skip to main content
research-article

Message Dropping Attacks in Overlay Networks: Attack Detection and Attacker Identification

Published:01 March 2008Publication History
Skip Abstract Section

Abstract

Overlay multicast networks are used by service providers to distribute contents such as Web pages, static and streaming multimedia data, or security updates to a large number of users. However, such networks are extremely vulnerable to message-dropping attacks by malicious or selfish nodes that intentionally drop the packets they are required to forward to others. It is difficult to detect such attacks both efficiently and effectively and to further identify the attackers, especially when members in the overlay switch between online/offline statuses frequently. In this article, we consider various attacking strategies of an attacker and propose an optimal sampling-based scheme to detect such attacks in the overlay network. We analyze the detection problem from a game-theoretical viewpoint and show that our scheme outperforms a random sampling-based scheme in terms of detection rate. In addition, based on a reputation system, we propose a sampling-based path-resolving scheme to identify compromised or selfish nodes. Unlike other existing approaches, our schemes do not assume global knowledge of the overlay hierarchy and work for dynamic overlay networks as well. Extensive analysis and simulation results show that besides being band width efficient, our schemes have high detection and identification rates and low false-positive rates.

References

  1. Almeroth, K. and Ammar, M. 1997. Multicast group behavior in the Internet's multicast bckbone (mbone). IEEE Comm. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Anderson, D., Balakrishnan, H., Kaashoek, F., and Moris, R. 2001. Resillient overlay networks. In Proceedings of the 18th ACM Symposium on Operating Systems Principles (SOSP). Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Banerjee, S., Bhattacharjee, B., and Kommareddy, C. 2002. Scalable application layer multicast. In Proceedings of ACM SIGCOMM'02. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Banerjee, S., Lee, S., Bhattacharjee, B., and Srinivasan, A. 2003. Resilient multicast using overlays. SIGMETRICS Perform. Eval. Rev. 31, 1, 102--113. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Blaze, M., Feigenbaum, J., Ioannidis, J., and Keromytis, A. 1999. RFC2704---The KeyNote Trust Management System Version 2. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Blaze, M., Feigenbaum, J., and Lacy, J. 1996. Decentralized trust management. In Proceedings of IEEE Conference on Security and Privacy. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Buchegger, S. and Boudec, J. 2004. A robust reputation system for p2p and mobile ad-hoc networks. In Proceedings of 2nd Workshop of Economics of P2P Systems.Google ScholarGoogle Scholar
  8. Chu, Y., Rao, S., Seshan, S., and Zhang, H. 2001. Enabling conferencing applications on the internet using an overlay multicast architecture. In Proceedings of ACM SIGCOMM'01. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Chu, Y., Rao, S. G., and Zhang, H. 2000. A case for end system multicast (keynote address). In Proceedings of the ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems. 1--12. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. CSIM. Web site at www.mesquite.com.Google ScholarGoogle Scholar
  11. Dellarocas, C. 2000. Mechanisms for coping with unfair ratings and discriminatory behavior in online reputationn reporting systems. In Proceedings of the International Conference on Information Systemts (ICIS'00). Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Drabkin, V., Wallach, D., and Druschel, P. 2005. Incentives-compatible peer-to-peer multicast. In Proceedings of the International Conference on Dependable Systems and Networks (DSN'05).Google ScholarGoogle Scholar
  13. Ganeriwal, S. and Srivastava, M. 2004. Reputation-based framework for high integrity sensor networks. In Proceedings of the ACM Workshop on Security of ad hoc and Sensor Networks (SASN'04). Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Hu, Y.-C., Perrig, A., and Sirbu, M. 2004. SPV: Secure path vector routing for securing bgp. In Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM'04). 179--192. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Jannotti, J., Gifford, D. K., Johnson, K. L., Kaashoek, M. F., and O'Toole, J. W., Jr. 2000. Overcast: Reliable multicasting with an overlay network. In Proceedings of the 4th USENIX Symposium on Operating System Design and Implementation. 197--212. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Jun, S., Ahamad, M., and Xu, J. 2005. Robust information dissemination in uncooperative environments. In Proceedings of the 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05). Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Li, N., Mitchell, J., and Winsborough, W. 2002. Design of a role-based trust management framework. In Proceedings of IEEE Conference on Security and Privacy. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Mathy, L., Blundell, N., Roca, V., and El-Sayed, A. 2004. Impact of simple cheating in application-level multicast. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communication Societies (INFOCOM), 2, 1318--1328.Google ScholarGoogle Scholar
  19. Ngan, T., Wallach, S., and Druschel, P. 2004. Incentives-compatible peer-to-peer multicast. 2nd Workshop on Economics of Peer-to-Peer Systems.Google ScholarGoogle Scholar
  20. Padmanabhan, V., Wang, H., Chou, P., and Sripanidkulchai, K. 2002. Distributing streaming media content using cooperative networking. In Proceedings of the ACM International Workshop Network and Operating Systems Support for Digital Audio and Video. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Palter, D. Sept. 2002. Multicast fan-out saves bandwidth. Network World.Google ScholarGoogle Scholar
  22. Pendarakis, D., Shi, S., Verma, D., and Waldvogel, M. 2001. Almi: An application level multicast infrastructure. In Proceedings of the 3rd USENIX Symposium on Internet Technologies and Systems. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Reiher, J. and Popek, G. 2004. Resilient self-organizing overlay networks for security update delivery. IEEE J. Selec. Areas Comm.Google ScholarGoogle Scholar
  24. Sabramanian, L., Roth, V., Stoica, I., Sehnker, S., and Katz, R. 2004. Listen and whisper: Security mechanisms for bgps. In Proceedings of the 1st Symposium on Networked Systems Design and Implementation (NSDI'04). Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Sherman, A. and McGrew, D. 2003. Key establishment in large dynamic groups using one-way function trees. IEEE Trans. Softw. Eng. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Song, D., Zuckerman, D., and Tygar, J. 2002. Expander graphs for digital stream authentication and robust overlay networks. In Proceedings of IEEE Symposium on Security and Privacy. 258--270. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Wright, R., Lincoln, P., and Miller, J. 2000. Efficient fault-tolerant certificate revocation. In Proceedings of ACM Conference on Computer and Communication Security (CCS'00). Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Yang, H., Luo, H., Yang, Y., Lu, S., and Zhang, L. 2004. Hours: Achieving dos resilience in an open service hierarchy. In Proceedings of the 2004 International Conference on Dependable Systems and Networks (DSN'04). 83. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Zhang, B., Jamin, S., and Zhang, L. 2002. Host multicast: A framework for delivering multicast to end users. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communication Societies (INFOCOM). 1366--1375.Google ScholarGoogle Scholar
  30. Zhu, S., Yao, C., Liu, D., Setia, S., and Jajodia, S. 2005. Efficient security mechanisms for overlay multicast-based content distribution. In Proceedings of International Conference on Applied Cryptography and Network Security (ACNS'05). 40--55. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Message Dropping Attacks in Overlay Networks: Attack Detection and Attacker Identification

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM Transactions on Information and System Security
          ACM Transactions on Information and System Security  Volume 11, Issue 3
          March 2008
          148 pages
          ISSN:1094-9224
          EISSN:1557-7406
          DOI:10.1145/1341731
          Issue’s Table of Contents

          Copyright © 2008 ACM

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 1 March 2008
          • Accepted: 1 September 2007
          • Revised: 1 August 2007
          • Received: 1 February 2007
          Published in tissec Volume 11, Issue 3

          Permissions

          Request permissions about this article.

          Request Permissions

          Check for updates

          Qualifiers

          • research-article
          • Research
          • Refereed

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!