Infrastructure upgrade framework for Content Delivery Networks robust to targeted attacks

摘要

Content Delivery Networks (CDNs) are crucial for enabling delivery of services that require high capacity and low latency, primarily through geographically-diverse content replication. Optical networks are the only available future-proof technology that meets the reach and capacity requirements of CDNs. However, the underlying physical network infrastructure is vulnerable to various security threats, and the increasing importance of CDNs in supporting vital services intensifies the concerns related to their robustness. Malicious attackers can target critical network elements, thus severely degrading network connectivity and causing large-scale service disruptions. One way in which network operators and cloud computing providers can increase the robustness against malicious attacks is by changing the topological properties of the network through infrastructure upgrades.This work proposes a framework for CDN infrastructure upgrade that performs sparse link and replica addition with the objective of maximizing the content accessibility under targeted link cut attacks. The framework is based on a newly defined content accessibility metric denoted asμ-ACA which allows the network operator to gauge the CDN robustness over a range of attacks with varying intensity. Two heuristics, namely Content-Accessibility-Aware Link Addition Heuristic (CAA-LAH), and Content-Accessibility-Aware Replica Addition Heuristic (CAA-RAH) are developed to perform strategic link and replica placement, respectively, and hamper attackers from disconnecting users from the content even in severe attack scenarios. Extensive experiments on real-world reference network topologies show that the proposed framework effectively increases the CDN robustness by adding a few links or replicas to the network.