Securing application-level topology estimation networks: facing the frog-boiling attack

  • Authors:
  • Sheila Becker;Jeff Seibert;Cristina Nita-Rotaru;Radu State

  • Affiliations:
  • University of Luxembourg - SnT, L-1359, Luxembourg;Purdue University, West Lafayette, IN;Purdue University, West Lafayette, IN;University of Luxembourg - SnT, L-1359, Luxembourg

  • Venue:
  • RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
  • Year:
  • 2011

Quantified Score

Hi-index 0.00

Visualization

Abstract

Peer-to-peer real-time communication and media streaming applications optimize their performance by using application-level topology estimation services such as virtual coordinate systems. Virtual coordinate systems allow nodes in a peer-to-peer network to accurately predict latency between arbitrary nodes without the need of performing extensive measurements. However, systems that leverage virtual coordinates as supporting building blocks, are prone to attacks conducted by compromised nodes that aim at disrupting, eavesdropping, or mangling with the underlying communications. Recent research proposed techniques to mitigate basic attacks (inflation, deflation, oscillation) considering a single attack strategy model where attackers perform only one type of attack. In this work we explore supervised machine learning techniques to mitigate more subtle yet highly effective attacks (frog-boiling, network-partition) that are able to bypass existing defenses. We evaluate our techniques on the Vivaldi system against a more complex attack strategy model, where attackers perform sequences of all known attacks against virtual coordinate systems, using both simulations and Internet deployments.