Home

Pushback for Overlay Networks: Protecting Against Malicious Insiders

Angelos Stavrou; Michael E. Locasto; Angelos D. Keromytis

Title:
Pushback for Overlay Networks: Protecting Against Malicious Insiders
Author(s):
Stavrou, Angelos
Locasto, Michael E.
Keromytis, Angelos D.
Date:
Type:
Articles
Department:
Computer Science
Part Number:
5037
Book/Journal Title:
Applied Cryptography and Network Security: 6th International Conference, ACNS 2008, New York, NY, USA, June 3-6, 2008: Proceedings
Book Author:
Bellovin, Steven Michael
Publisher:
Springer
Publisher Location:
New York
Abstract:
Peer-to-Peer (P2P) overlay networks are a flexible way of creating decentralized services. Although resilient to external Denial of Service attacks, overlay networks can be rendered inoperable by simple flooding attacks generated from insider nodes. In this paper, we study detection and containment mechanisms against insider Denial of Service (DoS) attacks for overlay networks. To counter such attacks, we introduce novel mechanisms for protecting overlay networks that exhibit well defined properties due to their structure against non-conforming (abnormal) behavior of participating nodes. We use a lightweight distributed detection mechanism that exploits inherent structural invariants of DHTs to ferret out anomalous flow behavior. We evaluate our mechanism's ability to detect attackers using our prototype implementation on web traces from IRCache served by a DHT network. Our results show that our system can detect a simple attacker whose attack traffic deviates by as little as 5% from average traffic. We also demonstrate the resiliency of our mechanism against coordinated distributed flooding attacks that involve up to 15% of overlay nodes. In addition, we verify that our detection algorithms work well, producing a low false positive rate (< 2%) when used in a system that serves normal web traffic.
Subject(s):
Computer science
Publisher DOI:
http://dx.doi.org/10.1007/978-3-540-68914-0_3
Item views:
26
Metadata:
View

In Partnership with the Center for Digital Research and Scholarship at Columbia University Libraries/Information Services.