Service-Driven Networking

This thesis presents our research on service-driven networking, which is a general design framework for service quality assurance and integrated network and service management in large scale multi-domain networks. The philosophy is to facilitate bi-party open participation among the users and the providers of network services in order to bring about better service customization and quality assurance, without sacrificing the autonomy and objectives of the individual entities. Three primary research topics are documented: service composition and adaptation, self-stabilization in uncoordinated environment, and service quality modeling. The work involves theoretical analysis, algorithm design, and simulations as evaluation methodology

A framework for the dynamic management of Peer-to-Peer overlays

Peer-to-Peer (P2P) applications have been associated with inefficient operation, interference with other network services and large operational costs for network providers. This thesis presents a framework which can help ISPs address these issues by means of intelligent management of peer behaviour. The proposed approach involves limited control of P2P overlays without interfering with the fundamental characteristics of peer autonomy and decentralised operation. At the core of the management framework lays the Active Virtual Peer (AVP). Essentially intelligent peers operated by the network providers, the AVPs interact with the overlay from within, minimising redundant or inefficient traffic, enhancing overlay stability and facilitating the efficient and balanced use of available peer and network resources. They offer an “insider‟s” view of the overlay and permit the management of P2P functions in a compatible and non-intrusive manner. AVPs can support multiple P2P protocols and coordinate to perform functions collectively. To account for the multi-faceted nature of P2P applications and allow the incorporation of modern techniques and protocols as they appear, the framework is based on a modular architecture. Core modules for overlay control and transit traffic minimisation are presented. Towards the latter, a number of suitable P2P content caching strategies are proposed. Using a purpose-built P2P network simulator and small-scale experiments, it is demonstrated that the introduction of AVPs inside the network can significantly reduce inter-AS traffic, minimise costly multi-hop flows, increase overlay stability and load-balancing and offer improved peer transfer performance

Contributions to the Resilience of Peer-To-Peer Video Streaming against Denial-of-Service Attacks

Um die ständig wachsenden Anforderungen zur Übertragung von Live Video Streams im Internet zu erfüllen werden kosteneffektive und resourceneffiziente Lösungen benötigt. Eine adäquate Lösung bietet die Peer-to-Peer (P2P) Streaming Architektur an, welche bereits heute in unterschiedlichsten Systemen zum Einsatz kommt. Solche Systeme erfordern von der Streaming Quelle nur moderate Bandbreiten, da die Nutzer (bzw. Peers) ihre eigene Bandbreite zur Verbreitung des Streams einbringen. Dazu werden die Peers oberhalb der Internetarchitektur zu einem Overlay verbunden. Das geplante Verlassen, sowie der ungewollte Absturz von Peers (genannt Churn) kann das Overlay schädigen und den Empfang einiger Peers unterbrechen. Weitaus kritischer sind Angriffe auf die Verfügbarkeit des Systems indem relevante Knoten des Overlays von Angreifern attackiert werden, um die Verteilung des Streams gezielt zu stören. Um Overlays zu konstruieren, die robust gegenüber Churn sind, nutzen so genannte pull-basierte P2P Streaming Systeme eine Mesh Topologie um jeden Peer über mehrere Pfade mit der Quelle zu verbinden. Peers fordern regelmäßig Teile des Videos, sog. Chunks, von ihren Partnern im Overlay an. Selbst wenn einige Partner plötzlich nicht mehr im System verfügbar sind kann ein Peer alle Chunks von den verbleibenden Nachbarn beziehen. Um dies zu ermöglichen tauschen Peers regelmäßig sog. Buffer Maps aus. Diese kleinen Pakete enthalten Informationen über die Verfügbarkeit von Chunks im Puffer eines Peers. Um dadurch entstehende Latenzen und den zusätzlichen Mehraufwand zu reduzieren wurden hybride Systeme entwickelt. Ein solches System beginnt pull-basiert und formt mit der Zeit einen Baum aus einer kleinen Untermenge aller Peers um Chunks ohne explizite Anfrage weiterzuleiten. Unglücklicherweise sind sowohl pull-basierte, als auch hybride Systeme anfällig gegenüber Denial-of-Service Angriffen (DoS). Insbesondere fehlen Maßnahmen zur Abschwächung von DoS Angriffen auf die Partner der Quelle. Die genannten Angriffe werden weiterhin dadurch erleichtert, dass die Identität der Quelle-nahen Knoten akkurat aus den ausgetauschten Buffer Maps extrahiert werden kann. Hybride Systeme sind außerdem anfällig für Angriffe auf den zugrundeliegenden Baum. Aufgrund der schwerwiegenden Auswirkungen von DoS Angriffen auf pull-basierte, sowie hybride Systeme stellen wir drei Gegenmaßnahmen vor. Zuerst entwickeln wir das Striping Schema zur Abschwächung von DoS Angriffen auf die Partner der Quelle. Hierbei werden Peers dazu angeregt ihre Chunk-Anfragen an unterschiedliche Partner zu senden. Als zweites entwickeln wir das SWAP Schema, welches Peers dazu bringt proaktiv ihre Partner zu wechseln um Angreifer daran zu hindern die Quellenahe zu identifizieren. Als drittes entwickeln wir RBCS, einen widerstandsfähigen Baum zur Abschwächung von DoS Angriffen auf hybride Systeme. Da bisher kein Simulator für die faire Evaluation von P2P-basierten Live Video Streaming Algorithmen verfügbar war, entwickeln wir OSSim, ein generalisiertes Simulations-Framework für P2P-basiertes Video Streaming. Des weiteren entwickeln wir etliche Angreifermodelle sowie neuartige Resilienzmetriken on OSSim. Ausgiebige Simulationsstudien zeigen, dass die entwickelten Schemata signifikant die Widerstandsfähigkeit von pull-basierten und hybriden Systemen gegenüber Churn und DoS Angriffen erhöhen.The constantly growing demand to watch live videos over the Internet requires streaming systems to be cost-effective and resource-efficient. The Peer-to-Peer (P2P) streaming architecture has been a viable solution with various deployed systems to date. The system only requires a modest amount of bandwidth from the streaming source, since users (or peers) contribute their bandwidth to disseminate video streams. To enable this, the system interconnects peers into an overlay. However, churn–meaning the leaving and failing of peers–can break the overlay, making peers unable to receive the stream. More severely, an adversary aiming to sabotage the system can attack relevant nodes on the overlay, disrupting the stream delivery. To construct an overlay robust to churn, pull-based P2P streaming systems use a mesh topology to provide each peer with multiple paths to the source. Peers regularly request video chunks from their partners in the overlay. Therefore, even if some partners are suddenly absent, due to churn, a peer still can request chunks from its remaining partners. To enable this, peers periodically exchange buffer maps, small packets containing the availability information of peers’ video buffers. To reduce latency and overhead caused by the periodic buffer map exchange and chunk requests, hybrid systems have been proposed. A hybrid system bootstraps from a pull-based one and gradually forms a tree backbone consisting of a small subset of peers to deliver chunks without requests. Unfortunately, both pull-based and hybrid systems lack measures to mitigate Denial-of-Service (DoS) attacks on head nodes (or the source’s partners). More critically, they can be identified accurately by inferring exchanged buffer maps. Furthermore, hybrid systems are vulnerable to DoS attacks on their backbones. Since DoS attacks can badly affect both pull-based and hybrid systems, we introduce three countermeasures. First, we develop the striping scheme to mitigate DoS attacks targeting head nodes. The scheme enforces peers to diversify their chunk requests. Second, to prevent attackers from identifying head nodes, we develop the SWAP scheme, which enforces peers to proactively change their partners. Third, we develop RBCS, a resilient backbone, to mitigate DoS attacks on hybrid systems. Since a simulator for a fair evaluation is unavailable so far, we develop OSSim, a general-purpose simulation framework for P2P video streaming. Furthermore, we develop several attacker models and novel resilience metrics in OSSim. Extensive simulation studies show that the developed schemes significantly improve the resilient of pull-based and hybrid systems to both churn and DoS attacks

Hoverlay : a peer-to-peer system for on demand sharing of capacity across network applications

EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Hoverlay : a peer-to-peer system for on demand sharing of capacity across network applications

EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Empirical and Analytical Perspectives on the Robustness of Blockchain-related Peer-to-Peer Networks

Die Erfindung von Bitcoin hat ein großes Interesse an dezentralen Systemen geweckt. Eine häufige Zuschreibung an dezentrale Systeme ist dabei, dass eine Dezentralisierung automatisch zu einer höheren Sicherheit und Widerstandsfähigkeit gegenüber Angriffen führt. Diese Dissertation widmet sich dieser Zuschreibung, indem untersucht wird, ob dezentralisierte Anwendungen tatsächlich so robust sind. Dafür werden exemplarisch drei Systeme untersucht, die häufig als Komponenten in komplexen Blockchain-Anwendungen benutzt werden: Ethereum als Infrastruktur, IPFS zur verteilten Datenspeicherung und schließlich "Stablecoins" als Tokens mit Wertstabilität. Die Sicherheit und Robustheit dieser einzelnen Komponenten bestimmt maßgeblich die Sicherheit des Gesamtsystems in dem sie verwendet werden; darüber hinaus erlaubt der Fokus auf Komponenten Schlussfolgerungen über individuelle Anwendungen hinaus. Für die entsprechende Analyse bedient sich diese Arbeit einer empirisch motivierten, meist Netzwerklayer-basierten Perspektive -- angereichert mit einer ökonomischen im Kontext von Wertstabilen Tokens. Dieses empirische Verständnis ermöglicht es Aussagen über die inhärenten Eigenschaften der studierten Systeme zu treffen. Ein zentrales Ergebnis dieser Arbeit ist die Entdeckung und Demonstration einer "Eclipse-Attack" auf das Ethereum Overlay. Mittels eines solchen Angriffs kann ein Angreifer die Verbreitung von Transaktionen und Blöcken behindern und Netzwerkteilnehmer aus dem Overlay ausschließen. Des weiteren wird das IPFS-Netzwerk umfassend analysiert und kartografiert mithilfe (1) systematischer Crawls der DHT sowie (2) des Mitschneidens von Anfragenachrichten für Daten. Erkenntlich wird hierbei, dass die hybride Overlay-Struktur von IPFS Segen und Fluch zugleich ist, da das Gesamtsystem zwar robust gegen Angriffe ist, gleichzeitig aber eine umfassende Überwachung der Netzwerkteilnehmer ermöglicht wird. Im Rahmen der wertstabilen Kryptowährungen wird ein Klassifikations-Framework vorgestellt und auf aktuelle Entwicklungen im Gebiet der "Stablecoins" angewandt. Mit diesem Framework wird somit (1) der aktuelle Zustand der Stablecoin-Landschaft sortiert und (2) ein Mittel zur Verfügung gestellt, um auch zukünftige Designs einzuordnen und zu verstehen.The inception of Bitcoin has sparked a large interest in decentralized systems. In particular, popular narratives imply that decentralization automatically leads to a high security and resilience against attacks, even against powerful adversaries. In this thesis, we investigate whether these ascriptions are appropriate and if decentralized applications are as robust as they are made out to be. To this end, we exemplarily analyze three widely-used systems that function as building blocks for blockchain applications: Ethereum as basic infrastructure, IPFS for distributed storage and lastly "stablecoins" as tokens with a stable value. As reoccurring building blocks for decentralized applications these examples significantly determine the security and resilience of the overall application. Furthermore, focusing on these building blocks allows us to look past individual applications and focus on inherent systemic properties. The analysis is driven by a strong empirical, mostly network-layer based perspective; enriched with an economic point of view in the context of monetary stabilization. The resulting practical understanding allows us to delve into the systems' inherent properties. The fundamental results of this thesis include the demonstration of a network-layer Eclipse attack on the Ethereum overlay which can be leveraged to impede the delivery of transaction and blocks with dire consequences for applications built on top of Ethereum. Furthermore, we extensively map the IPFS network through (1) systematic crawling of its DHT, as well as (2) monitoring content requests. We show that while IPFS' hybrid overlay structure renders it quite robust against attacks, this virtue of the overlay is simultaneously a curse, as it allows for extensive monitoring of participating peers and the data they request. Lastly, we exchange the network-layer perspective for a mostly economic one in the context of monetary stabilization. We present a classification framework to (1) map out the stablecoin landscape and (2) provide means to pigeon-hole future system designs. With our work we not only scrutinize ascriptions attributed to decentral technologies; we also reached out to IPFS and Ethereum developers to discuss results and remedy potential attack vectors

Abstracts: HASTAC 2017: The Possible Worlds of Digital Humanities

The document contains abstracts for HASTAC 2017

An Investigation into Trust and Reputation Frameworks for Autonomous Underwater Vehicles

As Autonomous Underwater Vehicles (AUVs) become more technically capable and economically feasible, they are being increasingly used in a great many areas of defence, commercial and environmental applications. These applications are tending towards using independent, autonomous, ad-hoc, collaborative behaviour of teams or fleets of these AUV platforms. This convergence of research experiences in the Underwater Acoustic Network (UAN) and Mobile Ad-hoc Network (MANET) fields, along with the increasing Level of Automation (LOA) of such platforms, creates unique challenges to secure the operation and communication of these networks. The question of security and reliability of operation in networked systems has usually been resolved by having a centralised coordinating agent to manage shared secrets and monitor for misbehaviour. However, in the sparse, noisy and constrained communications environment of UANs, the communications overheads and single-point-of-failure risk of this model is challenged (particularly when faced with capable attackers). As such, more lightweight, distributed, experience based systems of “Trust” have been proposed to dynamically model and evaluate the “trustworthiness” of nodes within a MANET across the network to prevent or isolate the impact of malicious, selfish, or faulty misbehaviour. Previously, these models have monitored actions purely within the communications domain. Moreover, the vast majority rely on only one type of observation (metric) to evaluate trust; successful packet forwarding. In these cases, motivated actors may use this limited scope of observation to either perform unfairly without repercussions in other domains/metrics, or to make another, fair, node appear to be operating unfairly. This thesis is primarily concerned with the use of terrestrial-MANET trust frameworks to the UAN space. Considering the massive theoretical and practical difference in the communications environment, these frameworks must be reassessed for suitability to the marine realm. We find that current single-metric Trust Management Frameworks (TMFs) do not perform well in a best-case scaling of the marine network, due to sparse and noisy observation metrics, and while basic multi-metric communications-only frameworks perform better than their single-metric forms, this performance is still not at a reliable level. We propose, demonstrate (through simulation) and integrate the use of physical observational metrics for trust assessment, in tandem with metrics from the communications realm, improving the safety, security, reliability and integrity of autonomous UANs. Three main novelties are demonstrated in this work: Trust evaluation using metrics from the physical domain (movement/distribution/etc.), demonstration of the failings of Communications-based Trust evaluation in sparse, noisy, delayful and non-linear UAN environments, and the deployment of trust assessment across multiple domains, e.g. the physical and communications domains. The latter contribution includes the generation and optimisation of cross-domain metric composition or“synthetic domains” as a performance improvement method