Network-wide localization of optical-layer attacks

—Optical networks are vulnerable to a range of attacks targeting service disruption at the physical layer, such as the insertion of harmful signals that can propagate through the network and affect co-propagating channels. Detection of such attacks and localization of their source, a prerequisite for secure network operation, is a challenging task due to the limitations in optical performance monitoring, as well as the scalability and cost issues. In this paper, we propose an approach for localizing the source of a jamming attack by modeling the worst-case scope of each connection as a potential carrier of a harmful signal. We deﬁne binary words called attack syndromes to model the health of each connection at the receiver which, when unique, unambiguously identify the harmful connection. To ensure attack syndrome uniqueness, we propose an optimization approach to design attack monitoring trails such that their number and length is minimal. This allows us to use the optical network as a sensor for physical-layer attacks. Numerical simulation results indicate that our approach obtains network-wide attack source localization at only 5.8% average resource overhead for the attack monitoring trails.


I. INTRODUCTION
Optical networks are critical communication infrastructure supporting a range of vital societal services and stakeholders.As such, they can be a target of deliberate attacks aimed at service disruption (SD) or eavesdropping by exploiting the inherent vulnerabilities of the optical devices [1].While protection from eavesdropping relies on various methods for encryption at different layers of the networking stack, including the recent efforts in Quantum Key Distribution (QKD) systems, service disruption attacks threatening the advanced physical-layer paradigms, have not been adequately addressed so far.A plethora of physical-layer SD attack methods differs in terms of their level of sophistication, ease of implementation, damaging effects, their scope, extent, and persistence, ease of discovery, etc.For example, fiber cuts are relatively straightforward to implement, they affect all connections traversing the cut link, with the effect confined to that link, and are easy to discover.
One of the most harmful attack methods identified in the literature is power jamming.It is performed by inserting a harmful signal of excessive power into the fiber (e.g., by bending it [2]), which reduces the amount of gain allocated to co-This work was supported by the CelticPlus project SENDATE-EXTEND and COST Action 15127 RECODIS.
propagating optical channels and aggravates the physical-layer impairments in the fiber.The damaging effects of this attack technique are not necessarily confined to the primarily intruded link but may propagate through the network.Combined with the lack of accurate attack models, as well as limited availability of physical-layer information due to the high cost and sparse placement of Optical Performance Monitoring (OPM) devices, identification and source localization of attacks at the optical layer is very challenging.
Recent advancements in commercially available coherent receivers that provide a rich set of OPM parameters to the Network Management System (NMS), paired with the proliferation of machine learning (ML) techniques, enable a breakthrough in physical-layer security management.Instead of relying on strategic deployment of OPM devices to help localize security breaches, which is expensive and unscalable, attack management can now leverage the ample OPM information obtained from the receivers at the destination of each connection, where they need to be detected anyway.This extensive set of OPM data can then be exhaustively analysed by applying ML techniques which allow to identify intricate relationships among the various parameters under different security regimes.
In our previous work, we have experimentally investigated the detection of harmful signals to identify signatures of jamming attacks of varying intensities.To this end, we developed machine learning approaches based on supervised [3] and unsupervised learning [4], that analyzed the OPM data obtained for a particular connection, and identified whether it has been affected by a jamming attack.The approaches based on supervised learning were able to achieve 100% accuracy in attack identification [3], while previously unseen (zero-day) attack scenarios were detected in up to 92% of occurrences [4].In spite of the favorable performance of these approaches for detecting disruption at the connection level, localizing the source of a harmful signal at the network level requires a network-wide approach.
To this end, we propose an approach for network security diagnostics based on correlating the health of multiple connections upon their detection at the receiver and localizing the attack source according to the subset of degraded connections.We focus on the worst-case jamming attacks where we assume that any individual connection can carry a jamming signal, which can then affect the co-propagating connections along its entire physical path (i.e., there is no mechanism of thwarting the harmful signal propagation).This allows us to provide a general model for localizing the source of a harmful signal, which can easily be adapted to more specific cases by finetuning the assumptions.The scope of the damage from a jamming signal is modeled by defining binary words which we refer to as attack syndromes.Attack syndromes, if unique, provide a way of using the network as a sensor capable of diagnosing the security status of the network and identifying the harmful connection.To support such functionality, we develop an approach for generating unique attack syndromes in the network by sparse addition of attack monitoring probes such that their number and length is minimal.
The remainder of the paper is organized as follows.Section II overviews the related work.Section III explains the concept of proposed attack syndromes, their significance and formation.The problem of designing attack monitoring trails that ensure unique attack syndromes is formulated as an integer linear program in Section IV.Section V evaluates the performance of the proposed approach, Section VI outlines the remaining challenges and concludes the paper.

II. RELATED WORK
Studies [5]- [7] focus on the detection of jamming attacks.In [5], the authors leverage alarms raised by the network components.Binary trees are formed based on the established channels and the deployed devices to reduce the time needed to analyze an alarm received by the centralized NMS.In [6], another centralized approach is proposed, relying on monitors and diagnostic lightpaths to improve attack detection efficiency.A distributed approach from [7] detects jamming attacks by tracking power levels of each connection at every port of each node in the network and forwarding the diagnostic procedure upstream until the source node of the harmful signal is located.The effectiveness of these procedures heavily depends on the assumptions of a particular attack method (e.g., monitoring only power to detect power jamming).Moreover, alarming the components for all types of attacks is costly, while monitoring all signals at all ports is expensive and unscalable.A mechanism based on constant sensing and reporting of numerous individual active monitors does not scale well with the size and the agility of future optical networks.In addition, such procedures increase the NMS complexity and stress the limited capability of network processing units, as the total amount of monitored information and signalling grows linearly with the number and size of network elements, and the number of connections.Therefore, we propose an approach that leverages only the information about connection health available at the receiver to form attack syndromes, while sparsely adding attack monitoring trails to resolve potential syndrome ambiguity.
The concept of monitoring trails has been thoroughly investigated in the context of link failure detection.In [8], the authors applied information theory to derive a tight lower bound on the minimum number of probes per network edge needed for failure diagnostics.The optimal design of monitoring trails using Integer Linear Programming (ILP) for single-link failures was presented in [9].[10]- [12] proposed monitoring trail design to detect shared risk link group (SRLG) failures.While these approaches enable cost-efficient detection of failures of single or multiple geographically correlated links, our approach is concerned of detecting harmful connections that can traverse multiple links and affect different connections along their paths, requiring a connection-based approach.

III. ATTACK SYNDROMES FOR UNAMBIGUOUS LOCALIZATION OF AN ATTACK SOURCE
The main idea of the proposed approach for attack source localization is to model the mutual attacking relations among the connections in the network, and deduce the source of an attack based on the subset of connections registered as degraded upon an attack occurrence.We use a simple example shown in Fig. 1 depicting a network with 6 nodes (A to F) and 4 connections (c 1 to c 4 ) to explain the basic concepts and structures used in the proposed approach.The attacking relations among connections are modeled using an attack graph (AG) and the corresponding attack diagnostic matrix A. Each connection c i in the network is represented by an AG node.The AG element c i is adjacent to all other connections c j that are affected in case c i carries a harmful signal.
The dimensions of the attack diagnostic matrix A match the number of connections in the network.Element A[i, j] is equal to 1 if a harmful signal inserted on connection c i can affect connection c j (i.e., if they are adjacent in AG), and 0 otherwise.In this way, row i represents the binary attack syndrome (AS) of connection c i .If the syndromes are unique, when NMS receives alarms reporting degradation of connections c j that are adjacent to c i in the AG, the received attack syndrome will match the one of c i , which will identify c i as the harmful connection.This is the case for the attack syndromes of all connections shown in Fig. 1.
However, attack syndromes of different individual connections can match and, hence, fail to provide unambiguous attack localization.Fig. 2(a) illustrates such a scenario using the same network topology as in Fig. 1, and a different set of connections.As can be seen in the attack matrix, the attack syndromes of connections {c 1 , c 2 , c 3 } are identical, as well as those of {c 4 , c 5 }.We refer to the set of connections with matching attack syndromes as a Cluster of Ambiguous Attack Syndromes (CLAS).As can be seen from the attack graph in Fig. 2(a), there are two CLASes, denoted with ϑ 1 and ϑ 2 , and connections inside each CLAS form a clique (not necessarily maximal) in the AG.In general, a CLAS may be a part of a larger clique in the AG, where the attack syndromes of the CLAS non-members are differentiated due to their adjacency to other connections outside of the clique.Attack syndrome disambiguation can be aided through judicious resource assignment, aimed at avoiding the creation of CLASes, minimizing their number or size [13].However, such approaches cannot guarantee complete elimination of CLASes as a prerequisite for unambiguous identification of harmful connections.Therefore, we propose an approach for adding attack monitoring trails in the network which guarantee to break the ambiguity of indistinguishable attack syndromes, while minimizing the number and the length of added trails.
The example in Fig. 2(b) illustrates how to resolve attack syndrome ambiguity through sparse addition of dedicated attack monitoring trails.In general, in order to distinguish among attack syndromes of |ϑ| connections in CLAS ϑ, log 2 |ϑ| distinguishing bits need to be added to their respective attack sydromes, i.e., we need to probe log 2 |ϑ| individual network links.Any link to be probed for AS disambiguation needs to be traversed by one up to |ϑ| − 1 connections from the CLAS ϑ (otherwise it does not provide any extra information about the harmful connection).For the example in Fig. 2 In order to be resource-efficient, the total number of attack monitoring trails in the network, as well as their length, should be minimized.Therefore, each trail should traverse multiple individual links selected for probing.When deciding which candidate links to select for probing, and how to establish the attack monitoring trails over those links, two main constraints must be taken into account: • The binary suffixes formed by the bits added to the attack syndromes of connections in the same CLAS by the established attack monitoring trails must be unique, and • A monitoring trail should not include multiple candidate links intended to break attack syndrome ambiguity of connections in the same CLAS.
A feasible solution with two attack monitoring trails, denoted as T 1 and T 2 is shown in Fig. 2(b).T 1 is a multi-link trail that traverses link D-A to disambiguate the syndromes of connections in CLAS ϑ 1 , and link A-B to disambiguate the syndromes in CLAS ϑ 2 .As there are 3 connections in ϑ 2 , link C-F is used for trail T 2 .The suffixes added by T 1 and T 2 in the attack matrix in Fig. 2(b) are shown in bold.In the next section, we present an ILP for the establishment of attack monitoring trails that ensure unique attack syndromes and, hence, unambiguous identification of the harmful connection, while minimizing the number and the length of the trails.

A. Problem Definition
Given is a physical network topology and a set of routed optical connections.The network topology is modeled as a graph G=(V, E), where V denotes a set of vertices representing network nodes, and E denotes a set of edges, representing directed network links.The set of routed optical connections is denoted as C, where each connection c ∈ C traverses a set of links P c along its path from the source node s c to the destination node d c .Based on the assignment of resources to the connections, the mutual attacking relations among them are identified a priori and given in form of an attack graph and a corresponding attack matrix, that allows for derivation of the attack syndromes.Consequently, the set of Clusters of Ambiguous Attack Syndromes (CLASes), denoted with Θ, is also given.Our objective is to set up attack monitoring trails in the network which will ensure disambiguation among matching attack syndromes of the connections in such a way that the number and the length of the added trails is minimal.To do so, we must first determine the individual links in the network whose probing enables attack syndrome disambiguation, followed by the routing of the attack monitoring trails over the links identified in the previous step.

B. ILP Formulation Input parameters
• G(V, E): a directed graph where V is the set of vertices that represent the network nodes, and E is the set of arcs that represent the network links.The objective of the approach is to minimize the total number of attack monitoring trails established in the network, and their total length in terms of link count.Constraints Constraint ( 2) calculates the decimal value of the attack syndrome binary suffix formed by the probed links.
Constraints ( 4)-( 6) ensure that probed link p is marked as affected by connection c if they share any common link e.
) ∀ϑ ∈ Θ, ∀p, r ∈ P : F ϑ,p = F ϑ,r = 1, p = r.Constraints ( 7)-( 9) make sure that each probed link is included in an active attack monitoring trail.Constraint (10) guarantees that two probed links p and r which are used for disambiguation of attack syndromes within the same CLAS ϑ are not included in the same trail.
Constraints ( 11)-( 13) assign a source and a destination node to each active trail t.
Constraints ( 19)-(24) ensure flow conservation of attack monitoring trails.Constraints (19) and (20) relate to the source node of trail t.If node v is the source of t, i.e., δ t v =1, then the control variable x t v in (20) takes on the value of 0, forcing the number of outgoing links from node v carrying t to be greater than the number of incoming links.Similar observations apply to constraints (21)-( 22) and ( 23

V. NUMERICAL RESULTS
We evaluate the performance of the proposed approach in terms of the generated CLASes and the resources needed for attack diagnostics.The ILP was implemented in Optimization Programming Language (OPL) and solved with CPLEX v12.8 running on a Red Hat Enterprise Linux workstation with 16-cores Intel Xeon processor and 64 GB of RAM.The investigated topologies, shown in Fig. 3, were a dummy network with 6 nodes and 18 unidirectional links (Fig. 3(a)), Polish network with 12 nodes and 36 links [14] (Fig. 3(b)), and the NSF network with 14 nodes and 42 links (Fig. 3(c)).For each topology, we considered a low, medium and high traffic load, by randomly generating uniformly distributed traffic matrices with {2, 3, 5} connection requests per node for the 6-node network, {4, 6, 11} for the Polish, and {5, 7, 13} for the NSF network, respectively.The requests were routed over the shortest physical path, the resulting CLASes were extracted using a C++ script, and fed to the ILP solver.The reported results are averaged over 10 traffic matrices.
To illustrate the need for attack syndrome disambiguation, Fig. 4(a) shows the percentage of connections whose attack syndromes are not unique.For the 6-node and the Polish 12-node network, attack syndromes of 23% connections on average are ambiguous, while this value for the NSF network is 12%.The percentage of AS-ambiguous connections in the 6-node and Polish network decreases for higher loads, which can be explained by a greater number of diverse connections disambiguating each other's syndromes.The average number of CLASes and their respective size are shown in Fig. 4(b) and (c), respectively.The number of CLASes in the 6-node network ranges between 1 and 2, while the Polish and the NSF network test cases have between 3 and 4.9 CLASes.The 6node and the NSF network have between 2 and 3 connections in each CLAS (denoted with the error bars in Fig. 4(c)), while the maximum CLAS size in the Polish network equals 4, yielding an average CLAS size of just above 2 for all networks.
The number of links which must be probed in order to resolve the ambiguity of the attack syndromes is shown in Fig. 5(a).For the 6-node network, probing on average 1.8 links over all scenarios provides the necessary distinguishable suffixes in the attack syndromes of the connections inside each CLAS.In the Polish and the NSF network, on average 5.6 and 4 links need to probed, respectively.If we assume that only single-link monitoring probes are applied, i.e., there is no concatenation of the probing links into attack monitoring trails, probing each link would require one pair of transponders, and the number of probing links would translate into the number of necessary transponder pairs.Concatenating the probing links into monitoring trails reduces this cost.As shown in Fig. 5(b), our approach requires 1.5, 2.87, and 2.3 attack monitoring trails on average for the three networks, respectively.Establishing multi-link monitoring trails reduces the respective number of necessary transponder pairs by 15.2%, 49.1%, and 44%.The hop count of the established trails is shown in Fig. 5(c).On average over all test cases, attack monitoring trails traverse 2.09, 3.8, and 3.1 links in the 6-node, Polish, and NSF network, respectively.The trails incurred a resource usage overhead of 9.45%, 5.72% and 2.25% for the three networks, respectively, or 5.8% on average over all instances.For the 6-node network, the ILP was solved in less than 1 s, while the average running times for the Polish and the NSF network were 32.8 s and 28.9 s, respectively.

VI. CONCLUSIONS AND FUTURE WORK
This paper investigated scalable and resource-efficient localization of harmful connections inserted in the network with the goal of disrupting co-propagating optical channels.The proposed approach is based on leveraging OPM data available from the receivers and forming binary attack syndromes that reflect the health of each connection.To ensure the attack syndromes are unique, which is essential for correct identification of the harmful connection, we developed an ILP for sparse addition of attack monitoring probes of minimal number and length.The simulation results indicate that complete attack syndrome disambiguation can be achieved at only a minor resource overhead for the probes.For future work, we plan to investigate diagnostics of a broader range of attacks with different effects, while also incorporating the uncertainty of ML approaches in the detection of connection degradation caused by attacks.To enhance the scalability of the framework, low-complexity heuristic solutions will be developed.

Fig. 1 .
Fig. 1.An illustrative example with unique attack syndromes for all connections.

Fig. 2 .
Fig. 2.An illustrative example with ambiguous attack syndromes (a), resolved by adding two attack monitoring trails T 1 and T 2 (b).

Constraint ( 3 )
ensures distinctive attack syndrome suffixes of any two connections c and d in the same CLAS ϑ. α c,p e = φ c e • γ p e , ∀c ∈ C, ∀p ∈ P, ∀e ∈ E. p e , ∀c ∈ C, ∀p ∈ P.
p e ∧ β t p , ∀T ∈ T , ∀p ∈ P, ∀e ∈ E. (14) t,p e = γ p e ∧ (1 − β t p ), ∀t ∈ T , ∀p ∈ P, ∀e ∈ E. (15) Constraints (14) and (15) model the relation between trail t and probe p that matches link e. Symbol ∧ represents the logical AND operation in a compact form.Relation a = b ∧ c is linearized as a ≥ b + c − 1; a ≤ b; a ≤ c.

Fig. 4 .Fig. 5 .
Fig. 4. The percentage of connections with ambiguous attack syndromes (a), the number or CLASes in the network (b), and their size (c).a) b) c) Each link e is defined by its source node o e and destination node t e ; • C: a set of connections, where each connection c ∈ C is defined by its source node s c , destination node d c and physical route π c ; • Φ: connection routing, where φ c e is equal to 1 if connection c traverses link e; • Θ: a set of CLASes.Each CLAS ϑ ∈ Θ comprises connections that have matching attack syndromes.In order to disambiguate the attack syndromes of lightpaths in CLAS ϑ, log 2 |ϑ| links need to be probed; • F : probe-CLAS mapping matrix, where F ϑ,p is equal to 1 if probing link p contributes to the disambiguation of attack syndromes for CLAS ϑ.
• H: probe-connection mapping matrix, where H c,p is equal to 1 if probing link p contributes to the disambiguation of the attack syndrome for connection c; • P: set of links that need to be probed, and may be concatenated into attack monitoring trails; • T : set of attack monitoring trails, |T | initiated to |P|; • M : a large constant, set to 1000.Variables • α c p ∈ {0, 1}: equal to 1 if a harmful signal carried by connection c ∈ C can affect probed link p ∈ P, and 0 otherwise; • α c,p e ∈ {0, 1}: equal to 1 if connection c uses link e which matches probe p, and 0 otherwise; • β t p ∈ {0, 1}: equal to 1 if attack monitoring trail t ∈ T encompasses probed link p, and 0 otherwise; • γ p e ∈ {0, 1}: equal to 1 if probed link p matches link e ∈ E, and 0 otherwise; • γ t e ∈ {0, 1}: equal to 1 if attack monitoring trail t traverses link e ∈ E, and 0 otherwise; • δ t v ∈ {0, 1}: equal to 1 if node v ∈ V is the source node of trail t, and 0 otherwise; • δ According to (16), trail t must traverse link e if there exists a probe p which matches e and is included in t.Correspondingly, t is not allowed to traverse link e if it is used by probe p that is excluded from t. Constraint (18) ensures that only active trails use links.
) -(24) which relate to the destination node and the intermediate nodes of t, respectively.Assuming |T | is upper-bounded by |P|, which is in turn upper-bounded by log 2 |C|, the number of variables is upperbounded by |V|D(|C|log 2 |C| + log 2 2 |C|), where D is the maximum nodal degree.The number of constraints is upperbounded by |C| 2 + log 2 2 |C|(VDC + log 2 |C|).