Skip to Main content Skip to Navigation
Journal articles

Optimal deployment of virtual network functions for securing telecommunication networks against distributed denial of service attacks: a robust optimization approach

Abstract : Distributed Denial of Service (DDoS) cyberattacks represent a major security risk for network operators and internet service providers. They thus need to invest in security solutions to protect their network against DDoS attacks. The present work focuses on deploying a network function virtualization based architecture to secure a network against an ongoing DDoS attack. We assume that the target, sources and volume of the attack have been identified. However, due to 5G network slicing, the exact routing of the illegitimate flow in the network is not known by the internet service provider. We seek to determine the optimal number and locations of virtual network functions in order to remove all the illegitimate traffic while minimizing the total cost of the activated virtual network functions. We propose a robust optimization framework to solve this problem. The uncertain input parameters correspond to the amount of illegitimate flow on each path connecting an attack source to the target and can take values within a predefined uncertainty set. In order to solve this robust optimization problem, we develop an adversarial approach in which the adversarial sub-problem is solved by a Branch & Price algorithm. The results of our computational experiments, carried out on medium-size randomly generated instances, show that the
Document type :
Journal articles
Complete list of metadata

https://hal.archives-ouvertes.fr/hal-03647126
Contributor : Sonia Vanier Connect in order to contact the contributor
Submitted on : Wednesday, April 20, 2022 - 11:49:08 AM
Last modification on : Wednesday, June 15, 2022 - 4:14:47 AM

File

Preprint_CAOR-D-20-01361_R1.pd...
Files produced by the author(s)

Identifiers

Citation

Céline Gicquel, Sonia Vanier, Alexandros Papadimitriou. Optimal deployment of virtual network functions for securing telecommunication networks against distributed denial of service attacks: a robust optimization approach. Computers and Operations Research, Elsevier, inPress, https://www.sciencedirect.com/science/article/pii/S0305054822001563?utm_campaign=STMJ_AUTH_SERV_PUBLISHED&utm_medium=email&utm_acid=223204449&SIS_ID=&dgcid=STMJ_AUTH_SERV_PUBLISHED&CMX_ID=&utm_in=DM261907&utm_source=AC_. ⟨10.1016/j.cor.2022.105890⟩. ⟨hal-03647126v1⟩

Share

Metrics

Record views

37

Files downloads

7