Towards Stabilization of Distributed Systems under Denial-of-Service

In this paper, we consider networked distributed systems in the presence of Denial-of-Service (DoS) attacks, namely attacks that prevent transmissions over the communication network. First, we consider a simple and typical scenario where communication sequence is purely Round-robin and we explicitly calculate a bound of attack frequency and duration, under which the interconnected large-scale system is asymptotically stable. Second, trading-off system resilience and communication load, we design a hybrid transmission strategy consisting of Zeno-free distributed event-triggered control and Round-robin. We show that with lower communication loads, the hybrid communication strategy enables the systems to have the same resilience as in pure Round-robin

Octopus: A Secure and Anonymous DHT Lookup

Distributed Hash Table (DHT) lookup is a core technique in structured peer-to-peer (P2P) networks. Its decentralized nature introduces security and privacy vulnerabilities for applications built on top of them; we thus set out to design a lookup mechanism achieving both security and anonymity, heretofore an open problem. We present Octopus, a novel DHT lookup which provides strong guarantees for both security and anonymity. Octopus uses attacker identification mechanisms to discover and remove malicious nodes, severely limiting an adversary's ability to carry out active attacks, and splits lookup queries over separate anonymous paths and introduces dummy queries to achieve high levels of anonymity. We analyze the security of Octopus by developing an event-based simulator to show that the attacker discovery mechanisms can rapidly identify malicious nodes with low error rate. We calculate the anonymity of Octopus using probabilistic modeling and show that Octopus can achieve near-optimal anonymity. We evaluate Octopus's efficiency on Planetlab with 207 nodes and show that Octopus has reasonable lookup latency and manageable communication overhead

Control over adversarial packet-dropping communication networks revisited

We revisit a one-step control problem over an adversarial packet-dropping link. The link is modeled as a set of binary channels controlled by a strategic jammer whose intention is to wage a `denial of service' attack on the plant by choosing a most damaging channel-switching strategy. The paper introduces a class of zero-sum games between the jammer and controller as a scenario for such attack, and derives necessary and sufficient conditions for these games to have a nontrivial saddle-point equilibrium. At this equilibrium, the jammer's optimal policy is to randomize in a region of the plant's state space, thus requiring the controller to undertake a nontrivial response which is different from what one would expect in a standard stochastic control problem over a packet dropping channel.Comment: This paper has been accepted for presentation at the 2014 American Control Conference, Portland, Orego

Questions related to Bitcoin and other Informational Money

A collection of questions about Bitcoin and its hypothetical relatives Bitguilder and Bitpenny is formulated. These questions concern technical issues about protocols, security issues, issues about the formalizations of informational monies in various contexts, and issues about forms of use and misuse. Some questions are formulated in the more general setting of informational monies and near-monies. We also formulate questions about legal, psychological, and ethical aspects of informational money. Finally we formulate a number of questions concerning the economical merits of and outlooks for Bitcoin.Comment: 31 pages. In v2 the section on patterns for use and misuse has been improved and expanded with so-called contaminations. Other small improvements were made and 13 additional references have been include

Resilient Control Under Denial-of-Service:Results and Research Directions

The question of security is becoming central for the current generation of engineering systems which more and more rely on networks to support monitoring and control tasks. This chapter addresses the question of designing network control systems that are resilient to Denial-of-Service, that is to phenomena which render a communication network unavailable to use. We review recent results in this area and discuss some of the research challenges.</p