structured overlays
play

Structured Overlays: Attacks, Defenses, and all things Proximity - PowerPoint PPT Presentation

Aug 29, 2022 •592 likes •1.28k views

Structured Overlays: Attacks, Defenses, and all things Proximity April 27th, 2006 Wyman Park 4 th Floor Conference Room Presentation by: Jay Zarfoss Our roadmap General overview of Overlays / DHTs Chord [13] Pastry [7]

  1. Structured Overlays: Attacks, Defenses, and all things Proximity April 27th, 2006 Wyman Park 4 th Floor Conference Room Presentation by: Jay Zarfoss

  2. Our roadmap • General overview of Overlays / DHTs – Chord [13] – Pastry [7] • Location, Location, Location • General Attacks and Defenses • Eclipse Attacks: Churn as Shelter [4] • Targeted Attacks: LocationGuard [11] 2

  3. What is an Overlay Network? Logical Network that sits “on top of” another network. Can be structured , or unstructured . Used for P2P systems, multicast broadcasts, etc. 3

  4. Distributed Hash Table (DHT) • Decentralized network where each node takes responsibility for a certain portion of a keyspace . Example: [0, 2 160 -1]. • Given a key , any member of the DHT should be able to efficiently lookup whatever node is responsible for that key. • For our purposes, we can think of a DHT as being an overlay network on top of the Internet, with Overlay NodeID = hash(IP address) 4

  5. The “Big 4” DHTs • Chord [13] (MIT) • Pastry [7] (Microsoft) • CAN [9] (UC Berkeley) • Tapestry [14] (UC Santa Barbara) • All released roughly the same time ~ 2001 • Numerous others variants since then… 5

  6. Chord • Use a hash function to map each node and key into an m-bit identifier circle, modulo 2 m . • Key k is assigned to the first node whose identifier is equal to or greater than k . • Nodes keep track of their successors, predecessors along the ring, in addition to log(n) other nodes on the ring. 6

  7. Chord Routing Example Node 32 looks up key 82 Node 32 Finger Table Start Interval Node 33 33-33 40 34 34-35 40 36 36-39 40 m = 7 / 2 m = 128 40 40-47 40 48 48-63 52 64 64-95 70 96 96-31 102 Successor 40 Predecessor 113 7

  8. Chord Overview • Very nice, easy-to-analyze properties: – O (log(n)) overlay hops to perform lookup – O (log(n)) sized routing tables – O (log 2 (n)) steps to join a network • Extremely reliable in event of node failure – Can record multiple predecessors, successors – Handles concurrent joins/leaves well • No fudging with extra parameters! 8

  9. Pastry • Also uses a ring structure • Performs lookups with: – Routing Table (Chord’s Finger Table) – Leaf Set (Chord’s Successors/Predecessors) – Neighborhood Set (More on this later) • Keys thought of as sequence of digits with base 2 b . Route lookups to “numerically closest” node, rather than successor node. 9

  10. Pastry Routing, Single Hop b = 2 Example Base = 2 b = 2 2 = 4 11032111 31123001 10233033 10

  11. Pastry Routing, Total Path • Different view with b = 4 • Lookup key d46a1c from node 65a1fc •At each step, matching prefix gets larger 11

  12. Pastry Overview • Configuration parameters • Slightly harder analysis (still reasonable) – O(log 2b (n)) overlay hops – log 2b (n)(2 b -1) sized routing tables – 2 b+1 (log 2b (n)) messages for a proper join • Routing tables are proximity-optimized – Potentially faster lookups in practice – Standard Chord makes no such optimizations 12

  13. Proximity Neighbor Selection • Many choices for upper entries of the routing tables, which node do we pick? – Pick the one closest to us in the network – Use proximity metric: networks hops / latency Many Choices - Close Proximity Routing …. …. Table …. …. Few Choices - Not-as-close Proximity 13

  14. Proximity Affects Hops [3] Many nodes to choose from for the initial hops, so we can probably get very close neighbors. 14

  15. No Proximity for Chord? • Chord uses a constrained table – No wiggle room to proximity optimize table entries without violating the rules – Can we still use proximity even if we’re stuck with a constrained table? • Proximity Route Selection – At route-time, compromise some progress in the overlay lookup if shorter network trip 15

  16. Is constrained “good enough”? Latency data from [13], no proximity consideration Bulk Transfer VOIP Gaming !!! 16

  17. How about a 2nd opinion? [6] 16k nodes Using a proximity-optimized table has 17 DRASTIC effect on lookup time!

  18. The Adversarial Model • Assume the network layer is secure. • Freeloader Model – Not coordinated with other adversaries – Simply drops routing requests – Can handle adversarial nodes as failed nodes • How many freeloaders before our lookups begin to fail? 18

  19. Try One Lookup… Fraction of lazy nodes Pr( success ) = (1 � f ) M Expected number of overlay hops Pr( failure ) = 1 � (1 � f ) M 19

  20. Discover a lookup failure • How long until we realize lookup failed? – Depends - Iterative or Recursive Routing? Is this faster? 20

  21. Try, try again • If a single lookup fails, hand to a neighbor and let him try: redundant routing . • Final success rests on overlay structure and resulting independent paths to target Pr( failure ) � (1 � (1 � f ) M ) I Assumes we don’t care about latency!!! 21

  22. Stronger Adversary • What if our adversary can lie? • What if adversaries collude? Node 119 is your final target Lookup k = 114 119 115 If network layer is secure, node can’t lie about his own 102 overlay identifier. 22

  23. How to detect lying • At intermediate hop, next hop always needs to get closer the key • At final hop, the final node ID should be reasonably close to the lookup key. – Assuming uniform hash, distance between nodes follows an exponential distribution . – Declare shenanigans if lookup result is not close enough to the key value. 23

  24. DHT Probability Distance is Exponential Distribution PDF � f ( x ; � ) = � e � � x , x � 0 CDF � 0 , x < 0 � Reason: Walking along outer ring, frequency of node occurrences is a Poisson Process p ( x ; � ) = e � � � x � = 1 Rate w/ interval of one n th of the ring x ! Probability of “x” occurrences within one interval 24

  25. Simplistic Lie Detection Pr(Travel around (1/ n ) th of ring without seeing a node) = e -1 Pr(Travel around (T/ n ) th of ring without seeing a node) = e -T Simple algorithm: Pick a threshold, T . If distance(node, key) ≥ T/n Declare Shenanigans! 25

  26. Simplistic Lie Detection [12] False Positives and False Negatives are substantial > 25% error Other (more complicated) ways to significantly reduce the error. 26

  27. Final Word on Lie Detection • If we need to lookup one key in particular, error rates are probably too high • If we can replicate functionality among many nodes ( r file replicas), unlikely that: – False negatives on all lies – False positives on all well-behaved nodes • Works for optimized or constrained routing 27

  28. More Powerful Adversaries • Until now, assumed that if f fraction of the overlay is malicious means f fraction of my routing table points to adversaries. • What if adversaries can “poison” routing tables to increase their influence? 28

  29. The Sybil Attack [5] • Without a trusted third party, one attacker may assume an unbounded number of identities on the overlay network. • Chord and Pastry imply trust of IANA to somewhat mitigate this – Owners of large IP space yield more power – Will really become a problem with IPv6 29

  30. The Eclipse Attack [10] • If an attacker can “appear” to be closer than good nodes in the underlying network, the attacker will be chosen to populate the proximity-optimized table. • Not nearly as effective on a constrained routing table, since routing table IDs are chosen by strict rules. 30

  31. How to “appear” closer The Internet isn’t a Launch DoS attacks Euclidian space, use against good nodes to alternate reply routes! slow them down slightly 100ms 110ms 90ms 10ms 100ms 10ms 31

  32. C’mon -- is this feasible? [6] Over 40% of requests within 100ms latency 32

  33. Feasibility Test • From home cable modem, performed 50 pings of www.google.com – Average Round Trip: 29.429ms • 1 minute later, 50 pings again, this time performing two downloads over SSL. – Average Round Trip: 127.107ms Difference ~ 100ms -- This attack is VERY feasible!! 33

  34. The Eclipse Attack • This attack is DEVASTATING against overlays with optimized routing tables • If we assume malicious nodes can always use proximity in their favor, initial tests show adversary can achieve 100% routing table control with f = 20% • More details tomorrow by Dan 34

  35. Shelter from Eclipse Attack • Solution #1 [2] – Use optimized routing table unless we detect lying. Then switch to highly redundant and constrained routing table. • But… – Redundancy causes a lot of overhead. – No proximity considerations may cause unacceptable delay. 35

  36. Shelter from Eclipse Attack • Solution #2 [10] – Perform auditing of all nodes to determine that their in-degree and out-degree are appropriate – May allow for us to retain the use of our optimized routing table – Dan will address this in depth tomorrow 36

  37. Churn as Shelter [4] • Completely off-the-wall solution (if you ask me) • Force nodes to leave and rejoin the overlay at regular intervals • When nodes rejoin, Overlay NodeID = hash(random || IP), so both the victim and adversary are put in new random location within the overlay. • Rejoins are staggered to maintain stability 37

Recommend

Providing Administrative Control and Autonomy in Structured Peer-to-Peer Overlays Alan Mislove

Providing Administrative Control and Autonomy in Structured Peer-to-Peer Overlays Alan Mislove

Providing Administrative Control and Autonomy in Structured Peer-to-Peer Overlays Alan Mislove and Peter Druschel Rice University 1 Problem Structured p2p overlays designed so that Participating organizations contribute resources Use the

268 views • 22 slides
Solely Based on Query Flows for Structured Overlays Yasuhiro Ando, Hiroya Nagao, Takehiro Miyao,

Solely Based on Query Flows for Structured Overlays Yasuhiro Ando, Hiroya Nagao, Takehiro Miyao,

IEEE P2P14 September 2014 Routing Table Construction Method Solely Based on Query Flows for Structured Overlays Yasuhiro Ando, Hiroya Nagao, Takehiro Miyao, Kazuyuki Shudo Tokyo Tech Background: Structured Overlay An application level

430 views • 9 slides
Message Bundling on Structured Overlays Kazuyuki Shudo Tokyo Institute of Technology Tokyo Tech

Message Bundling on Structured Overlays Kazuyuki Shudo Tokyo Institute of Technology Tokyo Tech

IEEE ISCC 2017 July 2017 Message Bundling on Structured Overlays Kazuyuki Shudo Tokyo Institute of Technology Tokyo Tech Background: Structured Overlay An application level network routes a query to the

149 views • 13 slides
Simulation and Modelling of Large-scale Structured P2P Overlays y Mario Kolberg &amp; Jamie

Simulation and Modelling of Large-scale Structured P2P Overlays y Mario Kolberg &amp; Jamie

Simulation and Modelling of Large-scale Structured P2P Overlays y Mario Kolberg &amp; Jamie Furness University of Stirling Peer-to-Peer (P2P) Overlay build on top of the IP network Nodes in the overlay are connected by

250 views • 22 slides
Structured Overlays: Eclipse Attacks on Overlay Networks April 28th, 2006 Wyman Park 4 th Floor

Structured Overlays: Eclipse Attacks on Overlay Networks April 28th, 2006 Wyman Park 4 th Floor

Structured Overlays: Eclipse Attacks on Overlay Networks April 28th, 2006 Wyman Park 4 th Floor Conference Room Presentation by: Dan Liu &amp; Jay Zarfoss 1 The idea of churn as shelter from route poisoning attacks is an interesting, if

874 views • 44 slides
A STRUCTURED L IFE A STRUCTURED L IFE A STRUCTURED L IFE A STRUCTURED L IFE A STRUCTURED L IFE

A STRUCTURED L IFE A STRUCTURED L IFE A STRUCTURED L IFE A STRUCTURED L IFE A STRUCTURED L IFE

A STRUCTURED L IFE A STRUCTURED L IFE A STRUCTURED L IFE A STRUCTURED L IFE A STRUCTURED L IFE by Kirk Gittings Note: Kirk Gittings has been photographing the prehistor- coast, but m aking a real living as an art photographer ic,

1.16k views • 8 slides
1 Preliminaries Outline Scoping the tutorial Behind the P2P Moniker

1 Preliminaries Outline Scoping the tutorial Behind the P2P Moniker

Architectures and Algorithms for Internet-Scale (P2P) Data Management Joe Hellerstein Intel Research &amp; UC Berkeley Overview Preliminaries Ongoing Research What, Why Structured Overlays: DHTs The Platform Query

930 views • 58 slides
Structured Prediction Introduction What is structured prediction? CS 6355: Structured Prediction

Structured Prediction Introduction What is structured prediction? CS 6355: Structured Prediction

Structured Prediction Introduction What is structured prediction? CS 6355: Structured Prediction Our goal today To define a Structure and Structured Prediction 1 What are structures? 2 Examples of structured data? 3 Examples of structured

661 views • 34 slides
Thin Asphalt Overlays for Pavement Preservation Mid-Year Asphalt Pavement Technical Seminar

Thin Asphalt Overlays for Pavement Preservation Mid-Year Asphalt Pavement Technical Seminar

Thin Asphalt Overlays for Pavement Preservation Mid-Year Asphalt Pavement Technical Seminar Sponsored by Flexible Pavements of Ohio Defining a Thin Asphalt Overlay? Thin overlays are typically 1 inch thick (ODOT defines as any

697 views • 43 slides
S T R ATA L O G I C A O V E R V I E W Stratalogica is a web-based program that overlays Nystrom

S T R ATA L O G I C A O V E R V I E W Stratalogica is a web-based program that overlays Nystrom

S T R ATA L O G I C A O V E R V I E W Stratalogica is a web-based program that overlays Nystrom thematic and historical maps on top of google earth [providing an absolutely amazing way to teach and learn geography]. T H R E E U S E S 1) Tier

522 views • 12 slides
Linux Bridge, l2-overlays, E-VPN! Roopa Prabhu Cumulus Networks This tutorial is about ...

Linux Bridge, l2-overlays, E-VPN! Roopa Prabhu Cumulus Networks This tutorial is about ...

Linux Bridge, l2-overlays, E-VPN! Roopa Prabhu Cumulus Networks This tutorial is about ... Linux bridge at the center of data center Layer-2 deployments Deploying Layer-2 network virtualization overlays with Linux Linux hardware

1.35k views • 90 slides
Machine Learning Fall 2017 Structured Prediction (structured perceptron, HMM, structured SVM)

Machine Learning Fall 2017 Structured Prediction (structured perceptron, HMM, structured SVM)

Machine Learning Fall 2017 Structured Prediction (structured perceptron, HMM, structured SVM) Professor Liang Huang (Chap. 17 of CIML) Structured Prediction x x the man bit the dog the man bit the dog x x DT NN

672 views • 27 slides
Virtual Memory Overview / Motivation Simple Approach: Overlays

Virtual Memory Overview / Motivation Simple Approach: Overlays

CPSC 410/611: Operating Systems Virtual Memory Overview / Motivation Simple Approach: Overlays Locality of Reference Demand Paging Policies Placement Replacement

593 views • 16 slides
Structured Education Referral to structured education following diagnosis is recommended by

Structured Education Referral to structured education following diagnosis is recommended by

Structured Education Referral to structured education following diagnosis is recommended by NICE guidance Incentivised through QOF Despite high offer rates (78%), recorded uptake of traditional group-based, face-to-face structured

232 views • 12 slides
L101: Introduction to Structured Prediction Ryan Cotterell What is structured prediction?

L101: Introduction to Structured Prediction Ryan Cotterell What is structured prediction?

L101: Introduction to Structured Prediction Ryan Cotterell What is structured prediction? Its just multi-class classification! Definition: Structured Something in the problem is exponentially large Definition: Structured

615 views • 32 slides
Virtual Memory ! Overview / Motivation ! Simple Approach: Overlays ! Locality of

Virtual Memory ! Overview / Motivation ! Simple Approach: Overlays ! Locality of

CPSC 410/611: Operating Systems Virtual Memory ! Overview / Motivation ! Simple Approach: Overlays ! Locality of Reference ! Demand Paging ! Policies ! Placement ! Replacement ! Allocation ! Case Studies: Unix

546 views • 16 slides
Training Strategies CS 6355: Structured Prediction 1 So far we saw What is structured output

Training Strategies CS 6355: Structured Prediction 1 So far we saw What is structured output

Training Strategies CS 6355: Structured Prediction 1 So far we saw What is structured output prediction? Different ways for modeling structured prediction Conditional random fields, factor graphs, constraints What we only

986 views • 60 slides
Structured Finance Department Who we are An excellent structured financier in the local market

Structured Finance Department Who we are An excellent structured financier in the local market

Structured Finance Department Who we are An excellent structured financier in the local market The Structured Finance Division consists of a team Transport of 15 seasoned project finance professionals active in the origination, structuring,

415 views • 12 slides
CS 3700 Networks and Distributed Systems Overlay Networks (P2P DHT via KBR FTW) Revised

CS 3700 Networks and Distributed Systems Overlay Networks (P2P DHT via KBR FTW) Revised

CS 3700 Networks and Distributed Systems Overlay Networks (P2P DHT via KBR FTW) Revised 10/26/2016 Outline 2 Consistent Hashing Structured Overlays / DHTs Key/Value Storage Service 3 Imagine a simple service that stores

1.8k views • 177 slides
Overlays with preferences: Approximation algorithms for matching with preference lists Giorgos

Overlays with preferences: Approximation algorithms for matching with preference lists Giorgos

Overlays with preferences: Approximation algorithms for matching with preference lists Giorgos Georgiadis Marina Papatriantafilou Happier times in Iceland, when no volcanoes were erupting Overview How do nodes flirt? Matching with

526 views • 20 slides
Introduction to SparkSQL Structured Data Processing in Spark 1 Structured Data Processing A

Introduction to SparkSQL Structured Data Processing in Spark 1 Structured Data Processing A

Introduction to SparkSQL Structured Data Processing in Spark 1 Structured Data Processing A common use case in big-data is to process structured or semi-structured data In Spark RDD, all functions and objects are black-boxes. Any

693 views • 37 slides
Estimating the Life Expectancy of Thin Asphalt Overlays in New Jersey Ayman Ali, Ph.D. Manager,

Estimating the Life Expectancy of Thin Asphalt Overlays in New Jersey Ayman Ali, Ph.D. Manager,

Estimating the Life Expectancy of Thin Asphalt Overlays in New Jersey Ayman Ali, Ph.D. Manager, Center for Research and Education in Advanced Transportation Engineering Systems (CREATEs) Rowan University 109 Gilbreth Parkway Mullica Hill, NJ

1.42k views • 103 slides
Future Internet Applications and Overlays (FIA Research Group) www3.informatik.uni-wuerzburg.de

Future Internet Applications and Overlays (FIA Research Group) www3.informatik.uni-wuerzburg.de

Institute of Computer Science Chair of Communication Networks Prof. Dr.-Ing. P. Tran-Gia Future Internet Applications and Overlays (FIA Research Group) www3.informatik.uni-wuerzburg.de FIA Team Head Tobias Hofeld Researchers Matthias

464 views • 13 slides
Rhizoma: A Runtime for Self-deploying, Self-managing Overlays Qin Yin * , Adrian Schpbach * ,

Rhizoma: A Runtime for Self-deploying, Self-managing Overlays Qin Yin * , Adrian Schpbach * ,

Rhizoma: A Runtime for Self-deploying, Self-managing Overlays Qin Yin * , Adrian Schpbach * , Justin Cappos + , Andrew Baumann * , Timothy Roscoe * * Systems Group, Department of Computer Science, ETH Zurich + Dept. of Computer Science and

645 views • 42 slides

More recommend