Attack-aware planning of transparent optical networks

Optical Switching and Networking ] (]]]]) ]]]–]]]

Contents lists available at ScienceDirect

Optical Switching and Networking journal homepage: www.elsevier.com/locate/osn

Attack-aware planning of transparent optical networks Konstantinos Manousakis n, Georgios Ellinas KIOS Research Center for Intelligent Systems and Networks, Department of Electrical and Computer Engineering, University of Cyprus, Cyprus

a r t i c l e i n f o

abstract

Article history: Received 3 July 2014 Received in revised form 25 February 2015 Accepted 29 March 2015

This work presents algorithms for the planning phase of wavelength division multiplexed (WDM) optical networks considering the impact of physical layer attacks. Since the signals in transparent WDM networks are transmitted all-optically without undergoing any Optical–Electrical–Optical (OEO) conversions, these networks are vulnerable to highpower jamming attacks. Due to crosstalk-induced interactions among different connections, malicious high-power signals can potentially spread widely in the network. To this end, it is necessary to plan an optical network in a way that the spread of an attack is minimized. In this work novel Integer Linear Programming (ILP) formulations are proposed that address the problem of routing and wavelength assignment (RWA) with the objective to minimize the propagation of the introduced high-power malicious signals. The physical layer attack propagation is modeled as interactions among connections through in-band and out-of-band channel crosstalk. In addition, Linear Programming (LP) relaxation techniques and heuristic algorithms are used to handle larger network instances. Performance results indicate that the proposed algorithms perform close to the traditional RWA algorithms in terms of total wavelength utilization of the network, while at the same time providing security against high-power jamming attacks by minimizing the total number of in-band and out-of-band lightpath interactions. & 2015 Elsevier B.V. All rights reserved.

Keywords: Physical layer attacks Routing and wavelength assignment Optical networks

1. Introduction In all-optical wavelength division multiplexed (WDM) networks data are transmitted through lightpaths, which may span multiple consecutive fibers. A lightpath is realized by determining a path between the source and the destination of a connection and allocating a free wavelength on all the links of the path. The selection of the path and the wavelength to be used by a lightpath is an important optimization problem, known as the routing and wavelength assignment (RWA) problem [1,2]. The RWA problem is usually considered under two alternative traffic models. Offline (or static) lightpath

establishment addresses the case where the set of connections is known in advance, usually given in the form of a traffic matrix that describes the number of lightpaths that have to be established between each pair of nodes. Dynamic (or online) lightpath establishment considers the case where connection requests arrive at random time instants, over a prolonged period of time, and are served dynamically upon their arrival, on a one-by-one basis. In all-optical transparent networks, where data signals remain in the optical domain for the entire path and signal regeneration is not possible in intermediate nodes, the optical network is vulnerable to physical layer attacks. An attack is defined as an intentional action against the ideal

n

Corresponding author. E-mail addresses: [email protected] (K. Manousakis), [email protected] (G. Ellinas).

and secure functioning of the network [3]. An overview of physical layer attacks can be found in [3] and [4]. In general, the physical layer attacks in transparent optical

http://dx.doi.org/10.1016/j.osn.2015.03.005 1573-4277/& 2015 Elsevier B.V. All rights reserved.

Please cite this article as: K. Manousakis, G. Ellinas, Attack-aware planning of transparent optical networks, Optical Switching and Networking (2015), http://dx.doi.org/10.1016/j.osn.2015.03.005i

2

K. Manousakis, G. Ellinas / Optical Switching and Networking ] (]]]]) ]]]–]]]

networks can be grouped in two main categories: eavesdropping and service disruption. The first category of attacks is eavesdropping, in which case the main purpose of the attacker is to passively analyze the traffic in the network after gaining access to the information through an unauthorized observation method. To gain mid-span access to the fiber, the eavesdropper has to cut through and strip away the cable's outer jacket to access the individual fibers in its center. Once this is done, the eavesdropper has several ways to tap the optical signal, including fiber bending, optical splitting, evanescent coupling, V-groove cut, and optical scattering [5]. The second category of attacks is high-power jamming and can be classified into three categories based on the effects it inflicts on the signal: (i) in-band jamming that is the result of intra-channel crosstalk, (ii) out-of-band jamming that includes inter-channel crosstalk and nonlinearities, and (iii) gain competition in optical amplifiers, in which case a high-power jamming signal can increase its own power, thus resulting in reduction in the gain of the rest of the co-propagating channels on the same fiber. These types of attacks propagate through the transparent network affecting several connections and as a consequence the localization of an attack is a difficult problem. Due to the high bit rates of optical networks and the interaction of the connections, a jamming attack can cause a huge amount of information loss. Therefore, the limitation of attack propagation is a crucial consideration in designing transparent WDM optical networks. There have been a few public reports of physical attacks on the fiber infrastructure; in 2000, three main trunk lines of Deutsche Telekom were breached at Frankfurt Airport in Germany and in 2003, an illegal eavesdropping device was discovered in Verizon's optical network. Utilizing this optical tap, it was believed that someone was trying to illegally access financial information prior to its release. Other reported international incidents for optical taps on proprietary networks include police networks in the Netherlands and Germany, and the networks of large pharmaceutical companies in the U.K. and France [6]. Furthermore, even when networks are protected by external threats, they are still vulnerable to attacks by malicious insiders, a threat that is usually very difficult to defend against. In general, there is heightened awareness about network infrastructures and the need to secure them from attacks from insiders as well as external entities. While a network can never be completely protected against insider threats, such threats can always be mitigated by designing the network in such a way that even if the network is attacked the effect of the attack is minimized. This is precisely the focus of this work as it will be explained in detail below. A widely applicable security model is the confidentiality, integrity, and availability (CIA) triad. These three key principles should guide all secure systems. Confidentiality prevents unauthorized disclosure of sensitive information; integrity prevents unauthorized modification of data, systems, and information, thereby providing assurance of the accuracy of information and system; and availability is the prevention of loss of access to resources and information to ensure that information is available for use when it is needed.

Various security mechanisms are used in optical networks to protect the CIA triad. For example, certain strategies for confidentiality and integrity against eavesdropping in optical networks have been developed. They usually make use of modulation/encryption techniques to conceal the information in the optical network, increasing difficulty to access the contents of the information flow. Techniques like quantum cryptography, chaotic communications, optical code division multiple access (OCDMA), and electrical encryption can be used to make the interpretation of the observed data much more complex [7]. Moreover, in order to protect the availability in optical networks against service disruption and reduce the jamming attack impact, two different methods can be used. One approach is to use wavelength-selective attenuators as power equalizers inside network nodes in order to limit the propagation of high-power jamming attacks [8]. However, due to the increased cost of optical switching nodes associated with the addition of power equalizers, a second approach has been investigated in the literature that avoids the usage of costly network components and tries to solve the problem at the design phase of the network. This approach is the attack awareness of routing and wavelength assignment algorithms in order to reduce the interaction among lightpaths and as a consequence the spreading of the attack, which is also precisely the method investigated in this work. The concept of preventive, attack-aware RWA problem was proposed in [9]. The authors formulate the routing sub-problem of RWA as an Integer Linear Programming (ILP) with the objective to decrease the potential damage of jamming attacks causing out-of-band crosstalk in fibers and gain competition in optical amplifiers. A tabu search heuristic is proposed to cover larger network instances. Moreover, in [10], authors propose a wavelength assignment approach to limit the potential propagation of inband crosstalk attacks through the network, while authors in [11] extend upon their work in [10] by considering a more realistic case where crosstalk attacks can maximally spread in one or two steps (i.e., that secondary attacked signals are not strong enough for the attack to propagate further). This work extends on previous methods presented in the literature, proposing an optimization approach with the objective to assign jointly routes and wavelengths to the traffic demands so as to minimize the impact of highpower signals through both in-band and out-of-band jamming attacks. Attack awareness is taken into consideration during the network planning phase so that the number of the affected connections from an intentional attack is minimized. In particular, the ILP formulations use constraints to minimize the impact of an attack through in-band and out-of-band jamming. By minimizing the channel interactions among lightpaths due to in-band and out-of-band crosstalk, the transition of high-power signals from one lightpath to another is also minimized. A preliminary work for in-band jamming attack was presented in [12]. The novelty of the ILP formulation derives from the fact that the routing and wavelength assignment problems are solved jointly, while at the same time both in-band crosstalk and out-of-band crosstalk are taken into account. Another key issue of the formulation is the use of

Please cite this article as: K. Manousakis, G. Ellinas, Attack-aware planning of transparent optical networks, Optical Switching and Networking (2015), http://dx.doi.org/10.1016/j.osn.2015.03.005i

K. Manousakis, G. Ellinas / Optical Switching and Networking ] (]]]]) ]]]–]]]

3

Fig. 1. High-power in-band jamming attack propagation (attack propagation is shown in bold).

a proper function that avoids the spread of the attacks. In addition, Linear Programming (LP) relaxation techniques are used to address the problem in larger scale networks. Moreover, heuristic algorithms are proposed that serve sequentially the connections in a particular order and a meta-heuristic algorithm (utilizing Simulated Annealing) is used to find better orderings in order to establish the requested connections. The simulation results show that by considering attackaware RWA algorithms, a significant decrease on the impact of in-band and out-of-band jamming attacks is achieved in transparent WDM networks, validating the need for such an approach during the planning phase of the network. Moreover, performance results indicate that the proposed algorithms also perform close to the traditional RWA algorithms in terms of total wavelength utilization of the network, thus demonstrating that the minimization of the impact of the attacks is not done at the expense of additional resource utilization. The rest of the paper is organized as follows. Section 2 describes the physical layer attacks. This is followed in Section 3 by the proposed ILP formulations that account for the minimization of high-power signal propagation through in-band and out-of-band crosstalk, thus minimizing the effect of high-power jamming attacks. In Section 4, the heuristic algorithms and the Simulated Annealing technique are presented, followed by performance results in Section 5. Finally, Section 6 presents some concluding remarks. 2. Network and attack models This section describes the network and the attack propagation models that are used in this work. 2.1. Network model A network topology is represented by a connected graph G ¼(V,E), where V denotes the set of optical crossconnects (nodes), and E denotes the set of (point-to-point) single-fiber links (edges). Each fiber link is able to support a common set C ¼{1,2,…,W} of W distinct wavelengths, while nodes are assumed to not have wavelength conversion capabilities.

in Section 1. This work considers the propagation of highpower jamming attacks. One of the most important attacks is in-band jamming that is the result of intra-channel crosstalk between the same wavelengths in optical switches. Another form of attack is the out-of-band jamming, where high-power signals can introduce nonlinearities, causing crosstalk effects between channels on different wavelengths co-propagating on the same fiber (inter-channel crosstalk). The sections that follow describes in detail these forms of attacks. 2.2.1. In-band jamming attack One form of attack considered in this work is highpower signal injection in one of the optical cross-connects (switches) of the network. Fig. 1 illustrates an example of such an attack in node n1 of the network. The attack can spread further in the network through intra-channel crosstalk (in-band jamming). Intra-channel crosstalk is related to the non-ideal switching matrix of an optical cross-connect switch. In particular, intra-channel crosstalk is the effect of power leakage between lightpaths crossing the same switch and using the same wavelength due to non-ideal isolation of the inputs/outputs of the switching fabric. Intra-channel crosstalk cannot be filtered out, since the interfering signal is on the same wavelength as the one affected. Thus, a high-power jamming signal can cause significant leakage inside the switches between lightpaths that are on the same wavelength as the attacking signal. For example, in Fig. 1 the high-power signal propagation through the effect of in-band jamming is depicted. As can be seen, a lightpath (p0,wi) from node n0 to node n5 is established using wavelength wi. Also, a lightpath (p3,wi) from node n3 to node n8 is established using the same wavelength, wi, and finally, a lightpath (p2,wj) from node n2 to node n4 is established using a different wavelength wj. Let (p1,wi) be a malicious lightpath (high-power signal) using wavelength wi. This lightpath affects the other lightpaths using the same wavelength and crossing the same nodes. Lightpath (p0,wi) is then affected by lightpath (p1,wi) and becomes an attacker too, called “secondary attacker”. Thus, lightpath (p0,wi) spreads the attack further to lightpath (p3,wi). Note that the malicious lightpath (p1, wi) does not affect lightpath (p2,wj) through intra-channel crosstalk despite the fact that the lightpaths cross the same node, n2, as lightpath (p2,wj) uses a different wavelength than the attacking lightpath.

2.2. Attack propagation model There are several physical layer attacks that can occur in transparent optical networks as presented in [3] and outlined

2.2.2. Out-of-band jamming attack Another form of attack related to high-power signals is out-of-band jamming. Out-of-band jamming crosstalk

Please cite this article as: K. Manousakis, G. Ellinas, Attack-aware planning of transparent optical networks, Optical Switching and Networking (2015), http://dx.doi.org/10.1016/j.osn.2015.03.005i

K. Manousakis, G. Ellinas / Optical Switching and Networking ] (]]]]) ]]]–]]]

4

Fig. 2. High-power out-of-band jamming attack propagation (attack propagation is shown in bold).

results due to the power leakage between neighboring channels. Under high-power input, transmission in optical fibers is prone to non-linear effects causing signals traveling in adjacent wavelengths to interact with each other. Furthermore, transmission experiments have shown that physical layer interference phenomena, such as interchannel crosstalk, are even more severe among transmissions that utilize different line rates and different modulation formats [13]. For this reason it is important to consider the inter-channel crosstalk propagation effect during the design of a transparent optical network. In Fig. 2, the high-power signal propagation through the effect of out-of-band jamming is depicted. A lightpath (p0,wi) from n0 to n5 is established using wavelength wi. Let (p1,wi þ 1) be a malicious lightpath (high-power signal) from n1 to n3. Lightpath (p1,wi þ 1) affects lightpath (p0,wi) as the two lightpaths co-propagate along the same fiber utilizing adjacent wavelengths. Then, the affected lightpath (p0,wi) becomes a “secondary attacker” that consequently affects lightpath (p3,wi  1). Only adjacent channel interference is considered as severe and the interference between wavelengths in the same fiber that have distance more than one wavelength is neglected, thus the lightpath (p2,wi þ 2) remains unaffected. 3. Attack-aware RWA problem In this section, two Integer Linear Programming (ILP) formulations are presented aiming at minimizing the propagation of physical layer attacks, in terms of affected lightpaths through intra- and inter-channel crosstalk by high-power jamming attack signals. As explained in the previous section, a high-power input signal can affect a lightpath through intra- and inter-channel crosstalk and an affected lightpath can also affect other lightpaths, thus spreading the attack to other parts of the network. In this work, the static version of RWA is considered that assumes that the traffic scenario is known a priori and is given in the form of a matrix of non-negative integers, Λ, called the traffic matrix. Then, Λsd denotes the number of requested wavelengths from source s to destination d. Note that there may be multiple lightpath requests for a given source–destination pair (s,d) and they can be routed over different paths. The algorithm is given a specific RWA instance; that is, a fixed network topology, the set of wavelengths that can be used, and a static traffic scenario. The routing and wavelength assignment (RWA) algorithms consist of two phases. In the first phase, k candidate paths are identified for serving each requested connection. These paths are selected by employing a k-shortest path algorithm. The k-shortest path algorithm pre-calculates for each source–

destination pair (s,d) a set of k candidate paths Psd, as follows: first, the shortest path is calculated using Dijkstra's algorithm and then the cost of the links which belong to the shortest path is increased and Dijkstra's algorithm is executed again. This procedure is repeated until k paths are found. Any other k-shortest path algorithm can also be used [14]. After a subset Psd of candidate paths for each source–destination pair (s,d) is computed, the total set of computed paths, P ¼ [ s  d P sd , is inserted to the next phase. In the second phase, the given RWA instance is formulated as an ILP problem. The following parameters, constants, and variables are used for the ILP formulations: Parameters

     

s; d A V: network source and destination nodes, jV j ¼ N. w A C: an available wavelength, jC j ¼ W. l A E: a network link, jEj ¼ L.

p A P sd  P: a candidate path,
P sd
¼ k. P cn : the set of paths p0 that have at least one common pp' node with path p. P cl : the set of paths p0 that have at least one common pp' link with path p. Constant

 Λsd: the number of requested connections from node s to d. Variables

 xp,w: a binary variable, equal to 1 if path p occupies wavelength w, and 0 otherwise.

 Wl: the number of used wavelengths on link l.

3.1. Attack-aware RWA 1 (A-RWA-p) The problem is formulated as an ILP in order to handle high-power in-band and out-of-band jamming signal attacks. The formulation includes constraints for the traditional RWA problem [1], [2] plus additional constraints for in-band and out-of-band jamming attacks. In particular, a constraint for each lightpath (p,w) that counts the number of lightpaths that interact through intra- and inter-channel crosstalk with lightpath (p,w) in every network node and link traversed by lightpath (p,w), are inserted in the formulation. The formulation of the attack-aware RWA problem is then as follows: Additional variables

Please cite this article as: K. Manousakis, G. Ellinas, Attack-aware planning of transparent optical networks, Optical Switching and Networking (2015), http://dx.doi.org/10.1016/j.osn.2015.03.005i

K. Manousakis, G. Ellinas / Optical Switching and Networking ] (]]]]) ]]]–]]]

 Sp: the number of in-band lightpath interactions on path p, that is, the number of the different lightpaths that affect lightpath p through intra-channel crosstalk. 0 Sp : the number of out-of-band lightpath interactions on path p, that is, the number of the different lightpaths that affect lightpath p through inter-channel crosstalk.



Objective Minimize:

X

Wl þmU

X

Sp þ

p

l

X

S0p Þ

ð1Þ

p

subject to the following constraints:

 Distinct wavelength assignment constraint X fpjl A pg

xp;w r 1; for all l A E; for all w A C

ð2Þ

 Incoming traffic constraint X

X p A P sd

xp;w ¼ Λsd for all s  d pairs

ð3Þ

w

5

The first term of the objective accounts for the cost of the wavelength utilization on the links and the second term accounts for the in-band and out-of-band crosstalk interaction for each active lightpath as defined by the variables of the problem. The constant m is used to express the impact of each term to the objective function. Constraints (2) and (3) correspond to constraints of the traditional RWA problem. Specifically, constraint (2) ensures that each wavelength is used at most once on each fiber and constraint (3) ensures that all the incoming traffic is satisfied. Constraint (4) counts the number of used wavelengths per link. The wavelength continuity constraint is implicitly taken into account by the definition of the xp,w variables. Constraint (5) counts the number of lightpaths that interact through in-band crosstalk with lightpath (p,w), while constraint (6) counts the number of adjacent lightpaths that interact through outof-band crosstalk with lightpath (p,w). Note that by minimizing the lightpath interactions through in-band and out-of-band crosstalk, the high-power attack propagation of a malicious signal is also minimized. Moreover, assuming that an affected signal can become an attacker (secondary attacker), the propagation of the secondary attacker is also minimized because all lightpath interactions are minimized.

 Number of wavelengths per link Wl ¼

X

X fpjl A pg

xp;w ; for all l A E

ð4Þ

w

 Intra-channel crosstalk constraint related to jamming attack X

x 0 þB Uxp;w  Sp r B; fp0 jp0 A P cn g p ;w pp

'

for all p A P

and for all w A C

ð5Þ

 Inter-channel crosstalk constraint related to jamming

3.2. Attack-aware RWA 2 (A-RWA) The formulation presented in the previous section uses two additional variables Sp and S0p per path p, to count the number of in-band and out-of-band lightpath interactions on path p, respectively. In order to reduce the number of additional variables, only two variables S and S0 can be used to count the maximum number of in-band and outof-band lightpath interactions respectively for all the paths, instead of the interactions per path. Thus, for this formulation, constraints (5) and (6) are modified accordingly to incorporate the variables S and S0 instead of Sp and S0p . The modification is straightforward and it is therefore omitted here.

attack, X fp0 jp0 A P cl pp0 g

for all p A P and for all w A C  f1; W g For w¼1 the above constraint becomes X   x 0 þB Uxp;w  S0p r B; for all p A P fp0 jp0 A P cl g p w þ 1 pp0

For w¼W the above constraint becomes X   x 0 þ B U xp;w S0p rB; for all p A P fp0 jp0 A P cl g p ;w  1 pp0

3.3. Attack-aware RWA 3 (A-RWA-convex)

  xp0 ;w  1 þ xp0 ;w þ 1 þ B U xp;w  S0p r B; ð6Þ

ð6:aÞ

ð6:bÞ

where B is a constant taking large values and is used to activate/deactivate the constraints of Eqs. (5) and (6). This means that if the variable xp,w in Eq. (5) takes the value 1, then the above constraints are active and the in-band jamming attacks are taken into account, while if the variable xp,w takes the value 0, then these constraints are always true and do affect the objective function. The same stands for out-of-band jamming using Eq. (6).

The problem is formulated again as an ILP in order to handle high-power in-band and out-of-band jamming signal attacks. However, this formulation tries to minimize not only the sum of the in-band and out-of-band jamming attacks but also the maximum number of in-band and outof-band jamming attacks that a single lightpath can cause. Let Fp ¼f(Sp) denote the attack penetration function of the path p on the network, an increasing function on the number of crosstalk interactions of path p. The objective cost of the formulation is then to minimize the sum of Fp values. In order to add this objective to the formulation, an appropriate convex optimization function is used. The convex function is inserted as a piecewise linear cost function (Fig. 3) and this function express the undesirability to propagate the high-power signal through other lightpaths. As the number of crosstalk interactions of a lightpath increases, the cost of the

Please cite this article as: K. Manousakis, G. Ellinas, Attack-aware planning of transparent optical networks, Optical Switching and Networking (2015), http://dx.doi.org/10.1016/j.osn.2015.03.005i

K. Manousakis, G. Ellinas / Optical Switching and Networking ] (]]]]) ]]]–]]]

6

Fig. 4. High-power jamming lightpath interaction.

while the other linear parts will be satisfied with strict inequalities.

Fig. 3. The set of linear constraints that are inserted in the ILP formulation. Inequality constraints are used to limit the search in the shaded area. Since the objective that is minimized is the cost, the search for solutions is performed only at its lower bounds, which identify the piecewise linear approximation of the cost function S2p .

objective function becomes higher, and thus it is more difficult for a lightpath to spread the attack to many other lightpaths. 3.3.1. Attack-aware cost function 0 The variables Fp and F p express the cost of interactions of paths through in-band and out-of-band jamming crosstalk respectively on path p. The chosen function f should be a properly increasing function of Sp. Also, f should be chosen so as to imply a greater amount of ‘undesirability’, when a lightpath interacts with other lightpaths. For this reason, f should be convex. The following cost function is utilized: F p ¼ f ðSp Þ ¼ S2p The nonlinear function f is inserted to the ILP formulation in the approximate form of a piecewise linear function; i.e., a continuous non-smooth function, that consists of I consecutive linear parts (see Fig. 3). The piecewise linear function is constructed as follows: begin with   Fp(0)¼0, and iteratively set, for i¼1,…, I, F ip Sp ¼ ai U Sp þ βi ; i 1 rSp r i, where ai ¼ F p ðiÞ  F p ði  1Þ and βi ¼ ði  1Þ U F l ðiÞ  iU F l ði  1Þ. The following S linear constraints are then inserted in the ILP formulation:   F ip Sp ¼ αi U Sp þ βi r F p ; i ¼ 1; 2; :::Ι ð7Þ defined by the corresponding αi and βi values for each path p. During the optimization process one of the linear parts will be satisfied with equality at the optimal solution,

3.3.2. Contribution of the lightpath interactions to the cost of the objective function Fig. 4 serves as an example in order to clarify the contribution of the lightpath interactions to the cost of the objective function for the A-RWA-p and A-RWA-convex cost functions as described above. In Fig. 4a, three lightpaths are depicted. Lightpath LP1 interacts with LP2 and lightpath LP2 with LP3. In Fig. 4b, lightpath LP1 interacts with LP2 and lightpath LP3 with LP4. The cost of the objective function for the first formulation (A-RWA-p) is equal to 4 (one interaction to LP1, two interactions to LP2 and one interaction to LP3) for the first lightpath configuration (Fig. 4a) and equal to 4 (one interaction for every lightpath) for the second lightpath configuration (Fig. 4b). On the contrary, the cost of the objective function for the second formulation (A-RWA-convex) is equal to 6 (one interaction to LP1, two interactions to LP2, leading to cost equal to 4 as can be seen in Fig. 3 by the corresponding linear part, and one interaction to LP3) for Fig. 4a and is equal to 4 (again one interaction for every lightpath) for Fig. 4b. The second configuration of the lightpaths, as depicted in Fig. 4b, is preferred to the configuration of Fig. 4a in terms of attack penetration, since the attacker will affect only one lightpath and not two as in Fig. 4a. The A-RWA-p formulation does not make any distinction between the two configurations in contrast to the A-RWA-convex formulation. 3.3.3. A-RWA-convex formulation The following additional variables are defined in order to formulate the A-RWA-convex: Additional variables

 Fp: the intra-channel attack propagation cost function value of path p.

 F p : the inter-channel attack propagation cost function 0

value of path p. and a piecewise linear function is used to express the undesirability of signal attack propagation on each lightpath. Objective Minimize:

X l

Wl þmU

X p

Fp þ

X

F 0p Þ

ð8Þ

p

subject to the constraints presented in the previous

Please cite this article as: K. Manousakis, G. Ellinas, Attack-aware planning of transparent optical networks, Optical Switching and Networking (2015), http://dx.doi.org/10.1016/j.osn.2015.03.005i

K. Manousakis, G. Ellinas / Optical Switching and Networking ] (]]]]) ]]]–]]]

7

Table 1 Number of variables and constraints of ILP formulations. Formulation

Number of variables

Number of constraints

A-RWA A-RWA-p A-RWA-convex

k  N2  W þ L k  N2  W þ L þ2  k  N2 k  N2  W þ L þ4  k  N2

¼ (N2)1 (N2)1 (N2)1

r (L  W)2 þ (N2)3 þ (k  N2  W)4 þ (k  N2  W)5 (L  W)2 þ (N2)3 þ (k  N2  W)4 þ (k  N2  W)5 (L  W)2 þ (k  N2  W)4 þ (N2)3 þ (k  N2  W)5 þ(k  N2  I)6 þ (k  N2  I)7

N: number of nodes, W: number of wavelengths, L: number of links, k: number of shortest paths for each connection, and I: number of cost function's linear parts. Additional number of variables compared to the traditional RWA are underlined. Constraints: 1: incoming traffic constraints; 2: distinct wavelength assignment constraints; 3: used wavelengths per link constraints; 4–5: link-node jamming attack constraints; and 6–7: cost attack function constraints. 0

section ((2)–(6)). In addition, the new variables Fp and F p are expressed as a function of the number of lightpaths interactions (calculated by the Sp and S0p variables) in constraints (9) and (10).

 Attack-aware cost function constraints for intrachannel crosstalk   F p Z f Sp ; for all p A P

ð9Þ

Constraint (9) is incorporated in the formulation by the following set of constraints in order to include the piecewise linear functions: F p Z αi USp þ β i ; for all p A P; for all i ¼ 1; 2; :::S Taking into account from Fig. 3 that there are three linear parts (I ¼3) and by computing the values of parameters ai and βi by using equations ai ¼Fp(i) Fp(i 1) and βi ¼(i 1)  Fl(i) i.Fl(i  1), and also the cost function of Fig. 3, we have the following three inequalities for every path p A P F p Z Sp

ð9:aÞ

F p Z 3 U Sp  2

ð9:bÞ

F p Z 4 U Sp  3

ð9:cÞ

 Attack-aware cost function constraints for interchannel crosstalk   F 0p Z f S0p ; for all p A P

ð10Þ

Constraint (10) is incorporated in the formulation following the same procedure as for constraint (9). 3.4. Variables and constraints Table 1 analyzes the variations of the formulations presented in the previous sections with respect to the number of variables and constraints that they require. These variations correspond to routing and wavelength assignment problems with the objective to minimize the high-power jamming propagation. The formulations differ in the number of the additional variables they utilize. These formulations use as input k-shortest paths for each requested connection in order to reduce the search space and as a consequence the complexity of the ILP formulations. By controlling the number of candidate paths k, the number

of variables and constraints is also controlled. Other formulations, that do not depend on k-shortest paths as presented in [9] (used for the routing sub-problem), and [10] (used only for the wavelength assignment sub-problem), are more sensitive to the network topology (number of nodes, connectivity degree, etc.) and use more variables and constraints, even for the sub-problems, compared to the proposed formulations for the routing and wavelength assignment problem. In Table 1, k  N2 defines the number of the candidate paths for all possible connections of the network. 3.5. Relaxation technique The high-complexity of the ILP problem makes the formulation intractable for large network sizes. The complexity of the ILP problem is reduced by relaxing the integrality constraints of the variables xp,w and the corresponding Linear Programming (LP) problem is solved by using the Simplex algorithm in combination with appropriate techniques to handle the non-integer solutions [15]. If the Simplex algorithm yields a solution with integer and non-integer values, the variables with integer values are fixed, that is, the variables that are integers are treated as final and the reduced problem for the remaining variables is solved. Fixing variables does not change the objective cost of the LP solution, and as a consequence, with the fixing process, the previous solution is moved to a solution with equal or more integer variables that has the same cost. If after successive fixings an all-integer solution is reached, it is definitely an optimal solution. On the other hand, fixing variables is not guaranteed to return an integer optimal solution if one exists, since the integer solution might consist of different integer values than the ones gradually fixed. When a point is reached beyond which the process of fixing does not increase the integrality of the solution, a rounding process is performed. A single variable is rounded, the one closest to 1, and the reduced LP problem is solved. Rounding is inevitable when there is no integer solution with the same objective cost as the LP relaxation of the RWA instance. However, if after rounding the objective cost changes, there is no guarantee that the problem will end up with an optimal solution. 4. Heuristic algorithms In some cases, where the ILP formulations cannot be solved efficiently for large networks, it is desirable to obtain efficient heuristic algorithms. The proposed

Please cite this article as: K. Manousakis, G. Ellinas, Attack-aware planning of transparent optical networks, Optical Switching and Networking (2015), http://dx.doi.org/10.1016/j.osn.2015.03.005i

8

K. Manousakis, G. Ellinas / Optical Switching and Networking ] (]]]]) ]]]–]]]

heuristic approaches solve the problem by sequentially serving one-by-one the connections and consist of three phases. In the first phase, k candidate paths are calculated for each requested connection. The k-shortest path algorithm utilized is the same as the one described in Section 3. In the second phase two alternatives can be used: a) the demands are ordered according to some criteria described below, b) the demands are ordered according to a Simulated Annealing (SA) meta-heuristic. Then, in the third phase, a heuristic algorithm establishes the connections sequentially with the objective to minimize the number of in-band and out-of-band lightpath interactions.

is chosen and its cost (viewed as “energy” in the SA terminology) is calculated by sequentially serving the connections, using the heuristic algorithm described in Section 4.4 (this is the “fitness function” in the SA terminology). For a particular ordering ((s1,d1),(s2,d2),…, (sn,dn)) of n demands, its neighbor is defined as the ordering where (si,di) is interchanged with (sj,dj) for some i and j. To generate a random neighbor uniform pivots (si, di) and (sj,dj) are chosen among the n demands. This random neighbor creation procedure and the single demand heuristic are used as the fitness function in a typical Simulated Annealing iteration.

4.1. First phase: path calculation

4.4. Third phase: establishing the connections

In the first phase k candidate paths Psd are identified for serving each requested connection. These are selected by employing a variation of the k-shortest path algorithm. After a subset Psd of candidate paths for each requested connection (s,d) is computed, the total set of computed paths is given as input to the next phase.

This section describes the heuristic algorithm that is used in the third phase of the algorithm for establishing the connections, one-by-one, in some particular order. This algorithm is also used for the evaluation of the “fitness function” used by the SA algorithm. Each link l of the network is characterized by a Boolean wavelength availability vector wl ¼ ½wli  ¼ ðwl1 ; wl2 ; …; wlw Þ, whose ith element wli is equal to 0 if the ith wavelength of link l is utilized by a connection, and equal to 1, otherwise. The wavelength availability vector of a path p consisting of links l A p is defined as follows:

4.2. Second phase: ordering the demands The ordering in which the demands are served is quite important in this process, and different orderings result in different solutions of different costs. The following ordering policies were implemented: 4.2.1. Longest path first (LPF) ordering The demands are ordered according to the length (or number of hops) of their shortest path, and the demand that has the longest length is served first. This policy is used to satisfy first the demands that use many links and there is a need for more available wavelengths across all links. 4.2.2. Biggest source–destination node degree (BND) ordering The demands are ordered according to the sum of the degrees of source and destination nodes, and the demands with the biggest sum of source–destination node degree are served first. This policy is used to satisfy first the demands that use nodes with high degree and there is a need for more available wavelength across these nodes, since these nodes will be used for several connections and the interactions at these nodes will be high. 4.2.3. Highest demand first (HDF) ordering The demands are ordered according to their requested rate, and the demands with the highest required rate are served first. This policy is used to satisfy first the demands of source–destination pairs that need multiple wavelengths. 4.3. Alternative second phase: Simulated Annealing metaheuristic To find good orderings, a Simulated Annealing (SA) meta-heuristic algorithm is also used. For solving the problem using SA, an ordering from previous subsections

W p ¼ ½W pi  ¼ & l A p wl ¼ ½& l A p wli 

ð11Þ

where “&” denotes the Boolean AND operation. Thus, the element Wpi is equal to 1 if wavelength wi is available for transmission over path p. The above equation enforces the wavelength continuity constraint amongst the links comprising a path. The number of candidate lightpaths LPsd for the demand (s,d) is the number of available wavelength from the vector W p . The demands are served according to the order defined by the second phase of the algorithm. First, k candidate paths Psd are pre-calculated for each demand (s,d). Let U be the set of established lightpaths in the network. Initially, U¼{} and all vectors WAVl are set to “one”, to map an initially completely empty network. The objective of the attack-aware RWA heuristic algorithms is to minimize the number of lightpaths that interact with other lightpaths through in-band and outof-band channel crosstalk and thus to minimize the propagation of high-power jamming signal attacks. The single demand heuristic works as follows. The objective is to establish Λsd lightpaths for (s,d) under the current utilization state of the network, given in the form of the wavelength availability vectors wl , for all l, and the established lightpaths U up to that point. The wavelength utilization W p of the pre-calculated paths p A P sd is computed, using Eq. (11). For each demand, the lightpath (p,w), from the set of candidate lightpaths LPsd, with the smallest number of inband and out-of-band channel interactions with the already established lightpaths is chosen. To evaluate this, the wavelength availability vectors wl are used to identify the interactions of established lightpaths. Then the lightpath with the minimum sum of in-band and out-of-band channel interactions is established. Finally, U and wl are updated and Λsd is decreased so that the number of lightpaths that remain to be

Please cite this article as: K. Manousakis, G. Ellinas, Attack-aware planning of transparent optical networks, Optical Switching and Networking (2015), http://dx.doi.org/10.1016/j.osn.2015.03.005i

K. Manousakis, G. Ellinas / Optical Switching and Networking ] (]]]]) ]]]–]]]

9

Fig. 5. Pseudo-code of the algorithm for establishing Λsd connections for demand (s,d).

established for (s,d) are known at each step. The algorithm continues to check the available wavelengths over all paths until either Λsd ¼ 0 or there are no remaining available wavelengths to check. In the latter case, the remaining unserved connections are blocked. Subsequently, the algorithm establishes lightpaths for the next demand, that is, the next source–destination pair, in the ordering defined in the second phase of the algorithm. For a given demand, the single demand heuristic algorithm returns the number of blocked lightpaths and also the updated wavelength availability vectors and the updated set of established lightpaths. The pseudo-code of this algorithm is presented in Fig. 5.

different random static traffic instances for each traffic load. The number of candidate paths per connection request calculated in the first phase of the algorithms (both for ILP and heuristic algorithms) was equal to k ¼3, which is a representative number to the solution search space. The network load ρ is denoted as the ratio of the total number of requested connections over the number of single requested connections between all possible source– P destination pairs, that is ρ ¼ Λsd =N2  N, where Λsd is the number of requested connections for the source P destination pair s–d, Λsd is the total requested connections of the network, N is the number of network nodes and N 2 N is the number of single requested connections between all possible source–destination pairs.

5. Simulation results 5.1. Results for the 6-node network topology To evaluate the performance of the proposed algorithms, a number of simulation experiments were performed. In the simulations two network topologies were considered as shown in Fig. 6; a small network topology that comprises of 6 nodes and 9 links and the generic Deutsche Telekom network topology (DTnet) that comprises of 14 nodes and 26 links. For solving the LP and ILP related formulations, the Gurobi library was used [16]. For each instance of the ILP formulations, a time limit of 3 h (Gurobi running time) was set (a PC with Core [email protected] GHz and 4GB memory was used). Ten (10) RWA executions were performed corresponding to

In Fig. 7, a comparison between the proposed ILP formulations and the traditional RWA that takes into account only the distinct wavelength assignment and continuity constraints is depicted. The network load was assumed equal to 1.8. The objective of the traditional RWA algorithm is to minimize the total number of used wavelengths. On the other hand, the proposed ILP formulations minimize the effect of lightpath interactions due to in-band and out-of-band crosstalk. Fig. 7 presents the number of lightpaths that interact through in-band and out-of-band crosstalk in relation to the number of

Please cite this article as: K. Manousakis, G. Ellinas, Attack-aware planning of transparent optical networks, Optical Switching and Networking (2015), http://dx.doi.org/10.1016/j.osn.2015.03.005i

K. Manousakis, G. Ellinas / Optical Switching and Networking ] (]]]]) ]]]–]]]

10

Hamburg Bremen Berlin Hannover

2

4 Essen Dortmund

Düsseldorf

1

6

Leipzig Köln

Frankfurt Nürnberg

3

5 Stuttgart Ulm München

Fig. 6. (a) 6-node network topology and (b) the DT network topology used in the simulation experiments.

Fig. 7. Number of lightpaths that interact through in-band and out-ofband crosstalk vs. number of available wavelengths for the 6-node network (load ¼ 1.8).

Fig. 8. Histogram for lightpath distribution related to in-band lightpath interactions for the 6-node network (load¼ 1.8, w¼ 12).

available wavelengths. As can be seen, the performance of the traditional RWA algorithm is almost independent of the number of available wavelengths, while for the ARWA, A-RWA-p, and A-RWA-convex approaches, the number of interactions decreases significantly with increasing

Fig. 9. Histogram for lightpath distribution related to out-of-band lightpath interactions for the 6-node network (load ¼ 1.8, w¼12).

number of available wavelengths. Furthermore, the ARWA-p and A-RWA-convex algorithms exhibit similar performance and significantly better than that of the ARWA algorithm. In Fig. 8, the results in the form of a histogram are presented, that show the effect of in-band jamming crosstalk on the solutions obtained by the attack-aware RWA algorithms. Given the solution to an RWA instance, the distribution of the number of in-band interactions is plotted for every lightpath. The number of available wavelengths in this case was equal to 12. A left shift in the interactions among lightpaths is observed when attack-aware RWA algorithms and especially A-RWA-p and A-RWA-convex are used and as a consequence the impact of a high-power in-band jamming attack is reduced. The performance of the A-RWA algorithm is worse than the other two proposed approaches, because the objective of this formulation is to minimize the maximum number of lightpath interactions. It is obvious from Fig. 7 that the minimization value of the A-RWA algorithm is equal to 3 for the given RWA instance. A value

Please cite this article as: K. Manousakis, G. Ellinas, Attack-aware planning of transparent optical networks, Optical Switching and Networking (2015), http://dx.doi.org/10.1016/j.osn.2015.03.005i

K. Manousakis, G. Ellinas / Optical Switching and Networking ] (]]]]) ]]]–]]]

equal to 3 of the cost objective means that the in-band interactions of all lightpaths will be between 0 and 3. This cost value is determined by the lightpath with the highest number of in-band interactions. Therefore, in the case where more lightpaths have a cost value between 0 and 3, the cost of the objective remains the same, since the

Fig. 10. Number of lightpaths that interact through in-band and out-ofband crosstalk vs. number of available wavelengths for the 6-node network (load¼ 1.8, relaxation technique).

Fig. 11. Number of lightpaths that interact through in-band and out-ofband crosstalk vs. number of available wavelengths for the 6-node network (load¼ 1.8).

11

objective is to minimize the maximum value. Similarly, Fig. 9 illustrates the distribution of the number of out-ofband jamming interactions per lightpath. The improvements obtained by the attack-aware RWA algorithms in minimizing the out-of-band crosstalk compared to the traditional RWA algorithm are evident. Comparing the performance of the A-RWA-p and ARWA-convex algorithms as shown in Figs. 8 and 9, it is clear that the A-RWA-convex algorithm exhibits better performance in terms of attack penetration. In general, the A-RWA-convex approach penalizes more the attack that a single lightpath can perform since the objective function expresses the undesirability to increase the number of interactions for a lightpath. On the other hand, the ARWA-p algorithm does not take into account the worst attack that a single lightpath can perform. This can be seen in Fig. 8, where the A-RWA-p algorithm has more lightpaths with number of in-band interactions equal to 2, 3 and 4, compared to the A-RWA-convex algorithm. Fig. 10 presents the results for the relaxation technique, where the integer constraints were relaxed to linear constraints as presented in Section 3.5. Comparing the ILP and LP, a small increase in the number of in-band and out-of-band lightpath interactions is observed due to the fact that the LP relaxation technique (rounding) can increase the cost of the objective function. However, this approach gives a solution much faster than the formulations with integer constraints. The optimal ILP algorithm could not track solutions for large network instances due to high complexity and for this reason the relaxation technique is a good alternative as can be seen in Fig. 10. Fig. 11 depicts the results of the in-band and out-ofband lightpath interactions for the proposed heuristic algorithms. The LPF and the HDF algorithms have the worst and the second worst performance, respectively. The BND algorithm has the best performance in respect to the other ordering policies, while the SA algorithm improves all proposed ordering policies. In Fig. 11, SA represents the results of the SA algorithm for 100 iterations. The SA algorithm has the best performance since many orderings are tested during the algorithm execution. However, the A-RWA-convex relaxation algorithm performs better than all of the heuristic algorithms.

Fig. 12. (a) Number of lightpaths that interact through in-band and out-of-band crosstalk vs. network load, and (b) total number of used wavelengths over all links vs. network load, for the 6-node network (w¼ 8).

Please cite this article as: K. Manousakis, G. Ellinas, Attack-aware planning of transparent optical networks, Optical Switching and Networking (2015), http://dx.doi.org/10.1016/j.osn.2015.03.005i

12

K. Manousakis, G. Ellinas / Optical Switching and Networking ] (]]]]) ]]]–]]]

Fig. 12 depicts the most efficient algorithms that were identified during the performance analysis of the 6-node network. The number of available wavelengths per fiber was assumed to be equal to 8. In Fig. 12a the number of lightpaths that interact through in-band and out-of-band crosstalk vs. network load is presented. It is obvious that the performance of the proposed algorithms is significantly better than that of the traditional RWA algorithm. In Fig. 12b the total number of used wavelengths over all links vs. network load is presented. From Fig. 12b it is clear that the proposed methods can utilize network resources effectively, since only a very small increase is observed in the number of utilized wavelengths. Note that the results of the traditional RWA algorithm as presented in Fig. 12b signify the lower bound of the wavelength utilization since the objective of the traditional RWA is to minimize the total number of used wavelengths of the network (miniPL mize l ¼ 1 wl ), where wl is the number utilized wavelength in link l. Thus, network security against high-power jamming attacks can be achieved with only a slightly increase on the number of utilized wavelengths. It is worth noting that the SA algorithm meets the lower bound of the wavelength utilization for most of the network loads of Fig. 12b.

5.2. Results for the DT network topology A second simulation for a larger network topology (DTnet) was also performed in order to validate the results obtained for the (smaller) 6-node network topology. Figs. 13 and 14 depict the results for the DT network topology in the same manner as the results presented for the 6-node network only for the most efficient algorithms that were identified during the performance analysis of the 6-node network. For the results of the DT network in Fig. 13 the load was assumed equal to 0.6 and the number of available wavelengths was equal to 24. The performance results for the DT network follow the same trend as in the 6-node network in terms of the lightpath interactions as well as the resource utilization. Note that in Figs. 13 and 14, the relaxation A-RWA-convex algorithm exhibits a slightly better performance in some cases than the corresponding ILP, since the ILP had a time limit of 3 hours and for these cases the optimal solution was not reached in that time frame. In general, the A-RWA-convex technique is the best choice in transparent optical networks in order to minimize the high-power jamming attacks. It is worth mentioning that the proposed algorithms are utilized in the design phase of an optical network. For this reason the number of wavelengths in each fiber is chosen so as to have zero blocking performance. Moreover, the wavelength blocking does not change in the case of the ILP algorithms (traditional RWA or attack-aware RWA), since the constraints have to be satisfied and thus all the requested connections have to be established. The difference between the traditional RWA algorithm or other known standard RWA algorithms (e.g., random or most-, least-used assignment) and the attack-aware RWA algorithms is that the attack-aware RWA algorithms exploit the wavelength domain and avoid the crosstalk interference among the established lightpaths. 6. Conclusion

Fig. 13. Number of lightpaths that interact through in-band and out-ofband crosstalk vs. number of available wavelengths for the DTnet (load ¼ 0.6).

This work proposed several algorithms for solving the RWA problem during the design phase of a transparent WDM optical network with the objective of minimizing the high-power in-band and out-of-band crosstalk propagation which is caused when a high-power jamming signal

Fig. 14. Number of lightpaths that interact through in-band and out-of-band crosstalk vs. network load for the DTnet (w¼ 24).

Please cite this article as: K. Manousakis, G. Ellinas, Attack-aware planning of transparent optical networks, Optical Switching and Networking (2015), http://dx.doi.org/10.1016/j.osn.2015.03.005i

K. Manousakis, G. Ellinas / Optical Switching and Networking ] (]]]]) ]]]–]]]

is maliciously introduced in the network at a specific network node. Several ILPs with different optimization functions were developed and a relaxation technique was used to obtain solutions for larger problems. Moreover, heuristic approaches were proposed to sequentially solve the problem. The approach based on the Simulated Annealing algorithm was shown to perform better compared to the rest of the heuristic approaches. Performance results indicate that the proposed ILP and relaxation approaches that use the convex function as optimization objective (A-RWA-convex) give better results than the rest of the proposed algorithms, namely A-RWA and A-RWA-p, and much better results than the traditional RWA algorithm that does not take into account the propagation of the jamming attack signal. Thus, the proposed attackaware algorithms significantly minimize the high-power jamming attack propagation in the network and thus drastically contain the effect of the attack on the network infrastructure. It is also shown that this is achieved while the proposed algorithms perform close to the traditional RWA algorithms in terms of total wavelength utilization of the network. Future work focuses on the development of attackaware algorithms for translucent optical networks, where signal regeneration is necessary at some intermediate nodes in order to overcome the signal degradation. The objective of this problem is to establish the traffic demands so as to minimize the impact of high-power jamming attacks and also to minimize the regenerator usage. Acknowledgment This work was supported in part by the Cyprus Research Promotion Foundation's Framework Programme for Research, Technological Development and Innovation (DESMI 2008), co-funded by the Republic of Cyprus and the European Regional Development Fund, and specifically under Grant Project New Infrastructure/Strategic/0308/26. This research has also received funding from the People Programme (Marie Curie Actions) of the European Union's Seventh Framework Programme (FP7/2007-2013) under REA Grant agreement no. 630853.

13

References [1] H. Zang, J.P. Jue, B. Mukherjee, A review of routing and wavelength assignment approaches for wavelength-routed optical WDM networks, SPIE Opt. Netw. Mag. 1 (1) (2000) 47–60. [2] A.E. Ozdaglar, D.P. Bertsekas, Routing and wavelength assignment in optical networks, IEEE/ACM Trans. Netw. 11 (2) (2003) 259–272. [3] C. Mas, I. Tomkos, O.K. Tonguz, Failure location algorithm for transparent optical networks, IEEE J. Sel. Areas Commun. 23 (8) (2005) 1508–1519. [4] M. Fok, Z. Wang, Y. Deng, P. Prucnal, Optical layer security in fiber-optic networks, IEEE Trans. Inf. Forensics Secur. 6 (3) (2011) 725–736. [5] K. Shaneman, S. Gray, Optical network security: technical analysis of fiber tapping mechanisms and methods for detection & prevention, in: Proceedings of the IEEE Military Communications Conference (MILCOM), Monterey, CA, vol. 2, November 2004, pp. 711–716. [6] Sandra Kay Miller, Fiber optic network vulnerable to attack, Information Security Magazine, November 15, 2006. [7] A. Teixeira, A. Vieira, J. Andrade, A. Quinta, M. Lima, R. Nogueira, P. André, and G. Beleffi, Security issues in optical networks physical layer, in: Proceedings of the International Conference on Transparent Optical Networks (ICTON), Athens, Greece, June 2008, pp. 123–126. [8] A. Jirattigalachote, N. Skorin-Kapov, M. Furdek, J. Chen, P. Monti, L. Wosinska, Sparse power equalization placement for limiting jamming attack propagation in transparent optical networks, Opt. Switch. Netw. J. 8 (4) (2011) 249–258. [9] N. Skorin-Kapov, J. Chen, L. Wosinska, A new approach to optical networks security: attack-aware routing and wavelength assignment, IEEE/ACM Trans. Netw. 18 (3) (2010) 750–760. [10] M. Furdek, N. Skorin-Kapov, M. Grbac, Attack-aware wavelength assignment for localization of in-band crosstalk attack propagation, IEEE/OSA J. Opt. Commun. Netw. 11 (2) (2010) 1000–1009. [11] N. Skorin-Kapov, M. Furdek, R. Pardo, P. Pavón Mariño, Wavelength assignment for reducing in-band crosstalk attack propagation in optical networks: ILP formulations and heuristic algorithms, Eur. J. Oper. Res. 222 (3) (2012) 418–429. [12] K. Manousakis, G. Ellinas, Minimizing the impact of in-band jamming attacks in WDM optical networks, in: Proceedings of the 8th International Conference on Critical Information Infrastructures Security (CRITIS), Amsterdam, The Netherlands, September 2013, pp. 38–49. [13] O. Rival, G. Villares, A. Morea, Impact of inter-channel nonlinearities on the planning of 25–100 Gb/s elastic optical networks, IEEE/OSA J. Lightw. Technol. 29 (9) (2011) 1326–1334. [14] T. Stern, G. Ellinas, K. Bala, Multiwavelength Optical Networks: Architectures, Design, and Control, Cambridge University Press, 2008. [15] K. Christodoulopoulos, K. Manousakis, E. Varvarigos, Comparison of routing and wavelength assignment algorithms in WDM networks, in: Proceedings of the IEEE Global Communications Conference (GLOBECOM), New Orleans, LA, November/December 2008. [16] Gurobi Optimization. owww.gurobi.com4 .

Please cite this article as: K. Manousakis, G. Ellinas, Attack-aware planning of transparent optical networks, Optical Switching and Networking (2015), http://dx.doi.org/10.1016/j.osn.2015.03.005i