Chord: A scalable peer-to-peer lookup service for internet applications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
On the constancy of internet path properties
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
King: estimating latency between arbitrary internet end hosts
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
PIC: Practical Internet Coordinates for Distance Estimation
ICDCS '04 Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04)
Vivaldi: a decentralized network coordinate system
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Real attacks on virtual networks: Vivaldi out of tune
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
A network positioning system for the internet
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
On the accuracy of embeddings for internet coordinate systems
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Combining filtering and statistical methods for anomaly detection
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Virtual networks under attack: disrupting internet coordinate systems
CoNEXT '06 Proceedings of the 2006 ACM CoNEXT conference
Network coordinates in the wild
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Internet routing policies and round-trip-times
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
On the accuracy of decentralized virtual coordinate systems in adversarial networks
Proceedings of the 14th ACM conference on Computer and communications security
Robust and efficient aggregate query processing in wireless sensor networks
Mobile Networks and Applications
Securing Internet Coordinate Systems
AINTEC '07 Proceedings of the 3rd Asian conference on Internet Engineering: Sustainable Internet
Distributed algorithms for stable and secure network coordinates
Proceedings of the 8th ACM SIGCOMM conference on Internet measurement
Scalable Link-Based Relay Selection for Anonymous Routing
PETS '09 Proceedings of the 9th International Symposium on Privacy Enhancing Technologies
SLINCS: a social link based evaluation system for network coordinate systems
CCNC'09 Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference
Sniper: social-link defense for network coordinate systems
INFOCOM'09 Proceedings of the 28th IEEE international conference on Computer Communications Workshops
A reputation-based approach for securing vivaldi embedding system
EUNICE'07 Proceedings of the 13th open European summer school and IFIP TC6.6 conference on Dependable and adaptable networks and services
Netcluster: a clustering-based framework for internet tomography
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Veracity: a fully decentralized service for securing network coordinate systems
IPTPS'08 Proceedings of the 7th international conference on Peer-to-peer systems
Veracity: practical secure network coordinates via vote-based agreements
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Secure latency estimation with treeple
Proceedings of the 17th ACM conference on Computer and communications security
Robust Decentralized Virtual Coordinate Systems in Adversarial Environments
ACM Transactions on Information and System Security (TISSEC)
The Frog-Boiling Attack: Limitations of Secure Network Coordinate Systems
ACM Transactions on Information and System Security (TISSEC)
Securing application-level topology estimation networks: facing the frog-boiling attack
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
NCShield: securing decentralized, matrix factorization-based network coordinate systems
Proceedings of the 2012 IEEE 20th International Workshop on Quality of Service
A tentative design of a future internet networking domain landscape
The Future Internet
Veracity, plausibility, and reputation
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
KoNKS: konsensus-style network koordinate system
Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
NetCluster: A clustering-based framework to analyze internet passive measurements data
Computer Networks: The International Journal of Computer and Telecommunications Networking
The design and implementation of the A3 application-aware anonymity platform
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
This paper addresses the issue of the security of Internet Coordinate Systems,by proposing a general method for malicious behavior detection during coordinate computations. We first show that the dynamics of a node, in a coordinate system without abnormal or malicious behavior, can be modeled by a Linear State Space model and tracked by a Kalman filter. Then we show, that the obtained model can be generalized in the sense that the parameters of a filtercalibrated at a node can be used effectively to model and predict the dynamic behavior at another node, as long as the two nodes are not too far apart in the network. This leads to the proposal of a Surveyor infrastructure: Surveyor nodes are trusted, honest nodes that use each other exclusively to position themselves in the coordinate space, and are therefore immune to malicious behavior in the system.During their own coordinate embedding, other nodes can thenuse the filter parameters of a nearby Surveyor as a representation of normal, clean system behavior to detect and filter out abnormal or malicious activity. A combination of simulations and PlanetLab experiments are used to demonstrate the validity, generality, and effectiveness of the proposed approach for two representative coordinate embedding systems, namely Vivaldi and NPS.