Security Management in Content Distribution Networks: a delay-variance reduction approach for content mirror site placement.

We present a security management strategy of cyber-deception to protect the content-data cache sites of a Content Distribution Network. The design goal is to reduce the variance between client experienced delays in accessing content-data. This creates a homogeneous attack surface for an adversary who is unable to exploit latency differentials to learn the network topology which is a crucial prerequisite for carrying out attacks like LFAs (link flooding attacks). We show how this minimum variance paradigm results in a comprehensive scheme for cyber-deception management. The novelty of this approach is that it specifies not only the optimal network reconfigurations but also transition probabilities, unifying two common themes in security management: i) proactive obfuscation to increase the complexity of the attack surface and ii) reactive randomization of the target based on the attacker model. We illustrate this method of security management with several numerical examples.