Public Network Vulnerabilities


Sean Gorman is with the School of Public Policy at George Mason University. He's speaking of vulnerabilities in the physical layer of networks used by the Federal government. They map logical networks onto physical networks and then perform statistical analyses of which cuts where do the most damage. The results are interesting for anyone planning on using the Internet for public safety and homeland security related efforts. Technological and market forces have reduced the number of redundant paths available on the Internet rather than increased them. This is yet one more reason for local and state governments to promote regional and local peering.

Another topic he mentions is targeted strategies for protecting networks from virus and trojan horse attacks. Their research shows that in a network of 12,000 nodes, you can get effective containment by protecting only the 2.5% most well-connected nodes (largest address books, most email processed, etc.). This is interesting from a cost-effectiveness standpoint. If you can identify these nodes, you could buy about 3% of the virus protection tools you buy now. That's a significant savings for a large organization. Of course, most users are more interested in their files being protected than they are in just containing the attack. More interesting, perhaps is the fact that the failure of your protection mechanism on certain nodes can be intensely damaging to containment efforts. That's where IT management ought to be putting administration effort.