删除或更新信息,请邮件至freekaoyan#163.com(#换成@)

Cascading attack on trusted-relay quantum key distribution networks

本站小编 Free考研考试/2022-01-02

Jian Wang,, Xing-tong LiuCollege of Electronic Science and Technology, National University of Defense Technology, Changsha, 410073, China

Received:2021-01-12Revised:2021-03-14Accepted:2021-03-16Online:2021-04-29


Abstract
Trusted relays are the main state-of-the-art way to realize quantum key distribution networks. However, it is hard to require that all nodes in the network are fully trusted. In a multipath key-transmission mechanism, the nodes can be weakly trusted because the secret key can be split into many parts and each part is transmitted to the receiver through a different path. However, if the capacity of a node’s quantum key pool is poorly designed, an attacker, Eve may eavesdrop on the communicating parties'secret message by initiating a redirection attack. In this paper, we show that Eve can trigger a cascading collapse effect by collapsing one of the edges in the network and forcing the communication parties to transmit the message through the nodes controlled by Eve. The influence of the traffic transfer ratio and the control parameters of the edge load on the breakdown probability of the edge are analyzed using a simulation. In order to effectively defend against the cascading attack, it is important for the designer to handle the relationship between the traffic and the capacity of the quantum key pool of each node in the network.
Keywords: Quantum key distribution;Quantum key distribution networks;Quantum communications


PDF (0KB)MetadataMetricsRelated articlesExportEndNote|Ris|BibtexFavorite
Cite this article
Jian Wang, Xing-tong Liu. Cascading attack on trusted-relay quantum key distribution networks. Communications in Theoretical Physics, 2021, 73(6): 065105- doi:10.1088/1572-9494/abeedc

1. Introduction

Quantum key distribution (QKD), which provides a way for two legitimate parties to share a secret key [1], has been one of the most remarkable applications of quantum mechanics in quantum information science. Following key distribution, the parties can use a one-time pad to protect the secrecy of their transmitted messages. Point-to-point QKD systems focus on the communication between two endpoints, which is limited by the transmission distance. In order to provide an end-to-end service for QKD users, QKD networks have been developed by many countries and regions. Typical QKD networks include optical switching QKD networks [2-5], entanglement swapping QKD networks [6], measurement-device-independent (MDI) QKD networks [7, 8] and trusted-relay QKD networks [9-11]. QKD networks based on optical switching are easy to realize, but their transmission distance is limited by the losses caused by the optical nodes. QKD networks based on entanglement swapping cannot be practically used so far, because some significant technologies such as quantum memory and non-destructive measurement still need further breakthroughs. MDI-QKD networks are powerful candidates for future QKD networks, because they allow an untrusted third party to make measurements and the relay nodes in the network do not have to be trusted. However, there are currently some limitations in MDI-QKD networks, for example, all users are required to have near-identical distances to the untrusted relay, and the key rate degrades very quickly with an increased level of asymmetry between channels [8]. Compared with entanglement swapping QKD networks and MDI-QKD networks, trusted-relay QKD networks are more practical and natural, given the current state of the art, and have been used as a standard for existing QKD networks.

In 2002, Elliott proposed the idea of using trusted nodes for QKD networks based on the point-to-point QKD system and the hop-by-hop encryption method [9]. In 2008, by unifying the efforts of 41 research and industrial organizations, the Secure Communication based on Quantum Cryptography (SECOQC) network was established in Vienna with a focus on the trusted repeater paradigm [10]. In 2010, Japan built a QKD network in Tokyo by integrating six different QKD systems into a mesh-type network [11]. In 2017, the world’s first wide-area QKD network — the 'Beijing-Shanghai trunk line'opened, which also uses key-trusted repeaters to generate end-to-end keys. In the same year, China launched a low-Earth-orbit quantum satellite in order to establish a global-scale quantum network [12]. In 2021, Chen et al demonstrated an integrated space-to-ground quantum communication network; the large-scale fiber network covers more than 2000 kilometres on the ground using a trusted-relay structure [13]. Because software-defined networking (SDN) decouples the control plane from the data plane and then provides flexibility and programmability together with the centralized management of optical resources, QKD networks enabled by SDN have attracted more and more research attention. A QKD-enabled optical network architecture and some software-defined optical network key-assignment schemes have been proposed in recent years [14-16].

Trusted relays are a feasible method for building large-scale QKD networks. However, trusted-relay QKD networks require each node to be fully trusted. If one of the relay nodes is compromised, the whole network is insecure. In trusted-relay QKD networks, each node constructs a quantum key pool (QKP) to allocate and manage its quantum keys. If the number of nodes in the network is relatively small, the nodes can be well protected and the security of the trusted-relay QKD network can be guaranteed. However, in the case of large-scale networks, it is difficult to ensure that every node is trusted. It is generally agreed that for large-scale QKD networks, each node can only be regarded as weakly trusted, and that a multipath key-transmission mechanism should be used to ensure the security of the network [17-21]. Wen et al proposed a multiple stochastic path scheme to improve the security of partially-trusted relay QKD networks [17]. Yang et al presented a dynamic routing scheme for trusted-relay QKD networks which can dynamically select a set of suitable paths to establish the routing table for key exchange [18]. Ma et al proposed a multiple-path key distribution scheme with labels for QKD networks to avoid loops and public nodes in the routing [19]. Xu et al designed a multipath key-transmission scheme based on link cost and a multipath selection algorithm to improve the security and efficiency of key transmission [21].

In this paper, we show that although the QKD network model can be changed from the trusted-relay model to the weakly trusted-relay model by using the multipath key-transmission mechanism, Eve’s attack may cause a cascading effect if the QKP size of each node in the network is not well designed, which makes many links in the local area of the network unusable. The communication parties may choose another link to transmit their secret message and a node in this link may be controlled by Eve. Eve may access the secret message of the communication parties. In this paper, we use classical complex network theory to describe the construction of a cascading attack model that can be employed against a QKD network. The relationships between the parameters such as the breakdown probability, the traffic transfer ratio and the load limitation are analyzed and a strategy for defending against the cascading attack is proposed.

2. Vulnerability of trusted-relay QKD networks

The basic idea of trusted-relay QKD networks is to divide the whole long-distance quantum communication link into several segments. Each segment is connected by trusted-relay nodes, and each node shares a secret key with its neighboring node; the communication parties, Alice and Bob, can share a common key through the trusted-relay nodes. As illustrated in figure 1, Alice shares k1 with a trusted-relay node R1. R1 shares k2 with R2 and sends $k1\,\bigoplus \,k2$ to R2. R2 obtains k1 by calculating $k2\,\bigoplus \,k1\,\bigoplus \,k2$ and sends $k1\,\bigoplus \,k3$ to Bob. Bob shares k3 with R2 and obtains k1 using $k3\,\bigoplus \,k1\,\bigoplus \,k3$. Thus, Alice shares k1 with Bob through the trusted-relay nodes R1 and R2. It is obvious that R1 and R2 should be fully trusted. If any relay node is captured by Eve, the shared key is not secure.

Figure 1.

New window|Download| PPT slide
Figure 1.The structure of a trusted-relay QKD network.


In the weakly trusted multipath key-transmission scheme, we suppose that a node is not fully trusted and can only be trusted by Alice and Bob with a probability of $1-t$. Thus, Eve can control $\lfloor {Nt}\rfloor $ nodes if there are N nodes in the network. We now suppose that there are l paths between Alice and Bob and that each pair of paths has no intersection. The sender, Alice splits the secret message m into l shares, and sends them to Bob through l paths, respectively. After Bob receives all l parts, he can recover the secret message m. As long as $l\gt \lfloor {Nt}\rfloor $, Eve cannot obtain the secret message shared by Alice and Bob. It can be seen that as the number of available paths increases, the probability of Alice and Bob exchanging a security key also increases. Rass et al showed that Eve may indirectly eavesdrop on the key by initiating a redirection attack [22]. In the redirection attack, Eve continues to consume Alice’s key by pretending to be a legitimate node and continuing to communicate with Alice. When there is no key available in Alice’s QKP, her packets are forwarded through other nodes, and if the node is controlled by Eve, Eve can acquire Alice’s packets through a redirection attack, even though she cannot get Alice’s key directly.

We further show that Eve’s attack may cause a cascading effect if the size of the QKP is not well designed. As illustrated in figure 2, suppose that node 4 is controlled by Eve, and Alice is most likely to communicate with Bob through nodes 1 or 2, according to the principle of shortest path priority. In order to eavesdrop on Alice’s secret message, Eve pretends to communicate with Alice through node 1 and consumes the key pair of Alice and node 1. In this way, if Alice wants to communicate with Bob and there are no key pairs belonging to Alice and node 1 left in her QKP, Alice may send her message through node 4 and Eve has the opportunity to acquire Alice’s secret because node 4 has been captured by Eve. This is an intuitive example of a redirection attack. In the cascading attack, Eve communicates with Alice through node 1 and consumes Alice and node 1's key pairs. If there are no key pairs belonging to Alice and node 1 left, node 1 will contact Alice through node 2 and the key pairs of Alice and node 2 are also consumed. Finally, if there are not enough key pairs belonging to Alice and node 2, Alice can only communicate with Bob through node 4, and Eve then obtains the shared key of Alice and Bob.

Figure 2.

New window|Download| PPT slide
Figure 2.Attack on a trusted-relay QKD network.


In classical networks, cascading collapse often occurs, especially for complex networks, which may cause paralysis of the local network, greatly affecting the efficiency of the network. For QKD networks, the greatest damage caused by a cascading attack is a decrease in network security, because it directly reduces the available paths in the network and the security of the multipath key-transmission mechanism is closely related to the number of paths.

3. A model for a cascading attack on a trusted-relay QKD network

A QKD network is a combination of a quantum network and a classical network. It uses a one-time pad to encrypt data and the length of the ciphertext is the same as that of the plaintext, so the data traffic characteristics of a QKD network are similar to those of classical networks. The theory of classical complex networks can be used to analyze cascading collapse in a QKD network. The Barabái-Albert (BA) model is an algorithm which generates a scale-free network by incorporating growth and preferential attachment. We use the BA model to describe the topology of the QKD network [23].

For any two adjacent nodes, i and j, in the network, ki and kj represent the degrees of nodes i and j, respectively, where degree means the number of connections a node has. Let eij denote the edge of nodes i and j. According to the BA model, the greater the degree of a node, the more nodes are connected to it, and the more important it is to the whole network. It is assumed that the initial load of eij is ${L}_{{ij}}={({k}_{i}{k}_{j})}^{\alpha }$, where $\alpha \gt 0$ is a tunable parameter that controls the size of the edge load [24]. The edge load is related to the degrees of the two nodes connected to it. The greater the degrees of the nodes, the greater the load at the edge, indicating that the flow through the edge is larger. If the edge eij collapses, its initial load is transferred to the adjacent edges and the additional load received by an adjacent edge is proportional to its initial load. We use ${\rm{\Delta }}{L}_{{im}}$ to denote the increased load of edge eim after edge eij crashes,
$\begin{eqnarray}{\rm{\Delta }}{L}_{{im}}=\rho \cdot {L}_{{ij}}\cdot \displaystyle \frac{{L}_{{im}}}{\displaystyle \sum _{a\in {{\rm{\Gamma }}}_{i}}{L}_{{ia}}+\displaystyle \sum _{b\in {{\rm{\Gamma }}}_{j}}{L}_{{jb}}},\end{eqnarray}$
where ${{\rm{\Gamma }}}_{i}$ and ${{\rm{\Gamma }}}_{j}$ represent the sets of neighboring nodes of node i and node j, respectively, and ρ denotes the proportion of traffic transferred. We assume that the capacity Cij of edge eij is proportional to its initial load for ${C}_{{ij}}=\beta {L}_{{ij}}$, where $\beta$ is a tolerance parameter, $\beta \geqslant 1$.

According to the protection mechanism of the SECOQC network against a denial-of-service attack, when the remaining key of the shared QKP is lower than a certain threshold C, the two sides no longer adopt the one-time pad encryption method, but use a hybrid encryption method to slow down the rate of consumption of QKP keys. Finally, when all the keys in the QKP are consumed, the communication between the two parties stops. Based on this mechanism, we set a control parameter $\gamma \leqslant 1$ and let $C=\gamma {C}_{{ij}}$. When the actual load of edge eij is lower than the threshold C, the edge can communicate normally and does not crash. When the actual load of edge eij is higher than the threshold C, the QKD network adopts the hybrid encryption method and the key consumption rate decelerates, but the key may be exhausted at any time. In this case, in order to ensure that more traffic can be encrypted using the one-time pad encryption method, part of the load of edge eij is transferred to other adjacent edges. The breakdown probability $P({e}_{{ij}})$ of edge eij can be written as
$\begin{eqnarray}P({e}_{{ij}})=\left\{\begin{array}{cc}0 & {L}_{{ij}}\lt \gamma {C}_{{ij}}\\ \tfrac{(1-\rho ){L}_{{ij}}-\gamma {C}_{{ij}}}{{C}_{{ij}}-\gamma {C}_{{ij}}} & \gamma {C}_{{ij}}\lt (1-\rho ){L}_{{ij}}\lt {C}_{{ij}}.\\ 1 & (1-\rho ){L}_{{ij}}\gt {C}_{{ij}}\end{array}\right.\end{eqnarray}$
This means that if the load of edge eij, Lij is lower than $\gamma {C}_{{ij}}$, eij does not crash. If Lij is greater than C, eij transfers traffic $\rho * {L}_{{ij}}$ to its adjacent edges. If the remaining traffic passing through eij is greater than Cij, eij crashes with a probability of 1.

In order to observe the effects of the cascading attack, we built a simulation of a BA network where the number of nodes n=3000 and the initial number of edges M0=2. In the simulation, we set $\alpha =1.1$, and chose 50 random nodes to attack each time. We calculated the average breakdown probability, $E(P({e}_{{ij}}))$ of triggering a cascading effect after the attack by setting different values of γ, ρ and $\beta$. Figures 3 and 4 show the relationship between $E(P({e}_{{ij}}))$ and $\beta$ for different values of γ and ρ, respectively. According to the simulation results, it is obvious that the smaller the value of $\beta$, the easier Eve can trigger the cascading collapse effect. Otherwise, the higher the value of $\beta$, the more difficult it is to trigger the cascading collapse effect. In particular, when $\beta$ reaches a certain level, Eve can hardly trigger the cascading collapse effect. It can be seen that the greater the value of γ, the bigger the probability of breakdown of the edge. The simulation results are consistent with the actual situation. If the value of γ is relatively small, the threshold C is small and once the load exceeds the threshold, the traffic is transferred to other edges, meaning that the value of $E(P({e}_{{ij}}))$ is large. As shown in figure 4, the greater the value of ρ, the smaller the value of $E(P({e}_{{ij}}))$. It is obvious that if the traffic transfer ratio is relatively large, the remaining load on eij is small and the breakdown probability of eij is also small.

Figure 3.

New window|Download| PPT slide
Figure 3.Influence of γ on $E(P({e}_{{ij}}))$ in the simulation of a cascading attack on a QKD network.


Figure 4.

New window|Download| PPT slide
Figure 4.Influence of ρ on $E(P({e}_{{ij}}))$ in the simulation of a cascading attack on a QKD network.


4. Defense strategy against cascading attacks on trusted-relay QKD networks

In a cascading attack, Eve aims to trigger the successive collapse of other edges by using the traffic transfer that is triggered when one edge crashes. In order to prevent cascading attacks on trusted-relay QKD networks, it is necessary to arrange the a suitable payload limitation for each edge in the network. When edge eij collapses, we expect that the breakdown probability of the adjacent edge eim is lower than p, that is
$\begin{eqnarray}\displaystyle \frac{(1-\rho )({L}_{{im}}+{\rm{\Delta }}{L}_{{im}})-\gamma {C}_{{im}}}{{C}_{{im}}-\gamma {C}_{{im}}}\lt p.\end{eqnarray}$
By substituting Lim, ${\rm{\Delta }}{L}_{{im}}$, Cim into the above formula, we obtain
$\begin{eqnarray}\displaystyle \frac{(1-\rho )\left[{\left({k}_{i}{k}_{m}\right)}^{\alpha }+\rho {\left({k}_{i}{k}_{j}\right)}^{\alpha }\tfrac{{\left({k}_{i}{k}_{m}\right)}^{\alpha }}{\displaystyle \sum _{a\in {{\rm{\Gamma }}}_{i}}{\left({k}_{i}{k}_{a}\right)}^{\alpha }+\displaystyle \sum _{b\in {{\rm{\Gamma }}}_{j}}{\left({k}_{j}{k}_{b}\right)}^{\alpha }}\right]-\gamma \beta {\left({k}_{i}{k}_{m}\right)}^{\alpha }}{\beta {\left({k}_{i}{k}_{m}\right)}^{\alpha }(1-\gamma )}\lt p,\end{eqnarray}$
which can be written as
$\begin{eqnarray}\beta \gt \displaystyle \frac{\left(1-\rho )[1+\tfrac{\rho {\left({k}_{i}{k}_{j}\right)}^{\alpha }}{\displaystyle \sum _{a\in {{\rm{\Gamma }}}_{i}}{\left({k}_{i}{k}_{a}\right)}^{\alpha }+\displaystyle \sum _{b\in {{\rm{\Gamma }}}_{j}}{\left({k}_{j}{k}_{b}\right)}^{\alpha }}\right]}{p(1-\gamma )+\gamma }.\end{eqnarray}$
Also, ${\sum }_{a\in {{\rm{\Gamma }}}_{i}}{k}_{a}^{\alpha }={\sum }_{k^{\prime} ={k}_{\min }}^{{k}_{\max }}{k}_{i}P(k^{\prime} | {k}_{i})k{{\prime} }^{\alpha }$, where $P(k^{\prime} | {k}_{i})$ is the probability that node i has a neighbor $k^{\prime} $, and ${k}_{\min }$ and ${k}_{\max }$ denote the minimum and maximum degrees in the network, respectively. Because the BA network has no degree-degree correlation, $P(k^{\prime} | {k}_{i})=k^{\prime} P(k^{\prime} )/\langle k\rangle $, where $\langle k\rangle $ denotes the average degree of the network. We then obtain ${\sum }_{a\in {{\rm{\Gamma }}}_{i}}{k}_{a}^{\alpha }={\sum }_{k^{\prime} ={k}_{\min }}^{{k}_{\max }}\tfrac{{k}_{i}\langle {k}_{\alpha +1}\rangle }{\langle k\rangle }$ and ${\sum }_{b\in {{\rm{\Gamma }}}_{j}}{k}_{b}^{\alpha }={\sum }_{k^{\prime} ={k}_{\min }}^{{k}_{\max }}\tfrac{{k}_{j}\langle {k}_{\alpha +1}\rangle }{\langle k\rangle }$. Eq.5 can be rewritten as
$\begin{eqnarray}\beta \gt \displaystyle \frac{(1-\rho )\left[1+\tfrac{\langle k\rangle }{\langle {k}^{\alpha +1}\rangle }\tfrac{\rho }{\tfrac{{k}_{i}}{{k}_{j}^{\alpha }}+\tfrac{{k}_{j}}{{k}_{i}^{\alpha }}}\right]}{p(1-\gamma )+\gamma }.\end{eqnarray}$
In view of $\tfrac{{k}_{i}}{{k}_{j}^{\alpha }}+\tfrac{{k}_{j}}{{k}_{i}^{\alpha }}\geqslant \tfrac{2}{{\left({k}_{i}{k}_{j}\right)}^{\tfrac{\alpha -1}{2}}}$, we can obtain
$\begin{eqnarray}\beta \gt \displaystyle \frac{(1-\rho )\left[1+\tfrac{\langle k\rangle }{\langle {k}^{\alpha +1}\rangle }\tfrac{\rho {\left({k}_{i}{k}_{j}\right)}^{\tfrac{\alpha -1}{2}}}{2}\right]}{p(1-\gamma )+\gamma }.\end{eqnarray}$
As described above, if we want to reduce the breakdown probability, the value of $\beta$ should be increased. Supposing the breakdown probability of eim, p=0, then we have
$\begin{eqnarray}\beta \gt \displaystyle \frac{(1-\rho )}{\gamma }+\displaystyle \frac{(1-\rho )\rho }{2\gamma }\displaystyle \frac{\langle k\rangle {\left({k}_{i}{k}_{j}\right)}^{\tfrac{\alpha -1}{2}}}{\langle {k}^{\alpha +1}\rangle }.\end{eqnarray}$
According to this formula, we can reduce the requirement for $\beta$ by increasing the value of γ. At the same time, we can increase the value of ρ and transfer more payload to other paths. We can then obtain a suitable value for $\beta$ by adjusting the parameters ρ and γ in order to defend against the cascading attack on the QKD network.

5. Conclusion

In this paper, we analyzed the security of the trusted-relay QKD network. It was shown that although the nodes in the network were not necessarily fully trusted in the case of the multipath key-transmission mechanism, the QKD network was vulnerable to a redirection attack. We further showed that Eve’s attack was able to cause a cascade effect and that it was possible for Eve to obtain the communicating parties'secret message by forcing the communication parties to transmit their messages through a node controlled by Eve. We built a model of the cascade attack and used a simulation to analyze the influence of the transfer ratio ρ and the control parameter γ on the breakdown probability. We showed that it was necessary to set the value of $\beta$ appropriately by increasing the values of γ and ρ, and that if the QKP capacity of each node is well designed, the cascading attack can be defeated satisfactorily. Our findings will help to improve the security of trusted-relay QKD networks.

Reference By original order
By published year
By cited within times
By Impact factor

Bennett C H, Brassard G 1984 Proc. of IEEE Int. Conf. on Computers, Systems, and Signal Processing Los Alamitos, CA IEEE 175
[Cited within: 1]

Toliver P et al. 2003 IEEE Photonics Technol. Lett. 15 1669
DOI:10.1109/LPT.2003.818687 [Cited within: 1]

Elliott CarXiv:0412029


Elliott C, Alexander C, David P, Oleksiy P, John S, Henry YarXiv:0503058


Chen T Y et al. 2010 Opt. Express 18 27217
DOI:10.1364/OE.18.027217 [Cited within: 1]

Dür W, Briegel H-J, Cirac J I, Zoller P 1999 Phys. Rev. A 59 169
DOI:10.1103/PhysRevA.59.169 [Cited within: 1]

Tang Y L et al. 2016 Phys. Rev. X 6 011024
[Cited within: 1]

Wang W Y, Xu F H, Lo H K 2019 Phys. Rev. X 9 041012
[Cited within: 2]

Elliott C 2002 New J. Phys. 4 46
DOI:10.1088/1367-2630/4/1/346 [Cited within: 2]

Peev M et al. 2009 New J. Phys. 11 075001
DOI:10.1088/1367-2630/11/7/075001 [Cited within: 1]

Sasaki M et al. 2011 Opt. Express 19 10387
DOI:10.1364/OE.19.010387 [Cited within: 2]

Liao S K et al. 2017 Nature 549 43
DOI:10.1038/nature23655 [Cited within: 1]

Chen Y A et al. 2021 Nature 589 214
[Cited within: 1]

Zhao Y L, Cao Y, Wang W, Wang H, Yu X S, Zhang J, Massimo T, Wu Y, Biswanath M 2018 IEEE Commun. Mag. 56 130
DOI:10.1109/MCOM.2018.1700656 [Cited within: 1]

Cao Y, Zhao Y L, Yu X S, Cheng L J, Li Z Q, Liu G J, Zhang J 2019 Proc. of IEEE Int. Conf. on Optical Fiber Communications Conference and Exhibition San Diego, CA IEEE 1


Cao Y, Zhao Y L, Colman-Meixner C, Yu X S, Zhang J 2017 Opt. Express 25 26453
DOI:10.1364/OE.25.026453 [Cited within: 1]

Wen H, Han Z, Zhao Y, Guo G, Hong P 2009 Sci. China. Inform. Sci 52 18
DOI:10.1007/s11432-009-0001-4 [Cited within: 2]

Yang C, Zhang H Q, Su J H 2017 J. Mod. Opt. 64 2350
DOI:10.1080/09500340.2017.1360956 [Cited within: 1]

Ma C H, Guo Y X, Su J H 2017 Proc. of IEEE Int. Conf. on Advanced Information Technology, Electronic and Automation Control Chongqing, China2513
[Cited within: 1]

Yang C, Zhang H Q, Su J H 2018 China Communications 15 33
DOI:10.1109/CC.2018.8300270

Xu Y B, Chen S J, Li Y P 2020 Journal of University of Electronic Science and Technology of China 49 276
[Cited within: 2]

Rass S, König S 2011 Proc. of IEEE Int. Conf. on Quantum, Nano and Micro Technologies French Riviera IEEE 83
[Cited within: 1]

Barabási A-L, Albert R 1999 Science 286 509
DOI:10.1126/science.286.5439.509 [Cited within: 1]

Wang J W, Rong L L 2009 Physica A 388 1731
DOI:10.1016/j.physa.2009.01.015 [Cited within: 1]

相关话题/Cascading attack trustedrelay