Skip to Main Content
The effects of an attack connection can propagate quickly to different parts of an all-optical transparent network. Such attacks affect the normal traffic and can either cause service degradation or outright service denial. Quick detection and localization of an attack source can avoid losing large amounts of data in an all-optical network. Attack monitors can collect the information from connections and nodes for diagnostic purpose. However, to detect attack sources, it is not necessary to put monitors at all nodes. Since those connections affected by the attack connection would provide valuable information for diagnosis, we show that by placing a relatively small number of monitors on a selected set of nodes in a network is sufficient to achieve the required level of performance. However, the actual monitor placement, routing, and attack diagnosis are challenging problems that need research attention. In this paper, we first develop our models of crosstalk attack and monitor node. With these models, we prove the necessary and sufficient condition for one-crosstalk-attack diagnosable networks. Next, we develop a scalable diagnosis method which can localize the attack connection efficiently with sparse monitor nodes in the network.