Cross-layer Peer-to-Peer Computing in Mobile Ad Hoc Networks

The future information society is expected to rely heavily on wireless technology. Mobile access to the Internet is steadily gaining ground, and could easily end up exceeding the number of connections from the fixed infrastructure. Picking just one example, ad hoc networking is a new paradigm of wireless communication for mobile devices. Initially, ad hoc networking targeted at military applications as well as stretching the access to the Internet beyond one wireless hop. As a matter of fact, it is now expected to be employed in a variety of civilian applications. For this reason, the issue of how to make these systems working efficiently keeps the ad hoc research community active on topics ranging from wireless technologies to networking and application systems. In contrast to traditional wire-line and wireless networks, ad hoc networks are expected to operate in an environment in which some or all the nodes are mobile, and might suddenly disappear from, or show up in, the network. The lack of any centralized point, leads to the necessity of distributing application services and responsibilities to all available nodes in the network, making the task of developing and deploying application a hard task, and highlighting the necessity of suitable middleware platforms. This thesis studies the properties and performance of peer-to-peer overlay management algorithms, employing them as communication layers in data sharing oriented middleware platforms. The work primarily develops from the observation that efficient overlays have to be aware of the physical network topology, in order to reduce (or avoid) negative impacts of application layer traffic on the network functioning. We argue that cross-layer cooperation between overlay management algorithms and the underlying layer-3 status and protocols, represents a viable alternative to engineer effective decentralized communication layers, or eventually re-engineer existing ones to foster the interconnection of ad hoc networks with Internet infrastructures. The presented approach is twofold. Firstly, we present an innovative network stack component that supports, at an OS level, the realization of cross-layer protocol interactions. Secondly, we exploit cross-layering to optimize overlay management algorithms in unstructured, structured, and publish/subscribe platforms

Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences

In this survey, we first briefly review the current state of cyber attacks, highlighting significant recent changes in how and why such attacks are performed. We then investigate the mechanics of malware command and control (C2) establishment: we provide a comprehensive review of the techniques used by attackers to set up such a channel and to hide its presence from the attacked parties and the security tools they use. We then switch to the defensive side of the problem, and review approaches that have been proposed for the detection and disruption of C2 channels. We also map such techniques to widely-adopted security controls, emphasizing gaps or limitations (and success stories) in current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages. Listing abstract compressed from version appearing in repor

Analyzing and Enhancing Routing Protocols for Friend-to-Friend Overlays

The threat of surveillance by governmental and industrial parties is more eminent than ever. As communication moves into the digital domain, the advances in automatic assessment and interpretation of enormous amounts of data enable tracking of millions of people, recording and monitoring their private life with an unprecedented accurateness. The knowledge of such an all-encompassing loss of privacy affects the behavior of individuals, inducing various degrees of (self-)censorship and anxiety. Furthermore, the monopoly of a few large-scale organizations on digital communication enables global censorship and manipulation of public opinion. Thus, the current situation undermines the freedom of speech to a detrimental degree and threatens the foundations of modern society. Anonymous and censorship-resistant communication systems are hence of utmost importance to circumvent constant surveillance. However, existing systems are highly vulnerable to infiltration and sabotage. In particular, Sybil attacks, i.e., powerful parties inserting a large number of fake identities into the system, enable malicious parties to observe and possibly manipulate a large fraction of the communication within the system. Friend-to-friend (F2F) overlays, which restrict direct communication to parties sharing a real-world trust relationship, are a promising countermeasure to Sybil attacks, since the requirement of establishing real-world trust increases the cost of infiltration drastically. Yet, existing F2F overlays suffer from a low performance, are vulnerable to denial-of-service attacks, or fail to provide anonymity. Our first contribution in this thesis is concerned with an in-depth analysis of the concepts underlying the design of state-of-the-art F2F overlays. In the course of this analysis, we first extend the existing evaluation methods considerably, hence providing tools for both our and future research in the area of F2F overlays and distributed systems in general. Based on the novel methodology, we prove that existing approaches are inherently unable to offer acceptable delays without either requiring exhaustive maintenance costs or enabling denial-of-service attacks and de-anonymization. Consequentially, our second contribution lies in the design and evaluation of a novel concept for F2F overlays based on insights of the prior in-depth analysis. Our previous analysis has revealed that greedy embeddings allow highly efficient communication in arbitrary connectivity-restricted overlays by addressing participants through coordinates and adapting these coordinates to the overlay structure. However, greedy embeddings in their original form reveal the identity of the communicating parties and fail to provide the necessary resilience in the presence of dynamic and possibly malicious users. Therefore, we present a privacy-preserving communication protocol for greedy embeddings based on anonymous return addresses rather than identifying node coordinates. Furthermore, we enhance the communication’s robustness and attack-resistance by using multiple parallel embeddings and alternative algorithms for message delivery. We show that our approach achieves a low communication complexity. By replacing the coordinates with anonymous addresses, we furthermore provably achieve anonymity in the form of plausible deniability against an internal local adversary. Complementary, our simulation study on real-world data indicates that our approach is highly efficient and effectively mitigates the impact of failures as well as powerful denial-of-service attacks. Our fundamental results open new possibilities for anonymous and censorship-resistant applications.Die Bedrohung der Überwachung durch staatliche oder kommerzielle Stellen ist ein drängendes Problem der modernen Gesellschaft. Heutzutage findet Kommunikation vermehrt über digitale Kanäle statt. Die so verfügbaren Daten über das Kommunikationsverhalten eines Großteils der Bevölkerung in Kombination mit den Möglichkeiten im Bereich der automatisierten Verarbeitung solcher Daten erlauben das großflächige Tracking von Millionen an Personen, deren Privatleben mit noch nie da gewesener Genauigkeit aufgezeichnet und beobachtet werden kann. Das Wissen über diese allumfassende Überwachung verändert das individuelle Verhalten und führt so zu (Selbst-)zensur sowie Ängsten. Des weiteren ermöglicht die Monopolstellung einiger weniger Internetkonzernen globale Zensur und Manipulation der öffentlichen Meinung. Deshalb stellt die momentane Situation eine drastische Einschränkung der Meinungsfreiheit dar und bedroht die Grundfesten der modernen Gesellschaft. Systeme zur anonymen und zensurresistenten Kommunikation sind daher von ungemeiner Wichtigkeit. Jedoch sind die momentanen System anfällig gegen Sabotage. Insbesondere ermöglichen es Sybil-Angriffe, bei denen ein Angreifer eine große Anzahl an gefälschten Teilnehmern in ein System einschleust und so einen großen Teil der Kommunikation kontrolliert, Kommunikation innerhalb eines solchen Systems zu beobachten und zu manipulieren. F2F Overlays dagegen erlauben nur direkte Kommunikation zwischen Teilnehmern, die eine Vertrauensbeziehung in der realen Welt teilen. Dadurch erschweren F2F Overlays das Eindringen von Angreifern in das System entscheidend und verringern so den Einfluss von Sybil-Angriffen. Allerdings leiden die existierenden F2F Overlays an geringer Leistungsfähigkeit, Anfälligkeit gegen Denial-of-Service Angriffe oder fehlender Anonymität. Der erste Beitrag dieser Arbeit liegt daher in der fokussierten Analyse der Konzepte, die in den momentanen F2F Overlays zum Einsatz kommen. Im Zuge dieser Arbeit erweitern wir zunächst die existierenden Evaluationsmethoden entscheidend und erarbeiten so Methoden, die Grundlagen für unsere sowie zukünftige Forschung in diesem Bereich bilden. Basierend auf diesen neuen Evaluationsmethoden zeigen wir, dass die existierenden Ansätze grundlegend nicht fähig sind, akzeptable Antwortzeiten bereitzustellen ohne im Zuge dessen enorme Instandhaltungskosten oder Anfälligkeiten gegen Angriffe in Kauf zu nehmen. Folglich besteht unser zweiter Beitrag in der Entwicklung und Evaluierung eines neuen Konzeptes für F2F Overlays, basierenden auf den Erkenntnissen der vorangehenden Analyse. Insbesondere ergab sich in der vorangehenden Evaluation, dass Greedy Embeddings hoch-effiziente Kommunikation erlauben indem sie Teilnehmer durch Koordinaten adressieren und diese an die Struktur des Overlays anpassen. Jedoch sind Greedy Embeddings in ihrer ursprünglichen Form nicht auf anonyme Kommunikation mit einer dynamischen Teilnehmermengen und potentiellen Angreifern ausgelegt. Daher präsentieren wir ein Privätssphäre-schützenden Kommunikationsprotokoll für F2F Overlays, in dem die identifizierenden Koordinaten durch anonyme Adressen ersetzt werden. Des weiteren erhöhen wir die Resistenz der Kommunikation durch den Einsatz mehrerer Embeddings und alternativer Algorithmen zum Finden von Routen. Wir beweisen, dass unser Ansatz eine geringe Kommunikationskomplexität im Bezug auf die eigentliche Kommunikation sowie die Instandhaltung des Embeddings aufweist. Ferner zeigt unsere Simulationstudie, dass der Ansatz effiziente Kommunikation mit kurzen Antwortszeiten und geringer Instandhaltungskosten erreicht sowie den Einfluss von Ausfälle und Angriffe erfolgreich abschwächt. Unsere grundlegenden Ergebnisse eröffnen neue Möglichkeiten in der Entwicklung anonymer und zensurresistenter Anwendungen

An interoperable and secure architecture for internet-scale decentralized personal communication

Interpersonal network communications, including Voice over IP (VoIP) and Instant Messaging (IM), are increasingly popular communications tools. However, systems to date have generally adopted a client-server model, requiring complex centralized infrastructure, or have not adhered to any VoIP or IM standard. Many deployment scenarios either require no central equipment, or due to unique properties of the deployment, are limited or rendered unattractive by central servers. to address these scenarios, we present a solution based on the Session Initiation Protocol (SIP) standard, utilizing a decentralized Peer-to-Peer (P2P) mechanism to distribute data. Our new approach, P2PSIP, enables users to communicate with minimal or no centralized servers, while providing secure, real-time, authenticated communications comparable in security and performance to centralized solutions.;We present two complete protocol descriptions and system designs. The first, the SOSIMPLE/dSIP protocol, is a P2P-over-SIP solution, utilizing SIP both for the transport of P2P messages and personal communications, yielding an interoperable, single-stack solution for P2P communications. The RELOAD protocol is a binary P2P protocol, designed for use in a SIP-using-P2P architecture where an existing SIP application is modified to use an additional, binary RELOAD stack to distribute user information without need for a central server.;To meet the unique security needs of a fully decentralized communications system, we propose an enrollment-time certificate authority model that provides asserted identity and strong P2P and user-level security. In this model, a centralized server is contacted only at enrollment time. No run-time connections to the servers are required.;Additionally, we show that traditional P2P message routing mechanisms are inappropriate for P2PSIP. The existing mechanisms are generally optimized for file sharing and neglect critical practical elements of the open Internet --- namely link-level security and asymmetric connectivity caused by Network Address Translators (NATs). In response to these shortcomings, we introduce a new message routing paradigm, Adaptive Routing (AR), and using both analytical models and simulation show that AR significantly improves message routing performance for P2PSIP systems.;Our work has led to the creation of a new research topic within the P2P and interpersonal communications communities, P2PSIP. Our seminal publications have provided the impetus for subsequent P2PSIP publications, for the listing of P2PSIP as a topic in conference calls for papers, and for the formation of a new working group in the Internet Engineering Task Force (IETF), directed to develop an open Internet standard for P2PSIP

Application Layer Architectures for Disaster Response Systems

Traditional disaster response methods face several issues such as limited situational awareness, lack of interoperability and reliance on voice-oriented communications. Disaster response systems (DRSs) aim to address these issues and assist responders by providing a wide range of services. Since the network infrastructure in disaster area may become non-operational, mobile ad-hoc networks (MANETs) are the only alternative to provide connectivity and other network services. Because of the dynamic nature of MANETs the applications/services provided by DRSs should be based on distributed architectures. These distributed application/services form overlays on top of MANETs. This thesis aims to improve three main aspect of DRSs: interoperability, automation, and prioritization. Interoperability enables the communication and collaboration between different rescue teams which improve the efficiency of rescue operations and avoid potential interferences between teams. Automation allows responders to focus more on their tasks by minimizing the required human interventions in DRSs. Automation also allows machines to operate in areas where human cannot because of safety issues. Prioritization ensures that emergency services (e.g. firefighter communications) in DRSs have higher priority to receive resources (e.g. network services) than non-emergency services (e.g. new reporters’ communications). Prioritizing vital services in disaster area can save lives. This thesis proposes application layer architectures that enable three important services in DRSs and contribute to the improvement of the three aforementioned aspects of DRSs: overlay interconnection, service discovery and differentiated quality of service (QoS). The overlay interconnection architecture provides a distributed and scalable mechanism to interconnect end-user application overlays and gateway overlays in MANETs. The service discovery architecture is a distributed directory-based service discovery mechanism based on the standard Domain Name System (DNS) protocol. Lastly, a differentiated QoS architecture is presented that provides admission control and policy enforcement functions based on a given prioritization scheme. For each of the provided services, a motivation scenario is presented, requirements are derived and related work is evaluated with respect to these requirements. Furthermore, performance evaluations are provided for each of the proposed architectures. For the overlay interconnection architecture, a prototype is presented along with performance measurements. The results show that our architecture achieves acceptable request-response delays and network load overhead. For the service discovery architecture, extensive simulations have been run to evaluate the performance of our architecture and to compare it with the Internet Engineering Task Force (IETF) directory-less service discovery proposal based on Multicast DNS. The results show that our architecture generates less overall network load and ensures successful discovery with higher probability. Finally, for the differentiated QoS architecture, simulations results show that our architecture not only enables differentiated QoS, it also improves overall QoS in terms of the number of successful overlay flows

Scalable discovery of networked data : Algorithms, Infrastructure, Applications

Harmelen, F.A.H. van [Promotor]Siebes, R.M. [Copromotor

Integrating Wireless Sensor Networks and Mobile Ad-hoc NETworks for enhanced value-added services

In some situations where the standard telecommunication infrastructure is not available, Mobile Ad hoc NETworks (MANETs) can be deployed to provide the required communication. These networks are established "on the fly" without a need for prior communication organization and are composed of autonomous mobile devices, such as cell phones, PDAs or laptops. In similar conditions, such as in emergency response operations, integrating MANETs and Wireless Sensor Networks (WSNs) can notably enhance the MANET participant's end-user experience. WSNs sense and aggregate ambient information, such as physiological, environmental or physical data related to a nearby phenomenon. The integration, which provides end-user availability to WSN required information, is feasible via gateways. However, when the ambient information collected by WSNs is intended for applications residing in MANETs, centralized and fixed gateways are not practicably feasible. This is mainly due to ad-hoc nature, lack of centralized control and constraints on the end-user devices that are used in MANETs. These devices are usually limited in power and capacity and cannot host centralized gateways. In this thesis we exploit the integration of WSN and MANET in order to provide novel value-added services which enhance the end-user experience of MANET participants. Motivating scenarios are introduced, background information is presented, requirements are derived and the state of the art regarding the integration of WSN with existing networks, including MANETs, is evaluated. Based on the evaluation, none of the existing solutions satisfies all of our derived requirements. Therefore, we propose an overall two-level overlay architecture to integrate WSNs (with mobile sinks) and MANETs. This architecture is based on the distributed gateway and applications which form the P2P overlays. Overlays are application-layer networks which are created on top of the exiting MANET. To interconnect gateway and application overlays we derive corresponding requirements and evaluate the existing approaches. Since none of these approaches fulfills all of our requirements, we propose protocols, mechanisms and design corresponding modules for the interconnection of overlays. Finally we refine our overall architecture based on the interconnection aspects. As a proof of concept, we implement a prototype for the inter-overlay information exchange. This implementation is based on SIP extensions and uses two existing P2P middlewares. We also simulate our prototype using Oversim simulation tool and collect experimental results. Based on these results, we can see that our architecture is a valid and promising approach for interconnecting different P2P overlays and can be deployed to provide the overall solution for WSN and MANET integrated system

Private and censorship-resistant communication over public networks

Society’s increasing reliance on digital communication networks is creating unprecedented opportunities for wholesale surveillance and censorship. This thesis investigates the use of public networks such as the Internet to build robust, private communication systems that can resist monitoring and attacks by powerful adversaries such as national governments. We sketch the design of a censorship-resistant communication system based on peer-to-peer Internet overlays in which the participants only communicate directly with people they know and trust. This ‘friend-to-friend’ approach protects the participants’ privacy, but it also presents two significant challenges. The first is that, as with any peer-to-peer overlay, the users of the system must collectively provide the resources necessary for its operation; some users might prefer to use the system without contributing resources equal to those they consume, and if many users do so, the system may not be able to survive. To address this challenge we present a new game theoretic model of the problem of encouraging cooperation between selfish actors under conditions of scarcity, and develop a strategy for the game that provides rational incentives for cooperation under a wide range of conditions. The second challenge is that the structure of a friend-to-friend overlay may reveal the users’ social relationships to an adversary monitoring the underlying network. To conceal their sensitive relationships from the adversary, the users must be able to communicate indirectly across the overlay in a way that resists monitoring and attacks by other participants. We address this second challenge by developing two new routing protocols that robustly deliver messages across networks with unknown topologies, without revealing the identities of the communication endpoints to intermediate nodes or vice versa. The protocols make use of a novel unforgeable acknowledgement mechanism that proves that a message has been delivered without identifying the source or destination of the message or the path by which it was delivered. One of the routing protocols is shown to be robust to attacks by malicious participants, while the other provides rational incentives for selfish participants to cooperate in forwarding messages