Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security and Cryptology

ICISC 2010: Information Security and Cryptology - ICISC 2010 pp 252–265Cite as

An Adversarial Evaluation of Network Signaling and Control Mechanisms

  • Conference paper

  • 1160 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6829))

Abstract

Network signaling and control mechanisms are critical to coordinate such diverse defense capabilities as honeypots and honeynets, host-based defenses, and online patching systems, any one of which might issue an actionable alert and provide security-critical data. Despite considerable work in exploring the trust requirements of such defenses and in addressing the distribution speed of alerts, little work has gone into identifying how the underlying transport systems behave under adversarial scenarios.

In this paper, we evaluate the reliability and performance trade-offs for a variety of control channel mechanisms that are suitable for coordinating large-scale collaborative defenses when under attack. Our results show that the performance and reliability characteristics change drastically when one evaluates the systems under attack by a sophisticated and targeted adversary. Based on our evaluation, we explore available design choices to reinforce the reliability of the control channel mechanisms. To that end, we propose ways to construct a control scheme to improve network coverage without imposing additional overhead.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aspnes, J., Rustagi, N., Saia, J.: Worm versus alert: Who wins in a battle for control of a large-scale network? In: Tovar, E., Tsigas, P., Fouchal, H. (eds.) OPODIS 2007. LNCS, vol. 4878, pp. 443–456. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  2. Awerbuch, B., Scheideler, C.: Towards a scalable and robust dht. Theory of Computing Systems (2009)

    Google Scholar 

  3. Baumgart, I., Heep, B., Krause, S.: Oversim: A flexible overlay network simulation framework. In: Proc. of IEEE GI (2007)

    Google Scholar 

  4. Bharambe, A., Herley, C., Padmanabhan, V.: Analyzing and improving a bittorrent network’s performance mechanisms. In: Proc. IEEE INFOCOM (2006)

    Google Scholar 

  5. Costa, M., Crowcroft, J., Castro, M., Rowstron, A., Zhou, L., Zhang, L., Barham, P.: Vigilante: end-to-end containment of internet worms. In: Proc. of SOSP (2005)

    Google Scholar 

  6. Dabek, F., Zhao, B., Druschel, P., Kubiatowicz, J., Stoica, I.: Towards a common api for structured peer-to-peer overlays. In: Kaashoek, M.F., Stoica, I. (eds.) IPTPS 2003. LNCS, vol. 2735, Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  7. Gkantsidis, C., Karagiannis, T., VojnoviC, M.: Planet scale software updates. In: Proc. of SIGCOMM (2006)

    Google Scholar 

  8. Hui-shan, L., Ke, X., Ming-wei, X., Yong, C.: S-chord: Hybrid topology makes chord efficient. In: Lorenz, P., Dini, P. (eds.) ICN 2005. LNCS, vol. 3421, pp. 480–487. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  9. Karger, D., Lehman, E., Leighton, T., Panigrahy, R., Levine, M., Lewin, D.: Consistent hashing and random trees: distributed caching protocols for relieving hot spots on the world wide web. In: Proc. of STOC (1997)

    Google Scholar 

  10. Ktari, S., Hecker, A., Labiod, H.: Exploiting power-law node degree distribution in chord overlays. In: Proc. of NGI (2009)

    Google Scholar 

  11. Li, J., Stribling, J., Morris, R., Kaashoek, M., Gil, T.: A performance vs. cost framework for evaluating dht design tradeoffs under churn. In: Proc. IEEE INFOCOM (2005)

    Google Scholar 

  12. Loo, B., Huebsch, R., Stoica, I., Hellerstein, J.: The case for a hybrid P2P search infrastructure. In: Voelker, G.M., Shenker, S. (eds.) IPTPS 2004. LNCS, vol. 3279, pp. 141–150. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  13. Maymounkov, P., Mazieres, D.: Kademlia: A peer-to-peer information system based on the XOR metric. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, p. 53. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  14. Menasche, D., Rocha, A., Li, B., Towsley, D., Venkataramani, A.: Modeling content availability in peer-to-peer swarming systems. SIGMETRICS Perform. Eval. Rev. (2009)

    Google Scholar 

  15. Mitra, B., Peruani, F., Ghose, S., Ganguly, N.: Analyzing the vulnerability of superpeer networks against attack. In: Proc. of CCS (2007)

    Google Scholar 

  16. Neglia, G., Reina, G., Zhang, H., Towsley, D., Venkataramani, A., Danaher, J.: Availability in bittorrent systems. In: Proc. IEEE INFOCOM (2007)

    Google Scholar 

  17. Piatek, M., Isdal, T., Anderson, T., Krishnamurthy, A., Venkataramani, A.: Do incentives build robustness in bittorrent. In: Proc. of NSDI (2007)

    Google Scholar 

  18. Pittel, B.: On spreading a rumor. SIAM Journal on Applied Mathematics (1987)

    Google Scholar 

  19. Qiu, D., Srikant, R.: Modeling and performance analysis of bittorrent-like peer-to-peer networks. In: Proc. of SIGCOMM (2004)

    Google Scholar 

  20. Rhea, S., Chun, B., Kubiatowicz, J., Shenker, S.: Fixing the embarrassing slowness of opendht on planetlab. In: Proc. of WORLDS (2005)

    Google Scholar 

  21. Rhea, S., Geels, D., Roscoe, T., Kubiatowicz, J.: Handling churn in a dht. In: Proc. of the USENIX Annual Technical Conference (2004)

    Google Scholar 

  22. Rowstron, A., Druschel, P.: Pastry: Scalable, distributed object location and routing for large-scale peer-to-peer systems. In: IFIP/ACM International Conference on Distributed Systems Platforms, Middleware (2001)

    Google Scholar 

  23. Serenyi, D., Witten, B.: Rapidupdate: Peer-assisted distribution of security content. In: Proc. IPTPS (2008)

    Google Scholar 

  24. Shakkottai, S., Srikant, R.: Peer to peer networks for defense against internet worms. In: Proc. of Inter-Perf (2006)

    Google Scholar 

  25. Stoica, I., Morris, R., Karger, D., Kaashoek, M., Balakrishnan, H.: Chord: A scalable peer-to-peer lookup service for internet applications. SIGCOMM Comput. Commun. Rev. (2001)

    Google Scholar 

  26. VojnoviC, M., Ganesh, A.: On the race of worms, alerts, and patches. IEEE/ACM Transactions on Networking (2008)

    Google Scholar 

  27. Yang, B., Garcia-Molina, H.: Designing a super-peer network. In: Proc. of ICDE (2003)

    Google Scholar 

  28. Zaharia, M., Keshav, S.: Gossip-based search selection in hybrid peer-to-peer networks. In: Proc. of IPTPS (2006)

    Google Scholar 

  29. Zhu, Y., Wang, H., Hu, Y.: A super-peer based lookup in structured peer-to-peer systems. In: Proc. of PDCS (2003)

    Google Scholar 

  30. Zou, C., Gong, W., Towsley, D.: Worm propagation modeling and analysis under dynamic quarantine defense. In: Proc. of WORM (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Columbia University, USA

    Kangkook Jee & Angelos Keromytis

  2. Computer Science and Artificial Intelligence Laboratory, MIT, USA

    Stelios Sidiroglou-Douskos

  3. Department of Computer Science, George Mason University, USA

    Angelos Stavrou

Authors
  1. Kangkook Jee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stelios Sidiroglou-Douskos
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Angelos Stavrou
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Angelos Keromytis
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of IT Convergence Application Engineering, Pukyong National University, 599-1 Daeyeon 3-Dong Namgu, 608-737, Busan, Republic of Korea

    Kyung-Hyune Rhee

  2. Department of Computer Science and Information Technology, INHA University, 253 Yonghyun-dong, Nam-gu, 402-751, Incheon, Republic of Korea

    DaeHun Nyang

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jee, K., Sidiroglou-Douskos, S., Stavrou, A., Keromytis, A. (2011). An Adversarial Evaluation of Network Signaling and Control Mechanisms. In: Rhee, KH., Nyang, D. (eds) Information Security and Cryptology - ICISC 2010. ICISC 2010. Lecture Notes in Computer Science, vol 6829. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24209-0_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-24209-0_17

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-24208-3

  • Online ISBN: 978-3-642-24209-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation