Resource-Efficient Communication in the Presence of Adversaries

Young, Maxwell

January 2011

This dissertation presents algorithms for achieving communication in the presence of adversarial attacks in large, decentralized, resource-constrained networks. We consider abstract single-hop communication settings where a set of senders 𝙎 wishes to directly communicate with a set of receivers 𝙍. These results are then extended to provide resource-efficient, multi-hop communication in wireless sensor networks (WSNs), where energy is critically scarce, and peer-to-peer (P2P) networks, where bandwidth and computational power are limited. Our algorithms are provably correct in the face of attacks by a computationally bounded adversary who seeks to disrupt communication between correct participants. The first major result in this dissertation addresses a general scenario involving single-hop communication in a time-slotted network where a single sender in 𝙎 wishes to transmit a message 𝘮 to a single receiver in 𝙍. The two players share a communication channel; however, there exists an adversary who aims to prevent the transmission of 𝘮 by periodically blocking this channel. There are costs to send, receive or block 𝘮 on the channel, and we ask: How much do the two players need to spend relative to the adversary in order to guarantee transmission of the message? This problem abstracts many types of conflict in information networks, and the associated costs represent an expenditure of network resources. We show that it is significantly more costly for the adversary to block 𝘮 than for the two players to achieve communication. Specifically, if the cost to send, receive and block 𝘮 in a slot are fixed constants, and the adversary spends a total of 𝘉 slots to try to block the message, then both the sender and receiver must be active in only O(𝘉ᵠ⁻¹ + 1) slots in expectation to transmit 𝘮, where φ = (1+ √5)/2 is the golden ratio. Surprisingly, this result holds even if (1) the value of 𝘉 is unknown to either player; (2) the adversary knows the algorithms of both players, but not their random bits; and (3) the adversary is able to launch attacks using total knowledge of past actions of both players. Finally, these results are applied to two concrete problems. First, we consider jamming attacks in WSNs and address the fundamental task of propagating 𝘮 from a single device to all others in a WSN in the presence of faults; this is the problem of reliable broadcast. Second, we examine how our algorithms can mitigate application-level distributed denial-of-service attacks in wired client-server scenarios. The second major result deals with a single-hop communication problem where now 𝙎 consists of multiple senders and there is still a single receiver who wishes to obtain a message 𝘮. However, many of the senders (strictly less than half) can be faulty, failing to send 𝘮 or sending incorrect messages. While the majority of the senders possess 𝘮, rather than listening to all of 𝙎 and majority filtering on the received data, we desire an algorithm that allows the single receiver to decide on 𝘮 in a more efficient manner. To investigate this scenario, we define and devise algorithms for a new data streaming problem called the Bad Santa problem which models the selection dilemma faced by the receiver. With our results for the Bad Santa problem, we consider the problem of energy-efficient reliable broadcast. All previous results on reliable broadcast require devices to spend significant time in the energy-expensive receiving state which is a critical problem in WSNs where devices are typically battery powered. In a popular WSN model, we give a reliable broadcast protocol that achieves optimal fault tolerance (i.e., tolerates the maximum number of faults in this WSN model) and improves over previous results by achieving an expected quadratic decrease in the cost to each device. For the case where the number of faults is within a (1-∊)-factor of the optimal fault tolerance, for any constant ∊>0, we give a reliable broadcast protocol that improves further by achieving an expected (roughly) exponential decrease in the cost to each device. The third and final major result of this dissertation addresses single-hop communication where 𝙎 and 𝙍 both consist of multiple peers that need to communicate in an attack-resistant P2P network. There are several analytical results on P2P networks that can tolerate an adversary who controls a large number of peers and uses them to disrupt network functionality. Unfortunately, in such systems, operations such as data retrieval and message sending incur significant communication costs. Here, we employ cryptographic techniques to define two protocols both of which are more efficient than existing solutions. For a network of 𝘯 peers, our first protocol is deterministic with O(log²𝘯) message complexity and our second protocol is randomized with expected O(log 𝘯) message complexity; both improve over all previous results. The hidden constants and setup costs for our protocols are small and no trusted third party is required. Finally, we present an analysis showing that our protocols are practical for deployment under significant churn and adversarial behaviour.

Byzantine faults

Peer-to-peer networks

Wireless sensor networks

Algorithms

Distributed computing

Computer Science

Sharing network measurements on peer-to-peer networks

Fan, Bo, Electrical Engineering & Telecommunications, Faculty of Engineering, UNSW

January 2007

With the extremely rapid development of the Internet in recent years, emerging peer-to-peer network overlays are meeting the requirements of a more sophisticated communications environment, providing a useful substrate for applications such as scalable file sharing, data storage, large-scale multicast, web-cache, and publish-subscribe services. Due to its design flexibility, peer-to-peer networks can offer features including self-organization, fault-tolerance, scalability, load-balancing, locality and anonymity. As the Internet grows, there is an urgent requirement to understand real-time network performance degradation. Measurement tools currently used are ping, traceroute and variations of these. SNMP (Simple Network Management Protocol) is also used by network administrators to monitor local networks. However, ping and traceroute can only be used temporarily, SNMP can only be deployed at certain points in networks and these tools are incapable of sharing network measurements among end-users. Due to the distributed nature of networking performance data, peer-to-peer overlay networks present an attractive platform to distribute this information among Internet users. This thesis aims at investigating the desirable locality property of peer-to-peer overlays to create an application to share Internet measurement performance. When measurement data are distributed amongst users, it needs to be localized in the network allowing users to retrieve it when external Internet links fail. Thus, network locality and robustness are the most desirable properties. Although some unstructured overlays also integrate locality in design, they fail to reach rarely located data items. Consequently, structured overlays are chosen because they can locate a rare data item deterministically and they can perform well during network failures. In structured peer-to-peer overlays, Tapestry, Pastry and Chord with proximity neighbour selection, were studied due to their explicit notion of locality. To differentiate the level of locality and resiliency in these protocols, P2Psim simulations were performed. The results show that Tapestry is the more suitable peer-to-peer substrate to build such an application due to its superior localizing data performance. Furthermore, due to the routing similarity between Tapestry and Pastry, an implementation that shares network measurement information was developed on freepastry, verifying the application feasibility. This project also contributes to the extension of P2Psim to integrate with GT-ITM and link failures.

Locality.

Peer-to-Peer Networks.

Network measurements.

Computer networks.

Dois pesos, duas medidas : gerenciamento de identidades orientado a desafios adaptativos para contenção de Sybils. / TwoWeights and two measures: using adaptive puzzles in identity management for sybil contention

Mauch, Gustavo Huff

January 2010

O ataque Sybil consiste na criação indiscriminada de identidades forjadas por um usuário malicioso (atacante). Uma abordagem promissora para mitigar esse ataque consiste em conceder novas identidades mediante a resolução de desafios computacionais. Apesar de suas potencialidades, as soluções baseadas em tal abordagem não distinguem solicitações de usuários corretos das de atacantes, fazendo com que ambos paguem o mesmo preço por identidade solicitada. Por conta disso, essas soluções podem não ser efetivas quando os recursos computacionais dos atacantes são muito superiores aos que os usuários legítimos dispõem. Assumindo desafios de uma determinada dificuldade, atacantes com hardware de maior capacidade conseguiriam resolver um conjunto muito superior de desafios e, com isso, obter um número elevado de identidades. Aumentar uniformemente a dificuldade dos desafios poderia, no outro extremo, tornar proibitivo o ingresso de pares a rede. Para lidar com esse problema, nesta dissertação propi5e-se o use de desafios adaptativos como limitante a disseminação de Sybils. Estima-se um grau de confiança da fonte de onde partem as solicitações de identidade em relação as demais. Quanto maior a frequência de solicitação de identidades, menor o grau de confiança e, consequentemente, maior a complexidade do desafio a ser resolvido pelo(s) usuário(s) associado(s) Aquela fonte. Resultados obtidos por meio de experimentação mostram a capacidade da solução de atribuir desafios mais complexos a potenciais atacantes, penalizando minimamente usuários legítimos. / The Sybil attack consists on the indiscriminate creation of counterfeit identities by a malicious user (attacker). An effective approach to tackle such attack consists of establishing computational puzzles to be solved prior to granting new identities. Despite its potentialities, solutions based on such approach do not distinguish between identity requests from correct users and attackers, and thus require both to afford the same cost per identity requested. Therefore, those approaches may not be effective when the attacker's computational resources are superior than those used by correct users. Assuming any choice of puzzle hardness, attackers that have access to high-performance computing resources will be able to solve puzzles several order of magnitude faster than legitimate users and thus obtain a large amount of identities. On the other way, raising the cost to solve the puzzles could restrict legitimate users too much. To tackle this problem, in this paper we propose the use of adaptive computational puzzles to limit the spread of Sybils. We estimate a trust score of the source of identity requests in regard to the behavior of others. The higher the frequency a source requests identities, the lower its trust score and, consequently, the higher the complexity of the puzzle to be solved by the user(s) associated to that source. Results achieved by means of an experimental evaluation evidence our solution's ability to establish more complex puzzles to potential attackers, while minimally penalizing legitimate users.

Seguranca : Computadores

Redes : Computadores

Redes P2P

Criptografia : Comunicacao : Dados

Peer-to-peer networks

Authentication

Identity management

MultiCluster : um modelo de integração baseado em rede peer-to-peer para a concepção de grades locais / MultiCluster: an integration model based on peer-to-peer protocols for the construction of local grids

Barreto, Marcos Ennes

January 2010

As grades computacionais e as redes peer-to-peer (P2P) surgiram como áreas distintas, com diferentes propósitos, modelos e ferramentas. No decorrer dos últimos anos, estas áreas foram convergindo, uma vez que a infraestrutura e o modelo de execução descentralizada das redes P2P provaram ser uma alternativa adequada para o tratamento de questões relacionadas à manutenção de grades de larga escala, tais como escalabilidade, descoberta, alocação e monitoramento de recursos. O modelo MultiCluster trata a convergência entre grades computacionais e redes peer-to-peer de uma forma mais restrita: os problemas de escalabilidade, de descoberta e alocação de recursos são minimizados considerando-se apenas recursos localmente disponíveis para a construção de uma grade, a qual pode ser usada para a execução de aplicações com diferentes características de acoplamento e comunicação. Esse trabalho apresenta a arquitetura do modelo e seus aspectos funcionais, bem como um primeira implementação do modelo, realizada através da adaptação da biblioteca de programação DECK sobre os protocolos do projeto JXTA. A avaliação do funcionamento dessa implementação é apresentada e discutida, com base em algumas aplicações com diferentes características. / Grid computing and peer-to-peer computing emerged as distinct areas with different purposes, models and tools. Over the last years, these areas has been converging since the infrastructure and the execution model used in peer-to-peer networks have proven to be a suitable way to treat some problems related to the maintenance of large scale grids, such as scalability, monitoring, and resource discovery and allocation. The MultiCluster model addresses the convergence of grids and peer-to-peer networks in a more restricted way: the problems related to scalability, resource allocation and discovery are minimized by considering only local resources for the conception of a small scale grid, which can be used to run applications with different characteristics of granularity and communication. This work presents the MultiCluster architecture and its functional aspects, as well as a first implementation carried out by adapting the DECK programming library to use JXTA protocols and its consequent evaluation, based on applications with different characteristics.

Cluster

Computação em grade

Programacao distribuida

Distributed programming

Grid computing

Peer-to-peer networks

MultiCluster : um modelo de integração baseado em rede peer-to-peer para a concepção de grades locais / MultiCluster: an integration model based on peer-to-peer protocols for the construction of local grids

Barreto, Marcos Ennes

January 2010

As grades computacionais e as redes peer-to-peer (P2P) surgiram como áreas distintas, com diferentes propósitos, modelos e ferramentas. No decorrer dos últimos anos, estas áreas foram convergindo, uma vez que a infraestrutura e o modelo de execução descentralizada das redes P2P provaram ser uma alternativa adequada para o tratamento de questões relacionadas à manutenção de grades de larga escala, tais como escalabilidade, descoberta, alocação e monitoramento de recursos. O modelo MultiCluster trata a convergência entre grades computacionais e redes peer-to-peer de uma forma mais restrita: os problemas de escalabilidade, de descoberta e alocação de recursos são minimizados considerando-se apenas recursos localmente disponíveis para a construção de uma grade, a qual pode ser usada para a execução de aplicações com diferentes características de acoplamento e comunicação. Esse trabalho apresenta a arquitetura do modelo e seus aspectos funcionais, bem como um primeira implementação do modelo, realizada através da adaptação da biblioteca de programação DECK sobre os protocolos do projeto JXTA. A avaliação do funcionamento dessa implementação é apresentada e discutida, com base em algumas aplicações com diferentes características. / Grid computing and peer-to-peer computing emerged as distinct areas with different purposes, models and tools. Over the last years, these areas has been converging since the infrastructure and the execution model used in peer-to-peer networks have proven to be a suitable way to treat some problems related to the maintenance of large scale grids, such as scalability, monitoring, and resource discovery and allocation. The MultiCluster model addresses the convergence of grids and peer-to-peer networks in a more restricted way: the problems related to scalability, resource allocation and discovery are minimized by considering only local resources for the conception of a small scale grid, which can be used to run applications with different characteristics of granularity and communication. This work presents the MultiCluster architecture and its functional aspects, as well as a first implementation carried out by adapting the DECK programming library to use JXTA protocols and its consequent evaluation, based on applications with different characteristics.

Cluster

Computação em grade

Programacao distribuida

Distributed programming

Grid computing

Peer-to-peer networks

Dois pesos, duas medidas : gerenciamento de identidades orientado a desafios adaptativos para contenção de Sybils. / TwoWeights and two measures: using adaptive puzzles in identity management for sybil contention

Mauch, Gustavo Huff

January 2010

O ataque Sybil consiste na criação indiscriminada de identidades forjadas por um usuário malicioso (atacante). Uma abordagem promissora para mitigar esse ataque consiste em conceder novas identidades mediante a resolução de desafios computacionais. Apesar de suas potencialidades, as soluções baseadas em tal abordagem não distinguem solicitações de usuários corretos das de atacantes, fazendo com que ambos paguem o mesmo preço por identidade solicitada. Por conta disso, essas soluções podem não ser efetivas quando os recursos computacionais dos atacantes são muito superiores aos que os usuários legítimos dispõem. Assumindo desafios de uma determinada dificuldade, atacantes com hardware de maior capacidade conseguiriam resolver um conjunto muito superior de desafios e, com isso, obter um número elevado de identidades. Aumentar uniformemente a dificuldade dos desafios poderia, no outro extremo, tornar proibitivo o ingresso de pares a rede. Para lidar com esse problema, nesta dissertação propi5e-se o use de desafios adaptativos como limitante a disseminação de Sybils. Estima-se um grau de confiança da fonte de onde partem as solicitações de identidade em relação as demais. Quanto maior a frequência de solicitação de identidades, menor o grau de confiança e, consequentemente, maior a complexidade do desafio a ser resolvido pelo(s) usuário(s) associado(s) Aquela fonte. Resultados obtidos por meio de experimentação mostram a capacidade da solução de atribuir desafios mais complexos a potenciais atacantes, penalizando minimamente usuários legítimos. / The Sybil attack consists on the indiscriminate creation of counterfeit identities by a malicious user (attacker). An effective approach to tackle such attack consists of establishing computational puzzles to be solved prior to granting new identities. Despite its potentialities, solutions based on such approach do not distinguish between identity requests from correct users and attackers, and thus require both to afford the same cost per identity requested. Therefore, those approaches may not be effective when the attacker's computational resources are superior than those used by correct users. Assuming any choice of puzzle hardness, attackers that have access to high-performance computing resources will be able to solve puzzles several order of magnitude faster than legitimate users and thus obtain a large amount of identities. On the other way, raising the cost to solve the puzzles could restrict legitimate users too much. To tackle this problem, in this paper we propose the use of adaptive computational puzzles to limit the spread of Sybils. We estimate a trust score of the source of identity requests in regard to the behavior of others. The higher the frequency a source requests identities, the lower its trust score and, consequently, the higher the complexity of the puzzle to be solved by the user(s) associated to that source. Results achieved by means of an experimental evaluation evidence our solution's ability to establish more complex puzzles to potential attackers, while minimally penalizing legitimate users.

Seguranca : Computadores

Redes : Computadores

Redes P2P

Criptografia : Comunicacao : Dados

Peer-to-peer networks

Authentication

Identity management

Dois pesos, duas medidas : gerenciamento de identidades orientado a desafios adaptativos para contenção de Sybils. / TwoWeights and two measures: using adaptive puzzles in identity management for sybil contention

Mauch, Gustavo Huff

January 2010

O ataque Sybil consiste na criação indiscriminada de identidades forjadas por um usuário malicioso (atacante). Uma abordagem promissora para mitigar esse ataque consiste em conceder novas identidades mediante a resolução de desafios computacionais. Apesar de suas potencialidades, as soluções baseadas em tal abordagem não distinguem solicitações de usuários corretos das de atacantes, fazendo com que ambos paguem o mesmo preço por identidade solicitada. Por conta disso, essas soluções podem não ser efetivas quando os recursos computacionais dos atacantes são muito superiores aos que os usuários legítimos dispõem. Assumindo desafios de uma determinada dificuldade, atacantes com hardware de maior capacidade conseguiriam resolver um conjunto muito superior de desafios e, com isso, obter um número elevado de identidades. Aumentar uniformemente a dificuldade dos desafios poderia, no outro extremo, tornar proibitivo o ingresso de pares a rede. Para lidar com esse problema, nesta dissertação propi5e-se o use de desafios adaptativos como limitante a disseminação de Sybils. Estima-se um grau de confiança da fonte de onde partem as solicitações de identidade em relação as demais. Quanto maior a frequência de solicitação de identidades, menor o grau de confiança e, consequentemente, maior a complexidade do desafio a ser resolvido pelo(s) usuário(s) associado(s) Aquela fonte. Resultados obtidos por meio de experimentação mostram a capacidade da solução de atribuir desafios mais complexos a potenciais atacantes, penalizando minimamente usuários legítimos. / The Sybil attack consists on the indiscriminate creation of counterfeit identities by a malicious user (attacker). An effective approach to tackle such attack consists of establishing computational puzzles to be solved prior to granting new identities. Despite its potentialities, solutions based on such approach do not distinguish between identity requests from correct users and attackers, and thus require both to afford the same cost per identity requested. Therefore, those approaches may not be effective when the attacker's computational resources are superior than those used by correct users. Assuming any choice of puzzle hardness, attackers that have access to high-performance computing resources will be able to solve puzzles several order of magnitude faster than legitimate users and thus obtain a large amount of identities. On the other way, raising the cost to solve the puzzles could restrict legitimate users too much. To tackle this problem, in this paper we propose the use of adaptive computational puzzles to limit the spread of Sybils. We estimate a trust score of the source of identity requests in regard to the behavior of others. The higher the frequency a source requests identities, the lower its trust score and, consequently, the higher the complexity of the puzzle to be solved by the user(s) associated to that source. Results achieved by means of an experimental evaluation evidence our solution's ability to establish more complex puzzles to potential attackers, while minimally penalizing legitimate users.

Seguranca : Computadores

Redes : Computadores

Redes P2P

Criptografia : Comunicacao : Dados

Peer-to-peer networks

Authentication

Identity management

A Framework for anonymous background data delivery and feedback

Timchenko, Maxim

28 October 2015

The current state of the industry’s methods of collecting background data reflecting diagnostic and usage information are often opaque and require users to place a lot of trust in the entity receiving the data. For vendors, having a centralized database of potentially sensitive data is a privacy protection headache and a potential liability should a breach of that database occur. Unfortunately, high profile privacy failures are not uncommon, so many individuals and companies are understandably skeptical and choose not to contribute any information. It is a shame, since the data could be used for improving reliability, or getting stronger security, or for valuable academic research into real-world usage patterns. We propose, implement and evaluate a framework for non-realtime anonymous data collection, aggregation for analysis, and feedback. Departing from the usual “trusted core” approach, we aim to maintain reporters’ anonymity even if the centralized part of the system is compromised. We design a peer-to-peer mix network and its protocol that are tuned to the properties of background diagnostic traffic. Our system delivers data to a centralized repository while maintaining (i) source anonymity, (ii) privacy in transit, and (iii) the ability to provide analysis feedback back to the source. By removing the core’s ability to identify the source of data and to track users over time, we drastically reduce its attractiveness as a potential attack target and allow vendors to make concrete and verifiable privacy and anonymity claims.

Computer engineering

Anonymity

Data collection

Peer-to-peer networks

Privacy-preserving systems

Secure information flow

Implementation and Evaluation of the Service Peer Discovery Protocol

Urdiales Delgado, Diego

January 2004

This document is the final report of the master's thesis "Implementation and Evuation of the Service Peer Discovery Protocol", carried out at the Center for Wireess Systems, KTH, Stockholm. This thesis addresses the problem of service discovery in peer-to-peer mobile networks by implementing and evaluating a previously designed protocl (the Service Peer Discovery Protocol). The main feature of peer-to-peer networks is that users connected to them can communicate directly with each other, without the necessity of interaction via a central point. However, in order for two networks users (ir peers) to communicate, they must have a means to locate and address each other, which is in gernal called a discovery protocol. There are many different solutions for discoverying protocols that work efficiently in fixed or slow-moving networks, but full mobility introduces a set of new difficulties for the discovery of peers and their services. The potential changes in location, which can occur very ofter, the changes in IP address that these changes cuase, and roaming between networks of different kinds are good examples of these difficulties. To solve these problems, a new Service Peer Discovery Protocol was designed and a test application built. The next step towards the introduction of this protocol was creating a working implementation, setting up a suitable test environment, performing experiments, and evaluating its performance. This evaluation could lead to improvments in the protoocl. The aim of this thesis is to implement and document the Service Peer Discovery Protocol, to carry out measurements of it, to evaluate the efficiency of the protocol, and to suggest ways in which it could be improved. The Service Peer Discovery Protocol was found to be well targeted to wireless, peer-to-peer networks, althgouh improvements in the protocol could make it more time and traffic-efficient while maintaining the same level of performance. / Detta är den slutliga rapporten för examensarbetet "Implementation och utvädering av Service Peer Discovery Protocol", utfört på Center for Wireless Systems, KTH, Stockholm.  Uppsatsen behandlar problemet med sökning efter tjänster i icke-hierarkiska (peer-to-peer) mobila nätverk genom att implementera och utvädera ett redan konstruerat protokoll (Service Peer Discovery Protocol). Den huvudsakliga fördelen med icke-hierarkiska nätverk är att anslutna anvndare (parter) kan kommunicera direkt med varandra, utan att behöva interagera med en central punkt.  Dock måste metoder för att lokalisera och adressera andra parter vara tillgängliga för att parterna skall kunna kommunicera, metoder som kalla sökprotokoll (discovery protocol). Det finns många olika sökprotokollösningar som fungerar effektivt i fasta eller långsamma mobila nätverk, men med full mobilitet introduceras ett antal nya svårigheter vid s kande efter parter och tjänster. Den potentiella förändringen av position (vilken kan inträffa ofta), byte av IP-address som dessa förändringar medför, och förflyttning mellan olika typer av nätverk, är exempel på sådana svårigheter. För att lösa dessa problem, konstruerades protokollet Service Peer Discovery Protocol och en testapplikation byggdes.  Nästa steg mot en introducering av detta protokoll var en fungerande implementation, en lämplig testmilö, utförandet av tester och en utvädering av prestandan.  Utväderingen syftade till att förbättra protokollet.  Syftet med detta examensar1ete är att implementera och dokumentera protokollet Service Peer Discovery Protocol, att göra mätningar, att utvädera effektiviteten samt att föreslå förbättringar av protokollet. Service Peer Discovery Protocol, fanns vara väl anpassat till icke-hierarkiska trådlösa nätverk.  Dock torde förbättringar av protokollet innebära tidseffektivare och trafikeffektivare beteende utan att kompromissa prestandanivån.

Discovery protocols

peer to peer networks

wireless networks

Session Initiation Protocol

evaluation

Communication Systems

Kommunikationssystem

Understanding Internet Naming: From the Modern DNS Ecosystem to New Directions in Naming

Callahan, Tom

16 August 2013

No description available.

Computer Science

internet measurement

internet naming

dns

bootstrapping

peer-to-peer networks