Abstract

Data networks are typically equipped with the same hardware and software stacks. Correlated attacks exploiting shared vulnerabilities at the nodes may result in massive failures that disrupt network operation. In this paper, multiple correlated failures that may negatively impact a monoculture network are analyzed and a methodology to reduce their effects is proposed. The proposed methodology consists of introducing diversity into the network components by optimally selecting both the number of different network nodes and their locations within the network. First, an algorithm is proposed to introduce node diversity in the topology considering nodes' vulnerability indexes, which are associated with node vendors. Next, two different optimal node placement algorithms are proposed. The first algorithm aims to cluster nodes of the same type to maintain network connectivity, while the second seeks to maximize the network centrality metric to identify key nodes in the network. Our results show that reliability can increase up to 50% when compared to a monoculture design.