Download Document

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
Document related concepts

IEEE 1355 wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

AppleTalk wikipedia , lookup

Distributed operating system wikipedia , lookup

Lag wikipedia , lookup

Distributed firewall wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Airborne Networking wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

IEEE 802.1aq wikipedia , lookup

CAN bus wikipedia , lookup

Routing in delay-tolerant networking wikipedia , lookup

Kademlia wikipedia , lookup

Peer-to-peer wikipedia , lookup

Transcript 
MIS: Malicious Nodes Identification Scheme
Network-Coding-Based Peer-to-Peer Streaming
Qiyan Wang, Long Vu, Klara Nahrstedt, Himanshu Khurana
Department of Computer Science
University of Illinois at Urbana‐Champaign
IEEE INFOCOM 2010
Outlines
•
•
•
•
Introduction
MIS: Malicious Node Identification Scheme
Simulation Results
Conclusion
Network Coding
• New paradigm of routing:
– Packet mixing at intermediate nodes
A
Traditional routing : store-and-forward
A
= f(
,
,
)
Network coding
• Benefits:
– Maximum throughput, robustness to link failure, energy efficiency …
• Applications:
– Multicast/broadcast, wireless unicast, P2P streaming, P2P file distributing …
2
Network Coding in P2P Streaming Networks
3
• Benefits of network
coding in P2P streaming:
–
–
–
–
Higher playback quality
Shorter buffering delays
Minimal bandwidth
Better resilience to peer
dynamics
A
D
G
Video stream
…
S
E
B
H
…
C
F
Segment [b1, b2, … , bm]
3
Pollution Attacks in Network Coding
4
• Malicious nodes inject corrupted blocks.
A
D
G
Video stream
…
S
B
…
C
Segment [b1, b2, … , bm]
E
H
Pollution rapidly
spreads over the
network!
F
Failure to decode the
original blocks!
4
The Pollution Attack
• Attacker joins an ongoing video channel
• Attacker advertises it has a large
number of chunks
• When neighbors request chunks,
attacker sends bogus chunks
• Receiver plays back bogus chunks
• Each receiver may further forward the
polluted chunks
P. Dhungel, X. Hei, K. W. Ross, N. Saxena, “The Pollution Attack in P2P Live Video Streaming:
Measurement Results and Defenses,” Sigcomm P2P-TV Workshop, Kyoto, 2007.
6
Peer
Peer
request
Peer
Polluter
Peer
Peer
Peer
Peer
7
Existing Defense Strategy:
5
• Checking corrupted blocks at the runtime
– Too computationally costly for real‐time streaming
A
D
G
Video stream
…
S
B
…
C
Segment [b1, b2, … , bm]
E
H
Drop corrupted
blocks at the
runtime
F
5
Pollution Defense Strategy
• Blacklist
• Traffic Encryption
• Chunk Signing
– Use PKI
– Every video source has public-private key pair
– Source uses private key to sign the chunks
– Receiver uses public key of source to verify
integrity of chunk
P. Dhungel, X. Hei, K. W. Ross, N. Saxena, “The Pollution Attack in P2P Live Video Streaming:
Measurement Results and Defenses,” Sigcomm P2P-TV Workshop, Kyoto, 2007.
9
The Idea of MIS (Malicious Identification
Scheme)
• Optimal online efficiency:
– We don’t check corrupted blocks at the runtime
(before decoding).
• Fundamental limit on pollution attacks:
– Instead, we identify malicious nodes whenever
pollution attacks take place.
– We “permanently” remove the identified
malicious nodes from the overlay, so that the
system is free from pollution attacks in the
future.
6
MIS (Malicious node Identification
Scheme)
D
A
H
M
B
E
I
L
S‐server
C
F
G
J
K
7
MIS (Malicious node Identification
Scheme)
• Infected nodes: I, J, K, M, L
D
A
H
M
B
E
I
L
S‐server
C
F
G
J
K
8
MIS (Malicious node Identification
Scheme)
• Detect the existence of pollution attacks based on
the content of decoded original blocks.
D
A
B
E
Alert (with the sequence
number of the segment,
a time stamp, the
reporting node’s ID)
M
H
I
L
S‐server
C
F
G
J
K
9
MIS (Malicious node Identification
Scheme)
• S‐server generates a random checksum for the
polluted segment.
• S‐server disseminates the checksum to the overlay.
D
A
H
M
B
E
I
L
S‐server
C
F
J
Checksum
G
K
10
MIS (Malicious node Identification
Scheme)
• The checksum can help the infected node (K, or I) to
find out which neighbor (J, or F) has sent him a
corrupted block.
D
A
H
M
B
E
I
L
S‐server
C
F
J
Checksum
G
K
11
MIS (Malicious node Identification
Scheme)
• The Infected node (K, or I) reports the discovered suspicious
neighbors (J, or F) to the M‐server, and forwards the
checksum to the reported suspicious neighbors (J, or F).
D
A
H
M‐server
M
B
S‐server
C
E
F
G
I
F is suspicious
L
J
J is suspicious
K
J
F
Suspicious
node list
(SNL)
12
MIS (Malicious node Identification
Scheme)
• With the received checksum, an innocent suspicious node (J)
can find another suspicious node (F), but the malicious node
(F) cannot.
D
A
H
M‐server
M
B
E
I
L
S‐server
C
F
G
J
F is suspicious
K
J
F
Suspicious
node list
(SNL)
13
MIS – Security Guarantees
• Correctness
– A malicious node cannot deny having sent a corrupted
block or disparage any innocent node.
• Guarantee
– When a suspicious node is reported, an evidence is shown to
the M-server to demonstrate that this reported node has
indeed sent out a corrupted block.
• Approaches
– Public-key signature scheme
• Let each node sign the block it sends out using a public-key
signature scheme, and the signature associated with the block can
be used as the evidence.
• This approach requires applying public key signature on each
transmitted block, introducing substantial computational delays due
to the expensive signature generation and verification.
– Non-repudiation transmission protocol
Fig. 2: An example to illustrate network coding in P2P streaming. Each segment consists of m =
2 blocks, and each block has d = 3 codewords. Peer X receives two coded blocks e1,i, e2,i in Si
from the S-server, and produces a new coded block e3,i for peer Y .
Non-Repudiation Transmission Protocol
X: the suspicious node
Y: the reporting node
λ=6
δ=3
Downstream
neighbor
Upstream
neighbor
e
Verify evidence with γ2 , γ4, γ5
Non-Repudiation Transmission Protocol
• Table I lists the probabilities that a malicious party succeeds in our
protocol under several sample parameter selections.
• Prob X (or Prob Y) – the probability that a malicious X (or Y )
succeeds. The space overhead includes Φ(e) and Seq(e) (one
byte for Seq(e)).
0 ≤ θ ≤ λ- δ
Evaluation
• Simulation based on real PPLive overlays obtained in
our previous work [TOMCCAP’09]
– The overlay contains 1600, or 4000 nodes
– Malicious nodes are picked at random
– Each segment consists of 32 blocks, and each block has 256
codewords in GF(256)
– Time taken to identify malicious nodes is less than 6 seconds
[TOMCCAP’09] L. Vu, I. Gupta, K. Nahrstedt, and J. Liang “Understanding the Overlay Characteristics
of a Large‐scale Peer‐to‐Peer IPTV system”, ACM TOMCCAP, 2009.
Comparison
• Online computational times: MIS (5‐10us), Null‐key (1‐2us),
MAC‐based (2ms), Homomorphic signatures or hashes (> 1s).
• Per‐block communication overhead: MIS (22B),
Homomorphic signatures or hashes (128‐256B), Null‐key and
MAC‐based (>256B).
17
Conclusions
• We propose a novel scheme (MIS) to limit
network-coding pollution attacks by
identifying malicious nodes.
• MIS can fully satisfy the requirements of
P2P live streaming systems.
• MIS has high computational efficiency, small
space overhead, and the capability of
handling a large number of corrupted blocks
and malicious nodes.
References
•
•
•
•
•
•
•
[5] M. Krohn, M. Freeman, and D. Mazieres, “On-the-fly Verification of Rateless
Erase Codes for Efficient Content Distribution”, in Proc. IEEE Symp. on Security
and Privacy (Oakland), 2004.
[6] C. Gkantsidis, and P. R. Rodriguez, “Cooperative Security for Network
Coding File Distribution”, in Proc. of IEEE INFOCOM, 2005.
[7] Q. Li, D.-M. Chiu, and J. C. S. Lui, “On the Practical and Security Issues of
Batch Content Distribution Via Network Coding”, in Proc. of IEEE International
Conference on Network Protocols (ICNP’06), 2006.
[9] Z. Yu, Y. Wei, B. Ramkumar, and Y. Guan, “An Efficient Signature-based
Scheme for Securing Network Coding against Pollution Attacks”, in Proc. IEEE
INFOCOM, 2008.
[10] E. Kehdi, and B. Li, “Null Keys: Limiting Malicious Attacks Via Null Space
Properties of Network Coding”, in Proc. of IEEE INFOCOM, 2009.
[11] Z. Yu, Y. Wei, B. Ramkumar, Y. Guan, “An Efficient Scheme for Securing
XOR Network Coding against Pollution Attacks”, IEEE INFOCOM, 2009.
[16] L. Vu, I. Gupta, K. Nahrstedt, and J. Liang, “Understanding the Overlay
Characteristics of a Large-scale Peer-to-Peer IPTV System”, ACM Transactions
on Multimedia Computing, Communications and Applications (TOMCCAP),
2009.
Related Works
• Homomorphic signatures or hashes [Krohn04, Gkantsidis05, Li06,
Charles06, Yu08, Boneh09]
– It’s computationally expensive to verify/generate the signature
for each packet at each hop.
• Null‐key based on the property of null space [Kehdi09]
– Verification key needs to be repeatedly distributed.
• MAC‐based scheme [Yu09]
– Substantial communication overheads are introduced.
• Error‐correction codes [Jaggi07, Kotter07]
– Achievable throughput is determined by the power of the
adversary
• Combining homomorphic MAC and TESLA [Dong09]
– It introduces authentication delay and is suspicious to DoS
attacks.
Related documents
Problem 3.4 For the circuit in Fig. P3.4: (a) Apply nodal analysis to
Problem 3.4 For the circuit in Fig. P3.4: (a) Apply nodal analysis to
Marketing research provides information to help
Marketing research provides information to help
SEM II 4.01 notes
SEM II 4.01 notes
Circulatory System: Blood system transporting materials in the body
Circulatory System: Blood system transporting materials in the body
Peer-to-Peer Streaming
Peer-to-Peer Streaming
4.2 KeyTerms
4.2 KeyTerms
Visualisation and Analysis of Real Time Application Behaviour in a
Visualisation and Analysis of Real Time Application Behaviour in a
Security in MobileIP, F.A. Saeed
Security in MobileIP, F.A. Saeed
2.04
2.04
Control of the Heart Rate (students)
Control of the Heart Rate (students)