11,999 research outputs found
X-Vine: Secure and Pseudonymous Routing Using Social Networks
Distributed hash tables suffer from several security and privacy
vulnerabilities, including the problem of Sybil attacks. Existing social
network-based solutions to mitigate the Sybil attacks in DHT routing have a
high state requirement and do not provide an adequate level of privacy. For
instance, such techniques require a user to reveal their social network
contacts. We design X-Vine, a protection mechanism for distributed hash tables
that operates entirely by communicating over social network links. As with
traditional peer-to-peer systems, X-Vine provides robustness, scalability, and
a platform for innovation. The use of social network links for communication
helps protect participant privacy and adds a new dimension of trust absent from
previous designs. X-Vine is resilient to denial of service via Sybil attacks,
and in fact is the first Sybil defense that requires only a logarithmic amount
of state per node, making it suitable for large-scale and dynamic settings.
X-Vine also helps protect the privacy of users social network contacts and
keeps their IP addresses hidden from those outside of their social circle,
providing a basis for pseudonymous communication. We first evaluate our design
with analysis and simulations, using several real world large-scale social
networking topologies. We show that the constraints of X-Vine allow the
insertion of only a logarithmic number of Sybil identities per attack edge; we
show this mitigates the impact of malicious attacks while not affecting the
performance of honest nodes. Moreover, our algorithms are efficient, maintain
low stretch, and avoid hot spots in the network. We validate our design with a
PlanetLab implementation and a Facebook plugin.Comment: 15 page
End-to-end QoE optimization through overlay network deployment
In this paper an overlay network for end-to-end QoE management is presented. The goal of this infrastructure is QoE optimization by routing around failures in the IP network and optimizing the bandwidth usage on the last mile to the client. The overlay network consists of components that are located both in the core and at the edge of the network. A number of overlay servers perform end-to-end QoS monitoring and maintain an overlay topology, allowing them to route around link failures and congestion. Overlay access components situated at the edge of the network are responsible for determining whether packets are sent to the overlay network, while proxy components manage the bandwidth on the last mile. This paper gives a detailed overview of the end-to-end architecture together with representative experimental results which comprehensively demonstrate the overlay network's ability to optimize the QoE
Cognitive Connectivity Resilience in Multi-layer Remotely Deployed Mobile Internet of Things
Enabling the Internet of things in remote areas without traditional
communication infrastructure requires a multi-layer network architecture. The
devices in the overlay network are required to provide coverage to the underlay
devices as well as to remain connected to other overlay devices. The
coordination, planning, and design of such two-layer heterogeneous networks is
an important problem to address. Moreover, the mobility of the nodes and their
vulnerability to adversaries pose new challenges to the connectivity. For
instance, the connectivity of devices can be affected by changes in the
network, e.g., the mobility of the underlay devices or the unavailability of
overlay devices due to failure or adversarial attacks. To this end, this work
proposes a feedback based adaptive, self-configurable, and resilient framework
for the overlay network that cognitively adapts to the changes in the network
to provide reliable connectivity between spatially dispersed smart devices. Our
results show that if sufficient overlay devices are available, the framework
leads to a connected configuration that ensures a high coverage of the mobile
underlay network. Moreover, the framework can actively reconfigure itself in
the event of varying levels of device failure.Comment: To appear in IEEE Global Communications Conference (Globecom 2017
Recommended from our members
Dynamic virtual private network provisioning from multiple cloud infrastructure service providers
The Cloud infrastructure service providers currently provision basic virtualized computing resources as on demand and dynamic services but there is no common framework in existence that allows the seamless provisioning of even these basic services across multiple cloud service providers, although this is not due to any inherent incompatibility or proprietary nature of the foundation technologies on which these cloud platforms are built. We present a solution idea which aims to provide a dynamic and service oriented provisioning of secure virtual private networks on top of multiple cloud infrastructure service providers. This solution leverages the benefits of peer to peer overlay networks, i.e., the flexibility and scalability to handle the churn of nodes joining and leaving the VPNs and can adapt the topology of the VPN as per the requirements of the applications utilizing its intercloud secure communication framework
Self-Healing Protocols for Connectivity Maintenance in Unstructured Overlays
In this paper, we discuss on the use of self-organizing protocols to improve
the reliability of dynamic Peer-to-Peer (P2P) overlay networks. Two similar
approaches are studied, which are based on local knowledge of the nodes' 2nd
neighborhood. The first scheme is a simple protocol requiring interactions
among nodes and their direct neighbors. The second scheme adds a check on the
Edge Clustering Coefficient (ECC), a local measure that allows determining
edges connecting different clusters in the network. The performed simulation
assessment evaluates these protocols over uniform networks, clustered networks
and scale-free networks. Different failure modes are considered. Results
demonstrate the effectiveness of the proposal.Comment: The paper has been accepted to the journal Peer-to-Peer Networking
and Applications. The final publication is available at Springer via
http://dx.doi.org/10.1007/s12083-015-0384-
Handling Network Partitions and Mergers in Structured Overlay Networks
Structured overlay networks form a major class of peer-to-peer systems, which are touted for their abilities to
scale, tolerate failures, and self-manage. Any long-lived
Internet-scale distributed system is destined to face network partitions. Although the problem of network partitions
and mergers is highly related to fault-tolerance and
self-management in large-scale systems, it has hardly been
studied in the context of structured peer-to-peer systems.
These systems have mainly been studied under churn (frequent
joins/failures), which as a side effect solves the problem
of network partitions, as it is similar to massive node
failures. Yet, the crucial aspect of network mergers has been
ignored. In fact, it has been claimed that ring-based structured
overlay networks, which constitute the majority of the
structured overlays, are intrinsically ill-suited for merging
rings. In this paper, we present an algorithm for merging
multiple similar ring-based overlays when the underlying
network merges. We examine the solution in dynamic conditions,
showing how our solution is resilient to churn during
the merger, something widely believed to be difficult or
impossible. We evaluate the algorithm for various scenarios
and show that even when falsely detecting a merger, the
algorithm quickly terminates and does not clutter the network
with many messages. The algorithm is flexible as the
tradeoff between message complexity and time complexity
can be adjusted by a parameter
Recommended from our members
Secure communication using dynamic VPN provisioning in an Inter-Cloud environment
Most of the current cloud computing platforms offer Infrastructure as a Service (IaaS) model, which aims to provision basic virtualised computing resources as on-demand and dynamic services. Nevertheless, a single cloud does not have limitless resources to offer to its users, hence the notion of an Inter-Cloud enviroment where a cloud can use the infrastructure resources of other clouds. However, there is no common framework in existence that allows the srevice owners to seamlessly provision even some basic services across multiple cloud service providers, albeit not due to any inherent incompatibility or proprietary nature of the foundation technologies on which these cloud platforms are built. In this paper we present a novel solution which aims to cover a gap in a subsection of this problem domain. Our solution offer a security architecture that enables service owners to provision a dynamic and service-oriented secure virtual private network on top of multiple cloud IaaS providers. It does this by leveraging the scalability, robustness and flexibility of peer- to-peer overlay techniques to eliminate the manual configuration, key management and peer churn problems encountered in setting up the secure communication channels dynamically, between different components of a typical service that is deployed on multiple clouds. We present the implementation details of our solution as well as experimental results carried out on two commercial clouds
Shortcuts through Colocation Facilities
Network overlays, running on top of the existing Internet substrate, are of
perennial value to Internet end-users in the context of, e.g., real-time
applications. Such overlays can employ traffic relays to yield path latencies
lower than the direct paths, a phenomenon known as Triangle Inequality
Violation (TIV). Past studies identify the opportunities of reducing latency
using TIVs. However, they do not investigate the gains of strategically
selecting relays in Colocation Facilities (Colos). In this work, we answer the
following questions: (i) how Colo-hosted relays compare with other relays as
well as with the direct Internet, in terms of latency (RTT) reductions; (ii)
what are the best locations for placing the relays to yield these reductions.
To this end, we conduct a large-scale one-month measurement of inter-domain
paths between RIPE Atlas (RA) nodes as endpoints, located at eyeball networks.
We employ as relays Planetlab nodes, other RA nodes, and machines in Colos. We
examine the RTTs of the overlay paths obtained via the selected relays, as well
as the direct paths. We find that Colo-based relays perform the best and can
achieve latency reductions against direct paths, ranging from a few to 100s of
milliseconds, in 76% of the total cases; 75% (58% of total cases) of these
reductions require only 10 relays in 6 large Colos.Comment: In Proceedings of the ACM Internet Measurement Conference (IMC '17),
London, GB, 201
- …