Unweaving the world wide web

Break the right links and the whole web will unravel

By BBC News Online internet reporter Mark Ward

A study of the way the internet is connected has revealed a previously unknown vulnerability.

US physicists say although the internet copes well with attacks on random parts it fares badly when the most richly interconnected nodes are targeted.

In simulations, knocking out the top 4% most interconnected nodes broke the web into disconnected islands.

The research team from the University of Notre Dame in Indiana says work should be done to ensure the key nodes are well protected from attack.

The study, reported in the journal Nature, looked at two sorts of networks to see what happens when they are attacked.

Network nodes

The first type is known as a random or "exponential" network and every node has roughly the same number of connections as any other. It gets its name because the occurrence of highly connected nodes decreases exponentially.

The internet has grown so much that no-one knows where the weaknesses are anymore

Kenneth De Spiegeleire, Internet Security Systems

The second type is a "scale-free" network in which some nodes have only a couple of connections but others are highly inter-linked. It gets its name because it has a highly irregular structure and there is no one scale that can be used to gain a definitive idea of its organisation.

Such "scale-free" networks pop up all over the place. The tangle of neurons in our brains is thought to be a scale-free network, as is the web of social connections that puts us no more than six hops away from anyone on the planet.

But instead of studying social networks, Dr Barabási and his colleagues subjected simulations of random networks as well the web and the internet to attack.

"We've been looking at how the distance between two nodes changes as you take out nodes from the system," said Dr Barabási.

Attack tactics

They treated the web and the net separately because, despite the fact that they are closely associated in the minds of many surfers, they comprise different networks.

The web is a collection of pages connected by hyperlinks, whereas the internet is the physical network connected by data passing machines called routers.

Exponential networks cope badly with attacks on random nodes. Because each link is effectively as important as any other, the random removal of any nodes stops information being moved around.

By contrast, the web and the internet cope well with random attacks. In "scale-free" networks there are many paths to a destination and the removal of random nodes rarely stops information getting through.

Dr Barabási and his colleagues believe that this ability to cope with random attacks is a survival mechanism and explains their ubiquity in the natural world. "They are unavoidable," he said.

The internet unravels

But when the most highly interconnected links are targeted, the networks start to unravel. When the researchers simulated attacks on the top 1% of nodes, they found that information had to travel over twice as many nodes to reach its destination.

Taking out the top 4% of nodes shattered the networks into islands as cascades of data tried to find a way through the system.

Dr Barabási said if hackers used this knowledge, they could do a lot of damage to the internet and the web. "We've revealed a need to protect the security of the key nodes in the system," he said.

But he said the simulations were not entirely authentic because they took no account of the bandwidth available between real nodes or the error correction protocols used to ensure data is not corrupted en route. But others were sceptical that hackers could use the information to mount an attack.

"Theoretically it is very possible, but it is a very hard way to go about it," said Karen Worstell, vice president of the information security group at Atomic Tangerine.

The busiest parts of the internet are likely to be the most heavily defended and hardest for people to overwhelm, she added.

Familiar standards

While attacks have been launched on single sites by large numbers of computers in so-called distributed denial of service attacks, there have been no incidences of anyone using hundreds of computers to simultaneously attack hundreds of nodes, be they websites or routers.

Kenneth De Spiegeleire, consulting manager at Internet Security Systems, said few hackers were mounting attacks on the routers and switches that form the physical internet.

"Knowledge about routers and routing devices is quite limited," he said. "While malicious hackers know about operating system vulnerabilities, few are familiar with routing standards such as the Boundary Gateway Protocol."

But he added: "The internet has grown so much that no-one knows where the weaknesses are anymore."