4,146 research outputs found
Content-Centric Networking at Internet Scale through The Integration of Name Resolution and Routing
We introduce CCN-RAMP (Routing to Anchors Matching Prefixes), a new approach
to content-centric networking. CCN-RAMP offers all the advantages of the Named
Data Networking (NDN) and Content-Centric Networking (CCNx) but eliminates the
need to either use Pending Interest Tables (PIT) or lookup large Forwarding
Information Bases (FIB) listing name prefixes in order to forward Interests.
CCN-RAMP uses small forwarding tables listing anonymous sources of Interests
and the locations of name prefixes. Such tables are immune to Interest-flooding
attacks and are smaller than the FIBs used to list IP address ranges in the
Internet. We show that no forwarding loops can occur with CCN-RAMP, and that
Interests flow over the same routes that NDN and CCNx would maintain using
large FIBs. The results of simulation experiments comparing NDN with CCN-RAMP
based on ndnSIM show that CCN-RAMP requires forwarding state that is orders of
magnitude smaller than what NDN requires, and attains even better performance
Exploiting the Synergy Between Gossiping and Structured Overlays
In this position paper we argue for exploiting the synergy between gossip-based algorithms and structured overlay networks (SON). These two strands of research have both aimed at building fault-tolerant, dynamic, self-managing, and large-scale distributed systems. Despite the common goals, the two areas have, however, been relatively isolated. We focus on three problem domains where there is an untapped potential of using gossiping combined with SONs. We argue for applying gossip-based membership for ring-based SONs---such as Chord and Bamboo---to make them handle partition mergers and loopy networks. We argue that small world SONs---such as Accordion and Mercury---are specifically well-suited for gossip-based membership management. The benefits would be better graph-theoretic properties. Finally, we argue that gossip-based algorithms could use the overlay constructed by SONs. For example, many unreliable broadcast algorithms for SONs could be augmented with anti-entropy protocols. Similarly, gossip-based aggregation could be used in SONs for network size estimation and load-balancing purposes
Octopus: A Secure and Anonymous DHT Lookup
Distributed Hash Table (DHT) lookup is a core technique in structured
peer-to-peer (P2P) networks. Its decentralized nature introduces security and
privacy vulnerabilities for applications built on top of them; we thus set out
to design a lookup mechanism achieving both security and anonymity, heretofore
an open problem. We present Octopus, a novel DHT lookup which provides strong
guarantees for both security and anonymity. Octopus uses attacker
identification mechanisms to discover and remove malicious nodes, severely
limiting an adversary's ability to carry out active attacks, and splits lookup
queries over separate anonymous paths and introduces dummy queries to achieve
high levels of anonymity. We analyze the security of Octopus by developing an
event-based simulator to show that the attacker discovery mechanisms can
rapidly identify malicious nodes with low error rate. We calculate the
anonymity of Octopus using probabilistic modeling and show that Octopus can
achieve near-optimal anonymity. We evaluate Octopus's efficiency on Planetlab
with 207 nodes and show that Octopus has reasonable lookup latency and
manageable communication overhead
The essence of P2P: A reference architecture for overlay networks
The success of the P2P idea has created a huge diversity
of approaches, among which overlay networks, for example,
Gnutella, Kazaa, Chord, Pastry, Tapestry, P-Grid, or DKS,
have received specific attention from both developers and
researchers. A wide variety of algorithms, data structures,
and architectures have been proposed. The terminologies
and abstractions used, however, have become quite inconsistent since the P2P paradigm has attracted people from many different communities, e.g., networking, databases, distributed systems, graph theory, complexity theory, biology, etc. In this paper we propose a reference model for overlay networks which is capable of modeling different approaches in this domain in a generic manner. It is intended to allow researchers and users to assess the properties of concrete systems, to establish a common vocabulary for scientific discussion, to facilitate the qualitative comparison of the systems, and to serve as the basis for defining a standardized API to make overlay networks interoperable
X-Vine: Secure and Pseudonymous Routing Using Social Networks
Distributed hash tables suffer from several security and privacy
vulnerabilities, including the problem of Sybil attacks. Existing social
network-based solutions to mitigate the Sybil attacks in DHT routing have a
high state requirement and do not provide an adequate level of privacy. For
instance, such techniques require a user to reveal their social network
contacts. We design X-Vine, a protection mechanism for distributed hash tables
that operates entirely by communicating over social network links. As with
traditional peer-to-peer systems, X-Vine provides robustness, scalability, and
a platform for innovation. The use of social network links for communication
helps protect participant privacy and adds a new dimension of trust absent from
previous designs. X-Vine is resilient to denial of service via Sybil attacks,
and in fact is the first Sybil defense that requires only a logarithmic amount
of state per node, making it suitable for large-scale and dynamic settings.
X-Vine also helps protect the privacy of users social network contacts and
keeps their IP addresses hidden from those outside of their social circle,
providing a basis for pseudonymous communication. We first evaluate our design
with analysis and simulations, using several real world large-scale social
networking topologies. We show that the constraints of X-Vine allow the
insertion of only a logarithmic number of Sybil identities per attack edge; we
show this mitigates the impact of malicious attacks while not affecting the
performance of honest nodes. Moreover, our algorithms are efficient, maintain
low stretch, and avoid hot spots in the network. We validate our design with a
PlanetLab implementation and a Facebook plugin.Comment: 15 page
- …