CN115189908B - Random attack survivability evaluation method based on network digital twin - Google Patents
Random attack survivability evaluation method based on network digital twin Download PDFInfo
- Publication number
- CN115189908B CN115189908B CN202210569319.0A CN202210569319A CN115189908B CN 115189908 B CN115189908 B CN 115189908B CN 202210569319 A CN202210569319 A CN 202210569319A CN 115189908 B CN115189908 B CN 115189908B
- Authority
- CN
- China
- Prior art keywords
- node
- service
- network
- delay
- real
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000011156 evaluation Methods 0.000 title claims abstract description 54
- 230000005540 biological transmission Effects 0.000 claims abstract description 236
- 238000012545 processing Methods 0.000 claims abstract description 60
- 230000000903 blocking effect Effects 0.000 claims abstract description 45
- 238000004088 simulation Methods 0.000 claims abstract description 42
- 238000000034 method Methods 0.000 claims abstract description 26
- 238000013507 mapping Methods 0.000 claims abstract description 4
- 230000000977 initiatory effect Effects 0.000 claims description 33
- 230000008569 process Effects 0.000 claims description 13
- 230000006870 function Effects 0.000 claims description 12
- 239000003999 initiator Substances 0.000 claims description 3
- 238000012854 evaluation process Methods 0.000 abstract description 2
- 238000011161 development Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 230000035899 viability Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 230000015556 catabolic process Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 238000006731 degradation reaction Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- RZVAJINKPMORJF-UHFFFAOYSA-N Acetaminophen Chemical compound CC(=O)NC1=CC=C(O)C=C1 RZVAJINKPMORJF-UHFFFAOYSA-N 0.000 description 1
- 238000012935 Averaging Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000001934 delay Effects 0.000 description 1
- 238000013209 evaluation strategy Methods 0.000 description 1
- 230000035800 maturation Effects 0.000 description 1
- 238000000691 measurement method Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000007711 solidification Methods 0.000 description 1
- 230000008023 solidification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000009469 supplementation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0852—Delays
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Environmental & Geological Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a network digital twin-body-based random attack survivability evaluation method, belongs to the technical field of network survivability evaluation, and solves the problem of lower accuracy of survivability evaluation results caused by the fact that partial influence factors with larger influence cannot be considered in the existing random attack survivability evaluation process. The method comprises the following steps: mapping the network entity into a network digital twin; performing time delay simulation on the network digital twin body to obtain time delay information of the network digital twin body; based on the time delay information of the network digital twin body, respectively acquiring the transmission time delay, the processing time delay, the blocking rate and the reliability facing random attack of the real-time service and the non-real-time service; based on the transmission delay, processing delay, blocking rate and reliability oriented to random attack of the real-time service and the non-real-time service, a random attack survivability evaluation result is obtained, and the random attack survivability evaluation result is used as the random attack survivability evaluation result of the network entity.
Description
Technical Field
The invention relates to the technical field of network survivability evaluation, in particular to a random attack survivability evaluation method based on a network digital twin body.
Background
In recent years, the internet and mobile internet industries have grown vigorously, and have reached the stage of technology maturation and business model solidification. In 2020, under the influence of epidemic situation, various industries greatly expand online working modes and various businesses, and the development of technologies such as artificial intelligence, digital twin and blockchain, etc., the metauniverse gradually becomes a future integrated solution based on the existing mobile internet development basis, comprehensively integrating various application modes and comprehensively utilizing various key technologies.
Future development of the meta-universe can be divided into two phases. The first stage gives the meta-universe the requirements of enabling social contact and entertainment, immersive content experience and virtual social contact, and high requirements are put on the virtual world to bring users to stable and continuous high-performance experience. The second stage is the metauniverse full-true internet, enables life, industry and industry, changes life and work modes of people, and finally realizes the digitization of an economic system. The physical world operation is greatly affected by the meta universe and related digital twin body failure caused by accidents, accidents and the like.
Therefore, at the beginning of the current stage design, it is extremely important to consider the survivability of the digital twin-body simulation physical world, which is an important enabling means in the metauniverse, and the ability to recover and complete tasks in the event of corresponding failures or faults. Survivability is an important safety measure in a physical world system, and means that the system can timely provide the capability of completing tasks under the condition that nodes or links in the system fail after accident, fault or attack. The aim of studying the survivability of the digital twin is to enable the digital twin to simulate the cost of a physical world system to obtain optimal service performance or to improve network performance degradation by an adversary at minimal cost when subjected to random attacks or external force blows. Through the evaluation reference of the twin, the judgment on the survivability of the physical system is rapidly formed, so as to help command the decision to decide the actions such as the next-stage supplementation or the backup starting and the like.
Viability was initially measured using cohesiveness and connectivity, and at present, the manner of viability studies mainly included the following:
Based on a routing algorithm of interrupt fault tolerance, acquiring an optimal path of transmission according to the predicted task completion time and the task completion cost; (2) An autonomous routing algorithm (S imu l a t i on Au t onomousRou t i ngAl go r i t hm, SARA) is provided by combining two different system nodes, so that the interaction pressure of information among a plurality of nodes can be reduced, the saved resources are used for increasing the correct transmission rate, and the capability of processing fault nodes is improved; (3) Establishing a centralized evaluation strategy incorporating survivability design, and relieving performance degradation caused by problem nodes; (4) By analyzing the survivability margin of the system, a modeling method based on failure data is provided; (5) Analyzing the topological structure characteristics of the system and introducing an analysis method based on a time period; (6) Survivability measurement method based on topological structure and system capacity; (7) The viability of the system was measured using the cost of hostile destroying the system.
The random attack survivability evaluation refers to evaluation that the performance of a node or a link is reduced or invalid due to the attack of external nonspecific directivity on a network entity, so that normal functions cannot be met; the existing method for evaluating the survivability of the random attack mainly considers the problems of resource balance, routing strategy and system structure, and does not comprehensively consider factors such as reliability, network efficiency, service type, service utility, cost and the like, so that the accuracy of the evaluation result of the survivability of the random attack is low.
Disclosure of Invention
In view of the above analysis, the embodiment of the invention aims to provide a network digital twin-based random attack survivability evaluation method, which is used for solving the problem of lower accuracy of survivability evaluation results caused by the fact that partial influence factors with larger influence cannot be considered in the existing random attack survivability evaluation process.
The invention discloses a random attack survivability evaluation method based on a network digital twin body, which comprises the following steps:
mapping the network entity into a network digital twin body, and obtaining nodes and links in the mapped network digital twin body;
performing time delay simulation on the network digital twin body to obtain time delay information of the network digital twin body;
based on the time delay information of the network digital twin body, respectively acquiring the transmission time delay, the processing time delay, the blocking rate and the reliability facing random attack of the real-time service and the non-real-time service;
Based on the transmission delay, processing delay, blocking rate and reliability oriented to random attack of the real-time service and the non-real-time service, a random attack survivability evaluation result is obtained, and the random attack survivability evaluation result is used as the random attack survivability evaluation result of the network entity.
Based on the scheme, the invention also makes the following improvements:
further, the obtaining the survivability evaluation result of the random attack includes:
Based on the acquired transmission delay, processing delay, blocking rate and reliability of random attack, constructing a network utility expression for random attack;
Based on a network utility expression facing random attack and a collapse failure proportion facing random attack, constructing constraint conditions and objective functions of survivability evaluation of the random attack;
Based on the constraint condition and the objective function of the random attack survivability evaluation, obtaining an optimal solution of the random attack survivability;
and carrying the optimal solution of the survivability of the random attack into a network utility expression facing the random attack to obtain a survivability evaluation result of the random attack.
Further, the random attack-oriented network utility expression:
wherein N v represents the total number of the attacked nodes, N e represents the total number of links between the attacked nodes, and N represents the total number of service terminal nodes; Representing reliability of random attack oriented when real-time traffic is successfully transmitted from the traffic originating node s i to the terminating node s j; /(I) Representing reliability of random attack oriented when non-real-time traffic is successfully transmitted from the traffic originating node s i to the terminating node s j; /(I)Representing the arrival rate of the real-time traffic transmitted from the traffic originating node s i to the terminating node s j; /(I)Representing the arrival rate of the transmission of non-real-time traffic from the traffic originating node s i to the terminating node s j; /(I)Respectively representing the transmission time delay of real-time service and non-real-time service; /(I)Respectively representing the processing time delay of the real-time service and the non-real-time service; Respectively express/> Weights of (2); /(I)Respectively express/>Weights of (2); i r、Inr represents the capacity of real-time traffic and the capacity of non-real-time traffic in the whole network digital twin, respectively.
Further, the objective function of the random attack survivability assessment:
Wherein N 1 represents the total number of nodes in the network digital twin; c v represents the cost of the random attack node, c e represents the cost of the random attack link;
constraint conditions for the random attack survivability evaluation:
wherein U ra (0, 0) represents the initial utility in random attack mode when n v=0,ne =0, T h2 represents the collapse failure rate in random attack mode;
Will be described in the formula (2) A set of n v,ne at minimum is taken as the optimal solution for random attack survivability/>And/>At this time, the random attack survivability evaluation result is/>
Further, the nodes comprise network transmission nodes and terminal nodes;
The terminal nodes comprise service terminal nodes and a management and control center;
when the service terminal node is used as a service initiator, the service terminal node is called a service initiation node;
when a service end node acts as a service recipient, it is referred to as a service termination node.
Further, the method comprises the steps of,
Wherein,M represents the total number of links between nodes in the network digital twin; /(I)Representing the average node degree of the network;
L ij denotes the set of all network transmission nodes on the transmission path from traffic originating node s i to traffic terminating node s j, NumL ij denotes the number of network transmission nodes in the set L ij; e ij denotes a set of links between all network transmission nodes on the transmission path from the traffic originating node s i to the traffic terminating node s j;
L ig denotes the set of all network transmission nodes on the transmission path from traffic originating node s i to management and control center s g, L gj represents the set of all nodes on the transmission path from the management and control center s g to the service termination node s j,/>NumL ig、numLgj respectively represent the number of network transmission nodes in the set L ig、Lgj; e ig represents a set of links between all network transmission nodes on the transmission path from traffic originating node s i to policing node s g; e gj denotes the set of links between all network transmission nodes on the transmission path from the policing node to the service termination node s j.
Further, when the service initiation node s i transmits the real-time service to the termination node s j via the network transmission node, the transmission delay of the real-time serviceExpressed as:
Wherein T uplink_s,n represents an uplink delay between the service initiation node and the network transmission node, and T downlink_n,t represents a downlink delay between the network transmission node and the service termination node; w ac_s,n represents the access queuing delay of the data access network transmission node of the service initiation node, which is equal to the access queuing delay of the data access network transmission node of the service terminal node; w ac_n,t represents the access queuing delay of the data access service termination node of the network transmission node, which is equal to the access queuing delay of the data access service terminal node of the network transmission node; Representing network transport nodes in set L ij accessing the next network transport node/> Is connected with the queuing delay; /(I)Representing network transport nodes/>Is a transmission queuing delay; t cross represents the average transmission delay of a link between every two network transmission nodes;
When the service initiation node s i sends the non-real-time service to the termination node s j via the network transmission node and the management and control center s g, the transmission delay of the non-real-time service Expressed as:
Wherein T uplink_g,n、Tdownlink_n,g represents uplink delay and downlink delay between the management and control center and the network transmission node, respectively; w ac_n,g represents the access queuing delay of the data access management and control center of the network transmission node; w ac_g,n represents the access queuing delay of the data access network transmission node of the management and control center; Representing network transport nodes in set L ig accessing the next network transport node/> Is connected with the queuing delay; /(I)Representing network transport nodes/>Is a transmission queuing delay; /(I)Representing network transport node access network transport node/>, in set L gj Is connected with the queuing delay; Representing network transport nodes/> Is a transmission queuing delay.
Further, when the service initiation node s i transmits the real-time service to the termination node s j via the network transmission node, the processing delay of the real-time serviceExpressed as:
Wherein, Representing network transport nodes/>Is a processing delay of (1); t j represents the processing time delay of the service termination node, which is equal to the processing time delay of the service termination node;
When the service initiation node s i sends the non-real-time service to the termination node s j via the network transmission node and the management and control center s g, the processing delay of the non-real-time service Expressed as:
Wherein, Representing network transport nodes/>Is a processing delay of (1); /(I)Representing network transmission nodesT g represents the processing delay of the management and control center.
Further, when the service initiation node s i transmits the real-time service to the termination node s j via the network transmission node, the blocking rate of the real-time serviceExpressed as:
Wherein, Representing the traffic access blocking probability of a traffic originating node,/>Representing the traffic access blocking probability of a traffic termination node,/>Respectively represent network transmission nodes/>Is a transmission blocking probability; /(I)Representing the transmission blocking probability of the e x th link;
When the service initiation node s i sends the non-real-time service to the termination node s j via the network transmission node and the management and control center s g, the blocking rate of the non-real-time service Expressed as:
Wherein, Representing the traffic access blocking probability of a traffic originating node,/> Respectively represent network transmission nodes/>Is a transmission blocking probability; /(I)Respectively represent network transmission nodes/>Access blocking probability, transmission blocking probability of (c).
Further, performing delay simulation on the network digital twin body to obtain delay information of the network digital twin body, including:
Executing multiple random service simulation, wherein the random service simulation is divided into random real-time service simulation and random non-real-time service simulation; generating time delay parameters of each node and each link according to random service when simulating each time;
and acquiring the time delay information of the network digital twin body based on the time delay parameters of each node and each link in the multiple random service simulation process.
Compared with the prior art, the invention has at least one of the following beneficial effects:
The random attack survivability evaluation method based on the network digital twin overcomes the defects of the prior art, and utilizes the overall efficiency based on service-oriented application to construct a network utility function to measure the random attack survivability of the digital twin simulation physical world system so as to characterize and evaluate the capability of the network entity to finish tasks before and after encountering random attack.
Meanwhile, considering that various resources of the nodes in the network entity are very limited, the node faults can cause task congestion, information loss and time delay increase. Therefore, the invention also simulates various characteristics affecting the survivability of the random attack, thereby obtaining the transmission delay, the processing delay, the blocking rate and the reliability facing the random attack of the real-time service and the non-real-time service, and finally forming the random attack survivability evaluation method based on the network digital twin body in the invention by matching with the network utility facing the random attack, and can evaluate the survivability of the random attack of the digital twin body from multiple dimensions and comprehensively evaluate the characteristics of the mapped physical entity.
In the invention, the technical schemes can be mutually combined to realize more preferable combination schemes. Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention may be realized and attained by the structure particularly pointed out in the written description and drawings.
Drawings
The drawings are only for purposes of illustrating particular embodiments and are not to be construed as limiting the invention, like reference numerals being used to refer to like parts throughout the several views.
FIG. 1 is a flow chart of a method for evaluating survivability of a random attack based on a network digital twin.
Detailed Description
The following detailed description of preferred embodiments of the application is made in connection with the accompanying drawings, which form a part hereof, and together with the description of the embodiments of the application, are used to explain the principles of the application and are not intended to limit the scope of the application.
Example 1
The invention discloses a survivability evaluation method based on a network digital twin body, wherein a flow chart is shown in fig. 1, and the specific process is described as follows:
Step S1: mapping the network entity into a network digital twin body, and obtaining nodes and links in the mapped network digital twin body;
Specifically, nodes and links in a network entity are mapped to nodes and links in a network digital twin, respectively. The nodes include network transmission nodes and terminal nodes. In particular, the method comprises the steps of,
The network transmission node is used for completing the transmission of the service, such as a satellite access node in satellite communication.
The terminal nodes comprise service terminal nodes and a management and control center;
When the service terminal node is used as a service initiator, the service terminal node is called a service initiation node; when a service end node acts as a service recipient, it is referred to as a service termination node. When processing real-time service, considering the real-time requirement, only the interaction between the service terminal node and the network transmission node is concerned; the specific implementation process is as follows: and the service starting node sends the real-time service to the network transmission node, and the network transmission node processes the real-time service and sends the real-time service to the service terminal node.
The management and control center is a special terminal node, and when non-real-time service is processed, interaction among the service terminal node, the management and control center and the network transmission node is involved; the specific implementation process is as follows: and the service starting node sends the non-real-time service to the network transmission node, and the network transmission node also sends part of tasks for processing the non-real-time service to the management and control center for processing in the process of processing the non-real-time service, and the management and control center feeds back the processing result to the network transmission node, and then sends the processing result to the service terminal node after being processed by the network transmission node. In the process, the management and control center finishes the processing of part of non-real-time service so as to relieve the processing pressure of the network transmission node.
Step S2: performing time delay simulation on the network digital twin body to obtain time delay information of the network digital twin body; the delay information of the network digital twin comprises:
(1) Delay information for each network transmission node, comprising:
access queuing delay of data access network transmission node of service terminal node,
The access queuing delay for non-current network transmission nodes to access the current network transmission node,
The time delay of the transmit queuing,
Processing time delay;
(2) The delay information of the service terminal node comprises:
Access queuing delay of data access service end node of network transmission node,
Processing time delay;
Uplink delay and downlink delay between the service terminal node and the network transmission node; here, when describing the uplink, it means that the service terminal node transmits data to the network transmission node, and at this time, the service terminal node serves as a service initiation node; when describing downlink, it means that the network transmission node sends data to the service terminal node, where the service terminal node acts as a service termination node;
(3) Managing delay information of a center, including:
the data access of the network transmission node manages the access queuing delay of the center,
The transmission queuing delay of the center is controlled,
Processing time delay;
Controlling uplink delay and downlink delay between the center and the network transmission node; here, when describing the uplink, it means that the management and control center transmits data to the network transmission node; when describing downlink, it is meant that the network transmission node sends data to the management and control center.
(4) Average transmission delay of links between two network transmission nodes.
The specific process is as follows:
Step S21: executing multiple random service simulation, wherein the random service simulation is divided into random real-time service simulation and random non-real-time service simulation; generating time delay parameters of each node and each link according to random service when simulating each time; the generated delay parameters of the nodes and links comprise:
(1) Delay parameters for each network transmission node, comprising:
The data of each service terminal node is accessed to the access queuing delay parameter of the current network transmission node,
The access queuing delay parameter of the non-current network transmission node to the current network transmission node,
A queuing delay parameter is transmitted and a time delay parameter is transmitted,
Processing the time delay parameter;
(2) The delay parameter of the service terminal node comprises:
the data of each network transmission node is accessed to the access queuing delay parameter of each service terminal node,
Processing the time delay parameter;
uplink delay parameters and downlink delay parameters between the service terminal node and each network transmission node;
(3) When random non-real-time service simulation is executed, the method also comprises the step of managing and controlling delay parameters of the center, and comprises the following steps:
the data of the network transmission node is accessed to the access queuing delay parameter of the management and control center,
The transmission queuing delay parameter of the management and control center,
Processing the time delay parameter;
And managing uplink delay parameters and downlink delay parameters between the center and the network transmission nodes.
(4) And transmission delay parameters of links between every two network transmission nodes.
In the simulation process, queuing delay parameters and processing delay parameters of each node and transmission delay parameters of links between every two network transmission nodes are generated according to the delay characteristics and service classification of network entities and the actual network operation characteristics and random services; the magnitude of the delay parameter is characterized by adopting a model and parameters obeying a certain probability distribution, thereby realizing the delay estimation of the network digital twin body. In the specific implementation process, different time delays are set for different services; in particular, the method comprises the steps of,
Access queuing delay parameter and transmit queuing delay parameter: conforming to an exponential distribution;
Processing time delay parameters: the distribution can be exponential distribution or normal distribution;
Transmission delay parameters: for a fixed wired link, propagation delay conforms to a normal distribution with relatively small variance; for a wireless link, according to different lengths of propagation distances, propagation delay accords with normal distribution with relatively large variance and mean;
The setting of the time delay parameters accords with a certain probability distribution and also needs to consider the range of the probability distribution; the parameter selection range of the probability distribution is directly related to the service type; common random services include video, voice and data classes; the transmission rate of the video service is 384kbps, the transmission rate of the voice service is 64kbps, and the transmission rate of the data service is 128kbps. Therefore, based on the transmission rate and the processing efficiency of different services, each time delay parameter is selected according to a certain probability distribution; after all the time delay parameters are determined, each simulation time delay can be obtained through simulation. For example, the queuing delay is selected to be exponentially distributed, and when the transmission service is video, voice and data, the queuing delay is set to be sequentially reduced on the basis of conforming to the exponentially distributed.
Step S22: based on time delay parameters of each node and each link in the multiple random service simulation process, time delay information of a network digital twin body is acquired by the following specific acquisition modes:
(1) The method for acquiring the time delay information of each network transmission node comprises the following steps:
The access queuing delay of the data access network transmission node of the service terminal node is as follows: the average value of access queuing delay parameters of the current network transmission node is accessed to the data of each service terminal node in the multiple random service delay simulation;
The access queuing delay of the non-current network transmission node to the current network transmission node is as follows: the average value of access queuing delay parameters of non-current network transmission nodes in the multiple random service delay simulation is accessed to the current network transmission nodes;
The transmission queuing delay is as follows: an average value of transmission queuing delay parameters of a current network transmission node in multiple random service delay simulation;
Processing time delay: average value of processing delay parameters of current network transmission node in multiple random service delay simulation;
(2) The method for acquiring the time delay information of the service terminal node comprises the following steps:
the access queuing delay of the data access service terminal node of the network transmission node is as follows: the average value of access queuing delay parameters of each service terminal node is accessed to the data of each network transmission node in the multiple random service delay simulation;
The processing time delay is as follows: average value of delay parameters of all service terminal nodes in multiple random service delay simulation;
the uplink time delay between the service terminal node and the network transmission node is as follows: average value of uplink delay parameters between all service terminal nodes and each network transmission node in multiple random service delay simulation;
the downlink delay between the service terminal node and the network transmission node is as follows: average value of downlink delay parameters between all service terminal nodes and each network transmission node in multiple random service delay simulation;
(3) The acquisition mode of the time delay information of the management and control center comprises the following steps:
The access queuing delay of the data access management and control center of the network transmission node is as follows: average value of access queuing delay parameters of data access management and control center of each network transmission node in multiple random non-real-time service delay simulation;
the transmission queuing delay of the management and control center is as follows: average value of transmission queuing delay parameters of management and control center in multiple random non-real-time service delay simulation;
The processing time delay is as follows: average value of processing delay parameters of a management and control center in multiple random non-real-time service delay simulation;
the uplink time delay between the management and control center and the network transmission node is as follows: average value of uplink delay parameters between a management center and each network transmission node in multiple random non-real-time service delay simulation;
the downlink delay between the management and control center and the network transmission node is as follows: and (3) managing and controlling the average value of downlink delay parameters between the center and each network transmission node in the multiple random non-real-time service delay simulation.
(4) The average transmission delay of the links between every two network transmission nodes is as follows: and (3) averaging transmission delay parameters of links between every two network transmission nodes in multiple random service delay simulation.
Step S3: based on the time delay information of the network digital twin body, respectively acquiring the transmission time delay, the processing time delay, the blocking rate and the reliability facing random attack of the real-time service and the non-real-time service;
(1) Transmission delay for real-time traffic and non-real-time traffic
When the service initiation node s i transmits the real-time service to the termination node s j via the network transmission node, the transmission delay of the real-time serviceCan be expressed as:
wherein T uplink_s,n represents an uplink delay between the service initiation node and the network transmission node, which is equal to an uplink delay between the service termination node and the network transmission node; t downlink_n,t represents the downlink delay between the network transmission node and the service termination node, which is equal to the downlink delay between the service termination node and the network transmission node; w ac_s,n represents the access queuing delay of the data access network transmission node of the service initiation node, which is equal to the access queuing delay of the data access network transmission node of the service terminal node; w ac_n,t represents the access queuing delay of the data access service termination node of the network transmission node, which is equal to the access queuing delay of the data access service terminal node of the network transmission node; l ij denotes the set of all network transmission nodes on the transmission path from traffic originating node s i to traffic terminating node s j, NumL ij denotes the number of network transmission nodes in the set L ij; /(I)Representing network transport nodes in set L ij accessing the next network transport node/>Is connected with the queuing delay; /(I)Representing network transmission nodesIs a transmission queuing delay; t cross represents the average transmission delay of the link between the two network transmission nodes.
When the service initiation node s i sends the non-real-time service to the termination node s j via the network transmission node and the management and control center s g, the transmission delay of the non-real-time serviceCan be expressed as:
Wherein T uplink_g,n、Tdownlink_n,g represents uplink delay and downlink delay between the management and control center and the network transmission node, respectively; w ac_n,g represents the access queuing delay of the data access management and control center of the network transmission node; w ac_g,n represents the access queuing delay of the data access network transmission node of the management and control center; l ig denotes the set of all network transmission nodes on the transmission path from traffic originating node s i to management and control center s g, L gj denotes the set of all nodes on the transmission path from the management and control center s g to the service termination node s j,NumL ig、numLgj respectively represent the number of network transmission nodes in the set L ig、Lgj; /(I)Representing network transport nodes in set L ig accessing the next network transport node/>Is connected with the queuing delay; /(I)Representing network transport nodes/>Is a transmission queuing delay; /(I)Representing network transport node access network transport node/>, in set L gj Is connected with the queuing delay; /(I)Representing network transport nodes/>Is a transmission queuing delay.
(2) Processing delay for real-time traffic and non-real-time traffic
When the service initiation node s i transmits the real-time service to the termination node s j via the network transmission node, the processing delay of the real-time serviceCan be expressed as:
Wherein, Representing network transport nodes/>Is a processing delay of (1); t j represents the processing delay of the service termination node, which is equal to the processing delay of the service termination node.
When the service initiation node s i sends the non-real-time service to the termination node s j via the network transmission node and the management and control center s g, the processing delay of the non-real-time serviceCan be expressed as:
Wherein, Representing network transport nodes/>Is a processing delay of (1); /(I)Representing network transmission nodesT g represents the processing delay of the management and control center.
(3) Blocking rate for real-time traffic and non-real-time traffic
When the service initiation node s i transmits real-time service to the termination node s j via the network transmission node, blocking rate of the real-time serviceCan be expressed as:
Wherein, Representing the traffic access blocking probability of a traffic originating node,/>Representing the traffic access blocking probability of a traffic termination node,/>Respectively represent network transmission nodes/>Is a transmission blocking probability; /(I)Representing the transmission blocking probability of the E x th link, E ij represents the set of links between all network transmission nodes on the transmission path from the traffic originating node s i to the traffic terminating node s j;
When the service initiation node s i sends the non-real-time service to the termination node s j via the network transmission node and the management and control center s g, the blocking rate of the non-real-time service Can be expressed as:
Wherein, Representing the traffic access blocking probability of a traffic originating node,/> Respectively represent network transmission nodes/>Is a transmission blocking probability; /(I)Respectively represent network transmission nodes/>Is a transmission blocking probability; e ig represents a set of links between all network transmission nodes on the transmission path from traffic originating node s i to policing node s g; e gj denotes a set of links between all network transmission nodes on the transmission path from the management and control node to the service termination node s j;
(4) The reliability of the real-time service and the non-real-time service facing random attack;
In the random attack process, the cost of attacking one node is c v, the cost of attacking one link is c e, when c v -infinity or c e -infinity represents that only the link or the node is attacked, if n v nodes and n e links are attacked, the average node degree of the network is The probability of each node and each edge being hit is/>, respectively Reliability of the node in random attack modeThen reliability/>, of the link in random attack modeThereby obtaining the following steps:
Reliability for random attack in successful transmission of real-time traffic from service initiation node s i to termination node s j Can be expressed as:
n v represents the total number of nodes that are attacked, n e represents the total number of links between the attacked nodes; n 1 represents the total number of nodes in the network digital twin, M represents the total number of links between nodes in the network digital twin; Representing the average node degree of the network;
reliability for random attack in successful transmission of non-real time traffic from service initiation node s i to termination node s j Can be expressed as:
Step S4: based on the acquired transmission delay, processing delay, blocking rate and reliability oriented to random attack of the real-time service and the non-real-time service, a random attack survivability evaluation result is obtained, and the random attack survivability evaluation result is used as the random attack survivability evaluation result of the network entity. Specifically, execution:
Step S41: based on the acquired transmission delay, processing delay, blocking rate and reliability of random attack, constructing a network utility expression for random attack;
random attack-oriented network utility U ra(nv,ne) expression is:
Wherein N represents the total number of service terminal nodes; Representing the reliability of successful transmission of real-time traffic from the traffic originating node s i to the terminating node s j in the case of a random attack; /(I) Representing the reliability of successful transmission of non-real-time traffic from the traffic initiating node s i to the terminating node s j in the case of a random attack; /(I)Representing the arrival rate of successful transmission of real-time traffic from the traffic originating node s i to the terminating node s j; /(I)Representing the arrival rate of successful transmission of non-real-time traffic from the traffic originating node s i to the terminating node s j; /(I)Respectively express/>Weights of/>Respectively express/>Weights of (2); i r、Inr respectively represents the capacity of real-time service and the capacity of non-real-time service in the whole network digital twin body, and the two parameters can be obtained through simulation.
Step S42: based on a network utility expression facing random attack and a collapse failure proportion facing random attack, constructing constraint conditions and objective functions of survivability evaluation of the random attack;
objective function of the random attack survivability evaluation:
constraint conditions for the random attack survivability evaluation:
st.Ura(nv,ne)≤Th2Ura(0,0) (12)
wherein U ra (0, 0) represents the initial utility in random attack mode when n v=0,ne =0, T h2 represents the collapse failure rate in random attack mode;
Step S43: based on the constraint condition and the objective function of the random attack survivability evaluation, obtaining an optimal solution of the random attack survivability; namely, the expression (12) is A set of n v,ne at minimum is taken as the optimal solution for random attack survivability/>And/>
Step S44: the optimal solution of the survivability of the random attack is brought into a network utility expression (11) facing the random attack, and a random attack survivability evaluation result is obtained
In summary, compared with the prior art, the method for evaluating the survivability of the random attack based on the network digital twin provided by the embodiment of the invention overcomes the defects of the prior art, and utilizes the overall efficiency based on service-oriented application to construct a network utility function to measure the survivability of the random attack of the digital twin simulating physical world system so as to characterize and evaluate the capability of the network entity to complete tasks before and after encountering the random attack. Meanwhile, considering that various resources of the nodes in the network entity are very limited, the node faults can cause task congestion, information loss and time delay increase. Therefore, the invention also simulates various characteristics affecting the survivability of the random attack, thereby obtaining the transmission delay, the processing delay, the blocking rate and the reliability facing the random attack of the real-time service and the non-real-time service, and finally forming the random attack survivability evaluation method based on the network digital twin body in the invention by matching with the network utility facing the random attack, and can evaluate the survivability of the random attack of the digital twin body from multiple dimensions and comprehensively evaluate the characteristics of the mapped physical entity.
Those skilled in the art will appreciate that all or part of the flow of the methods of the embodiments described above may be accomplished by way of a computer program to instruct associated hardware, where the program may be stored on a computer readable storage medium. Wherein the computer readable storage medium is a magnetic disk, an optical disk, a read-only memory or a random access memory, etc.
The present invention is not limited to the above-mentioned embodiments, and any changes or substitutions that can be easily understood by those skilled in the art within the technical scope of the present invention are intended to be included in the scope of the present invention.
Claims (7)
1. A network digital twin based random attack survivability evaluation method, comprising:
mapping the network entity into a network digital twin body, and obtaining nodes and links in the mapped network digital twin body;
performing time delay simulation on the network digital twin body to obtain time delay information of the network digital twin body;
based on the time delay information of the network digital twin body, respectively acquiring the transmission time delay, the processing time delay, the blocking rate and the reliability facing random attack of the real-time service and the non-real-time service;
Based on the transmission delay, processing delay, blocking rate and reliability oriented to random attack of the real-time service and the non-real-time service, obtaining a random attack survivability evaluation result, and taking the random attack survivability evaluation result as a random attack survivability evaluation result of the network entity;
the obtaining the survivability evaluation result of the random attack comprises the following steps:
Based on the acquired transmission delay, processing delay, blocking rate and reliability of random attack, constructing a network utility expression for random attack;
Based on a network utility expression facing random attack and a collapse failure proportion facing random attack, constructing constraint conditions and objective functions of survivability evaluation of the random attack;
Based on the constraint condition and the objective function of the random attack survivability evaluation, obtaining an optimal solution of the random attack survivability;
The optimal solution of the survivability of the random attack is brought into a network utility expression facing the random attack, and a survivability evaluation result of the random attack is obtained;
The network utility expression facing random attack comprises:
wherein N v represents the total number of the attacked nodes, N e represents the total number of links between the attacked nodes, and N represents the total number of service terminal nodes; Representing reliability of random attack oriented when the real-time service is successfully transmitted from the service initiation node s i to the service termination node s j; /(I) Representing reliability of random attack oriented when the non-real-time traffic is successfully transmitted from the traffic originating node s i to the traffic terminating node s j; /(I)Representing the arrival rate of the traffic originating node s i transmitting real-time traffic to the traffic terminating node s j; /(I)Representing the arrival rate of the traffic originating node s i transmitting non-real-time traffic to the traffic terminating node s j; /(I)Respectively representing the transmission time delay of real-time service and non-real-time service; /(I)Respectively representing the processing time delay of the real-time service and the non-real-time service; /(I)Respectively express/>Weights of (2); /(I)Respectively express/>Weights of (2); i r、Inr respectively represents the capacity of real-time service and the capacity of non-real-time service in the whole network digital twin body; /(I)Representing a blocking rate of the real-time traffic when the service initiation node s i transmits the real-time traffic to the service termination node s j via the network transmission node; /(I)Representing the blocking rate of the non-real-time traffic when the traffic originating node s i sends the non-real-time traffic to the traffic terminating node s j via the network transmission node and the management and control center s g;
objective function of the random attack survivability evaluation:
Wherein N 1 represents the total number of nodes in the network digital twin; c v represents the cost of the random attack node, c e represents the cost of the random attack link;
constraint conditions for the random attack survivability evaluation:
st.Ura(nv,ne)≤Th2Ura(0,0) (3)
wherein U ra (0, 0) represents the initial utility in random attack mode when n v=0,ne =0, T h2 represents the collapse failure rate in random attack mode;
Will be described in the formula (2) A set of n v,ne at minimum is taken as the optimal solution for random attack survivability/>And/>At this time, the random attack survivability evaluation result is/>
2. The network digital twin based random attack survivability evaluation method according to claim 1, wherein the nodes comprise network transmission nodes and terminal nodes;
The terminal nodes comprise service terminal nodes and a management and control center;
when the service terminal node is used as a service initiator, the service terminal node is called a service initiation node;
when a service end node acts as a service recipient, it is referred to as a service termination node.
3. The network digital twin based random attack survivability evaluation method according to claim 2, wherein,
Wherein,M represents the total number of links between nodes in the network digital twin; /(I)Representing the average node degree of the network;
L ij denotes the set of all network transmission nodes on the transmission path from traffic originating node s i to traffic terminating node s j, NumL ij denotes the number of network transmission nodes in the set L ij; e ij denotes a set of links between all network transmission nodes on the transmission path from the traffic originating node s i to the traffic terminating node s j;
L ig denotes the set of all network transmission nodes on the transmission path from traffic originating node s i to management and control center s g, L gj represents the set of all nodes on the transmission path from the management and control center s g to the service termination node s j,/>NumL ig、numLgj respectively represent the number of network transmission nodes in the set L ig、Lgj; e ig represents a set of links between all network transmission nodes on the transmission path from traffic originating node s i to policing node s g; e gj denotes the set of links between all network transmission nodes on the transmission path from the policing node to the service termination node s j.
4. The method for evaluating survivability of a network digital twin based random attack according to claim 3, wherein,
When the service initiation node s i transmits the real-time service to the service termination node s j via the network transmission node, the transmission delay of the real-time serviceExpressed as:
Wherein T uplink_s,n represents an uplink delay between the service initiation node and the network transmission node, and T downlink_n,t represents a downlink delay between the network transmission node and the service termination node; w ac_s,n represents the access queuing delay of the data access network transmission node of the service initiation node, which is equal to the access queuing delay of the data access network transmission node of the service terminal node; w ac_n,t represents the access queuing delay of the data access service termination node of the network transmission node, which is equal to the access queuing delay of the data access service terminal node of the network transmission node; Representing network transport nodes in set L ij accessing the next network transport node/> Is connected with the queuing delay; /(I)Representing the transmission queuing delay of the network transmission node s Tm; t cross represents the average transmission delay of a link between every two network transmission nodes;
when the service initiation node s i sends the non-real-time service to the service termination node s j via the network transmission node and the management and control center s g, the transmission delay of the non-real-time service Expressed as:
Wherein T uplink_g,n、Tdownlink_n,g represents uplink delay and downlink delay between the management and control center and the network transmission node, respectively; w ac_n,g represents the access queuing delay of the data access management and control center of the network transmission node; w ac_g,n represents the access queuing delay of the data access network transmission node of the management and control center; Representing network transport nodes in set L ig accessing the next network transport node/> Is connected with the queuing delay; /(I)Representing network transport nodes/>Is a transmission queuing delay; /(I)Representing network transport node access network transport node/>, in set L gj Is connected with the queuing delay; Representing network transport nodes/> Is a transmission queuing delay.
5. The network digital twin based random attack survivability evaluation method according to claim 4, wherein when the service initiation node s i transmits the real-time service to the service termination node s j via the network transmission node, the processing delay of the real-time service isExpressed as:
Wherein, Representing network transport nodes/>Is a processing delay of (1); t j represents the processing time delay of the service termination node, which is equal to the processing time delay of the service termination node;
When the service initiation node s i sends the non-real-time service to the service termination node s j via the network transmission node and the management and control center s g, the processing delay of the non-real-time service Expressed as:
Wherein, Representing network transport nodes/>Is a processing delay of (1); /(I)Representing network transport nodes/>T g represents the processing delay of the management and control center.
6. The network digital twin based random attack survivability evaluation method according to claim 5, wherein when the service initiation node s i transmits real-time service to the service termination node s j via the network transmission node, the blocking rate of the real-time serviceExpressed as:
Wherein, Representing the traffic access blocking probability of a traffic originating node,/>Representing the traffic access blocking probability of a traffic termination node,/>Respectively represent network transmission nodes/>Is a transmission blocking probability; /(I)Representing the transmission blocking probability of the e x th link;
When the service initiation node s i sends the non-real-time service to the service termination node s j via the network transmission node and the management and control center s g, the blocking rate of the non-real-time service Expressed as:
Wherein, Representing the business access blocking probability of a management and control center,/> Respectively represent network transmission nodes/>Is a transmission blocking probability; /(I)Respectively represent network transmission nodes/>Access blocking probability, transmission blocking probability of (c).
7. The network digital twin based random attack survivability evaluation method according to claim 1, wherein performing delay simulation on the network digital twin to obtain delay information of the network digital twin comprises:
Executing multiple random service simulation, wherein the random service simulation is divided into random real-time service simulation and random non-real-time service simulation; generating time delay parameters of each node and each link according to random service when simulating each time;
and acquiring the time delay information of the network digital twin body based on the time delay parameters of each node and each link in the multiple random service simulation process.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210569319.0A CN115189908B (en) | 2022-05-24 | 2022-05-24 | Random attack survivability evaluation method based on network digital twin |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210569319.0A CN115189908B (en) | 2022-05-24 | 2022-05-24 | Random attack survivability evaluation method based on network digital twin |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115189908A CN115189908A (en) | 2022-10-14 |
| CN115189908B true CN115189908B (en) | 2024-05-14 |
Family
ID=83512742
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210569319.0A Active CN115189908B (en) | 2022-05-24 | 2022-05-24 | Random attack survivability evaluation method based on network digital twin |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115189908B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115865761A (en) * | 2022-12-07 | 2023-03-28 | 安世亚太科技股份有限公司 | Network entity task activity cost evaluation method considering blocking feedback |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107204871A (en) * | 2017-04-19 | 2017-09-26 | 天津大学 | Wireless sensor network biological treatability appraisal procedure based on Evolutionary Game Model |
| CN108847969A (en) * | 2018-06-05 | 2018-11-20 | 北京航空航天大学 | Network business reliability analysis method based on information flow |
| CN111295660A (en) * | 2017-11-02 | 2020-06-16 | 区块链控股有限公司 | Computer-implemented system and method for connecting blockchains to digital twins |
| CN114448487A (en) * | 2020-10-30 | 2022-05-06 | 安世亚太科技股份有限公司 | Digital twin body of satellite network management and control system and efficiency evaluation method thereof |
-
2022
- 2022-05-24 CN CN202210569319.0A patent/CN115189908B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107204871A (en) * | 2017-04-19 | 2017-09-26 | 天津大学 | Wireless sensor network biological treatability appraisal procedure based on Evolutionary Game Model |
| CN111295660A (en) * | 2017-11-02 | 2020-06-16 | 区块链控股有限公司 | Computer-implemented system and method for connecting blockchains to digital twins |
| CN108847969A (en) * | 2018-06-05 | 2018-11-20 | 北京航空航天大学 | Network business reliability analysis method based on information flow |
| CN114448487A (en) * | 2020-10-30 | 2022-05-06 | 安世亚太科技股份有限公司 | Digital twin body of satellite network management and control system and efficiency evaluation method thereof |
Non-Patent Citations (1)
| Title |
|---|
| 浅析人工智能在数字孪生城市中的应用;陈婉玲;刘青松;林洁群;;信息通信技术与政策(第03期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115189908A (en) | 2022-10-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112181666B (en) | Equipment assessment and federal learning importance aggregation method based on edge intelligence | |
| CN109862610B (en) | D2D user resource allocation method based on deep reinforcement learning DDPG algorithm | |
| CN111629380B (en) | Dynamic resource allocation method for high concurrency multi-service industrial 5G network | |
| CN111191918A (en) | Service route planning method and device for smart power grid communication network | |
| CN113590232B (en) | Relay edge network task unloading method based on digital twinning | |
| CN115189908B (en) | Random attack survivability evaluation method based on network digital twin | |
| CN110855564B (en) | Intelligent routing path selection method, device and equipment and readable storage medium | |
| CN107787015A (en) | Network method of adjustment and device based on big data | |
| CN115190027B (en) | Natural fault survivability evaluation method based on network digital twin | |
| CN113676357B (en) | Decision method for edge data processing in power internet of things and application thereof | |
| Wu et al. | Proximal policy optimization-based committee selection algorithm in blockchain-enabled mobile edge computing systems | |
| CN115022205A (en) | Cross-network data transmission method applied to high-concurrency scene of massive terminals | |
| CN115189910A (en) | Network digital twin-based deliberate attack survivability evaluation method | |
| Ganjalizadeh et al. | Interplay between distributed AI workflow and URLLC | |
| TWI792784B (en) | Method and system for federated reinforcement learning based offloading optimization in edge computing | |
| CN111935748A (en) | Virtual network resource allocation method with high reliability and load balance | |
| CN116827515A (en) | Fog computing system performance optimization algorithm based on blockchain and reinforcement learning | |
| CN116595690A (en) | Computer network performance evaluation model construction method, system, equipment and medium based on knowledge fusion graph neural network | |
| CN116367223A (en) | XR service optimization method and device based on reinforcement learning, electronic equipment and storage medium | |
| KR102277554B1 (en) | Controller and method for providing switch migration in software defined networking | |
| CN112906745B (en) | Integrity intelligent network training method based on edge cooperation | |
| CN114125745A (en) | MQTT protocol power control and QoS mechanism selection method | |
| CN116991337B (en) | Cloud storage method and device for educational resources of remote educational system | |
| CN113301134B (en) | Error-tolerant cooperative decision method suitable for edge Internet of things agent device | |
| CN117424813B (en) | Node expansion method for block chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |