Many existing works assign diverse variants to routing nodes in the network to prevent security threat (e.g., worm attack). However, the works assume no common vulnerabilities among diverse variants, which is not always satisfied in the real world. In this letter, we consider that some variants have common vulnerabilities and propose the common vulnerability-aware diverse variant placement problem. We formulate the problem as an integer programming optimization problem with NP-hard complexity based on a new metric named the Infected Ratio Expectation. Furthermore, we devise algorithms to solve the problem for the static network and the network for extension. The simulation results show that compared with the baseline algorithms, our algorithms effectively restrain the worm spread by about 42%.
Bibliographical noteFunding Information:
Manuscript received January 4, 2018; revised February 18, 2018; accepted March 12, 2018. Date of publication March 28, 2018; date of current version July 10, 2018. This work was supported by Foundation for Innovative Research Groups of the National Natural Science Foundation of China (61521003), National Key Research and Development Plan (2016YFB0800101) and National Natural Science Foundation of China (61602509). The associate editor coordinating the review of this paper and approving it for publication was M. Khabbazian. (Corresponding author: Zehua Guo.) J. Ai and H. Chen are with the National Digital Switching System Engineering and Technology Research Center, Zhengzou 450002, China.
© 1997-2012 IEEE.
- Routing infrastructure
- simulated annealing