Securing Application-Level Topology Estimation Networks: Facing the Frog-Boiling Attack
Sheila Becker - University of Luxembourgh
Oct 26, 2011Size: 446.8MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractPeer-to-peer real-time communication and media streaming applications
optimize their performance by using application-level topology estimation
services such as virtual coordinate systems. Virtual coordinate systems allow
nodes in a peer-to-peer network to accurately predict latency between arbitrary
nodes without the need of performing extensive measurements. However, systems
that leverage virtual coordinates as supporting building blocks, are prone to
attacks conducted by compromised nodes that aim at disrupting, eavesdropping,
or mangling with the underlying communications.
Recent research proposed techniques to mitigate basic attacks (inflation, deflation,
oscillation) considering a single attack strategy model where attackers perform
only one type of attack. In this work we explore supervised machine learning
techniques to mitigate more subtle yet highly effective attacks (frog-boiling,
network-partition) that are able to bypass existing defenses. We evaluate our
techniques on the Vivaldi system against a more complex attack strategy model,
where attackers perform sequences of all known attacks against virtual coordinate
systems, using both simulations and Internet deployments.
About the SpeakerSheila is a Ph.D. candidate at the University of Luxembourg. She is a visiting scholar at Purdue University in the Dependable and Secure Distributed Systems Lab for this academic year with the support of a Fulbright grant. In 2008, she obtained the M. Sc. degree from the University Henri Poincare in Nancy, France. She received an industrial engineering degree in applied informatics from University of Luxembourg in 2007. Her interests lie in Machine Learning, Network Security and Fuzz testing.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.