[UCI-Calit2] Mitigating Attacks in Unstructured Multicast Overlay Networks

[Anna Lynn Spitzer]

Networked Systems Distinguished Speakers Series
Mitigating Attacks in Unstructured Multicast Overlay Networks

With Cristina Nita-Rotaru, Purdue University

2-3 p.m.
Thursday, Jan. 31
Calit2 Building, Room 3008



Many multicast overlay networks maintain application-specific
performance goals by dynamically adapting the overlay structure when the
monitored performance becomes inadequate. This adaptation results in an
unstructured overlay where no neighbor selection constraints are
imposed. Although such networks provide resilience to benign failures,
they are susceptible to attacks conducted by adversaries that compromise
overlay nodes.  Previous defense solutions proposed to address attacks
against overlay networks rely on strong organizational constraints and
are not effective for unstructured overlays.

We identify, demonstrate and mitigate insider attacks against
measurement-based adaptation mechanisms in unstructured multicast
overlay networks.  We propose techniques to decrease the number of
incorrect adaptations by using outlier detection and limit the impact of
malicious nodes by aggregating local information to derive global
reputation for each node. We demonstrate the attacks and mitigation
techniques through Internet deployments of a mature overlay multicast
system.

In addition, we also show how the mitigation techniques we have
developed effectively improve the resilience of virtual coordinate
systems. Virtual coordinate systems allow hosts on the Internet to
determine the latency to arbitrary hosts without actively monitoring all
nodes in the network and are used to optimize overlay construction and
maintenance. We demonstrate the attacks and mitigation techniques in the
context of a well-known distributed virtual coordinate system using
simulations based on three representative, real-life Internet topologies
of hosts and corresponding round trip times (RTT).

Cristina Nita-Rotaru is an assistant professor in the Department of
Computer Science at Purdue University, where she established the
Dependable and Secure Distributed Systems Laboratory (DS^2), is a member
of the Center for Education and Research in Information Assurance and
Security (CERIAS), and is associated with the Center for Wireless
Systems and Applications (CWSA). Her research interests lie in designing
distributed systems, network protocols and applications that are
dependable and secure, while maintaining acceptable levels of
performance. Current research focuses on: designing intrusion-tolerant
architectures for distributed services that scale to wide-area networks,
studying attacks and defenses in overlay networks, investigating
survivable routing in wireless ad hoc networks, and designing group
services for wireless mesh networks.

Nita-Rotaru is a recipient of the NSF Career Award in 2006 and a
recipient of the Purdue Teaching for Tomorrow Award in 2007. She has
served on the Technical Program Committee of numerous conferences in
security, networking and distributed systems. Her work is funded by the
Center for Education and Research in Information Security and Assurance
(CERIAS), by the Defense Advanced Research Projects Agency (DARPA), and
by the National Science Foundation (NSF).

She holds a Ph.D in Computer Science from Johns Hopkins University and a
MS from Politehnica University of Bucharest, Romania.

For more information, contact Athina Markopoulou at athina at uci.edu.