skip to main content
research-article

The Frog-Boiling Attack: Limitations of Secure Network Coordinate Systems

Published:01 November 2011Publication History
Skip Abstract Section

Abstract

A network coordinate system assigns Euclidean “virtual” coordinates to every node in a network to allow easy estimation of network latency between pairs of nodes that have never contacted each other. These systems have been implemented in a variety of applications, most notably the popular Vuze BitTorrent client. Zage and Nita-Rotaru (at CCS 2007) and independently, Kaafar et al. (at SIGCOMM 2007), demonstrated that several widely-cited network coordinate systems are prone to simple attacks, and proposed mechanisms to defeat these attacks using outlier detection to filter out adversarial inputs. Kaafar et al. goes a step further and requires that a fraction of the network is trusted. More recently, Sherr et al. (at USENIX ATC 2009) proposed Veracity, a distributed reputation system to secure network coordinate systems. We describe a new attack on network coordinate systems, Frog-Boiling, that defeats all of these defenses. Thus, even a system with trusted entities is still vulnerable to attacks. Moreover, having witnesses vouch for your coordinates as in Veracity does not prevent our attack. Finally, we demonstrate empirically that the Frog-Boiling attack is more disruptive than the previously known attacks: systems that attempt to reject “bad” inputs by statistical means or reputation cannot be used to secure a network coordinate system.

References

  1. Abraham, I. and Malkhi, D. 2004. Compact routing on Euclidian metrics. In Proceedings of the 23rd Annual ACM Symposium on Principles of Distributed Computing (PODC’04). ACM, New York, NY, 141--149. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Agarwal, S. and Lorch, J. R. 2009. Matchmaking for online games and other latency-sensitive P2P systems. In Proceedings of the ACM SIGCOMM Conference on Data Communication (SIGCOMM’09). ACM, New York, NY, 315--326. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Bamboo DHT. http://bamboo-dht.org. (accessed 2009).Google ScholarGoogle Scholar
  4. Barreno, M., Nelson, B., Sears, R., Joseph, A. D., and Tygar, J. D. 2006. Can machine learning be secure? In Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS’06). ACM, New York, NY, 16--25. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Bavier, A., Bowman, M., Chun, B., Culler, D., Karlin, S., Muir, S., Peterson, L., Roscoe, T., Spalink, T., and Wawrzoniak, M. 2004. Operating system support for planetary-scale network services. In Proceedings of the 1st Symposium on Networked Systems Design and Implementation (NSDI’04). USENIX Association, Berkeley, CA, 19--19. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Bazzi, R. A. and Konjevod, G. 2005. On the establishment of distinct identities in overlay networks. In Proceedings of the 24th Annual ACM Symposium on Principles of Distributed Computing (PODC’05). ACM, New York, NY, 312--320. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Chan-Tin, E., Feldman, D., Kim, Y., and Hopper, N. 2009. The frog-boiling attack: Limitations of anomaly detection for secure network coordinates. In Proceedings of the International ICST Conference on Security and Privacy in Communication Networks (SecureComm).Google ScholarGoogle Scholar
  8. Choffnes, D. R. and Bustamante, F. E. 2008. Taming the torrent: a practical approach to reducing cross-isp traffic in peer-to-peer systems. SIGCOMM Comput. Comm. Rev. 38, 4, 363--374. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. CommonSense. 2008. http://www.kimvdlinde.com/professional/programming/statistics/commonSense/body.html. (Accessed 2008).Google ScholarGoogle Scholar
  10. Costa, M., Castro, M., Rowstron, A., and Key, P. 2004. PIC: Practical internet coordinates for distance estimation. In Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS). 178--187. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Cowling, J., Ports, D., Liskov, B., Popa, R. A., and Gaikwad, A. 2009. Census: Location-aware membership management for large-scale distributed systems. In Proceedings of the USENIX Annual Technical Conference. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Dabek, F., Cox, R., Kaashoek, F., and Morris, R. 2004a. Vivaldi: A decentralized network coordinate system. In Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM’04). ACM, New York, NY, 15--26. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Dabek, F., Li, J., Sit, E., Robertson, J., Kaashoek, M. F., and Morris, R. 2004b. Designing a DHT for low latency and high throughput. In Proceedings of the 1st Symposium on Networked Systems Design and Implementation (NSDI). 85--98. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Denning, D. E. 1987. An intrusion-detection model. IEEE Trans. Softw. Eng. 13, 2, 222--232. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Douceur, J. R. 2002. The sybil attack. In Revised Papers from the 1st International Workshop on Peer-to-Peer Systems (IPTPS’01). Springer-Verlag, 251--260. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Francis, P., Jamin, S., Jin, C., Jin, Y., Raz, D., Shavitt, Y., and Zhang, L. 2001. IDMaps: A global internet host distance estimation service. IEEE/ACM Trans. Netw. 9, 5, 525--540. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Gummadi, K. P., Saroiu, S., and Gribble, S. D. 2002. King: Estimating latency between arbitrary internet end hosts. In Proceedings of the 2nd ACM SIGCOMM Workshop on Internet Measurment (IMW’02). ACM, New York, NY, 5--18. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Gummadi, R., Govindan, R., Kothari, N., Karp, B., Kim, Y. J., and Shenker, S. 2004. Reduced state routing in the internet. In Proceedings of the ACM Workshop on Hot Topics in Networks.Google ScholarGoogle Scholar
  19. Kaafar, M. A., Mathy, L., Turletti, T., and Dabbous, W. 2006a. Real attacks on virtual networks: Vivaldi out of tune. In Proceedings of the SIGCOMM Workshop on Large-Scale Attack Defense (LSAD’06). ACM, New York, NY, 139--146. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Kaafar, M. A., Mathy, L., Turletti, T., and Dabbous, W. 2006b. Virtual networks under attack: Disrupting internet coordinate systems. In Proceedings of the ACM CoNEXT Conference (CoNEXT’06). ACM, New York, NY, USA, 1--12. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Kaafar, M. A., Mathy, L., Barakat, C., Salamatian, K., Turletti, T., and Dabbous, W. 2007. Securing internet coordinate embedding systems. SIGCOMM Comput. Comm. Rev. 37, 4, 61--72. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Kalman, R. E. 1960. A new approach to linear filtering and prediction problems. Trans. ASME J. Basic Engin. 82, Series D, 35--45.Google ScholarGoogle ScholarCross RefCross Ref
  23. Ledlie, J., Pietzuch, P., and Seltzer, M. 2006. Stable and accurate network coordinates. In Proceedings of the 26th IEEE International Conference on Distributed Computing Systems (ICDCS’06). IEEE Computer Society, Los Alamitos, CA, 74. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Ledlie, J., Gardner, P., and Seltzer, M. 2007. Network coordinates in the wild. In Proceedings of USENIX Symposium on Networked Systems Design and Implementation (NSDI’07). Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Ledlie, J., Mitzenmacher, M., and Seltzer, M. 2007. Wired geometric routing. In Proceedings of the International Workshop on Peer-to-Peer Systems (IPTPS).Google ScholarGoogle Scholar
  26. Lehman, L.-W. and Lerman, S. 2004. Pcoord: Network position estimation using peer-to-peer measurements. In Proceedings of the 3rd IEEE International Symposium on Network Computing and Applications (NCA’04). IEEE Computer Society, Los Alamitos, CA, 15--24. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Lua, E. K., Griffin, T., Pias, M., Zheng, H., and Crowcroft, J. 2005. On the accuracy of embeddings for internet coordinate systems. In Proceedings of the 5th ACM SIGCOMM Conference on Internet Measurement (IMC’05). USENIX Association, Berkeley, CA, 11. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Lumezanu, C., Levin, D., and Spring, N. 2007. Peer wise discovery and negotiation of faster path. In Proceedings of the ACM Workshop on Hot Topics in Networks.Google ScholarGoogle Scholar
  29. Ng, T. S. E. and Zhang, H. 2001. Predicting internet network distance with coordinates-based approaches. In Proceedings of the IEEE INFOCOM. 170--179.Google ScholarGoogle Scholar
  30. Ng, T. S. E. and Zhang, H. 2004. A network positioning system for the internet. In Proceedings of the USENIX Annual Technical Conference (ATEC’04). USENIX Association, Berkeley, CA, 11. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Pias, M., Crowcroft, J., Wilbur, S., Harris, T., and Bhatti, S. 2003. Lighthouses for scalable distributed location. In Proceedings of the International Workshop on Peer-to-Peer Systems (IPTPS).Google ScholarGoogle Scholar
  32. Pietzuch, P., Ledlie, J., and Seltzer, M. 2005. Supporting network coordinates on planetlab. In Proceedings of the 2nd Conference on Real, Large Distributed Systems (WORLDS’05). USENIX Association, Berkeley, CA, 19--24. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. PlanetLab. http://planet-lab.org. (Accessed 2010).Google ScholarGoogle Scholar
  34. Pyxida. http://pyxida.sourceforge.net. (Accessed 2009).Google ScholarGoogle Scholar
  35. Rhea, S., Godfrey, B., Karp, B., Kubiatowicz, J., Ratnasamy, S., Shenker, S., Stoica, I., and Yu, H. 2005. Opendht: A public dht service and its uses. In Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM’05). ACM, New York, NY, 73--84. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Saucez, D., Donnet, B., and Bonaventure, O. 2007. A reputation-based approach for securing Vivaldi embedding system. In Proceedings of the 13th Open European Summer School and IFIP TC6.6 Conference on Dependable and Adaptable Networks and Services (EUNICE’07). Springer-Verlag, Berlin, Heidelberg, 78--85. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Shavitt, Y. and Tankel, T. 2003. Big-bang simulation for embedding network distances in Euclidean space. In Proceedings of the IEEE INFOCOM.Google ScholarGoogle Scholar
  38. Sherr, M., Blaze, M., and Loo, B. T. 2009. Veracity: Practical Secure Network Coordinates via Vote-based Agreements. In Proceedings of the USENIX Annual Technical Conference. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Vuze. http://azureus.sourceforge.net. (Accessed 2010).Google ScholarGoogle Scholar
  40. Wagner, D. and Soto, P. 2002. Mimicry attacks on host-based intrusion detection systems. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS’02). ACM, New York, NY, 255--264. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Wang, G. and Ng, T. E. 2008. Distributed algorithms for stable and secure network coordinates. In Proceedings of the 8th ACM SIGCOMM Conference on Internet Measurement (IMC’08). ACM, New York, NY, 131--144. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Wang, G., Zhang, B., and Ng, T. S. E. 2007. Towards network triangle inequality violation aware distributed systems. In Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement (IMC’07). ACM, New York, NY, 175--188. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Zage, D. J. and Nita-Rotaru, C. 2007. On the accuracy of decentralized virtual coordinate systems in adversarial networks. In Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS’07). ACM, New York, NY, 214--224. Google ScholarGoogle ScholarDigital LibraryDigital Library

Recommendations

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Sign in

Full Access

  • Published in

    cover image ACM Transactions on Information and System Security
    ACM Transactions on Information and System Security  Volume 14, Issue 3
    November 2011
    133 pages
    ISSN:1094-9224
    EISSN:1557-7406
    DOI:10.1145/2043621
    Issue’s Table of Contents

    Copyright © 2011 ACM

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    • Published: 1 November 2011
    • Accepted: 1 July 2011
    • Revised: 1 June 2011
    • Received: 1 December 2010
    Published in tissec Volume 14, Issue 3

    Permissions

    Request permissions about this article.

    Request Permissions

    Check for updates

    Qualifiers

    • research-article
    • Research
    • Refereed

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader
About Cookies On This Site

We use cookies to ensure that we give you the best experience on our website.

Learn more

Got it!