Sybil Attack and Defense in P2P Networks
|
|
- Tracy McDaniel
- 1 years ago
- Views:
Transcription
1 Sybil Attack and Defense in P2P Networks Presented by: Pratch Piyawongwisal, Pengye Xia CS 538 Fall 2011 Advanced Computer Networks
2 Outline Sybil attack Attacks on DHTs Solutions Using social networks (Whānau) Limiting attacks in structured overlays (ACS)
3 The Sybil Attack A malicious user pretends to be multiple nodes in the system by faking identities Douceur [IPTPS 2002] was the first to consider this problem in the context of structured P2P networks image source:
4 Reputation system Targets ebay: create fake accounts to give positive feedback to a seller Internet polls use multiple IP addresses to get more votes emule use multiple IDs to attack the KAD network Google Page-Rank create multiple sites that link to a target site to increase its rank
5 Proposed Solutions Trusted Authority Require all nodes to authenticate with public keys Douceur, 2002: Without a centralized authority, Sybil attacks are always possible Centralized, expensive Resource Testing Tests computing power, storage, network bandwidth, limited IP addresses e.g. CAPTCHA, cryptographic puzzles Adversary may have more resources
6 Sybil attack on a Distributed Hash Table (DHT)
7 Scenario: Instant Message (IM) application DHT
8 Scenario: Instant Messaging (IM) At the beginning, each user has KEY: a public key PK VALUE: self-signed tuple {PK, IP address} everyone else's PK Goals: A wants to talk to B Given PK B, A can retrieve {PK B,IP B } by querying any node in the DHT Concerns: DHT-related metrics (e.g. lookup time, table size, etc.) Protection against attacks
9 Scenario: IM application How the Chord handles this situation:
10 1. Attack on DHT routing Attacker simply drops queries or return false information
11 2. Clustering attack on specific node Attacker targets at node C It inserts n objects into DHT, whose keys all hash to 25. These objects are stored at C. Overflow at node C!
12 3. Clustering attack on specific key An attacker wants to intercept the query on PK E (key ID 25) It creates many sybil nodes around key 25 and increases possibility of intercepting queries Queries on PK E will never be answered!
13 Summarize: Types of attacks on DHT Targeting at DHT routing Attacker create many sybil node IDs Response queries with nothing or false information Targeting at specific node Guess the hash function h(key)->id Insert many keys with h(key) near the specific node ID Overflow! Targeting at specific key Guess the hash function h(key)->id Create many sybil node IDs near the key ID Affect queries on the key
14 Whānau: A Sybil-proof Distributed Hash Table C. Lesniewski-Laas and M. F. Kaashoek, MIT CSAIL [NSDI 2010]
15 Vulnerability of Chord Vulnerable to Sybil attacks Influence of attackers increase with time! Table maintenance is done through queries Sybil nodes make responses with false info to fill sybil IDs into honest node's finger table Influence of Sybil nodes increases during each node join, leave and failure Example: node join
16 Example: node join A new node E joins the DHT
17 Some Intuitions Don't build or maintain table by queries Prevent influence of Sybil nodes from increasing Don't rely on a single finger Reduce the impact of Sybil fingers Strawman protocol Build table by random sampling Base for Whānau
18 Strawman protocol Denote the set of local keys stored at a node by local(node) If the union of {local(x)}, {local(a)}, {local(b)}, {local(c)} covers the whole key space, a key can always be found at x! Requirement 1: Sampling must be random, sample size O( n)
19 Strawman protocol Denote the set of local keys stored at a node by local(node) If the union of {local(x)}, {local(a)}, {local(b)}, {local(c)} covers the whole key space, a key can always be found at x! Requirement 2: Limited percentage of sybil fingers in the finger table
20 Strawman protocol As long as node can do random sampling to build its table and limit the number of Sybil fingers in the finger table, Strawman protocol is not vulnerable to Sybil attacks Reason: local tables of honest fingers cover the whole key space How? Sampling by random walks on a social network
21 Social Networks Node have social links to other nodes provides additional information
22 Sampling by random walks on the social network Assumption: 1. The number of attack edges is much smaller than the number honest edges 2. Fast mixing Properties: Due to 1, random walk has higher probability to land on a honest node Percentage of Sybil nodes in a random sample is limited Due to 2, given enough length of walk, the probability of ending at any node is uniformly distributed Sampling is random
23 Random sampling in Strawman Start t random walks of length w on the social network t = O( n) is large enough for collecting enough honest fingers w = O(log n) is large enough to ensure uniform distribution n is the number of honest nodes Union of honest fingers' local table cover the whole key space
24 Strawman vs Chord Scheme Availability Efficiency Security Chord Always available in absence of attacks O(log n) hops lookup; O(log n) message per query O(log n) table size Vulnerable to Sybil attacks; Influence of Sybil nodes increases Strawman Always available One-hop lookup; O( n) number of messages per query due to broadcast Sybil attacks are mitigated; Influence of Sybil nodes does not increase O( n) table size Combine the two?
25 Whānau* Build and maintain routing tables using random walk on social network Similar as Strawman Influence of sybil nodes does not increase Ordering of fingers fingers are ordered by the distance to the key, only a few finger are queried O(1) messages per query * Pronounced "far no" A Māori word meaning "extended family" or "kin"
26 How does Whānau work?
27 How does Whānau work?
28 Chord vs Strawman vs Whānau Scheme Availability Efficiency Security Chord Always available in absence of attacks O(log n) hops lookup O(log n) message per query due to finger ordering Vulnerable to Sybil attacks; Influence of Sybil nodes increases O(log n) table size Strawman Always available One- hop lookup O( n) number of messages per query due to broadcast Sybil attacks are mitigated; Influence of Sybil nodes does not increase O( n) table size Whānau Always available One-hop lookup O(1) number of message on average Sybil attacks are mitigated; Influence of Sybil nodes does not increase O( n log n) table size
29 Limiting Sybil Attacks in Structure P2P Networks Hosam Rowaihy, William Enck, Patrick McDaniel, and Thomas La Porta. [INFOCOM 2007]
30 Limiting Sybil Attacks in Structured P2P Networks Main goal Limit the rate at which a node can obtain IDs Differ from Whānau that tries to limit the influence of Sybil nodes on DHT Admission Control System (ACS) Maintain a tree hierarchy Require the joining node to solve puzzles from leaf up to the root (Resource testing) Once authenticated, the joining node becomes a leaf
31 ACS: Authentication The puzzle: Given PK, TS, H, solve for R s.t. h(pk, TS, R) = H A wants to join: 1) A asks a leaf X i for puzzle 2) A solves the puzzle and receives a token from X i 3) A can now ask one upper level X i-1 for another puzzle 4) A keeps solving puzzles until it the root 5) Finally, A is assigned a random ID A, certified by the root
32 Attack and Defense on ACS Shortcut Sybil nodes can patiently but steadily accumulate over time
33 Attack and Defense on ACS Shortcut Solution: Limit the token issuing rate Sybil nodes can patiently but steadily accumulate over time Solution: Periodically redo the puzzle solving
34 ACS and Whānau: Different approaches in the fight against Sybil Attack Whānau: limit Sybil nodes' interference on DHT Use its own customized one-hop DHT Require social network and its special properties (i.e. sparse cut, fast mixing) The number and strength of Sybil nodes does not matter. ACS: limit the number of Sybil nodes Work with any DHT Require trusted root (single point of failure) Aim to minimize the number of Sybil nodes in the system Cannot stop attackers with ample resource
35 Discussions 1. Whānau and Strawman protocol rely on the sparse attacking edges and fast mixing properties of the social network. How realistic are these assumptions? What kinds of social networks do they apply to? How could we experimentally test these assumptions? 2. Is clustering attack on a particular node or key still possible with Whānau? 3. What is the advantage of having a tree structure as in ACS? Instead of going from the leaf to the root, can't we just pick a number of random nodes to authenticate with?
36 References C. Lesniewski-Laas and M. F. Kaashoek. Whānau: A sybil-proof distributed hash table. In Proc. NSDI 10, San Jose, CA, Apr Hosam Rowaihy, William Enck, Patrick McDaniel, and Thomas La Porta. Limiting sybil attacks in structured p2p networks. In 26th IEEE Intl. Conference on Computer Communications (INFOCOM), B.N. Levine, et al. A survey of solutions to the sybil attack. Technical Report , Univ. of Massachussets Amherst, 2006.
37 Appendix: Whānau in details
38 Setup: ID assignment Assign node ID: Start r d random walks, collect the key-value pair at the end of each walk and store the records locally. To help build the successor table Randomly select a key from the collected records as ID To prevent node attack
39 Assign ID
40 Setup: finger table Build finger table: Start r f random walks and collect node ID at the end of each walk The collected node IDs form finger table
41 Finger Table
42 Setup: successor table Build successor table: My Successor table contains all keys which are close to the my node ID Start r s random walks and collect a few key-value records closest to the my own ID from the end node's db table of each walk The collected keys form successor table, the corresponding values are also stored locally Given enough number of random walks, all keys that are close to the node's ID has been stored into the successor table
43 Successor table
44 Lookup Given a query on key k, a node A First see if k is in its own successor table succ(a) If not, find a finger f with closest distance to k in the finger table. Ask if k is in f's successor table succ(f) If A cannot find k, start a random walk from A and repeat the previous step on the end node of the walk Repeat the random walk process until we find the key
45 Lookup
46 Availability and Efficiency? A key will always be found Flooding argument One-hop look-up By careful choice of r d, r f and r s, the union of my successor table and all my honest fingers' successor tables cover the whole key space (w.h.p) On average O(1) messages and worst case O(logn) messages Only ask the finger that is closest to the key instead of broadcasting
47 Security? Attacker's influence will not accumulate General attacks on DHT routing are mitigated Clustering attack on specific node is mitigated If an attacker inserts many keys close to each other (using many sybil nodes), it is possible to overflow a certain node. But the attacker cannot decide which node he's attacking. Clustering attack on specific key is still possible Example, an attacker creates many false IDs near specific key
48 Attack on node IDx is randomly chosen, the attacker cannot target at specific node
49 Attack on the key
50 Defense against clustering attack The basic idea is to let distribution of honest IDs mimic the distribution of sybil IDs Query will not be disturbed if around a certain key there are enough honest IDs Layered IDs: Define the ID obtained by previous algorithm as layer-0 ID Layer-1 ID is obtained by randomly picking a ID from the layer-0 finger table Layer-1 finger table and layer-1 successor table is obtained similarly as before but using layer-1 IDs Multiple layers are defined recursively
51 Distribution of node IDs If an attacker creates many nodes with layer-0 IDs near a certain key, it is highly possible that each honest node's finger table contains such an ID As a result, layer-1 IDs of honest nodes are highly possible to concentrate around the certain key
52 Modified lookup Given a query on key k, a node A starts by looking at its layer-0 tables if not found, randomly chooses a layer i, looks at layer-i table to find the key Suppose attacker's layer-j IDs concentrate around k, in all layers higher than layer-j, the honest node IDs will also concentrate around k Lookup in higher layers will not be affected by the clustering attack
53 How sparse should it be? g: number of attack edges n: number of honest edges y-axis: probability of a random walk ending at a Sybil node
54 Example: node join A new node E joins the DHT
Chord - A Distributed Hash Table
Kurt Tutschku Vertretung - Professur Rechnernetze und verteilte Systeme Chord - A Distributed Hash Table Outline Lookup problem in Peer-to-Peer systems and Solutions Chord Algorithm Consistent Hashing
Load Balancing in Structured Overlay Networks. Tallat M. Shafaat tallat(@)kth.se
Load Balancing in Structured Overlay Networks Tallat M. Shafaat tallat(@)kth.se Overview Background The problem : load imbalance Causes of load imbalance Solutions But first, some slides from previous
Overlay and P2P Networks. Additional material on DHTs. Prof. Sasu Tarkoma
Overlay and P2P Networks Additional material on DHTs Prof. Sasu Tarkoma 13.2.2014 Additional material Butterfly networks and Viceroy Skip graph CANON: merging Chord rings De Brujn graph Butterfly Geometry
R-Chain: A Self-Maintained Reputation Management System in P2P Networks
R-Chain: A Self-Maintained Reputation Management System in P2P Networks Lintao Liu, Shu Zhang, Kyung Dong Ryu, Partha Dasgupta Dept. of Computer Science & Engineering Arizona State University Tempe, AZ
CS5412: TIER 2 OVERLAYS
1 CS5412: TIER 2 OVERLAYS Lecture VI Ken Birman Recap 2 A week ago we discussed RON and Chord: typical examples of P2P network tools popular in the cloud Then we shifted attention and peeked into the data
Object Tracking System for Mobile Terminals: Architecture, Protocol and Its Evaluation
Object Tracking System for Mobile Terminals: Architecture, Protocol and Its Evaluation Location Tracking System Architecture Sensor System Object Tracking System for Mobile Terminals: Architecture, Protocol
Methods & Tools Peer-to-Peer Jakob Jenkov
Methods & Tools Peer-to-Peer Jakob Jenkov Peer-to-Peer (P2P) Definition(s) Potential Routing and Locating Proxy through firewalls and NAT Searching Security Pure P2P There is no central server or router.
Security in Structured P2P Systems
P2P Systems, Security and Overlays Presented by Vishal thanks to Dan Rubenstein Columbia University 1 Security in Structured P2P Systems Structured Systems assume all nodes behave Position themselves in
query enabled P2P networks 2009. 08. 27 Park, Byunggyu
Load balancing mechanism in range query enabled P2P networks 2009. 08. 27 Park, Byunggyu Background Contents DHT(Distributed Hash Table) Motivation Proposed scheme Compression based Hashing Load balancing
X-Vine: Secure and Pseudonymous Routing in DHTs Using Social Networks
X-Vine: Secure and Pseudonymous Routing in DHTs Using Social Networks Prateek Mittal Dept. of ECE University of Illinois mittal@illinois.edu Matthew Caesar Dept. of CS University of Illinois caesar@cs.illinois.edu
A Reputation Management System in Structured Peer-to-Peer Networks
A Reputation Management System in Structured Peer-to-Peer Networks So Young Lee, O-Hoon Kwon, Jong Kim and Sung Je Hong Dept. of Computer Science & Engineering, Pohang University of Science and Technology
DDoS Vulnerability Analysis of Bittorrent Protocol
DDoS Vulnerability Analysis of Bittorrent Protocol Ka Cheung Sia kcsia@cs.ucla.edu Abstract Bittorrent (BT) traffic had been reported to contribute to 3% of the Internet traffic nowadays and the number
Chord. A scalable peer-to-peer look-up protocol for internet applications
Chord A scalable peer-to-peer look-up protocol for internet applications by Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan Overview Introduction The Chord Algorithm Construction
Computational Puzzles as Sybil Defenses
Computational Puzzles as Sybil Defenses Nikita Borisov Department of Electrical & Computer Engineering University of Illinois at Urbana-Champaign Email: nikita@uiuc.edu Abstract We consider the problem
MIDAS: Multi-Attribute Indexing for Distributed Architecture Systems
MIDAS: Multi-Attribute Indexing for Distributed Architecture Systems George Tsatsanifos (NTUA) Dimitris Sacharidis (R.C. Athena ) Timos Sellis (NTUA, R.C. Athena ) 12 th International Symposium on Spatial
An Introduction to Peer-to-Peer Networks
An Introduction to Peer-to-Peer Networks Presentation for MIE456 - Information Systems Infrastructure II Vinod Muthusamy October 30, 2003 Agenda Overview of P2P Characteristics Benefits Unstructured P2P
Plaxton Routing. - From a peer - to - peer network point of view. Lars P. Wederhake
Plaxton Routing - From a peer - to - peer network point of view Lars P. Wederhake Ferienakademie im Sarntal 2008 FAU Erlangen-Nürnberg, TU München, Uni Stuttgart September 2008 Overview 1 Introduction
CS435 Introduction to Big Data
CS435 Introduction to Big Data Final Exam Date: May 11 6:20PM 8:20PM Location: CSB 130 Closed Book, NO cheat sheets Topics covered *Note: Final exam is NOT comprehensive. 1. NoSQL Impedance mismatch Scale-up
A P2P SERVICE DISCOVERY STRATEGY BASED ON CONTENT
A P2P SERVICE DISCOVERY STRATEGY BASED ON CONTENT CATALOGUES Lican Huang Institute of Network & Distributed Computing, Zhejiang Sci-Tech University, No.5, St.2, Xiasha Higher Education Zone, Hangzhou,
A comparison of two trust metrics Jesse Ruderman UCSD CSE 202 Fall 2004 December 15, 2004
A comparison of two trust metrics Jesse Ruderman UCSD CSE 202 Fall 2004 December 15, 2004 Abstract This paper describes and compares two trust metrics, Advogato and Page- Rank. It describes a novel attack
A Survey of DHT Security Techniques
A Survey of DHT Security Techniques GUIDO URDANETA, GUILLAUME PIERRE and MAARTEN VAN STEEN VU University, Amsterdam, The Netherlands Peer-to-peer networks based on Distributed Hash Tables (DHTs) have received
The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems
The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems Becky Cutler Rebecca.cutler@tufts.edu Mentor: Professor Chris Gregg Abstract Modern day authentication systems
P2P Storage Systems. Prof. Chun-Hsin Wu Dept. Computer Science & Info. Eng. National University of Kaohsiung
P2P Storage Systems Prof. Chun-Hsin Wu Dept. Computer Science & Info. Eng. National University of Kaohsiung Outline Introduction Distributed file systems P2P file-swapping systems P2P storage systems Strengths
Chapter 2 Architectures. Layered Architecture
Chapter 2 Architectures Software architecture logical organization of the software components Architectural styles: layered, object based, eventbased, shared data space System architecture the instantiation
International Journal of Scientific & Engineering Research, Volume 4, Issue 11, November-2013 349 ISSN 2229-5518
International Journal of Scientific & Engineering Research, Volume 4, Issue 11, November-2013 349 Load Balancing Heterogeneous Request in DHT-based P2P Systems Mrs. Yogita A. Dalvi Dr. R. Shankar Mr. Atesh
New Algorithms for Load Balancing in Peer-to-Peer Systems
New Algorithms for Load Balancing in Peer-to-Peer Systems David R. Karger Matthias Ruhl MIT Laboratory for Computer Science Cambridge, MA 02139, USA {karger, ruhl}@theory.lcs.mit.edu Abstract Load balancing
ID Mapping Attacks in P2P Networks
This full text paper was peer reviewed at the direction of IEEE Communications Society subject matter experts for publication in the IEEE GLOBECO 2005 proceedings. ID apping Attacks in P2P Networks Davide
Vulnerabilities of P2P Systems and a Critical Look at their Solutions
Vulnerabilities of P2P Systems and a Critical Look at their Solutions Marling Engle & Javed I. Khan {mengle javed}@cs.kent.edu Networking and Media Communications Research Laboratories Computer Science
Distributed Computing over Communication Networks: Topology. (with an excursion to P2P)
Distributed Computing over Communication Networks: Topology (with an excursion to P2P) Some administrative comments... There will be a Skript for this part of the lecture. (Same as slides, except for today...
Trust and Reputation Management
Trust and Reputation Management Omer Rana School of Computer Science and Welsh escience Centre, Cardiff University, UK Omer Rana (CS, Cardiff, UK) CM0356/CMT606 1 / 28 Outline 1 Context Defining Trust
Adapting Distributed Hash Tables for Mobile Ad Hoc Networks
University of Tübingen Chair for Computer Networks and Internet Adapting Distributed Hash Tables for Mobile Ad Hoc Networks Tobias Heer, Stefan Götz, Simon Rieche, Klaus Wehrle Protocol Engineering and
Identity Theft Protection in Structured Overlays
Identity Theft Protection in Structured Overlays Lakshmi Ganesh Ben Y. Zhao University of California, Santa Barbara NPSec 2005 Background: Structured Overlays network abstraction IDs, not IPs app level
In-Network Coding for Resilient Sensor Data Storage and Efficient Data Mule Collection
In-Network Coding for Resilient Sensor Data Storage and Efficient Data Mule Collection Michele Albano Jie Gao Instituto de telecomunicacoes, Aveiro, Portugal Stony Brook University, Stony Brook, USA Data
STORM: A Secure Overlay for P2P Reputation Management
STORM: A Secure Overlay for P2P Reputation Management Aina Ravoaja, Emmanuelle Anceaume To cite this version: Aina Ravoaja, Emmanuelle Anceaume. STORM: A Secure Overlay for P2P Reputation Management. IEEE
Vulnerability Analysis of Hash Tables to Sophisticated DDoS Attacks
International Journal of Information & Computation Technology. ISSN 0974-2239 Volume 4, Number 12 (2014), pp. 1167-1173 International Research Publications House http://www. irphouse.com Vulnerability
COMP3331/9331 Computer Networks and Applications Assignment for Session 2, 2015
COMP3331/9331 Computer Networks and Applications Assignment for Session 2, 2015 Version 1.1 Due: 11:59pm Friday, 23 October 2015 (Week 12) Please read the plagiarism policy carefully. We compare submission
Simulating a File-Sharing P2P Network
Simulating a File-Sharing P2P Network Mario T. Schlosser, Tyson E. Condie, and Sepandar D. Kamvar Department of Computer Science Stanford University, Stanford, CA 94305, USA Abstract. Assessing the performance
7. Indexing. Contents: Single-Level Ordered Indexes Multi-Level Indexes B + Tree based Indexes Index Definition in SQL.
ECS-165A WQ 11 123 Contents: Single-Level Ordered Indexes Multi-Level Indexes B + Tree based Indexes Index Definition in SQL 7. Indexing Basic Concepts Indexing mechanisms are used to optimize certain
P.Brighten Godfrey, Scott Shenker, and Ion Stoica. Computer Science Division. -Anjali Sridhar CS598 Brighten Godfrey
P.Brighten Godfrey, Scott Shenker, and Ion Stoica UC Berkeley Computer Science Division -Anjali Sridhar CS598 Brighten Godfrey Peer to Peer Networks Churn and Overlay Networks Motivation to reduce churn
1. Comments on reviews a. Need to avoid just summarizing web page asks you for:
1. Comments on reviews a. Need to avoid just summarizing web page asks you for: i. A one or two sentence summary of the paper ii. A description of the problem they were trying to solve iii. A summary of
Kelips : Building an Efficient and Stable P2P DHT Through Increased Memory and Background Overhead
Kelips : Building an Efficient and Stable P2P DHT Through Increased Memory and Background Overhead Indranil Gupta, Ken Birman, Prakash Linga, Al Demers, Robbert van Renesse Cornell University, Ithaca,
Department of Computer Science Institute for System Architecture, Chair for Computer Networks. File Sharing
Department of Computer Science Institute for System Architecture, Chair for Computer Networks File Sharing What is file sharing? File sharing is the practice of making files available for other users to
Solutions to the Sample Questions on Application Layer
Solutions to the Sample Questions on Application Layer 1) Why is SMTP not used for transferring e-mail messages from the recipient s mail server to the recipient s personal computer? Answer: Whereas SMTP
PEER-TO-PEER DISTRIBUTED LOOKUP SERVICES
PEER-TO-PEER DISTRIBUTED LOOKUP SERVICES ABSTRACT As we are living in the era of technology innovation, the need of sharing information is becoming more important than ever. Peer-to-peer applications were
Identity Theft Protection in Structured Overlays
Identity Theft Protection in Structured Overlays Lakshmi Ganesh and Ben Y. Zhao Computer Science Department, U. C. Santa Barbara {lakshmi, ravenben}@cs.ucsb.edu Abstract Structured peer-to-peer (P2P) overlays
Attacking the Kad network---real world evaluation and high fidelity simulation using DVN
SECURITY AND COMMUNICATION NETWORKS Security Comm. Networks. (2009) Published online in Wiley InterScience (www.interscience.wiley.com).172 Attacking the Kad network---real world evaluation and high fidelity
X-Vine: Secure and Pseudonymous Routing Using Social Networks
X-Vine: Secure and Pseudonymous Routing Using Social Networks Prateek Mittal, Matthew Caesar, Nikita Borisov University of Illinois at Urbana-Champaign {mittal2,caesar,nikita}@illinois.edu Abstract Distributed
An Implementation of Secure Wireless Network for Avoiding Black hole Attack
An Implementation of Secure Wireless Network for Avoiding Black hole Attack Neelima Gupta Research Scholar, Department of Computer Science and Engineering Jagadguru Dattaray College of Technology Indore,
Pub/Sub Functionality in IR Environments using Structured Overlay Networks
Pub/Sub Functionality in IR Environments using Structured Overlay Networks Christos Tryfonopoulos, Stratos Idreos and Manolis Koubarakis Intelligent Systems Laboratory Dept. of Electronic and Computer
Name-based Network. Key-Value Store. Network Architecture. Computer Networks. Lecture 10: Content-based Routing and Consistent Hashing
Name-based Network Computer Networks Lecture 10: Content-based Routing and Consistent Hashing Today s Internet: address-based packet forwarding applications must first resolve a name to an address establish
Improving Availability with Adaptive Roaming Replicas in Presence of Determined DoS Attacks
Improving Availability with Adaptive Roaming Replicas in Presence of Determined DoS Attacks Chin-Tser Huang, Prasanth Kalakota, Alexander B. Alexandrov Department of Computer Science and Engineering University
Examples Peer-to-Peer Applications. (Gnutella, Kazaa, BitTorrent, Skype)
Examples Peer-to-Peer Applications (Gnutella, Kazaa, BitTorrent, Skype) Second generation approach Gnutella Fully distributed approach Constructs Gnutella overlay network What is an overlay network? How
CompuP2P: An Architecture for Sharing of Computing Resources In Peer-to-Peer Networks With Selfish Nodes Rohit Gupta and Arun K.
CompuP2P: An Architecture for Sharing of Computing Resources In Peer-to-Peer Networks With Selfish Nodes Rohit Gupta and Arun K. Somani (firstname@iastate.edu) Dependable Computing and Networking Laboratory
Identity Theft Protection in Structured Overlays
Appears in Proceedings of the 1st Workshop on Secure Network Protocols (NPSec 5) Identity Theft Protection in Structured Overlays Lakshmi Ganesh and Ben Y. Zhao Computer Science Department, U. C. Santa
Proof of Freshness: How to efficiently use an online single secure clock to secure shared untrusted memory.
Proof of Freshness: How to efficiently use an online single secure clock to secure shared untrusted memory. Marten van Dijk, Luis F. G. Sarmenta, Charles W. O Donnell, and Srinivas Devadas MIT Computer
Binary Search Trees (continued)
Binary Search Trees (continued) Remove: Starting at the root, search for the value to be remove. If we reach an empty tree, the value is not in the tree. Otherwise, at some point the value is the root
Storage Systems Autumn 2009. Chapter 6: Distributed Hash Tables and their Applications André Brinkmann
Storage Systems Autumn 2009 Chapter 6: Distributed Hash Tables and their Applications André Brinkmann Scaling RAID architectures Using traditional RAID architecture does not scale Adding news disk implies
Dr. Arjan Durresi Louisiana State University, Baton Rouge, LA 70803 durresi@csc.lsu.edu. DDoS and IP Traceback. Overview
DDoS and IP Traceback Dr. Arjan Durresi Louisiana State University, Baton Rouge, LA 70803 durresi@csc.lsu.edu Louisiana State University DDoS and IP Traceback - 1 Overview Distributed Denial of Service
Study of Different Types of Attacks on Multicast in Mobile Ad Hoc Networks
Study of Different Types of Attacks on Multicast in Mobile Ad Hoc Networks Hoang Lan Nguyen and Uyen Trang Nguyen Department of Computer Science and Engineering, York University 47 Keele Street, Toronto,
Routing in the Dark: Pitch Black
Routing in the Dark: Pitch Black Nathan S. Evans Nathan.S.Evans@du.edu Christian Grothoff christian@grothoff.org Colorado Research Institute for Security and Privacy University of Denver 1 Motivation Efficient
The PageRank Citation Ranking: Bring Order to the Web
The PageRank Citation Ranking: Bring Order to the Web presented by: Xiaoxi Pang 25.Nov 2010 1 / 20 Outline Introduction A ranking for every page on the Web Implementation Convergence Properties Personalized
Internet Technology. 09. Routing on the Internet. Paul Krzyzanowski. Rutgers University. Spring CS Paul Krzyzanowski
Internet Technology 09. Routing on the Internet Paul Krzyzanowski Rutgers University Spring 2016 March 21, 2016 CS 352 2013-2016 Paul Krzyzanowski 1 Summary Routing Enable a host to determine the next
RVS-Seminar Overlay Multicast Quality of Service and Content Addressable Network (CAN)
RVS-Seminar Overlay Multicast Quality of Service and Content Addressable Network (CAN) Luca Bettosini Universität Bern Outline > Goals / Motivation ( CAN ) > Content Addressable Network > CAN Multicast
An Analysis of Social Network-Based Sybil Defenses
An Analysis of Social Network-Based Sybil Defenses ABSTRACT Bimal Viswanath MPI-SWS bviswana@mpi-sws.org Krishna P. Gummadi MPI-SWS gummadi@mpi-sws.org Recently, there has been much excitement in the research
CS 245 Final Exam Winter 2013
CS 245 Final Exam Winter 2013 This exam is open book and notes. You can use a calculator and your laptop to access course notes and videos (but not to communicate with other people). You have 140 minutes
Internet Content Distribution
Internet Content Distribution Chapter 4: Content Distribution Networks (TUD Student Use Only) Chapter Outline Basics of content distribution networks (CDN) Why CDN? How do they work? Client redirection
Enabling Public Auditing for Secured Data Storage in Cloud Computing
IOSR Journal of Engineering (IOSRJEN) e-issn: 2250-3021, p-issn: 2278-8719 Vol. 3, Issue 5 (May. 2013), V3 PP 01-05 Enabling Public Auditing for Secured Data Storage in Cloud Computing 1 Er.Amandeep Kaur,
Using Peer to Peer Dynamic Querying in Grid Information Services
Using Peer to Peer Dynamic Querying in Grid Information Services Domenico Talia and Paolo Trunfio DEIS University of Calabria HPC 2008 July 2, 2008 Cetraro, Italy Using P2P for Large scale Grid Information
Detecting Sybil Nodes in Static and Dynamic Networks. José Antonio Cardenas-Haro
Detecting Sybil Nodes in Static and Dynamic Networks by José Antonio Cardenas-Haro A Dissertation Presented in Partial Fulfillment of the Requirements for the Degree Doctor of Philosophy Approved November
Lesson 14 APPLICATION OF COMPLEX NETWORKS CHORD, SYMPHONY, FREENET. Laura Ricci 23/11/2015
Lesson 14 APPLICATION OF COMPLEX NETWORKS CHORD, SYMPHONY, FREENET 23/11/2015 1 GRAPH ANALYSIS: APPLICATIONS In this lesson: exploit the tools offered by complex network analysis to analyse some properties
Mitigation of Random Query String DoS via Gossip
Mitigation of Random Query String DoS via Gossip Stefano Ferretti, Vittorio Ghini Department of Computer Science, University of Bologna Bologna, Italy {sferrett, ghini}@cs.unibo.it arxiv:9.v2 [cs.cr] 2
Secure P2P topology based on a multidimensional DHT space mapping
. RESEARCH PAPER. SCIENCE CHINA Information Sciences May 2013, Vol. 56 052117:1 052117:14 doi: 10.1007/s11432-012-4618-3 Secure P2P topology based on a multidimensional DHT space mapping SUN ZhiXin 1,2,
8 Conclusion and Future Work
8 Conclusion and Future Work This chapter concludes this thesis and provides an outlook on future work in the area of mobile ad hoc networks and peer-to-peer overlay networks 8.1 Conclusion Due to the
Using the Domain Name System for System Break-ins
Using the Domain Name System for System Break-ins Steven M. Bellovin Presented by: Thomas Repantis trep@cs.ucr.edu CS255-Computer Security, Winter 2004 p.1/37 Overview Using DNS to spoof a host s name
International journal of Engineering Research-Online A Peer Reviewed International Journal Articles available online http://www.ijoer.
RESEARCH ARTICLE ISSN: 2321-7758 GLOBAL LOAD DISTRIBUTION USING SKIP GRAPH, BATON AND CHORD J.K.JEEVITHA, B.KARTHIKA* Information Technology,PSNA College of Engineering & Technology, Dindigul, India Article
Locality-Aware Randomized Load Balancing Algorithms for DHT Networks
Locality-Aware ized Load Balancing Algorithms for DHT Networks Haiying Shen and Cheng-Zhong Xu Department of Electrical & Computer Engineering Wayne State University, Detroit, MI 4822 {shy,czxu}@ece.eng.wayne.edu
A Multi-dimensional Reputation System Combined with Trust and Incentive Mechanisms in P2P File Sharing Systems
A Multi-dimensional Reputation System Combined with Trust and Incentive Mechanisms in P2P File Sharing Systems Mao Yang 21, Qinyuan Feng 1, Yafei Dai 1, Zheng Zhang 2 Peking University, Beijing, China
Part 5 DNS Security. SAST01 An Introduction to Information Security 2015-09-21. Martin Hell Department of Electrical and Information Technology
SAST01 An Introduction to Information Security Part 5 DNS Security Martin Hell Department of Electrical and Information Technology How DNS works Amplification attacks Cache poisoning attacks DNSSEC 1 2
A Topology-Aware Relay Lookup Scheme for P2P VoIP System
Int. J. Communications, Network and System Sciences, 2010, 3, 119-125 doi:10.4236/ijcns.2010.32018 Published Online February 2010 (http://www.scirp.org/journal/ijcns/). A Topology-Aware Relay Lookup Scheme
IPTV AND VOD NETWORK ARCHITECTURES. Diogo Miguel Mateus Farinha
IPTV AND VOD NETWORK ARCHITECTURES Diogo Miguel Mateus Farinha Instituto Superior Técnico Av. Rovisco Pais, 1049-001 Lisboa, Portugal E-mail: diogo.farinha@ist.utl.pt ABSTRACT IPTV and Video on Demand
KEYWORD SEARCH OVER PROBABILISTIC RDF GRAPHS
ABSTRACT KEYWORD SEARCH OVER PROBABILISTIC RDF GRAPHS In many real applications, RDF (Resource Description Framework) has been widely used as a W3C standard to describe data in the Semantic Web. In practice,
P2P: centralized directory (Napster s Approach)
P2P File Sharing P2P file sharing Example Alice runs P2P client application on her notebook computer Intermittently connects to Internet; gets new IP address for each connection Asks for Hey Jude Application
Improving the Throughput of Distributed Hash Tables Using Congestion-Aware Routing
Improving the Throughput of Distributed Hash Tables Using Congestion-Aware Routing Fabius Klemm, Jean-Yves Le Boudec, Dejan Kostić, Karl Aberer School of Computer and Communication Sciences Ecole Polytechnique
Scalable Distributed Systems Application-Level Multicast. Davide Frey ASAP Team INRIA
Scalable Distributed Systems Application-Level Multicast Davide Frey ASAP Team INRIA Group Communication Common and useful communication paradigm Disseminating information within a group sharing interest
Lecture 10: CPA Encryption, MACs, Hash Functions. 2 Recap of last lecture - PRGs for one time pads
CS 7880 Graduate Cryptography October 15, 2015 Lecture 10: CPA Encryption, MACs, Hash Functions Lecturer: Daniel Wichs Scribe: Matthew Dippel 1 Topic Covered Chosen plaintext attack model of security MACs
Security in Ad Hoc Network
Security in Ad Hoc Network Bingwen He Joakim Hägglund Qing Gu Abstract Security in wireless network is becoming more and more important while the using of mobile equipments such as cellular phones or laptops
Secure Cluster Formation and Certificate Revocation Of Adversary Nodes In Mobile Adhoc Network
Secure Cluster Formation and Certificate Revocation Of Adversary Nodes In Mobile Adhoc Network Ambarish.A 1, Gowthamani.R 2 Department of Computer Science, Nehru Institute of Technology, Coimbatore 1,
Adaptive Load Balancing in KAD
Adaptive Load Balancing in KAD Damiano Carra University of Verona Verona, Italy damiano.carra@univr.it Moritz Steiner Bell Labs Alcatel-Lucent, USA moritz@bell-labs.com Pietro Michiardi Eurecom Sophia
Octopus: Anonymous and Secure DHT Lookup
Octopus: Anonymous and Secure DHT Lookup Abstract Distributed Hash Table (DHT) lookup is a core technique in structured peer-to-peer (P2P) networks. Its decentralized nature introduces security and privacy
OpenKnowledge. Initial Semantic Router
OpenKnowledge FP6-027253 Initial Semantic Router Spyros Kotoulas and Ronny Siebes Faculty of Sciences, Vrije Universiteit Amsterdam, The Netherlands Report Version: final Report Preparation Date: Classification:
Keywords DDoS, security attacks, Packet delivery ratio, Wireless mobile adhoc network, defense mechanisms.
Volume 5, Issue 6, June 2015 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Implementing DoS
m p k A E N 1..N 6 A E k = 5m, 1m, 15m, 2m Φ Φ minbe Operating Mode Current (mah) ATMega1281V, full operation 6 (7.37 MHz) ATMega1281V, sleep.1 Radio, receive 16 Radio, transmit (1 mw
SAFE: A Social Based Updatable Filtering Protocol with Privacy-preserving in Mobile Social Networks
IEEE ICC 23 - Wireless Networking Symposium SAFE: A Social Based Updatable Filtering Protocol with Privacy-preserving in Mobile Social Networks Kuan Zhang, Xiaohui Liang, Rongxing Lu, and Xuemin (Sherman)
Query Processing, optimization, and indexing techniques
Query Processing, optimization, and indexing techniques What s s this tutorial about? From here: SELECT C.name AS Course, count(s.students) AS Cnt FROM courses C, subscription S WHERE C.lecturer = Calders
Varalakshmi.T #1, Arul Murugan.R #2 # Department of Information Technology, Bannari Amman Institute of Technology, Sathyamangalam
A Survey on P2P File Sharing Systems Using Proximity-aware interest Clustering Varalakshmi.T #1, Arul Murugan.R #2 # Department of Information Technology, Bannari Amman Institute of Technology, Sathyamangalam
Public Key Infrastructure (PKI)
Public Key Infrastructure (PKI) In this video you will learn the quite a bit about Public Key Infrastructure and how it is used to authenticate clients and servers. The purpose of Public Key Infrastructure
Security Considerations for Intrinsic Monitoring within IPv6 Networks: Work in Progress
Security Considerations for Intrinsic Monitoring within IPv6 Networks: Work in Progress Alan Davy and Lei Shi Telecommunication Software&Systems Group, Waterford Institute of Technology, Ireland adavy,lshi@tssg.org
Computer Networks - CS132/EECS148 - Spring 2013 ------------------------------------------------------------------------------
Computer Networks - CS132/EECS148 - Spring 2013 Instructor: Karim El Defrawy Assignment 2 Deadline : April 25 th 9:30pm (hard and soft copies required) ------------------------------------------------------------------------------
College of Computing. Georgia Institute of Technology. CS 7260: Internetworking Protocols and Architectures: Spring Quiz II
College of Computing Georgia Institute of Technology CS 7260: Internetworking Protocols and Architectures: Spring 2007 Quiz II There are 14 questions and 10 pages in this quiz booklet (including this page).
LOOKING UP DATA IN P2P SYSTEMS
LOOKING UP DATA IN P2P SYSTEMS Hari Balakrishnan, M. Frans Kaashoek, David Karger, Robert Morris, Ion Stoica MIT Laboratory for Computer Science 1. Introduction The recent success of some widely deployed