Abstract
This paper addresses the issue of the security of Internet Coordinate Systems,by proposing a general method for malicious behavior detection during coordinate computations. We first show that the dynamics of a node, in a coordinate system without abnormal or malicious behavior, can be modeled by a Linear State Space model and tracked by a Kalman filter. Then we show, that the obtained model can be generalized in the sense that the parameters of a filtercalibrated at a node can be used effectively to model and predict the dynamic behavior at another node, as long as the two nodes are not too far apart in the network. This leads to the proposal of a Surveyor infrastructure: Surveyor nodes are trusted, honest nodes that use each other exclusively to position themselves in the coordinate space, and are therefore immune to malicious behavior in the system.During their own coordinate embedding, other nodes can thenuse the filter parameters of a nearby Surveyor as a representation of normal, clean system behavior to detect and filter out abnormal or malicious activity. A combination of simulations and PlanetLab experiments are used to demonstrate the validity, generality, and effectiveness of the proposed approach for two representative coordinate embedding systems, namely Vivaldi and NPS.
- T. E. Ng, and H. Zhang, Predicting internet network distance with coordinates-based approaches, in Proceedings of the IEEE INFOCOM, New York, June 2002.Google ScholarCross Ref
- M. Pias, J. Crowcroft, S.Wilbur, S. Bhatti, and T. Harris, Lighthouses for Scalable Distributed Location, in Proceedings of International Workshop on Peer-to-Peer Systems (IPTPS03), Berkeley, February 2003.Google ScholarCross Ref
- M. Costa, M. Castro, A. Rowstron, and P. Key, Practical Internet coordinates for distance estimation, in Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS), Tokyo, March 2004. Google ScholarDigital Library
- T. E. Ng and H. Zhang, A Network Positioning System for the Internet, in Proceedings of the USENIX annual technical conference, Boston, June 2004. Google ScholarDigital Library
- F. Dabek, R. Cox, F. Kaashoek and R. Morris, Vivaldi: A decentralized network coordinate system, in Proceedings of the ACM SIGCOMM, Portland, Oregon, August 2004. Google ScholarDigital Library
- Y. Shavitt and T. Tankel, Big-Bang Simulation for embedding network distances in Euclidean Space, in Proceedings of the IEEE INFOCOM, June 2002.Google Scholar
- J. Ledlie, P. Gardner, and M. Seltzer, Network Coordinates in the Wild, in Proceedings of NSDI, Cambridge, MA, April 2007. Google ScholarDigital Library
- I. Stoica, R. Morris, D. Karger, M. F. Kaashoek, and H. Balakrishnan, Chord: A Scalable Peer-to-Peer Lookup Service for Internet Applications, in Proceedings ofSIGCOMM, San Diego, CA, August 2001. Google ScholarDigital Library
- Azureus BitTorrent Client.http://azureus.sourceforce.netGoogle Scholar
- www.skype.comGoogle Scholar
- M. A. Kaafar, L. Mathy, T. Turletti, and W. Dabbous, Virtual Networks under Attack: Disrupting Internet Coordinate Systems, in Proceedings of CoNext 2006, Lisboa, December, 2006. Google ScholarDigital Library
- M. A. Kaafar, L. Mathy, T. Turletti and W. Dabbous, Real attacks on virtual networks: Vivaldi out of tune, in Proceedings of the SIGCOMM workshop on Large Scale Attack Defense (LSAD),Pisa, September 2006. Google ScholarDigital Library
- R. E. Kalman, A New Approach to Linear Filtering and Prediction Problems, in Transactions of the ASME - Journalof Basic Engineering Vol. 82: pp. 35--45, 1960.Google ScholarCross Ref
- R. E. Kalman, and R. S. Bucy, New Results in Linear Filtering and Prediction Theory, in Transactions of the ASME - Journal of Basic Engineering Vol. 83: pp. 95--107, 1961.Google ScholarCross Ref
- Y. Zhang, N. Duffield, V. Paxson, and S. Shenker, On the Constancy of Internet Path Properties, in Proceedings of ACM SIGCOMM Internet Measurement Workshop, San Francisco, CA, November 2001. Google ScholarDigital Library
- Z. Ghahramani, G. Hinton, Parameter Estimation for Linear Dynamical Systems, University of Toronto, Technical Report CRG-TR-96-2.Google Scholar
- M. A. Kaafar, L. Mathy, C. Barakat, K. Salamatian, T. Turletti and W. Dabbous, Securing Internet Coordinate System: Embeeding Phase, Technical Report INRIA-00151257.Google Scholar
- K. P. Gummadi, S. Saroiu, and S. D. Gribble, King: Estimating Latency between Arbitrary Internet End Hosts, in Proceedings of SIGCOMM Internet Mesasurement Workshop (IMW), Pittsburgh, PA, November 2002. Google ScholarDigital Library
- H. Lilliefors, On the Kolmogorov-Smirnov test for normality with mean and variance unknown, Journal of the American Statistical Association, Vol. 62. pp. 399--402, June, 1967.Google ScholarCross Ref
- A. Soule, K. Salamatian, and N. Taft, Combining Filtering and Statistical Methods for Anomaly Detection, in Proceedings of Internet Measurement Conference (IMC), Berkeley, October, 2005. Google ScholarDigital Library
- E. K. Lua, T. griffin, M. Pias, H. Zheng, and J. Crowcroft, On the accuracy of Embeddings for Internet Coordinate Systems, in Proceedings of Internet Measurement Conference (IMC), Berkeley, October 2005. Google ScholarDigital Library
- H. Zheng, E. K. Lua, M. Pias, and T. Griffin, Internet Routing Policies and Roun-Trip Times, in Proceedings of the Passive Active Measurement (PAM), Boston, March 2005. Google ScholarDigital Library
- J. Bilmes, A gentle tutorial on the EM algorithm including gaussian mixtures and baum-welch, Technical Report TR-97-021, International Computer Science Institute, Berkeley, CA, 1997.Google Scholar
- A. Keromytis, V. Misra and D. Rubenstein, SOS: Secure Overlay Services, in Proceedings of ACM SIGCOMM, Pittsburgh, PA, August 2002. Google ScholarDigital Library
Index Terms
- Securing internet coordinate embedding systems
Recommendations
Securing internet coordinate embedding systems
SIGCOMM '07: Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communicationsThis paper addresses the issue of the security of Internet Coordinate Systems,by proposing a general method for malicious behavior detection during coordinate computations. We first show that the dynamics of a node, in a coordinate system without ...
Securing Internet Coordinate Systems
Sustainable InternetAbstractInternet coordinate systems (e.g. [1,?]) have been proposed to allow for distance (Round-Trip Time, shortly RTT) estimation between nodes, in order to reduce the measurement overhead of many applications and overlay networks. Indeed, by embedding ...
Internet of Things security
The Internet of things (IoT) has recently become an important research topic because it integrates various sensors and objects to communicate directly with one another without human intervention. The requirements for the large-scale deployment of the ...
Comments