavelength on all the links of the path. The selection of the path and the wavelength to be used by a lightpath is an important optimization problem, known as the routing and wavelength assignment (RWA) problem [1], [2].

The RWA problem is usually considered under two alternative traffic models. Offline (or static) lightpath establishment addresses the case where the set of connections is known in advance, usually given in the form of a traffic matrix that describes the number of lightpaths that have to be established between each pair of nodes. Dynamic (or online) lightpath establishment considers the case where connection requests arrive at random time instants, over a prolonged period of time, and are served dynamically upon their arrival, on a one-by-one basis.

In all-optical transparent networks, where data signals remain in the optical domain for the entire path and signal regeneration is not possible in intermediate nodes, the optical network is vulnerable to physical layer attacks. An attack is defined as an intentional action against the ideal and secure functioning of the network [3]. An overview of physical layer attacks can be found in [3] and [4]. In general, the physical layer attacks in transparent optical networks can be grouped in two main categories: eavesdropping and service disruption.

The first category of attacks is eavesdropping, in which case the main purpose of the attacker is to passively analyze the traffic in the network after gaining access to the information through an unauthorized observation method. To gain mid-span access to the fiber, the eavesdropper has to cut through and strip away the cable׳s outer jacket to access the individual fibers in its center. Once this is done, the eavesdropper has several ways to tap the optical signal, including fiber bending, optical splitting, evanescent coupling, V-groove cut, and optical scattering [5].

The second category of attacks is high-power jamming and can be classified into three categories based on the effects it inflicts on the signal: (i) in-band jamming that is the result of intra-channel crosstalk, (ii) out-of-band jamming that includes inter-channel crosstalk and nonlinearities, and (iii) gain competition in optical amplifiers, in which case a high-power jamming signal can increase its own power, thus resulting in reduction in the gain of the rest of the co-propagating channels on the same fiber. These types of attacks propagate through the transparent network affecting several connections and as a consequence the localization of an attack is a difficult problem. Due to the high bit rates of optical networks and the interaction of the connections, a jamming attack can cause a huge amount of information loss. Therefore, the limitation of attack propagation is a crucial consideration in designing transparent WDM optical networks.

There have been a few public reports of physical attacks on the fiber infrastructure; in 2000, three main trunk lines of Deutsche Telekom were breached at Frankfurt Airport in Germany and in 2003, an illegal eavesdropping device was discovered in Verizon׳s optical network. Utilizing this optical tap, it was believed that someone was trying to illegally access financial information prior to its release. Other reported international incidents for optical taps on proprietary networks include police networks in the Netherlands and Germany, and the networks of large pharmaceutical companies in the U.K. and France [6].

Furthermore, even when networks are protected by external threats, they are still vulnerable to attacks by malicious insiders, a threat that is usually very difficult to defend against. In general, there is heightened awareness about network infrastructures and the need to secure them from attacks from insiders as well as external entities. While a network can never be completely protected against insider threats, such threats can always be mitigated by designing the network in such a way that even if the network is attacked the effect of the attack is minimized. This is precisely the focus of this work as it will be explained in detail below.

A widely applicable security model is the confidentiality, integrity, and availability (CIA) triad. These three key principles should guide all secure systems. Confidentiality prevents unauthorized disclosure of sensitive information; integrity prevents unauthorized modification of data, systems, and information, thereby providing assurance of the accuracy of information and system; and availability is the prevention of loss of access to resources and information to ensure that information is available for use when it is needed.

Various security mechanisms are used in optical networks to protect the CIA triad. For example, certain strategies for confidentiality and integrity against eavesdropping in optical networks have been developed. They usually make use of modulation/encryption techniques to conceal the information in the optical network, increasing difficulty to access the contents of the information flow. Techniques like quantum cryptography, chaotic communications, optical code division multiple access (OCDMA), and electrical encryption can be used to make the interpretation of the observed data much more complex [7]. Moreover, in order to protect the availability in optical networks against service disruption and reduce the jamming attack impact, two different methods can be used. One approach is to use wavelength-selective attenuators as power equalizers inside network nodes in order to limit the propagation of high-power jamming attacks [8]. However, due to the increased cost of optical switching nodes associated with the addition of power equalizers, a second approach has been investigated in the literature that avoids the usage of costly network components and tries to solve the problem at the design phase of the network. This approach is the attack awareness of routing and wavelength assignment algorithms in order to reduce the interaction among lightpaths and as a consequence the spreading of the attack, which is also precisely the method investigated in this work.

The concept of preventive, attack-aware RWA problem was proposed in [9]. The authors formulate the routing sub-problem of RWA as an Integer Linear Programming (ILP) with the objective to decrease the potential damage of jamming attacks causing out-of-band crosstalk in fibers and gain competition in optical amplifiers. A tabu search heuristic is proposed to cover larger network instances. Moreover, in [10], authors propose a wavelength assignment approach to limit the potential propagation of in-band crosstalk attacks through the network, while authors in [11] extend upon their work in [10] by considering a more realistic case where crosstalk attacks can maximally spread in one or two steps (i.e., that secondary attacked signals are not strong enough for the attack to propagate further).

This work extends on previous methods presented in the literature, proposing an optimization approach with the objective to assign jointly routes and wavelengths to the traffic demands so as to minimize the impact of high-power signals through both in-band and out-of-band jamming attacks. Attack awareness is taken into consideration during the network planning phase so that the number of the affected connections from an intentional attack is minimized. In particular, the ILP formulations use constraints to minimize the impact of an attack through in-band and out-of-band jamming. By minimizing the channel interactions among lightpaths due to in-band and out-of-band crosstalk, the transition of high-power signals from one lightpath to another is also minimized. A preliminary work for in-band jamming attack was presented in [12]. The novelty of the ILP formulation derives from the fact that the routing and wavelength assignment problems are solved jointly, while at the same time both in-band crosstalk and out-of-band crosstalk are taken into account. Another key issue of the formulation is the use of a proper function that avoids the spread of the attacks. In addition, Linear Programming (LP) relaxation techniques are used to address the problem in larger scale networks. Moreover, heuristic algorithms are proposed that serve sequentially the connections in a particular order and a meta-heuristic algorithm (utilizing Simulated Annealing) is used to find better orderings in order to establish the requested connections.

The simulation results show that by considering attack-aware RWA algorithms, a significant decrease on the impact of in-band and out-of-band jamming attacks is achieved in transparent WDM networks, validating the need for such an approach during the planning phase of the network. Moreover, performance results indicate that the proposed algorithms also perform close to the traditional RWA algorithms in terms of total wavelength utilization of the network, thus demonstrating that the minimization of the impact of the attacks is not done at the expense of additional resource utilization.

The rest of the paper is organized as follows. Section 2 describes the physical layer attacks. This is followed in Section 3 by the proposed ILP formulations that account for the minimization of high-power signal propagation through in-band and out-of-band crosstalk, thus minimizing the effect of high-power jamming attacks. In Section 4, the heuristic algorithms and the Simulated Annealing technique are presented, followed by performance results in Section 5. Finally, Section 6 presents some concluding remarks.

Section snippets

Network and attack models

This section describes the network and the attack propagation models that are used in this work.

Attack-aware RWA problem

In this section, two Integer Linear Programming (ILP) formulations are presented aiming at minimizing the propagation of physical layer attacks, in terms of affected lightpaths through intra- and inter-channel crosstalk by high-power jamming attack signals. As explained in the previous section, a high-power input signal can affect a lightpath through intra- and inter-channel crosstalk and an affected lightpath can also affect other lightpaths, thus spreading the attack to other parts of the

Heuristic algorithms

In some cases, where the ILP formulations cannot be solved efficiently for large networks, it is desirable to obtain efficient heuristic algorithms. The proposed heuristic approaches solve the problem by sequentially serving one-by-one the connections and consist of three phases. In the first phase, k candidate paths are calculated for each requested connection. The k-shortest path algorithm utilized is the same as the one described in Section 3. In the second phase two alternatives can be

Simulation results

To evaluate the performance of the proposed algorithms, a number of simulation experiments were performed. In the simulations two network topologies were considered as shown in Fig. 6; a small network topology that comprises of 6 nodes and 9 links and the generic Deutsche Telekom network topology (DTnet) that comprises of 14 nodes and 26 links. For solving the LP and ILP related formulations, the Gurobi library was used [16]. For each instance of the ILP formulations, a time limit of 3 h (Gurobi

Conclusion

This work proposed several algorithms for solving the RWA problem during the design phase of a transparent WDM optical network with the objective of minimizing the high-power in-band and out-of-band crosstalk propagation which is caused when a high-power jamming signal is maliciously introduced in the network at a specific network node. Several ILPs with different optimization functions were developed and a relaxation technique was used to obtain solutions for larger problems. Moreover,

Acknowledgment

This work was supported in part by the Cyprus Research Promotion Foundation׳s Framework Programme for Research, Technological Development and Innovation (DESMI 2008), co-funded by the Republic of Cyprus and the European Regional Development Fund, and specifically under Grant Project New Infrastructure/Strategic/0308/26. This research has also received funding from the People Programme (Marie Curie Actions) of the European Union׳s Seventh Framework Programme (FP7/2007-2013) under REA Grant

References (16)

There are more references available in the full text version of this article.

Cited by (34)

  • Confidentiality meets protection in elastic optical networks

    2021, Optical Switching and Networking
    Citation Excerpt :

    In general, the security measures utilized must consider different types of attacks including service disruption and unauthorized access to information, where the availability of the network and the confidentiality of the information is compromised, respectively [6,7]. Several works in the literature have focused on these attacks and have proposed solutions to protect against them and/or deter them [8–12]. Specifically, for the case of eavesdropping attacks, a technique that has been used extensively in optical networks is network coding (NC), where the data of different connections are combined and transmitted together through the network [11,12].

  • Optimization algorithms for the proactive configuration of elastic optical networks under jamming attacks and demand uncertainty

    2021, Optical Switching and Networking
    Citation Excerpt :

    Specifically, to solve this problem and establish a set of connection requests, a set of spectrum allocation (SA) constraints must be satisfied, namely the spectrum continuity, the spectrum contiguity, and the non-overlapping spectrum constraints [3]. In addition to the RSA problem, physical layer security in optical networks has also recently gained significant attention by the research community [4–10]. The focus of these works is mainly on mitigating jamming [6,7] and eavesdropping [8–10] attacks.

  • Attack-aware resource planning and sparse monitor placement in optical networks

    2018, Optical Switching and Networking
    Citation Excerpt :

    An attack is defined as an intentional action against the ideal and secure functioning of the network [7]. Significant research work has been carried over the last few years on the topic of physical layer threats and attacks in optical networks [7–17]. In general, there are two main categories of physical layer attacks in transparent optical networks, namely (i) eavesdropping and (ii) service disruption.

View all citing articles on Scopus
View full text