James A. Jerkins
ABSTRACT
Connecting geographically dispersed sites by layer two virtual private networks is a widely deployed, cost effective, and reliable technology. The key feature of layer two virtual private networks is confidentiality. However, L2 VPNs are being rapidly replaced by layer three virtual networks as common carriers expand the roles of their shared IP networks. The recent increase of interest in L3 virtual networks has led to renewed interest and new questions concerning their privacy.
We designate virtual network nodes that are undesirable as extrinsic. In this paper we propose a novel algorithm, Message Induced Network Appraisal (MINA), for detecting the presence of extrinsic nodes in virtual networks. MINA is inspired by Kleinberg's HITS algorithm for ranking web pages. The generalization of a HITS derived algorithm to detecting the presence of extrinsic nodes in virtual networks is novel.
Our MINA algorithm constructs the communication graph induced by message exchange, scores the participating nodes to identify mutual nodes, and detects the presence of extrinsic nodes. Using the MINA algorithm, network users are presented with a useful indicator about the confidentiality of their L3 virtual network. In this paper we describe MINA and demonstrate that our method reliably detects the presence of extrinsic nodes in L3 virtual networks.
- R. Albert and A.-L. Barabási. Statistical mechanics of complex networks. Rev. Mod. Phys., 74(1):47--97, Jan 2002.Google Scholar
Cross Ref
- American National Standards Institute. Telecommunications Integrated Services Digital Network (ISDN) - Core Aspects of Frame Protocol for use with Frame Relay Bearer Service, September 1991.Google Scholar
- D. Andersen, H. Balakrishnan, F. Kaashoek, and R. Morris. Resilient Overlay Networks. SIGOPS Oper. Syst. Rev., 35(5):131--145, 2001. Google ScholarDigital Library
- A. L. Barabási and R. Albert. Emergence of Scaling in Random Networks. Science, 286(5439):509--512, 1999.Google Scholar
- A.-L. Barabási, R. Albert, and H. Jeong. Mean-field theory for scale-free random networks. Physica A: Statistical Mechanics and its Applications, 272(1-2):173--187, 1999.Google ScholarCross Ref
- M. Bastian, S. Heymann, and M. Jacomy. Gephi: An Open Source Software for Exploring and Manipulating Networks. In International AAAI Conference on Weblogs and Social Media, 2009.Google Scholar
- M. H. Behringer and M. J. Morrow. MPLS VPN Security. Cisco Press, 2005. Google ScholarDigital Library
- L. Danon, A. Díaz-Guilera, J. Duch, and A. Arenas. Comparing community structure identification. Journal of Statistical Mechanics: Theory and Experiment, 2005(09):P09008, 2005.Google ScholarCross Ref
- D. Easley and J. Kleinberg. Networks, Crowds, and Markets: Reasoning About a Highly Connected World. Cambridge University Press, 2010. Google ScholarDigital Library
- L. Fang. Draft IETF MPLS and GMPLS Security Framework 05. Internet Draft (Informational), March 2009. Expires September 8, 2009.Google Scholar
- S. Fortunato. Community detection in graphs. Physics Reports, 2010(486):75--174, 2010.Google ScholarCross Ref
- C. S. Inc. Security of the MPLS Architecture, February 2006.Google Scholar
- J. A. Jerkins. Detecting the Presence of Undesirable Nodes in Layer 3 Virtual Networks. In 53rd Annual ACM Mid-Southeast Conference, October 2011.Google Scholar
- J. A. Jerkins. Virtual network community detection with a message induced graph. Journal of Computing Sciences in Colleges, 27(5), 2012. Google ScholarDigital Library
- B. W. Kernighan and S. Lin. An efficient heuristic procedure for partitioning graphs. The Bell system technical journal, 49(1):291--307, 1970.Google Scholar
- B. G. Kim and P. Wang. ATM network: goals and challenges. Commun. ACM, 38:39--44, February 1995. Google ScholarDigital Library
- J. M. Kleinberg. Authoritative sources in a hyperlinked environment. J. ACM, 46:604--632, September 1999. Google ScholarDigital Library
- C. D. Manning, P. Raghavan, and H. Schütze. Introduction to Information Retrieval. Cambridge University Press, New York, NY, USA, 2008. Google ScholarDigital Library
- M. McPherson, L. Smith-Lovin, and J. M. Cook. Birds of a Feather: Homophily in Social Networks. Annual Review of Sociology, 27(1):415--444, 2001.Google ScholarCross Ref
- D. Mende and E. Ray. All your packets are belong to us - Attacking backbone technologies. SchmooCon 2009, February 2009.Google Scholar
- Miercomm Report. Cisco MPLS Based VPNS: Equivalent to the security of Frame Relay and ATM, 2001.Google Scholar
- M. E. J. Newman. The Structure and Function of Complex Networks. SIAM Review, 45(2):167--256, 2003.Google ScholarDigital Library
- M. E. J. Newman and M. Girvan. Finding and evaluating community structure in networks. Physical Review E, 69(2), February 2004.Google ScholarCross Ref
- L. Peterson and B. Davie. Computer networks: a systems approach. The Morgan Kaufmann series in networking. Morgan Kaufmann Publishers, 2003. Google ScholarDigital Library
- P. B. Slater. Establishing clustering procedures for network analysis. arXiv.0806.4168, 2008.Google Scholar
- S. H. Strogatz. Exploring complex networks. Nature, 410(6825):268--276, March 2001.Google ScholarCross Ref
- S. Wasserman and K. Faust. Social Network Analysis. Cambridge University Press, 1994.Google ScholarCross Ref
Index Terms
- MINA: an algorithm for detecting the presence of extrinsic network nodes using a message induced graph
Recommendations
Freedom of Privacy: Anonymous Data Collection with Respondent-Defined Privacy Protection
The massive amount of sensitive survey data about individuals that agencies collect and share through the Internet is causing a great deal of privacy concerns. These concerns may discourage individuals from revealing their sensitive information. ...
A Software Defined Network information security risk assessment based on Pythagorean fuzzy sets
AbstractThe concept of software-defined networking is introduced to the networking domain to enhance networking capabilities to cope with network resources’ fast-growing requirements. Initially, security in Software Defined Network (SDN) is ...
Highlights- This proposition determines information risk associated with the SDN system.
- It ...
The Use of Virtual Reality Technologies in the Specialists’ Training in the Field of Information Security
AbstractThe paper presents a study of ready-made solutions and ways to use virtual reality (VR) technologies in training specialists. Due to the lack of tools that meet the needs of such preparation in the field of information security (IS), when students ...
Comments