Many existing works assign diverse variants to routing nodes in the network to prevent security threat (e.g., worm attack). However, the works assume no common vulnerabilities among diverse variants, which is not always satisfied in the real world. In this letter, we consider that some variants have common vulnerabilities and propose the common vulnerability-aware diverse variant placement problem. We formulate the problem as an integer programming optimization problem with NP-hard complexity based on a new metric named the Infected Ratio Expectation. Furthermore, we devise algorithms to solve the problem for the static network and the network for extension. The simulation results show that compared with the baseline algorithms, our algorithms effectively restrain the worm spread by about 42%.
- Routing infrastructure
- simulated annealing