Actually I do not know how to play chess maybe *Risk*, but your point is well taken. The intent is not provide a public recipe for taking down the Internet, that would be the opposite goal of the research to begin with. Regardless it is difficult line to tread and it is best to err on the side of caution. As for sampling biases - that is why it is only anecdotal evidence and the need for it to be questioned. Reports of Vinny accidently announcing his router as AS701 do not make it to the media very often. That aside the suggestion of how to model the Internet are very useful and the closer these models can get to operational reality the better. The intent being methodology not revealing data. Waites' approach is a good first step, but what next. Also if you know capacties how do you model a cascading effect that encompasses intra- network and inter-network traffic flows. Also it might be easier to calculate transition probabilities by summing across the rows of the adjaceny matrix then dividing the row components by the sum. ----- Original Message ----- From: Sean Donelan <sean@donelan.com> Date: Friday, September 6, 2002 12:52 pm Subject: How about a game of chess? (was Re: Vulnerbilities of Interconnection)
On Thu, 5 Sep 2002 sgorman1@gmu.edu wrote:
Is there a general consensus that cyber/internal attacks are more effective/dangerous than physical attacks. Anecdotally it seems
the
largest Internet downages have been from physical cuts or failures.
I think you have a sampling bias problem.
The "biggest" national/international network disruptions have generallybeen the result of operator error or software error. Its not always easy to tell the difference. It may be better for carrier PR spin control to blame a software/router/switch vendor.
Until recently physical disruptions have been due to causes which don'teffect the stock price, carriers were more willing to talk about them. Carriers usually don't fire people due to backhoes, hurricanes, floods, or train derailments.
What does this say about the effect of an external or internal cyber-attack?
Not much. Naturally occuring physical and procedural disruptions have different properties than a directed attack. Not the least is hurricanesand trains don't read NANOG, and generally don't alter their behavior based on the "recommendations" posted.
Wouldn't you prefer a good game of chess?