Evaluating Connection Resilience for the Overlay Network Kademlia

Kademlia is a decentralized overlay network, up to now mainly used for highly scalable file sharing applications. Due to its distributed nature, it is free from single points of failure. Communication can happen over redundant network paths, which makes information distribution with Kademlia resilient against failing nodes and attacks. This makes it applicable to more scenarios than Internet file sharing. In this paper, we simulate Kademlia networks with varying parameters and analyze the number of node-disjoint paths in the network, and thereby the network connectivity. A high network connectivity is required for communication and system-wide adaptation even when some nodes or communication channels fail or get compromised by an attacker. With our results, we show the influence of these parameters on the connectivity and, therefore, the resilience against failing nodes and communication channels.Comment: 12 pages, 14 figures, accepted to ICDCS2017. arXiv admin note: substantial text overlap with arXiv:1605.0800

X-Vine: Secure and Pseudonymous Routing Using Social Networks

Distributed hash tables suffer from several security and privacy vulnerabilities, including the problem of Sybil attacks. Existing social network-based solutions to mitigate the Sybil attacks in DHT routing have a high state requirement and do not provide an adequate level of privacy. For instance, such techniques require a user to reveal their social network contacts. We design X-Vine, a protection mechanism for distributed hash tables that operates entirely by communicating over social network links. As with traditional peer-to-peer systems, X-Vine provides robustness, scalability, and a platform for innovation. The use of social network links for communication helps protect participant privacy and adds a new dimension of trust absent from previous designs. X-Vine is resilient to denial of service via Sybil attacks, and in fact is the first Sybil defense that requires only a logarithmic amount of state per node, making it suitable for large-scale and dynamic settings. X-Vine also helps protect the privacy of users social network contacts and keeps their IP addresses hidden from those outside of their social circle, providing a basis for pseudonymous communication. We first evaluate our design with analysis and simulations, using several real world large-scale social networking topologies. We show that the constraints of X-Vine allow the insertion of only a logarithmic number of Sybil identities per attack edge; we show this mitigates the impact of malicious attacks while not affecting the performance of honest nodes. Moreover, our algorithms are efficient, maintain low stretch, and avoid hot spots in the network. We validate our design with a PlanetLab implementation and a Facebook plugin.Comment: 15 page

Backward Compatible Multi-Path Routing

This project studies the behaviour of multipath routing compared to single path routing in order to demonstrate the different benefits that multipath offers. For this purpose, it have been implemented routers that have 2 routing tables with the capability of storing in one these routing tables the primary next hop for a destination through the shortest path which is calculated by the Open Shortest Path First (OSPF) algorithm, as well as storing a secondary next hop calculated by the Ideal Multipath Routing Expedient (IMRE) algorithm in order to have different paths for the same destination. Besides matching on the destination address, the routers select between the primary and secondary tables based on the Time To Live (TTL) field of the IP header. The end-system can change the forwarding path immediately upon it senses the degradation of the current path by sending the packets with a different TTL value, without waiting for the slow convergence of OSPF to the changed topology. This multipath behaviour is measured for 3 different use cases. First use case measures the throughput and transmission time when transmitting a file in an ideal scenario where there are no other transmissions at the same time. Second use case performs the measurements for the same transmission as before but when there is a transmission that makes 2 links of the shortest path to be overloaded in order to check the load balancing capability of multipath routing. Finally, the third use case studies the behaviour of multipath routing when there is a failure in a link during the transmission and checks its failure resilience characteristic. Furthermore, I have studied the paths provided by the IMRE algorithm with a specific TTL match rule. I have demonstrated that in this architecture some TTLs might result in loops, hence, the set of available TTLs for the end-system has to be selected with care

Architectural Considerations for a Self-Configuring Routing Scheme for Spontaneous Networks

Decoupling the permanent identifier of a node from the node's topology-dependent address is a promising approach toward completely scalable self-organizing networks. A group of proposals that have adopted such an approach use the same structure to: address nodes, perform routing, and implement location service. In this way, the consistency of the routing protocol relies on the coherent sharing of the addressing space among all nodes in the network. Such proposals use a logical tree-like structure where routes in this space correspond to routes in the physical level. The advantage of tree-like spaces is that it allows for simple address assignment and management. Nevertheless, it has low route selection flexibility, which results in low routing performance and poor resilience to failures. In this paper, we propose to increase the number of paths using incomplete hypercubes. The design of more complex structures, like multi-dimensional Cartesian spaces, improves the resilience and routing performance due to the flexibility in route selection. We present a framework for using hypercubes to implement indirect routing. This framework allows to give a solution adapted to the dynamics of the network, providing a proactive and reactive routing protocols, our major contributions. We show that, contrary to traditional approaches, our proposal supports more dynamic networks and is more robust to node failures

Comprehending Kademlia Routing - A Theoretical Framework for the Hop Count Distribution

The family of Kademlia-type systems represents the most efficient and most widely deployed class of internet-scale distributed systems. Its success has caused plenty of large scale measurements and simulation studies, and several improvements have been introduced. Its character of parallel and non-deterministic lookups, however, so far has prevented any concise formal analysis. This paper introduces the first comprehensive formal model of the routing of the entire family of systems that is validated against previous measurements. It sheds light on the overall hop distribution and lookup delays of the different variations of the original protocol. It additionally shows that several of the recent improvements to the protocol in fact have been counter-productive and identifies preferable designs with regard to routing overhead and resilience.Comment: 12 pages, 6 figure