CN115189910B - Intentional attack survivability evaluation method based on network digital twin - Google Patents
Intentional attack survivability evaluation method based on network digital twin Download PDFInfo
- Publication number
- CN115189910B CN115189910B CN202210570702.8A CN202210570702A CN115189910B CN 115189910 B CN115189910 B CN 115189910B CN 202210570702 A CN202210570702 A CN 202210570702A CN 115189910 B CN115189910 B CN 115189910B
- Authority
- CN
- China
- Prior art keywords
- node
- delay
- service
- network
- network transmission
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000011156 evaluation Methods 0.000 title claims abstract description 45
- 230000005540 biological transmission Effects 0.000 claims abstract description 284
- 238000012545 processing Methods 0.000 claims abstract description 67
- 230000000903 blocking effect Effects 0.000 claims abstract description 43
- 238000004088 simulation Methods 0.000 claims abstract description 40
- 238000000034 method Methods 0.000 claims abstract description 33
- 238000013507 mapping Methods 0.000 claims abstract description 4
- 230000000977 initiatory effect Effects 0.000 claims description 29
- 230000008569 process Effects 0.000 claims description 16
- 230000006870 function Effects 0.000 claims description 12
- 238000010586 diagram Methods 0.000 claims description 6
- 239000003999 initiator Substances 0.000 claims description 3
- 238000012854 evaluation process Methods 0.000 abstract description 2
- 230000003993 interaction Effects 0.000 description 3
- 230000035899 viability Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 230000015556 catabolic process Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 238000006731 degradation reaction Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- RZVAJINKPMORJF-UHFFFAOYSA-N Acetaminophen Chemical compound CC(=O)NC1=CC=C(O)C=C1 RZVAJINKPMORJF-UHFFFAOYSA-N 0.000 description 1
- 238000012935 Averaging Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000001934 delay Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000013209 evaluation strategy Methods 0.000 description 1
- 230000035800 maturation Effects 0.000 description 1
- 238000000691 measurement method Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000007711 solidification Methods 0.000 description 1
- 230000008023 solidification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000009469 supplementation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0852—Delays
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Environmental & Geological Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a network digital twin-based intentional attack survivability evaluation method, belongs to the technical field of network survivability evaluation, and aims to solve the problem that survivability evaluation results are low in accuracy due to the fact that partial influence factors with large influence cannot be considered in the existing intentional attack survivability evaluation process. The method comprises the following steps: mapping the network entity into a network digital twin body, and obtaining nodes and links in the mapped network digital twin body; performing time delay simulation on the network digital twin body to obtain time delay information of the network digital twin body; based on the time delay information of the network digital twin body, respectively acquiring the transmission time delay, the processing time delay and the blocking rate of the real-time service and the non-real-time service; based on the transmission delay, the processing delay and the blocking rate of the real-time service and the non-real-time service, an intentional attack survivability evaluation result is obtained, and the intentional attack survivability evaluation result is used as the intentional attack survivability evaluation result of the network entity.
Description
Technical Field
The invention relates to the technical field of network survivability evaluation, in particular to a network digital twin-based intentional attack survivability evaluation method.
Background
In recent years, the internet and mobile internet industries have grown vigorously, and have reached the stage of technology maturation and business model solidification.
Future development of the meta-universe can be divided into two phases. The first stage gives the meta-universe the requirements of enabling social contact and entertainment, immersive content experience and virtual social contact, and high requirements are put on the virtual world to bring users to stable and continuous high-performance experience. The second stage is the world full-true Internet, enables life, industry and industry, changes life and work modes of people, and finally realizes the digitization of an economic system.
Therefore, at the beginning of the current stage design, it is extremely important to consider the survivability of the digital twin-body simulation physical world, which is an important enabling means in the metauniverse, and the ability to recover and complete tasks in the event of corresponding failures or faults. Survivability is an important safety measure in a physical world system, and means that the system can timely provide the capability of completing tasks under the condition that nodes or links in the system fail after accident, fault or attack. The aim of studying the survivability of a digital twin is to enable the digital twin to simulate the cost of a physical world system to obtain optimal service performance at minimal cost or to increase network performance degradation by hostile parties when subjected to deliberate attacks or external force blows. Through the evaluation reference of the twin, the judgment on the survivability of the physical system is rapidly formed, so as to help command the decision to decide the actions such as the next-stage supplementation or the backup starting and the like.
Viability was initially measured using cohesiveness and connectivity, and at present, the manner of viability studies mainly included the following:
Based on a routing algorithm of interrupt fault tolerance, acquiring an optimal path of transmission according to the predicted task completion time and the task completion cost; (2) An autonomous routing algorithm (SimulationAutonomousRoutingAlgorithm, SARA) is provided by combining two different system nodes, so that the interaction pressure of information among a plurality of nodes can be reduced, the saved resources are used for increasing the correct transmission rate, and the capability of processing fault nodes is improved; (3) Establishing a centralized evaluation strategy incorporating survivability design, and relieving performance degradation caused by problem nodes; (4) By analyzing the survivability margin of the system, a modeling method based on failure data is provided; (5) Analyzing the topological structure characteristics of the system and introducing an analysis method based on a time period; (6) Survivability measurement method based on topological structure and system capacity; (7) The viability of the system was measured using the cost of hostile destroying the system.
The deliberate attack survivability evaluation refers to evaluation that the performance of a node or a link is reduced or invalid due to external nonspecific directivity attack on a network entity, so that normal functions cannot be met; the existing method for evaluating the survivability of the intentional attack mainly considers the problems of resource balance, routing strategy and system structure, and does not comprehensively consider factors such as reliability, network efficiency, service type, service utility, cost and the like, so that the accuracy of the evaluation result of the survivability of the intentional attack is low.
Disclosure of Invention
In view of the above analysis, the embodiment of the invention aims to provide a network digital twin based intentional attack survivability evaluation method, which is used for solving the problem of lower accuracy of survivability evaluation results caused by the fact that partial influence factors with larger influence cannot be considered in the existing intentional attack survivability evaluation process.
The invention discloses a network digital twin-based intentional attack survivability evaluation method, which comprises the following steps:
Mapping the network entity into a network digital twin body, and obtaining nodes and links in the mapped network digital twin body;
performing time delay simulation on the network digital twin body to obtain time delay information of the network digital twin body;
based on the time delay information of the network digital twin body, respectively acquiring the transmission time delay, the processing time delay and the blocking rate of the real-time service and the non-real-time service;
based on the transmission delay, the processing delay and the blocking rate of the real-time service and the non-real-time service, an intentional attack survivability evaluation result is obtained, and the intentional attack survivability evaluation result is used as the intentional attack survivability evaluation result of the network entity.
Based on the scheme, the invention also makes the following improvements:
further, the obtaining the survivability evaluation result of the intentional attack includes:
Based on the acquired transmission delay, processing delay and blocking rate of the real-time service and the non-real-time service, constructing a network utility expression facing deliberate attack;
Based on the network utility expression facing the intentional attack and the collapse failure proportion facing the intentional attack, constructing constraint conditions and objective functions of the survivability evaluation of the intentional attack;
Based on the constraint condition and the objective function of the intentional attack survivability evaluation, obtaining the optimal solution of the intentional attack survivability;
and bringing the optimal solution of the survivability of the intentional attack into a network utility expression facing the intentional attack to obtain an evaluation result of the survivability of the intentional attack.
Further, the deliberate attack-oriented network utility expression:
Wherein N represents the total number of service terminal nodes, g represents a network diagram formed by nodes and links in a network digital twin, and U (g-V s-Es) represents the utility of removing a deliberately attacked node set V s and a link set E s from the set of the network diagram; in the process of intentional attack, a certain node cannot be attacked, and a link connected with the node cannot be attacked; n v represents the total number of nodes under attack, equal to the total number of nodes in node set V s, i.e., numV s;ne represents the total number of links between the nodes under attack, equal to the total number of link nodes in link set E s, i.e., numE s; Representing the arrival rate of the real-time traffic transmitted from the traffic originating node s i to the terminating node s j; Representing the arrival rate of the transmission of non-real-time traffic from the traffic originating node s i to the terminating node s j; Respectively representing the transmission time delay of real-time service and non-real-time service; respectively representing the processing time delay of the real-time service and the non-real-time service; Respectively represent Weights of (2); Respectively represent Weights of (2); i r、Inr represents the capacity of real-time traffic and the capacity of non-real-time traffic in the whole network digital twin, respectively.
Further, the objective function of the intentional attack survivability assessment:
Wherein N 1 represents the total number of nodes in the network digital twin; c v represents the cost of the intentional attack node, c e represents the cost of the intentional attack link;
constraints on the intentional attack survivability assessment:
st.U(g-Vs-Es)≤Th3U(g) (3)
Wherein U (g) represents the utility of the network digital twin when the network map is intact; t h3 represents the collapse failure rate under deliberate attack;
Will be described in the formula (2) V s and V e corresponding to n v、ne at minimum are taken as optimal solutions for intentional attack survivabilityWill beIs carried into a formula U (g-V s-Es), and the evaluation result of the survivability of the deliberate attack is
Further, the nodes comprise network transmission nodes and terminal nodes;
The terminal nodes comprise service terminal nodes and a management and control center;
when the service terminal node is used as a service initiator, the service terminal node is called a service initiation node;
when a service end node acts as a service recipient, it is referred to as a service termination node.
Further, performing delay simulation on the network digital twin body to obtain delay information of the network digital twin body, including:
Executing multiple random service simulation, wherein the random service simulation is divided into random real-time service simulation and random non-real-time service simulation; generating time delay parameters of each node and each link according to random service when simulating each time;
And acquiring the time delay information of the network digital twin body based on the time delay parameters of each node and each link in the multiple random service simulation process.
Further, the delay information of the network digital twin comprises:
delay information for each network transmission node, comprising:
access queuing delay of data access network transmission node of service terminal node,
The access queuing delay for non-current network transmission nodes to access the current network transmission node,
The time delay of the transmit queuing,
Processing time delay;
the delay information of the service terminal node comprises:
access queuing delay of data access service end node of network transmission node,
Processing time delay;
uplink delay and downlink delay between the service terminal node and the network transmission node;
managing delay information of a center, including:
the data access of the network transmission node manages the access queuing delay of the center,
The transmission queuing delay of the center is controlled,
Processing time delay;
Controlling uplink delay and downlink delay between the center and the network transmission node; here, when describing the uplink, it means that the management and control center transmits data to the network transmission node; when describing downlink, means that the network transmission node sends data to the management and control center;
Average transmission delay of links between two network transmission nodes.
Further, when the service initiation node s i transmits the real-time service to the termination node s j via the network transmission node, the transmission delay of the real-time serviceExpressed as:
Wherein T uplink_s,n represents an uplink delay between the service initiation node and the network transmission node, and T downlink_n,t represents a downlink delay between the network transmission node and the service termination node; l ij denotes the set of all network transmission nodes on the transmission path from traffic originating node s i to traffic terminating node s j, NumL ij denotes the number of network transmission nodes in the set L ij; w ac_s,n represents the access queuing delay of the data access network transmission node of the service initiation node, which is equal to the access queuing delay of the data access network transmission node of the service terminal node; w ac_n,t represents the access queuing delay of the data access service termination node of the network transmission node, which is equal to the access queuing delay of the data access service terminal node of the network transmission node; Representing network transmission nodes in set L ij accessing the next network transmission node Is connected with the queuing delay; Representing network transmission nodes Is a transmission queuing delay; t cross represents the average transmission delay of a link between every two network transmission nodes;
When the service initiation node s i sends the non-real-time service to the termination node s j via the network transmission node and the management and control center s g, the transmission delay of the non-real-time service Expressed as:
Wherein T uplink_n,g、Tdownlink_n,g represents uplink delay and downlink delay between the management and control center and the network transmission node, respectively; l ig denotes the set of all network transmission nodes on the transmission path from traffic originating node s i to management and control center s g, L gj denotes the set of all nodes on the transmission path from the management and control center s g to the service termination node s j,NumL ig、numLgj respectively represent the number of network transmission nodes in the set L ig、 Lgj; w ac_n,g represents the access queuing delay of the data access management and control center of the network transmission node; w ac_g,n represents the access queuing delay of the data access network transmission node of the management and control center; Representing network transmission nodes in set L ig accessing the next network transmission node Is connected with the queuing delay; Representing network transmission nodes Is a transmission queuing delay; Representing network transport nodes in set L gj accessing network transport nodes Is connected with the queuing delay; Representing network transmission nodes Is a transmission queuing delay.
Further, when the service initiation node s i transmits the real-time service to the termination node s j via the network transmission node, the processing delay of the real-time serviceExpressed as:
Wherein, Representing network transmission nodesIs a processing delay of (1); t j represents the processing time delay of the service termination node, which is equal to the processing time delay of the service termination node;
When the service initiation node s i sends the non-real-time service to the termination node s j via the network transmission node and the management and control center s g, the processing delay of the non-real-time service Can be expressed as:
Wherein, Representing network transmission nodesIs a processing delay of (1); Representing network transmission nodes T g represents the processing delay of the management and control center.
Further, when the service initiation node s i transmits the real-time service to the termination node s j via the network transmission node, the blocking rate of the real-time serviceExpressed as:
Wherein, Representing the traffic access blocking probability of the traffic originating node,Representing the traffic access blocking probability of the traffic termination node,Representing network transmission nodes, respectivelyIs a transmission blocking probability; Representing a transmission blocking probability of the e-th link; e ij denotes a set of links between all network transmission nodes on the transmission path from the traffic originating node s i to the traffic terminating node s j;
When the service initiation node s i sends the non-real-time service to the termination node s j via the network transmission node and the management and control center s g, the blocking rate of the non-real-time service Can be expressed as:
Wherein, Representing the traffic access blocking probability of the traffic originating node, Representing network transmission nodes, respectivelyIs a transmission blocking probability; Representing network transmission nodes, respectively Is a transmission blocking probability; e ig represents a set of links between all network transmission nodes on the transmission path from traffic originating node s i to policing node s g; e gj denotes the set of links between all network transmission nodes on the transmission path from the policing node to the service termination node s j.
Compared with the prior art, the invention has at least one of the following beneficial effects:
The method for evaluating the survivability of the intentional attack based on the network digital twin overcomes the defects of the prior art, and utilizes the overall efficiency based on service-oriented application to construct a network utility function to measure the survivability of the intentional attack of the digital twin-simulated physical world system so as to characterize and evaluate the capacity of the network entity to finish tasks before and after encountering the intentional attack.
Meanwhile, considering that various resources of the nodes in the network entity are very limited, the node faults can cause task congestion, information loss and time delay increase. Therefore, the invention also simulates various characteristics affecting the survivability of the intentional attack, thereby obtaining the transmission delay, the processing delay, the blocking rate and the reliability facing the intentional attack of the real-time service and the non-real-time service, and finally forming the evaluation method of the survivability of the intentional attack based on the network digital twin body by matching with the network utility facing the intentional attack.
In the invention, the technical schemes can be mutually combined to realize more preferable combination schemes. Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention may be realized and attained by the structure particularly pointed out in the written description and drawings.
Drawings
The drawings are only for purposes of illustrating particular embodiments and are not to be construed as limiting the invention, like reference numerals being used to refer to like parts throughout the several views.
FIG. 1 is a flow chart of a method for evaluating survivability of a vantage attack based on a network digital twin.
Detailed Description
The following detailed description of preferred embodiments of the application is made in connection with the accompanying drawings, which form a part hereof, and together with the description of the embodiments of the application, are used to explain the principles of the application and are not intended to limit the scope of the application.
Example 1
The invention discloses a survivability evaluation method based on a network digital twin body, wherein the flow is shown in a figure 1, and the specific process is described as follows:
step S1: mapping the network entity into a network digital twin body, and obtaining nodes and links in the mapped network digital twin body;
Specifically, nodes and links in a network entity are mapped to nodes and links in a network digital twin, respectively. The nodes include network transmission nodes and terminal nodes. In particular, the method comprises the steps of,
The network transmission node is used for completing the transmission of the service, such as a satellite access node in satellite communication.
The terminal nodes comprise service terminal nodes and a management and control center;
When the service terminal node is used as a service initiator, the service terminal node is called a service initiation node; when a service end node acts as a service recipient, it is referred to as a service termination node. When processing real-time service, considering the real-time requirement, only the interaction between the service terminal node and the network transmission node is concerned; the specific implementation process is as follows: and the service starting node sends the real-time service to the network transmission node, and the network transmission node processes the real-time service and sends the real-time service to the service terminal node.
The management and control center is a special terminal node, and when non-real-time service is processed, interaction among the service terminal node, the management and control center and the network transmission node is involved; the specific implementation process is as follows: and the service starting node sends the non-real-time service to the network transmission node, and the network transmission node also sends part of tasks for processing the non-real-time service to the management and control center for processing in the process of processing the non-real-time service, and the management and control center feeds back the processing result to the network transmission node, and then sends the processing result to the service terminal node after being processed by the network transmission node. In the process, the management and control center finishes the processing of part of non-real-time service so as to relieve the processing pressure of the network transmission node.
Step S2: performing time delay simulation on the network digital twin body to obtain time delay information of the network digital twin body; the delay information of the network digital twin comprises:
(1) Delay information for each network transmission node, comprising:
access queuing delay of data access network transmission node of service terminal node,
The access queuing delay for non-current network transmission nodes to access the current network transmission node,
The time delay of the transmit queuing,
Processing time delay;
(2) The delay information of the service terminal node comprises:
access queuing delay of data access service end node of network transmission node,
Processing time delay;
Uplink delay and downlink delay between the service terminal node and the network transmission node; here, when describing the uplink, it means that the service terminal node transmits data to the network transmission node, and at this time, the service terminal node serves as a service initiation node; when describing downlink, it means that the network transmission node sends data to the service terminal node, where the service terminal node acts as a service termination node;
(3) Managing delay information of a center, including:
the data access of the network transmission node manages the access queuing delay of the center,
The transmission queuing delay of the center is controlled,
Processing time delay;
Controlling uplink delay and downlink delay between the center and the network transmission node; here, when describing the uplink, it means that the management and control center transmits data to the network transmission node; when describing downlink, it is meant that the network transmission node sends data to the management and control center.
(4) Average transmission delay of links between two network transmission nodes.
The specific process is as follows:
step S21: executing multiple random service simulation, wherein the random service simulation is divided into random real-time service simulation and random non-real-time service simulation; generating time delay parameters of each node and each link according to random service when simulating each time; the generated delay parameters of the nodes and links comprise:
(1) Delay parameters for each network transmission node, comprising:
The data of each service terminal node is accessed to the access queuing delay parameter of the current network transmission node,
The access queuing delay parameter of the non-current network transmission node to the current network transmission node,
A queuing delay parameter is transmitted and a time delay parameter is transmitted,
Processing the time delay parameter;
(2) The delay parameter of the service terminal node comprises:
The data of each network transmission node is accessed to the access queuing delay parameter of each service terminal node,
Processing the time delay parameter;
Uplink delay parameters and downlink delay parameters between the service terminal node and each network transmission node;
(3) When random non-real-time service simulation is executed, the method also comprises the step of managing and controlling delay parameters of the center, and comprises the following steps:
the data of the network transmission node is accessed to the access queuing delay parameter of the management and control center,
The transmission queuing delay parameter of the management and control center,
Processing the time delay parameter;
and managing uplink delay parameters and downlink delay parameters between the center and the network transmission nodes.
(4) And transmission delay parameters of links between every two network transmission nodes.
In the simulation process, queuing delay parameters and processing delay parameters of each node and transmission delay parameters of links between every two network transmission nodes are generated according to the delay characteristics and service classification of network entities and the actual network operation characteristics and random services; the magnitude of the delay parameter is characterized by adopting a model and parameters obeying a certain probability distribution, thereby realizing the delay estimation of the network digital twin body. In the specific implementation process, different time delays are set for different services; in particular, the method comprises the steps of,
Access queuing delay parameter and transmit queuing delay parameter: conforming to an exponential distribution;
processing time delay parameters: the distribution can be exponential distribution or normal distribution;
Transmission delay parameters: for a fixed wired link, propagation delay conforms to a normal distribution with relatively small variance; for a wireless link, according to different lengths of propagation distances, propagation delay accords with normal distribution with relatively large variance and mean;
the setting of the time delay parameters accords with a certain probability distribution and also needs to consider the range of the probability distribution; the parameter selection range of the probability distribution is directly related to the service type; common random services include video, voice and data classes; the transmission rate of the video service is 384kbps, the transmission rate of the voice service is 64kbps, and the transmission rate of the data service is 128kbps. Therefore, based on the transmission rate and the processing efficiency of different services, each time delay parameter is selected according to a certain probability distribution; after all the time delay parameters are determined, each simulation time delay can be obtained through simulation. For example, the queuing delay is selected to be exponentially distributed, and when the transmission service is video, voice and data, the queuing delay is set to be sequentially reduced on the basis of conforming to the exponentially distributed.
Step S22: based on time delay parameters of each node and each link in the multiple random service simulation process, time delay information of a network digital twin body is acquired by the following specific acquisition modes:
(1) The method for acquiring the time delay information of each network transmission node comprises the following steps:
the access queuing delay of the data access network transmission node of the service terminal node is as follows: the average value of access queuing delay parameters of the current network transmission node is accessed to the data of each service terminal node in the multiple random service delay simulation;
The access queuing delay of the non-current network transmission node to the current network transmission node is as follows: the average value of access queuing delay parameters of non-current network transmission nodes in the multiple random service delay simulation is accessed to the current network transmission nodes;
The transmission queuing delay is as follows: an average value of transmission queuing delay parameters of a current network transmission node in multiple random service delay simulation;
processing time delay: average value of processing delay parameters of current network transmission node in multiple random service delay simulation;
(2) The method for acquiring the time delay information of the service terminal node comprises the following steps:
The access queuing delay of the data access service terminal node of the network transmission node is as follows: the average value of access queuing delay parameters of each service terminal node is accessed to the data of each network transmission node in the multiple random service delay simulation;
the processing time delay is as follows: average value of delay parameters of all service terminal nodes in multiple random service delay simulation;
The uplink time delay between the service terminal node and the network transmission node is as follows: average value of uplink delay parameters between all service terminal nodes and each network transmission node in multiple random service delay simulation;
the downlink delay between the service terminal node and the network transmission node is as follows: average value of downlink delay parameters between all service terminal nodes and each network transmission node in multiple random service delay simulation;
(3) The acquisition mode of the time delay information of the management and control center comprises the following steps:
the access queuing delay of the data access management and control center of the network transmission node is as follows: average value of access queuing delay parameters of data access management and control center of each network transmission node in multiple random non-real-time service delay simulation;
The transmission queuing delay of the management and control center is as follows: average value of transmission queuing delay parameters of management and control center in multiple random non-real-time service delay simulation;
The processing time delay is as follows: average value of processing delay parameters of a management and control center in multiple random non-real-time service delay simulation;
the uplink time delay between the management and control center and the network transmission node is as follows: average value of uplink delay parameters between a management center and each network transmission node in multiple random non-real-time service delay simulation;
The downlink delay between the management and control center and the network transmission node is as follows: and (3) managing and controlling the average value of downlink delay parameters between the center and each network transmission node in the multiple random non-real-time service delay simulation.
(4) The average transmission delay of the links between every two network transmission nodes is as follows: and (3) averaging transmission delay parameters of links between every two network transmission nodes in multiple random service delay simulation.
Step S3: based on the time delay information of the network digital twin body, respectively acquiring the transmission time delay, the processing time delay and the blocking rate of the real-time service and the non-real-time service;
(1) Transmission delay for real-time traffic and non-real-time traffic
When the service initiation node s i transmits the real-time service to the termination node s j via the network transmission node, the transmission delay of the real-time serviceCan be expressed as:
Wherein T uplink_s,n represents an uplink delay between the service initiation node and the network transmission node, which is equal to an uplink delay between the service termination node and the network transmission node; t downlink_n,t represents the downlink delay between the network transmission node and the service termination node, which is equal to the downlink delay between the service termination node and the network transmission node; w ac_s,n represents the access queuing delay of the data access network transmission node of the service initiation node, which is equal to the access queuing delay of the data access network transmission node of the service terminal node; w ac_n,t represents the access queuing delay of the data access service termination node of the network transmission node, which is equal to the access queuing delay of the data access service terminal node of the network transmission node; l ij denotes the set of all network transmission nodes on the transmission path from traffic originating node s i to traffic terminating node s j, NumL ij denotes the number of network transmission nodes in the set L ij; Representing network transmission nodes in set L ij accessing the next network transmission node Is connected with the queuing delay; Representing network transmission nodes Is a transmission queuing delay; t cross represents the average transmission delay of the link between the two network transmission nodes.
When the service initiation node s i sends the non-real-time service to the termination node s j via the network transmission node and the management and control center s g, the transmission delay of the non-real-time serviceCan be expressed as:
Wherein T uplink_n,g、Tdownlink_n,g represents uplink delay and downlink delay between the management and control center and the network transmission node, respectively; w ac_n,g represents the access queuing delay of the data access management and control center of the network transmission node; w ac_g,n represents the access queuing delay of the data access network transmission node of the management and control center; l ig denotes the set of all network transmission nodes on the transmission path from traffic originating node s i to management and control center s g, L gj denotes the set of all nodes on the transmission path from the management and control center s g to the service termination node s j,NumL ig、numLgj respectively represent the number of network transmission nodes in the set L ig、Lgj; Representing network transmission nodes in set L ig accessing the next network transmission node Is connected with the queuing delay; Representing network transmission nodes Is a transmission queuing delay; Representing network transport nodes in set L gj accessing network transport nodes Is connected with the queuing delay; Representing network transmission nodes Is a transmission queuing delay.
(2) Processing delay for real-time traffic and non-real-time traffic
When the service initiation node s i transmits the real-time service to the termination node s j via the network transmission node, the processing delay of the real-time serviceCan be expressed as:
Wherein, Representing network transmission nodesIs a processing delay of (1); t j represents the processing delay of the service termination node, which is equal to the processing delay of the service termination node.
When the service initiation node s i sends the non-real-time service to the termination node s j via the network transmission node and the management and control center s g, the processing delay of the non-real-time serviceCan be expressed as:
Wherein, Representing network transmission nodesIs a processing delay of (1); Representing network transmission nodes T g represents the processing delay of the management and control center.
(3) Blocking rate for real-time traffic and non-real-time traffic
When the service initiation node s i transmits real-time service to the termination node s j via the network transmission node, blocking rate of the real-time serviceCan be expressed as:
Wherein, Representing the traffic access blocking probability of the traffic originating node,Representing the traffic access blocking probability of the traffic termination node,Representing network transmission nodes, respectivelyIs a transmission blocking probability; Representing the transmission blocking probability of the E-th link, E ij representing the set of links between all network transmission nodes on the transmission path from the traffic originating node s i to the traffic terminating node s j;
When the service initiation node s i sends the non-real-time service to the termination node s j via the network transmission node and the management and control center s g, the blocking rate of the non-real-time service Can be expressed as:
Wherein, Representing the traffic access blocking probability of the traffic originating node,
Representing network transmission nodes, respectivelyIs a transmission blocking probability; Representing network transmission nodes, respectively Is a transmission blocking probability; e ig represents a set of links between all network transmission nodes on the transmission path from traffic originating node s i to policing node s g; e gj denotes a set of links between all network transmission nodes on the transmission path from the management and control node to the service termination node s j;
step S4: based on the acquired transmission delay, processing delay and blocking rate of the real-time service and the non-real-time service, acquiring a deliberate attack survivability evaluation result, and taking the deliberate attack survivability evaluation result as a deliberate attack survivability evaluation result of the network entity. Specifically, execution:
step S41: based on the acquired transmission delay, processing delay and blocking rate of the real-time service and the non-real-time service, constructing a network utility expression U (g-V s-Es) facing intentional attack:
Wherein N represents the total number of service terminal nodes, g represents a network diagram formed by nodes and links in a network digital twin, and U (g-V s-Es) represents the utility of removing a deliberately attacked node set V s and a link set E s from the set of the network diagram; in the process of intentional attack, a certain node cannot be attacked, and a link connected with the node cannot be attacked; n v represents the total number of nodes under attack, equal to the total number of nodes in node set V s, i.e., numV s;ne represents the total number of links between the nodes under attack, equal to the total number of link nodes in link set E s, i.e., numE s; Representing the arrival rate of the real-time traffic transmitted from the traffic originating node s i to the terminating node s j; Representing the arrival rate of the transmission of non-real-time traffic from the traffic originating node s i to the terminating node s j; Respectively representing the transmission time delay of real-time service and non-real-time service; respectively representing the processing time delay of the real-time service and the non-real-time service; Respectively represent Weights of (2); Respectively represent Weights of (2); i r、Inr represents the capacity of real-time traffic and the capacity of non-real-time traffic in the whole network digital twin, respectively.
Step S42: based on the network utility expression facing the intentional attack and the collapse failure proportion facing the intentional attack, constructing constraint conditions and objective functions of the survivability evaluation of the intentional attack;
objective function of the intentional attack survivability assessment:
Wherein N 1 represents the total number of nodes in the network digital twin; c v represents the cost of the intentional attack node, c e represents the cost of the intentional attack link;
constraints on the intentional attack survivability assessment:
st.U(g-Vs-Es)≤Th3U(g) (10)
Wherein U (g) represents the utility of the network digital twin when the network map is intact; t h3 represents the collapse failure rate under deliberate attack; indicating that a node cannot be attacked and a link connected with the node cannot be attacked in the process of intentional attack;
step S43: based on the constraint condition and the objective function of the intentional attack survivability evaluation, obtaining the optimal solution of the intentional attack survivability; namely, the method of formula (9) is V s and V e corresponding to n v、ne at minimum are taken as optimal solutions for intentional attack survivability
Step S44: bringing the optimal solution of the survivability of the intentional attack into a network utility expression (8) facing the intentional attack to obtain the survivability evaluation result of the intentional attack
In summary, the method for evaluating the survivability of the intentional attack based on the network digital twin overcomes the defects of the prior art, and utilizes the overall efficiency based on service-oriented application to construct a network utility function to measure the survivability of the intentional attack of the digital twin-simulated physical world system so as to characterize and evaluate the capability of the network entity to complete tasks before and after encountering the intentional attack. Meanwhile, considering that various resources of the nodes in the network entity are very limited, the node faults can cause task congestion, information loss and time delay increase. Therefore, the invention also simulates various characteristics affecting the survivability of the intentional attack, thereby obtaining the transmission delay, the processing delay, the blocking rate and the reliability facing the intentional attack of the real-time service and the non-real-time service, and finally forming the evaluation method of the survivability of the intentional attack based on the network digital twin body by matching with the network utility facing the intentional attack.
Those skilled in the art will appreciate that all or part of the flow of the methods of the embodiments described above may be accomplished by way of a computer program to instruct associated hardware, where the program may be stored on a computer readable storage medium. Wherein the computer readable storage medium is a magnetic disk, an optical disk, a read-only memory or a random access memory, etc.
The present invention is not limited to the above-mentioned embodiments, and any changes or substitutions that can be easily understood by those skilled in the art within the technical scope of the present invention are intended to be included in the scope of the present invention.
Claims (7)
1. A network digital twin based method for evaluating survivability of a vanity attack, comprising:
Mapping the network entity into a network digital twin body, and obtaining nodes and links in the mapped network digital twin body;
performing time delay simulation on the network digital twin body to obtain time delay information of the network digital twin body;
based on the time delay information of the network digital twin body, respectively acquiring the transmission time delay, the processing time delay and the blocking rate of the real-time service and the non-real-time service;
based on the transmission delay, the processing delay and the blocking rate of the real-time service and the non-real-time service, obtaining an intentional attack survivability evaluation result, and taking the intentional attack survivability evaluation result as an intentional attack survivability evaluation result of the network entity;
the obtaining the survivability evaluation result of the intentional attack comprises the following steps:
Based on the acquired transmission delay, processing delay and blocking rate of the real-time service and the non-real-time service, constructing a network utility expression facing deliberate attack;
Based on the network utility expression facing the intentional attack and the collapse failure proportion facing the intentional attack, constructing constraint conditions and objective functions of the survivability evaluation of the intentional attack;
Based on the constraint condition and the objective function of the intentional attack survivability evaluation, obtaining the optimal solution of the intentional attack survivability;
Bringing the optimal solution of the survivability of the intentional attack into a network utility expression facing the intentional attack to obtain an evaluation result of the survivability of the intentional attack;
the deliberate attack-oriented network utility expression:
Wherein N represents the total number of service terminal nodes, g represents a network diagram formed by nodes and links in a network digital twin, and U (g-V s-Es) represents the utility of removing a deliberately attacked node set V s and a link set E s from the set of the network diagram; in the process of intentional attack, a certain node cannot be attacked, and a link connected with the node cannot be attacked; n v represents the total number of nodes under attack, equal to the total number of nodes in node set V s, i.e., numV s;ne represents the total number of links between the nodes under attack, equal to the total number of link nodes in link set E s, i.e., numE s; representing the arrival rate of the traffic originating node s i transmitting real-time traffic to the traffic terminating node s j; Representing the arrival rate of the traffic originating node s i transmitting non-real-time traffic to the traffic terminating node s j; Respectively representing the transmission time delay of real-time service and non-real-time service; respectively representing the processing time delay of the real-time service and the non-real-time service; Respectively represent Weights of (2); Respectively represent Weights of (2); i r、Inr respectively represents the capacity of real-time service and the capacity of non-real-time service in the whole network digital twin body; Representing a blocking rate of the real-time traffic when the service initiation node s i transmits the real-time traffic to the service termination node s j via the network transmission node; Representing the blocking rate of the non-real-time traffic when the traffic originating node s i sends the non-real-time traffic to the traffic terminating node s j via the network transmission node and the management and control center s g;
objective function of the intentional attack survivability assessment:
Wherein N 1 represents the total number of nodes in the network digital twin; c v represents the cost of the intentional attack node, c e represents the cost of the intentional attack link;
constraints on the intentional attack survivability assessment:
s.t.U(g-Vs-Es)≤Th3U(g) (3)
Wherein U (g) represents the utility of the network digital twin when the network map is intact; t h3 represents the collapse failure rate under deliberate attack;
Will be described in the formula (2) V s and V e corresponding to n v、ne at minimum are taken as optimal solutions for intentional attack survivabilityWill beIs carried into a formula U (g-V s-Es), and the evaluation result of the survivability of the deliberate attack is
2. The network digital twin based intentional attack survivability assessment method as defined in claim 1, wherein the nodes comprise network transmission nodes and terminal nodes;
The terminal nodes comprise service terminal nodes and a management and control center;
when the service terminal node is used as a service initiator, the service terminal node is called a service initiation node;
when a service end node acts as a service recipient, it is referred to as a service termination node.
3. The network digital twin based intentional attack survivability evaluation method according to claim 2, performing delay simulation on the network digital twin to obtain delay information of the network digital twin, comprising:
Executing multiple random service simulation, wherein the random service simulation is divided into random real-time service simulation and random non-real-time service simulation; generating time delay parameters of each node and each link according to random service when simulating each time;
And acquiring the time delay information of the network digital twin body based on the time delay parameters of each node and each link in the multiple random service simulation process.
4. A method of evaluating survivability of a vanity attack based on a network digital twin body as defined in claim 3, wherein the delay information of the network digital twin body comprises:
delay information for each network transmission node, comprising:
access queuing delay of data access network transmission node of service terminal node,
The access queuing delay for non-current network transmission nodes to access the current network transmission node,
The time delay of the transmit queuing,
Processing time delay;
the delay information of the service terminal node comprises:
access queuing delay of data access service end node of network transmission node,
Processing time delay;
uplink delay and downlink delay between the service terminal node and the network transmission node;
managing delay information of a center, including:
the data access of the network transmission node manages the access queuing delay of the center,
The transmission queuing delay of the center is controlled,
Processing time delay;
Controlling uplink delay and downlink delay between the center and the network transmission node; here, when describing the uplink, it means that the management and control center transmits data to the network transmission node; when describing downlink, means that the network transmission node sends data to the management and control center;
Average transmission delay of links between two network transmission nodes.
5. The method for evaluating survivability of a network digital twin based intentional attack of claim 4,
When the service initiation node s i transmits the real-time service to the service termination node s j via the network transmission node, the transmission delay of the real-time serviceExpressed as:
Wherein T uplink_s,n represents an uplink delay between the service initiation node and the network transmission node, and T downlink_n,t represents a downlink delay between the network transmission node and the service termination node; l ij denotes the set of all network transmission nodes on the transmission path from traffic originating node s i to traffic terminating node s j, NumL ij denotes the number of network transmission nodes in the set L ij; w ac_s,n represents the access queuing delay of the data access network transmission node of the service initiation node, which is equal to the access queuing delay of the data access network transmission node of the service terminal node; w ac_n,t represents the access queuing delay of the data access service termination node of the network transmission node, which is equal to the access queuing delay of the data access service terminal node of the network transmission node; Representing network transmission nodes in set L ij accessing the next network transmission node Is connected with the queuing delay; Representing network transmission nodes Is a transmission queuing delay; t cross represents the average transmission delay of a link between every two network transmission nodes;
When the service initiation node s i sends the non-real-time service to the service termination node s j via the network transmission node and the management and control center s g, the transmission delay of the non-real-time service Expressed as:
wherein T uplink_g,n、Tdownlink_n,g represents uplink delay and downlink delay between the management and control center and the network transmission node, respectively; l ig denotes the set of all network transmission nodes on the transmission path from traffic originating node s i to management and control center s g, L gj denotes the set of all nodes on the transmission path from the management and control center s g to the service termination node s j,NumL ig、numLgj respectively represent the number of network transmission nodes in the set L ig、Lgj; w ac_n,g represents the access queuing delay of the data access management and control center of the network transmission node; w ac_g,n represents the access queuing delay of the data access network transmission node of the management and control center; Representing network transmission nodes in set L ig accessing the next network transmission node Is connected with the queuing delay; Representing network transmission nodes Is a transmission queuing delay; wac (s Tm2) represents access of network transport nodes in the set Lgj to network transport nodesIs connected with the queuing delay; Representing network transmission nodes Is a transmission queuing delay.
6. The network digital twin based intentional attack survivability evaluation method as defined in claim 5, wherein when the service initiation node s i transmits the real-time service to the service termination node s j via the network transmission node, the processing delay of the real-time serviceExpressed as:
Wherein, Representing network transmission nodesIs a processing delay of (1); t j represents the processing time delay of the service termination node, which is equal to the processing time delay of the service termination node;
When the service initiation node s i sends the non-real-time service to the service termination node s j via the network transmission node and the management and control center s g, the processing delay of the non-real-time service Can be expressed as:
Wherein, Representing network transmission nodesIs a processing delay of (1); Representing network transmission nodes T g represents the processing delay of the management and control center.
7. The network digital twin based intentional attack survivability evaluation method as claimed in claim 6, wherein when the service initiation node s i transmits the real-time service to the service termination node s j via the network transmission node, the blocking rate of the real-time serviceExpressed as:
Wherein, Representing the traffic access blocking probability of the traffic originating node,Representing the traffic access blocking probability of the traffic termination node,Representing network transmission nodes, respectivelyIs a transmission blocking probability; Representing a transmission blocking probability of the e-th link; e ij denotes a set of links between all network transmission nodes on the transmission path from the traffic originating node s i to the traffic terminating node s j;
When the service initiation node s i sends the non-real-time service to the service termination node s j via the network transmission node and the management and control center s g, the blocking rate of the non-real-time service Can be expressed as:
Wherein, Representing the traffic access blocking probability of the traffic originating node, Representing network transmission nodes, respectivelyIs a transmission blocking probability; Representing network transmission nodes, respectively Is a transmission blocking probability; e ig represents a set of links between all network transmission nodes on the transmission path from traffic originating node s i to policing node s g; e gj denotes the set of links between all network transmission nodes on the transmission path from the policing node to the service termination node s j.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210570702.8A CN115189910B (en) | 2022-05-24 | 2022-05-24 | Intentional attack survivability evaluation method based on network digital twin |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210570702.8A CN115189910B (en) | 2022-05-24 | 2022-05-24 | Intentional attack survivability evaluation method based on network digital twin |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115189910A CN115189910A (en) | 2022-10-14 |
| CN115189910B true CN115189910B (en) | 2024-08-20 |
Family
ID=83514343
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210570702.8A Active CN115189910B (en) | 2022-05-24 | 2022-05-24 | Intentional attack survivability evaluation method based on network digital twin |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115189910B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116016218B (en) * | 2022-12-07 | 2024-07-30 | 安世亚太科技股份有限公司 | Task-based network entity energy consumption assessment method |
| CN115865761B (en) * | 2022-12-07 | 2024-06-18 | 安世亚太科技股份有限公司 | Network entity task activity cost evaluation method considering blocking feedback |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110348103A (en) * | 2019-07-04 | 2019-10-18 | 北京航空航天大学 | A kind of vehicle twin based on number is anti-to injure appraisal procedure |
| CN110414094A (en) * | 2019-07-11 | 2019-11-05 | 南京理工大学 | A kind of business different degree configuration method between power communication network node |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10601854B2 (en) * | 2016-08-12 | 2020-03-24 | Tata Consultancy Services Limited | Comprehensive risk assessment in a heterogeneous dynamic network |
| CN113205328A (en) * | 2021-06-07 | 2021-08-03 | 中国银行股份有限公司 | Mobile banking security detection method and digital twin system |
-
2022
- 2022-05-24 CN CN202210570702.8A patent/CN115189910B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110348103A (en) * | 2019-07-04 | 2019-10-18 | 北京航空航天大学 | A kind of vehicle twin based on number is anti-to injure appraisal procedure |
| CN110414094A (en) * | 2019-07-11 | 2019-11-05 | 南京理工大学 | A kind of business different degree configuration method between power communication network node |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115189910A (en) | 2022-10-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111629380B (en) | Dynamic resource allocation method for high concurrency multi-service industrial 5G network | |
| CN115189910B (en) | Intentional attack survivability evaluation method based on network digital twin | |
| CN102281290B (en) | Emulation system and method for a PaaS (Platform-as-a-service) cloud platform | |
| CN115189908B (en) | Random attack survivability evaluation method based on network digital twin | |
| CN111191918A (en) | Service route planning method and device for smart power grid communication network | |
| CN114465945B (en) | SDN-based identification analysis network construction method | |
| CN113687875B (en) | Method and device for unloading vehicle tasks in Internet of vehicles | |
| CN108055070A (en) | The empty net mapping method of mixing | |
| CN115190027B (en) | Natural fault survivability evaluation method based on network digital twin | |
| Yang et al. | Collaborative clustering parallel reinforcement learning for edge-cloud digital twins manufacturing system | |
| CN113676357B (en) | Decision method for edge data processing in power internet of things and application thereof | |
| Ganjalizadeh et al. | Interplay between distributed AI workflow and URLLC | |
| CN111935767B (en) | Network simulation system | |
| CN116367223B (en) | XR service optimization method and device based on reinforcement learning, electronic equipment and storage medium | |
| TWI792784B (en) | Method and system for federated reinforcement learning based offloading optimization in edge computing | |
| KR102277554B1 (en) | Controller and method for providing switch migration in software defined networking | |
| CN114389726B (en) | Intelligent networking method, system and storage medium based on edge device | |
| CN112906745A (en) | Integrity intelligent network training method based on edge cooperation | |
| CN116016218B (en) | Task-based network entity energy consumption assessment method | |
| CN113206782B (en) | Communication method and device for wireless network intelligent control platform and home edge gateway | |
| CN113301134B (en) | Error-tolerant cooperative decision method suitable for edge Internet of things agent device | |
| CN116107746A (en) | Scheduling method, scheduling device, electronic equipment and storage medium | |
| Qiao et al. | Research on Application of BP Neural Network Based on Genetic Algorithm in Heartbeat Mechanism | |
| CN118567780A (en) | Virtual machine data migration method and device, electronic equipment and storage medium | |
| CN116866244A (en) | Self-adaptive key frame selection edge-assisted video streaming scheduling method based on hierarchical reinforcement learning |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |