This is the seed funding project of a potentially larger project on identifying and improving the fundamental limits of network tomography in an adversarial environment, where measurements can be potentially manipulated by an adversary.
Network tomography aims at inverting the observation model Q(x) = y to infer the network internal state x (e.g., link metrics) from the external measurements y (e.g., path metrics). Its correctness critically depends on the accuracy of the observation model Q(x). Almost all the existing works on network tomography assume that a consistent Q(x) governing all the measurements exists and is known, but this is not necessarily true in an adversarial environment. In such an environment, an adversary in control of compromised network elements (e.g., backdoor-infected routers, malicious autonomous systems) can manipulate the measurements traversing these elements to distort the observation model, e.g., adding delays to packets or dropping additional packets. The result is not only a different network state, but also possibly a different observation model Q'(x), as a manipulated element can behave like different elements on different paths. This violates the fundamental assumption of virtually all the previous network tomography algorithms, and hence mandates a revisit of these algorithms in an adversarial environment.
In this seed project, our goal is to quantify the fundamental limits of existing network tomography algorithms developed for the benign environment, including but not limited to additive link metric tomography algorithms based on linear system identification.
- Cho-Chun Chiu and Ting He, Stealthy DGoS Attack: DeGrading of Service under the Watch of Network Tomography, IEEE INFOCOM 2020, Code on GitHub