Automatic Detection of Protocol Manipulation Attacks in Distributed Systems Implementations
Cristina Nita-Rotaru - Purdue University
Jan 16, 2013
AbstractMost distributed systems are designed to meet application-prescribed metrics that ensure availability and high-performance. However, attacks can significantly degrade performance, limiting the practical utility of these systems in adversarial environments. Specifically, compromised participants can manipulate protocol semantics through attacks that target the messages exchanged with honest participants.
Finding attacks against performance in distributed systems implementations is a very challenging task due to (1) state-space explosion that occurs as attackers are more realistically modeled, (2) diversity of programming language, software, operating systems and the subtle interactions between the software components, (3) diversity of communication channels (wired or wireless communication, TCP or UDP, encrypted or not-encrypted), (4) difficulty of expressing performance as an invariant in the system, (5) difficulty of capturing real-world performance in a reproducible way, not only the system performance but the network conditions when that performance was obtained.
In this talk we describe a platform that allows to find reproducible, real, high-impact, malicious performance attacks on distributed systems implementations in realistic environments.
About the SpeakerCristina Nita-Rotaru is an Associate Professor in the Department of Computer Science at Purdue University where she established the Dependable and Secure Distributed Systems Laboratory (DS^2) , is a member of the Center for Education and Research in Information Assurance and Security (CERIAS). Her research lies at the intersection of information security, distributed systems, and computer networks. The overarching goal of her work is designing and building practical distributed systems and network protocols that are robust to failures and attacks while coping with the resource constraints existent in computing systems and networks.
Cristina Nita-Rotaru is a recipient of the NSF Career Award in 2006 and a recipient of the Purdue Teaching for Tomorrow Award in 2007. She has served on the Technical Program Committee of numerous conferences in security, networking and distributed systems. She is currently an Associate Editor for ACM Transactions on Information and System Security, IEEE Transactions on Mobile Computing, and IEEE Transactions on Computers.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.