Abstract
Overlay multicast networks are used by service providers to distribute contents such as Web pages, static and streaming multimedia data, or security updates to a large number of users. However, such networks are extremely vulnerable to message-dropping attacks by malicious or selfish nodes that intentionally drop the packets they are required to forward to others. It is difficult to detect such attacks both efficiently and effectively and to further identify the attackers, especially when members in the overlay switch between online/offline statuses frequently. In this article, we consider various attacking strategies of an attacker and propose an optimal sampling-based scheme to detect such attacks in the overlay network. We analyze the detection problem from a game-theoretical viewpoint and show that our scheme outperforms a random sampling-based scheme in terms of detection rate. In addition, based on a reputation system, we propose a sampling-based path-resolving scheme to identify compromised or selfish nodes. Unlike other existing approaches, our schemes do not assume global knowledge of the overlay hierarchy and work for dynamic overlay networks as well. Extensive analysis and simulation results show that besides being band width efficient, our schemes have high detection and identification rates and low false-positive rates.
- Almeroth, K. and Ammar, M. 1997. Multicast group behavior in the Internet's multicast bckbone (mbone). IEEE Comm. Google Scholar
Digital Library
- Anderson, D., Balakrishnan, H., Kaashoek, F., and Moris, R. 2001. Resillient overlay networks. In Proceedings of the 18th ACM Symposium on Operating Systems Principles (SOSP). Google Scholar
Digital Library
- Banerjee, S., Bhattacharjee, B., and Kommareddy, C. 2002. Scalable application layer multicast. In Proceedings of ACM SIGCOMM'02. Google Scholar
Digital Library
- Banerjee, S., Lee, S., Bhattacharjee, B., and Srinivasan, A. 2003. Resilient multicast using overlays. SIGMETRICS Perform. Eval. Rev. 31, 1, 102--113. Google Scholar
Digital Library
- Blaze, M., Feigenbaum, J., Ioannidis, J., and Keromytis, A. 1999. RFC2704---The KeyNote Trust Management System Version 2. Google Scholar
Digital Library
- Blaze, M., Feigenbaum, J., and Lacy, J. 1996. Decentralized trust management. In Proceedings of IEEE Conference on Security and Privacy. Google Scholar
Digital Library
- Buchegger, S. and Boudec, J. 2004. A robust reputation system for p2p and mobile ad-hoc networks. In Proceedings of 2nd Workshop of Economics of P2P Systems.Google Scholar
- Chu, Y., Rao, S., Seshan, S., and Zhang, H. 2001. Enabling conferencing applications on the internet using an overlay multicast architecture. In Proceedings of ACM SIGCOMM'01. Google Scholar
Digital Library
- Chu, Y., Rao, S. G., and Zhang, H. 2000. A case for end system multicast (keynote address). In Proceedings of the ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems. 1--12. Google Scholar
Digital Library
- CSIM. Web site at www.mesquite.com.Google Scholar
- Dellarocas, C. 2000. Mechanisms for coping with unfair ratings and discriminatory behavior in online reputationn reporting systems. In Proceedings of the International Conference on Information Systemts (ICIS'00). Google Scholar
Digital Library
- Drabkin, V., Wallach, D., and Druschel, P. 2005. Incentives-compatible peer-to-peer multicast. In Proceedings of the International Conference on Dependable Systems and Networks (DSN'05).Google Scholar
- Ganeriwal, S. and Srivastava, M. 2004. Reputation-based framework for high integrity sensor networks. In Proceedings of the ACM Workshop on Security of ad hoc and Sensor Networks (SASN'04). Google Scholar
Digital Library
- Hu, Y.-C., Perrig, A., and Sirbu, M. 2004. SPV: Secure path vector routing for securing bgp. In Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM'04). 179--192. Google Scholar
Digital Library
- Jannotti, J., Gifford, D. K., Johnson, K. L., Kaashoek, M. F., and O'Toole, J. W., Jr. 2000. Overcast: Reliable multicasting with an overlay network. In Proceedings of the 4th USENIX Symposium on Operating System Design and Implementation. 197--212. Google Scholar
Digital Library
- Jun, S., Ahamad, M., and Xu, J. 2005. Robust information dissemination in uncooperative environments. In Proceedings of the 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05). Google Scholar
Digital Library
- Li, N., Mitchell, J., and Winsborough, W. 2002. Design of a role-based trust management framework. In Proceedings of IEEE Conference on Security and Privacy. Google Scholar
Digital Library
- Mathy, L., Blundell, N., Roca, V., and El-Sayed, A. 2004. Impact of simple cheating in application-level multicast. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communication Societies (INFOCOM), 2, 1318--1328.Google Scholar
- Ngan, T., Wallach, S., and Druschel, P. 2004. Incentives-compatible peer-to-peer multicast. 2nd Workshop on Economics of Peer-to-Peer Systems.Google Scholar
- Padmanabhan, V., Wang, H., Chou, P., and Sripanidkulchai, K. 2002. Distributing streaming media content using cooperative networking. In Proceedings of the ACM International Workshop Network and Operating Systems Support for Digital Audio and Video. Google Scholar
Digital Library
- Palter, D. Sept. 2002. Multicast fan-out saves bandwidth. Network World.Google Scholar
- Pendarakis, D., Shi, S., Verma, D., and Waldvogel, M. 2001. Almi: An application level multicast infrastructure. In Proceedings of the 3rd USENIX Symposium on Internet Technologies and Systems. Google Scholar
Digital Library
- Reiher, J. and Popek, G. 2004. Resilient self-organizing overlay networks for security update delivery. IEEE J. Selec. Areas Comm.Google Scholar
- Sabramanian, L., Roth, V., Stoica, I., Sehnker, S., and Katz, R. 2004. Listen and whisper: Security mechanisms for bgps. In Proceedings of the 1st Symposium on Networked Systems Design and Implementation (NSDI'04). Google Scholar
Digital Library
- Sherman, A. and McGrew, D. 2003. Key establishment in large dynamic groups using one-way function trees. IEEE Trans. Softw. Eng. Google Scholar
Digital Library
- Song, D., Zuckerman, D., and Tygar, J. 2002. Expander graphs for digital stream authentication and robust overlay networks. In Proceedings of IEEE Symposium on Security and Privacy. 258--270. Google Scholar
Digital Library
- Wright, R., Lincoln, P., and Miller, J. 2000. Efficient fault-tolerant certificate revocation. In Proceedings of ACM Conference on Computer and Communication Security (CCS'00). Google Scholar
Digital Library
- Yang, H., Luo, H., Yang, Y., Lu, S., and Zhang, L. 2004. Hours: Achieving dos resilience in an open service hierarchy. In Proceedings of the 2004 International Conference on Dependable Systems and Networks (DSN'04). 83. Google Scholar
Digital Library
- Zhang, B., Jamin, S., and Zhang, L. 2002. Host multicast: A framework for delivering multicast to end users. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communication Societies (INFOCOM). 1366--1375.Google Scholar
- Zhu, S., Yao, C., Liu, D., Setia, S., and Jajodia, S. 2005. Efficient security mechanisms for overlay multicast-based content distribution. In Proceedings of International Conference on Applied Cryptography and Network Security (ACNS'05). 40--55. Google Scholar
Digital Library
Index Terms
Message Dropping Attacks in Overlay Networks: Attack Detection and Attacker Identification
Recommendations
A framework for mitigating attacks against measurement-based adaptation mechanisms in unstructured multicast overlay networks
Many multicast overlay networks maintain application-specific performance goals by dynamically adapting the overlay structure when the monitored performance becomes inadequate. This adaptation results in an unstructured overlay where no neighbor ...
Modeling and control of Cyber-Physical Systems subject to cyber attacks: A survey of recent advances and challenges
Highlights- In general, the cyber-attacks in the literature can be classified into three main types: denial of service (DoS) attacks, deception attacks, and replay ...
AbstractCyber Physical Systems (CPS) are almost everywhere; they can be accessed and controlled remotely. These features make them more vulnerable to cyber attacks. Since these systems provide critical services, having them under attack would ...
On the resistance of overlay networks against bandwidth exhaustion attacks
In order to perform private communication over public networks, such as the Internet, several different kinds of virtual overlay networks emerged. Examples are the well known Virtual Private Networks, Darknets, and anonymizing networks like Tor. All of ...






Comments