Abstract
Network signaling and control mechanisms are critical to coordinate such diverse defense capabilities as honeypots and honeynets, host-based defenses, and online patching systems, any one of which might issue an actionable alert and provide security-critical data. Despite considerable work in exploring the trust requirements of such defenses and in addressing the distribution speed of alerts, little work has gone into identifying how the underlying transport systems behave under adversarial scenarios.
In this paper, we evaluate the reliability and performance trade-offs for a variety of control channel mechanisms that are suitable for coordinating large-scale collaborative defenses when under attack. Our results show that the performance and reliability characteristics change drastically when one evaluates the systems under attack by a sophisticated and targeted adversary. Based on our evaluation, we explore available design choices to reinforce the reliability of the control channel mechanisms. To that end, we propose ways to construct a control scheme to improve network coverage without imposing additional overhead.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Aspnes, J., Rustagi, N., Saia, J.: Worm versus alert: Who wins in a battle for control of a large-scale network? In: Tovar, E., Tsigas, P., Fouchal, H. (eds.) OPODIS 2007. LNCS, vol. 4878, pp. 443–456. Springer, Heidelberg (2007)
Awerbuch, B., Scheideler, C.: Towards a scalable and robust dht. Theory of Computing Systems (2009)
Baumgart, I., Heep, B., Krause, S.: Oversim: A flexible overlay network simulation framework. In: Proc. of IEEE GI (2007)
Bharambe, A., Herley, C., Padmanabhan, V.: Analyzing and improving a bittorrent network’s performance mechanisms. In: Proc. IEEE INFOCOM (2006)
Costa, M., Crowcroft, J., Castro, M., Rowstron, A., Zhou, L., Zhang, L., Barham, P.: Vigilante: end-to-end containment of internet worms. In: Proc. of SOSP (2005)
Dabek, F., Zhao, B., Druschel, P., Kubiatowicz, J., Stoica, I.: Towards a common api for structured peer-to-peer overlays. In: Kaashoek, M.F., Stoica, I. (eds.) IPTPS 2003. LNCS, vol. 2735, Springer, Heidelberg (2003)
Gkantsidis, C., Karagiannis, T., VojnoviC, M.: Planet scale software updates. In: Proc. of SIGCOMM (2006)
Hui-shan, L., Ke, X., Ming-wei, X., Yong, C.: S-chord: Hybrid topology makes chord efficient. In: Lorenz, P., Dini, P. (eds.) ICN 2005. LNCS, vol. 3421, pp. 480–487. Springer, Heidelberg (2005)
Karger, D., Lehman, E., Leighton, T., Panigrahy, R., Levine, M., Lewin, D.: Consistent hashing and random trees: distributed caching protocols for relieving hot spots on the world wide web. In: Proc. of STOC (1997)
Ktari, S., Hecker, A., Labiod, H.: Exploiting power-law node degree distribution in chord overlays. In: Proc. of NGI (2009)
Li, J., Stribling, J., Morris, R., Kaashoek, M., Gil, T.: A performance vs. cost framework for evaluating dht design tradeoffs under churn. In: Proc. IEEE INFOCOM (2005)
Loo, B., Huebsch, R., Stoica, I., Hellerstein, J.: The case for a hybrid P2P search infrastructure. In: Voelker, G.M., Shenker, S. (eds.) IPTPS 2004. LNCS, vol. 3279, pp. 141–150. Springer, Heidelberg (2005)
Maymounkov, P., Mazieres, D.: Kademlia: A peer-to-peer information system based on the XOR metric. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, p. 53. Springer, Heidelberg (2002)
Menasche, D., Rocha, A., Li, B., Towsley, D., Venkataramani, A.: Modeling content availability in peer-to-peer swarming systems. SIGMETRICS Perform. Eval. Rev. (2009)
Mitra, B., Peruani, F., Ghose, S., Ganguly, N.: Analyzing the vulnerability of superpeer networks against attack. In: Proc. of CCS (2007)
Neglia, G., Reina, G., Zhang, H., Towsley, D., Venkataramani, A., Danaher, J.: Availability in bittorrent systems. In: Proc. IEEE INFOCOM (2007)
Piatek, M., Isdal, T., Anderson, T., Krishnamurthy, A., Venkataramani, A.: Do incentives build robustness in bittorrent. In: Proc. of NSDI (2007)
Pittel, B.: On spreading a rumor. SIAM Journal on Applied Mathematics (1987)
Qiu, D., Srikant, R.: Modeling and performance analysis of bittorrent-like peer-to-peer networks. In: Proc. of SIGCOMM (2004)
Rhea, S., Chun, B., Kubiatowicz, J., Shenker, S.: Fixing the embarrassing slowness of opendht on planetlab. In: Proc. of WORLDS (2005)
Rhea, S., Geels, D., Roscoe, T., Kubiatowicz, J.: Handling churn in a dht. In: Proc. of the USENIX Annual Technical Conference (2004)
Rowstron, A., Druschel, P.: Pastry: Scalable, distributed object location and routing for large-scale peer-to-peer systems. In: IFIP/ACM International Conference on Distributed Systems Platforms, Middleware (2001)
Serenyi, D., Witten, B.: Rapidupdate: Peer-assisted distribution of security content. In: Proc. IPTPS (2008)
Shakkottai, S., Srikant, R.: Peer to peer networks for defense against internet worms. In: Proc. of Inter-Perf (2006)
Stoica, I., Morris, R., Karger, D., Kaashoek, M., Balakrishnan, H.: Chord: A scalable peer-to-peer lookup service for internet applications. SIGCOMM Comput. Commun. Rev. (2001)
VojnoviC, M., Ganesh, A.: On the race of worms, alerts, and patches. IEEE/ACM Transactions on Networking (2008)
Yang, B., Garcia-Molina, H.: Designing a super-peer network. In: Proc. of ICDE (2003)
Zaharia, M., Keshav, S.: Gossip-based search selection in hybrid peer-to-peer networks. In: Proc. of IPTPS (2006)
Zhu, Y., Wang, H., Hu, Y.: A super-peer based lookup in structured peer-to-peer systems. In: Proc. of PDCS (2003)
Zou, C., Gong, W., Towsley, D.: Worm propagation modeling and analysis under dynamic quarantine defense. In: Proc. of WORM (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jee, K., Sidiroglou-Douskos, S., Stavrou, A., Keromytis, A. (2011). An Adversarial Evaluation of Network Signaling and Control Mechanisms. In: Rhee, KH., Nyang, D. (eds) Information Security and Cryptology - ICISC 2010. ICISC 2010. Lecture Notes in Computer Science, vol 6829. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24209-0_17
Download citation
DOI: https://doi.org/10.1007/978-3-642-24209-0_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24208-3
Online ISBN: 978-3-642-24209-0
eBook Packages: Computer ScienceComputer Science (R0)