Abstract
Virtual coordinate systems provide an accurate and efficient service that allows hosts on the Internet to determine the latency to arbitrary hosts without actively monitoring all of the nodes in the network. Many of the proposed systems were designed with the assumption that all of the nodes are altruistic. However, this assumption may be violated by compromised nodes acting maliciously to degrade the accuracy of the coordinate system. As numerous peer-to-peer applications come to rely on virtual coordinate systems to achieve good performance, it is critical to address the security of such systems.
In this work, we demonstrate the vulnerability of decentralized virtual coordinate systems to insider (or Byzantine) attacks. We propose techniques to make the coordinate assignment robust to malicious attackers without increasing the communication cost. We use both spatial and temporal correlations to perform context-sensitive outlier analysis to reject malicious updates and prevent unnecessary and erroneous adaptations. We demonstrate the attacks and mitigation techniques in the context of a well-known virtual coordinate system using simulations based on three representative, real-life Internet topologies of hosts and corresponding Round Trip Times (RTT). We show the effects of the attacks and the utility of the mitigation techniques on the virtual coordinate system as seen by higher-level applications, elucidating the utility of deploying robust virtual coordinate systems as network services.
- Anjum, F., Pandey, S., and Agrawal, P. 2005. Secure localization in sensor networks using transmission range variation. In Proceedings of the IEEE Conference on Mobile, Ad Hoc and Sensor Systems (MASS’05).Google Scholar
- Awerbuch, B., Curtmola, R., Holmer, D., Rubens, H., and Nita-Rotaru, C. 2005. On the survivability of routing protocols in ad hoc wireless networks. In Proceedings of the International ICST Conference on Security and Privacy in Communication Networks (SecureComm’05). Google Scholar
Digital Library
- Barnett, V. and Lewis, T. 1994. Outliers in Statistical Data. John Wiley & Sons New York.Google Scholar
- Barreno, M., Nelson, B., Sears, R., Joseph, A. D., and Tygar, J. D. 2006. Can machine learning be secure? In Proceedings of the ASIACCS Conference. Google Scholar
Digital Library
- Birant, D. and Kut, A. 2006. Spatio-Temporal outlier detection in large databases. In Proceedings of the International Conference on Information Technology Interfaces (ITI’06).Google Scholar
- Capkun, S. and Hubaux, J.-P. 2005. Secure positioning of wireless devices with application to sensor networks. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies (InfoCom’05).Google Scholar
- Castro, M., Druschel, P., Ganesh, A., Rowstron, A., and Wallach, D. S. 2002. Secure routing for structured peer-to-peer overlay networks. In Proceedings of the ACM USENIX Symposium on Operating Systems Design and Implementation (OSDI’02). Google Scholar
Digital Library
- Chan-Tin, E., Feldman, D., Hopper, N., and Kim, Y. 2009. The frog-boiling attack: Limitations of anomaly detection for secure network coordinate systems. In Proceedings of the International ICST Conference on Security and Privacy in Communication Networks (SecureComm’09).Google Scholar
- Chen, H., Lou, W., Ma, J., and Wang, Z. 2008. Tscd: A novel secure localization approach for wireless sensor networks. In Proceedings of the International Conference on Sensor Technologies and Applications (SensorComm’08). Google Scholar
Digital Library
- Chu, Y., Rao, S. G., and Zhang, H. 2000. A case for end system multicast (keynote address). In Proceedings of the ACM SIGMETRICS Joint International Conference on Measurement and Modeling of Computer Systems. Google Scholar
Digital Library
- Costa, M., Castro, M., Rowstron, R., and Key, P. 2004. PIC: Practical Internet coordinates for distance estimation. In Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS’04). Google Scholar
Digital Library
- Cspace. http://cspace.in/.Google Scholar
- Dabek, F., Cox, R., Kaashoek, F., and Morris, R. 2004a. Vivaldi: A decentralized network coordinate system. In Proceedings of the ACM SIGCOMM. Google Scholar
Digital Library
- Dabek, F., Li, J., Sit, E., Robertson, J., Kaashoek, M. F., and Morris, R. 2004b. Designing a dht for low latency and high throughput. In Proceedings of the ACM USENIX Symposium on Networked Systems Design and Implementation (NSDI’04). Google Scholar
Digital Library
- Denning, D. E. 1987. An intrusion-detection model. IEEE Trans. Softw. Eng. 13, 222--232. Google Scholar
Digital Library
- Dolev, D. and Yao, A. C. 1981. On the security of public key protocols. In Proceedings of the Annual Symposium on Foundations of Computer Science (SFCS’81). Google Scholar
Digital Library
- Du, W., Fang, L., and Ning, P. 2006. Lad: Localization anomaly detection for wireless sensor networks. J. Parall. Distrib. Comput. 66, 874--886. Google Scholar
Digital Library
- Ferdousi, Z. and Maeda, A. 2006. Unsupervised outlier detection in time series data. In Proceedings of the IEEE International Conference on Data Engineering Workshop (ICDEW’06). Google Scholar
Digital Library
- Francis, P., Jamin, S., Jin, C., Jin, Y., Raz, D., Shavitt, Y., and Zhang, L. 2001. IDMaps: A global internet host distance estimation service. IEEE/ACM Trans. Netw. 9, 525. Google Scholar
Digital Library
- Freedman, M. J., Freudenthal, E., and Mazieres, D. 2004. Democratizing content publication with coral. In Proceedings of the ACM USENIX Symposium on Networked Systems Design and Implementation (NSDI’04). Google Scholar
Digital Library
- Gummadi, K., Gummadi, R., Gribble, S., Ratnasamy, S., Shenker, S., and Stoica, I. 2003. The impact of DHT routing geometry on resilience and proximity. In Proceedings of ACM SIGCOMM. Google Scholar
Digital Library
- Gummadi, K. P., Saroiu, S., and Gribble, S. D. 2002. King: Estimating latency between arbitrary internet end hosts. In Proceedings of the SIGCOMM Internet Measurement Workshop (IMW’02). Google Scholar
Digital Library
- Hu, X. and Mao, Z. M. 2007. Accurate real-time identification of ip prefix hijacking. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’’07). Google Scholar
Digital Library
- Hu, Y.-C., Perrig, A., and Johnson, D. B. 2005. Ariadne: a secure on-demand routing protocol for ad hoc networks. Wirel. Netw. 11, 21--38. Google Scholar
Digital Library
- Hu, Y.-C., Perrig, A., and Sirbu, M. 2004. Spv: secure path vector routing for securing bgp. SIGCOMM Comput. Comm. Rev. 34, 179--192. Google Scholar
Digital Library
- Huang, Y. and Lee, W. 2004. Attack analysis and detection for ad hoc routing protocols. Lecture Notes in Computer Science. vol. 3224, Springer, 125--145.Google Scholar
- Jiang, G. and Cybenko, G. 2004. Temporal and spatial distributed event correlation for network security. In Proceedings of the American Control Conference (ACC’04).Google Scholar
- Kaafar, M. A., Mathy, L., Salamatian, C. B. K., Turletti, T., and Dabbous, W. 2007. Securing internet coordinate embedding systems. In Proceedings of ACM SIGCOMM. Google Scholar
Digital Library
- Kaafar, M. A., Mathy, L., Turletti, T., and Dabbous, W. 2006a. Real attacks on virtual networks: Vivaldi out of tune. In Proceedings of the ACM SIGCOMM Workshop on Large Scale Attack Defenses (LSAD’06). Google Scholar
Digital Library
- Kaafar, M. A., Mathy, L., Turletti, T., and Dabbous, W. 2006b. Virtual networks under attack: Disrupting internet coordinate systems. In Proceedings of the Conference on Emerging Network Experiment and Technology (CoNext’06). Google Scholar
Digital Library
- Knorr, E. M. and Ng, R. T. 1998. Algorithms for mining distance-based outliers in large datasets. In Proceedings of the International Conference on Very Large Databases (VLDB’98). Google Scholar
Digital Library
- Knuth, D. E. 1978. The Art of Computer Programming 2nd Ed. Addison-Wesley. Google Scholar
Digital Library
- Lad, M., Massey, D., Pei, D., Wu, Y., Zhang, B., and Zhang, L. 2006. A prefix hijack alert system. In Proceedings of the USENIX Security Conference. Google Scholar
Digital Library
- Lazos, L. and Poovendran, R. 2005. Serloc: Robust localization for wireless sensor networks. ACM Trans. Sen. Netw. 1, 73--100. Google Scholar
Digital Library
- Lazos, L. and Poovendran, R. 2006. Hirloc: High-Resolution robust localization for wireless sensor networks. IEEE J. Select. Areas Comm. 24, 233--246. Google Scholar
Digital Library
- Lazos, L., Poovendran, R., and Čapkun, S. 2005. Rope: Robust position estimation in wireless sensor networks. In Proceedings of the International Conference on Information Processing in Sensor Networks (IPSN’05). Google Scholar
Digital Library
- Ledlie, J., Gardner, P., and Seltzer, M. 2007a. Network coordinates in the wild. In Proceedings of the ACM USENIX Symposium on Networked Systems Design and Implementation (NSDI’07). Google Scholar
Digital Library
- Ledlie, J., Pietzuch, P., Mitzenmacher, M., and Seltzer, M. 2007b. Wired geometric routing. In Proceedings of the International Workshop on Peer-to-Peer Systems (IPTPS’07).Google Scholar
- Lehman, L. and Lerman, S. 2004. Pcoord: Network position estimation using peer-to-peer measurements. In Proceedings of the IEEE International Symposium on Network Computing and Applications (NCA’04). Google Scholar
Digital Library
- Lehman, L. and Lerman, S. 2006. A decentralized network coordinate system for robust internet distance. In Proceedings of the International Conference on Information Technology: New Generations (ITNG’06). Google Scholar
Digital Library
- Li, Z., Trappe, W., Zhang, Y., and Nath, B. 2005. Robust statistical methods for securing wireless localization in sensor networks. In Proceedings of the International Conference on Information Processing in Sensor Networks (IPSN’05). Google Scholar
Digital Library
- Lim, H., Hou, J., and Choi, C. 2003. Constructing internet coordinate system based on delay measurement. In Proceedings of the Internet Measurement Conference (IMC’03). Google Scholar
Digital Library
- Lu, C., Chen, D., and Kou, Y. 2004. Multivariate spatial outlier detection. Int. J. Artif. Intell. Tools 13, 801--812.Google Scholar
Cross Ref
- Lua, E., Griffin, T., Pias, M., Zheng, H., and Crowcroft, J. 2005. On the accuracy of embeddings for internet coordinate systems. In Proceedings of the Internet Measurement Conference (IMC’05). Google Scholar
Digital Library
- Lumezanu, C. and Spring, N. 2006. Playing Vivaldi in hyperbolic space. In Proceedings of the Internet Measurement Conference (IMC’06).Google Scholar
- Marti, S., Giuli, T. J., Lai, K., and Baker, M. 2000. Mitigating routing misbehavior in mobile ad hoc networks. In Proceedings of the ACM International Conference on Mobile Computing and Networking (MobiCom’00). Google Scholar
Digital Library
- Mathews, M., Song, M., Shetty, S., and McKenzie, R. 2007. Detecting compromised nodes in wireless sensor networks. In Proceedings of the ACIS International Conference on Software Engineering, Artificial Intelligences, Networking and Parallel/Distributed Computing (SNPD’07). Google Scholar
Digital Library
- Maymounkov, P. and Mazieres, D. 2002. A peer-to-peer information system based on the XOR metric. In Proceedings of the International Workshop on Peer-to-Peer Systems (IPTPS’02). Google Scholar
Digital Library
- Narayanan, S. and Shim, E. 2007. Performance improvement of a distributed internet coordi- nates system. In Proceedings of the Consumer Communications and Networking Conference (CCNC’07).Google Scholar
- Ng, E. and Zhang, H. 2002. Predicting internet network distance with coordinates-based ap- proaches. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies (InfoCom’02).Google Scholar
- Ng, T. and Zhang, H. 2004. A network positioning system for the internet. In Proceedings of the USENIX Conference. Google Scholar
Digital Library
- Nlanr active measurement project. 2010. Nlanr active measurement project homepage. http://amp.nlanr.net/.Google Scholar
- Oorschot, P. V., Wan, T., and Kranakis, E. 2007. On interdomain routing security and pretty secure bgp (psbgp). ACM Trans. Inf. Syst. Secur. 10, 11. Google Scholar
Digital Library
- p2psim. 2010. P2psim: A simulator for peer-to-peer protocols. http://pdos.csail.mit.edu/p2psim/.Google Scholar
- Papadimitratos, P. and Haas, Z. J. 2003. Secure data transmission in mobile ad hoc networks. In Proceedings of the International Conference on Web Information Systems Engineering (WISE’03).Google Scholar
- Patwardhan, A., Parker, J., Joshi, A., Iorga, M., Karygiannis, T., and UMBC, B. 2005. Secure routing and intrusion detection in ad hoc networks. In Proceedings of the IEEE International Conference on Pervasive Computing and Communications (PerCom’05). Google Scholar
Digital Library
- Pias, M., Crowcroft, J., Wilbur, S., Bhatti, S., and Harris, T. 2003. Lighthouses for scalable distributed location. In Proceedings of the International Workshop on Peer-to-Peer Systems (IPTPS’03). Google Scholar
- Pietzuch, P., Ledlie, J., Mitzenmacher, M., and Seltzer, M. 2006. Network-Aware overlays with network coordinates. In Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS’06). Google Scholar
Digital Library
- Rao, A., Ratnasamy, S., Papadimitriou, C., Shenker, S., and Stoica, I. 2003. Geographic routing without location information. In Proceedings of the ACM Annual International Conference on Mobile Computing and Networking (MobiCom’03). Google Scholar
Digital Library
- Ribeiro, M. I. 2004. Gaussian probability density functions: Properties and error characterization. Tech. rep. 1049-001, Instituto Superior Tcnico, Lisboa, Portugal.Google Scholar
- Rowstron, A. and Druschel, P. 2001. Pastry: Scalable, decentralized object location, and routing for large-scale peer-to-peer systems. Lecture Notes in Computer Science, vol. 2218, Springer, 329--350. Google Scholar
Digital Library
- Sargor, C. 1998. Sargor, C. 1998. Statistical anomaly detection for link-state routing protocols. In Proceedings of the Annual International Conference on Network Protocols (ICNP’98). Google Scholar
Digital Library
- Saucez, D., Donnet, B., and Bonaventure, O. 2007. A reputation-based approach for securing vivaldi embedding system. Lecture Notes in Computer Science, vol. 4606, Springer, 78. Google Scholar
Digital Library
- Shavitt, Y. and Tankel, T. 2004. Big-Bang simulation for embedding network distances in euclidean space. IEEE/ACM Trans. Netw. 12, 993--1006. Google Scholar
Digital Library
- Sherr, M., Loo, B., and Blaze, M. 2008. A fully decentralized service for securing network coordinate systems. In Proceedings of the International Workshop on Peer-to-Peer systems (IPTPS’08). Google Scholar
Digital Library
- Smith, R. C. and Cheeseman, P. 1986. On the representation and estimation of spatial uncertainty. Int. J. Robot. Res. 5, 56--68. Google Scholar
Digital Library
- Srinivasan, A., Teitelbaum, J., and Wu, J. 2006. Drbts: Distributed reputation-based beacon trust system. In Proceedings of the AIAA/IEEE/SAE Digital Avionics Systems Conference (DASC’06). Google Scholar
Digital Library
- Stoica, I., Morris, R., Liben-Nowell, D., Karger, D., Kaashoek, M. F., Dabek, F., and Balakrishnan, H. 2003. Chord: A scalable peer-to-peer lookup service for internet applications. IEEE/ACM Trans. Netw. 11, 17--32. Google Scholar
Digital Library
- Tan, P.-N., Steinbach, M., and Kumar, V. 2006. Introduction to Data Mining. Addison Wesley. Google Scholar
Digital Library
- Tang, L. and Crovella, M. 2003. Virtual landmarks for the internet. In Proceedings of ACM SIGCOMM. Google Scholar
Digital Library
- Walters, A., Zage, D., and Nita-Rotaru, C. 2006. Mitigating attacks against measurement- based adaptation mechanisms in unstructured multicast overlay networks. In Proceedings of the Annual International Conference on Network Protocols (ICNP’06). Google Scholar
Digital Library
- Walters, A., Zage, D., and Nita-Rotaru, C. 2008. A framework for securing measurement- based adaptation mechanisms in unstructured multicast overlay networks. IEEE/ACM Trans. Netw. 16, 1434--1446. Google Scholar
Digital Library
- Wang, K. and Stolfo, S. J. 2004. Anomalous payload-based network intrusion detection. In Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID’04). Google Scholar
- White, R. 2003. Securing BGP through secure origin BGP (soBGP). Bus. Comm. Rev. 33, 47--53.Google Scholar
Digital Library
- Wong, B., Slivkins, A., and Sirer, E. 2005. Meridian: A lightweight network location service without virtual coordinates. In Proceedings of ACM SIGCOMM. Google Scholar
Digital Library
- Zhang, R., Hu, C., Lin, X., and Fahmy, S. 2006a. A hierarchical approach to internet distance prediction. In Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS’06). Google Scholar
Digital Library
- Zhang, R., Tang, C., Hu, Y., Fahmy, S., and Lin, X. 2006b. Impact of the inaccuracy of distance prediction algorithms on internet applications - An analytical and comparative study. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies (InfoCom’06).Google Scholar
- Zhao, B. Y., Huang, L., Stribling, J., Rhea, S. C., Joseph, A. D., and Kubiatowicz, J. 2004. Tapestry: A resilient global-scale overlay for service deployment. IEEE J. Select. Areas Comm. 22, 41--53. Google Scholar
Digital Library
- Zheng, C., Ji, L., Pei, D., Wang, J., and Francis, P. 2007. A light-weight distributed scheme for detecting ip prefix hijacks in real-time. SIGCOMM Comput. Comm. Rev. 37, 277--288. Google Scholar
Digital Library
- Zheng, H., Lua, E., Pias, M., and Griffin, T. 2005. Internet routing policies and round-trip- times. In Proceedings of the IEEE Passive and Active Measurement Conference (PAM’05). Google Scholar
Digital Library
Index Terms
Robust Decentralized Virtual Coordinate Systems in Adversarial Environments
Recommendations
On the accuracy of decentralized virtual coordinate systems in adversarial networks
CCS '07: Proceedings of the 14th ACM conference on Computer and communications securityVirtual coordinate systems provide an accurate and efficient service that allows hosts on the Internet to determine the latency to arbitrary hosts without actively monitoring all nodes in the network. Many of the proposed virtual coordinate systems were ...
Bounds for the Security of the Vivaldi Network Coordinate System
NETSYS '13: Proceedings of the 2013 Conference on Networked SystemsNetwork coordinate systems have gained much attention as they allow for an elegant estimation of distances between nodes in distributed systems. Their most prominent representative is Vivaldi, which is using a mass-spring-damper system to embed peers ...
An attack scenario and mitigation mechanism for enterprise BYOD environments
The recent proliferation of the Internet of Things (IoT) technology poses major security and privacy concerns. Specifically, the use of personal IoT devices, such as tablets, smartphones, and even smartwatches, as part of the Bring Your Own Device (BYOD)...






Comments