Table 3: Verbal notations.

NotationDescription

Loading of each residual core node , where
Link utilization of each link , where
Negative effect caused by applying fake traffic adjustment
Negative effect caused by applying dynamic topology reconfiguration
Negative effect caused by applying local defense
The number of hops legitimate users experienced from one boundary node to core nodes
The total compromise events
The predefined threshold about QoS
The QoS level at the end of attack
The value of QoS determined by , , , , , and , where ,
The total defense resource of the shortest path from compromised nodes detected to core node divided by total defense resource, where
The number of hops from compromised nodes detected to core node divided by the number of hops from attacker’s starting point, where
The linking number of core node divided by the maximum number in the topology, where
The priority of service provided by core node divided by the maximum service priority in the topology, where ,
The risk threshold of core nodes
The risk status of each core node, which is the aggregation of defense resource, number of hops, link degree, and service priority