HSkip+: A Self-Stabilizing Overlay Network for Nodes with Heterogeneous Bandwidths

In this paper we present and analyze HSkip+, a self-stabilizing overlay network for nodes with arbitrary heterogeneous bandwidths. HSkip+ has the same topology as the Skip+ graph proposed by Jacob et al. [PODC 2009] but its self-stabilization mechanism significantly outperforms the self-stabilization mechanism proposed for Skip+. Also, the nodes are now ordered according to their bandwidths and not according to their identifiers. Various other solutions have already been proposed for overlay networks with heterogeneous bandwidths, but they are not self-stabilizing. In addition to HSkip+ being self-stabilizing, its performance is on par with the best previous bounds on the time and work for joining or leaving a network of peers of logarithmic diameter and degree and arbitrary bandwidths. Also, the dilation and congestion for routing messages is on par with the best previous bounds for such networks, so that HSkip+ combines the advantages of both worlds. Our theoretical investigations are backed by simulations demonstrating that HSkip+ is indeed performing much better than Skip+ and working correctly under high churn rates.Comment: This is a long version of a paper published by IEEE in the Proceedings of the 14-th IEEE International Conference on Peer-to-Peer Computin

Batched differentially private information retrieval

Private Information Retrieval (PIR) allows several clients to query a database held by one or more servers, such that the contents of their queries remain private. Prior PIR schemes have achieved sublinear communication and computation by leveraging computational assumptions, federating trust among many servers, relaxing security to permit differentially private leakage, refactoring effort into an offline stage to reduce online costs, or amortizing costs over a large batch of queries. In this work, we present an efficient PIR protocol that combines all of the above techniques to achieve constant amortized communication and computation complexity in the size of the database and constant client work. We leverage differentially private leakage in order to provide better trade-offs between privacy and efficiency. Our protocol achieves speed-ups up to and exceeding 10x in practical settings compared to state of the art PIR protocols, and can scale to batches with hundreds of millions of queries on cheap commodity AWS machines. Our protocol builds upon a new secret sharing scheme that is both incremental and non-malleable, which may be of interest to a wider audience. Our protocol provides security up to abort against malicious adversaries that can corrupt all but one party.1414119 - National Science Foundation; CNS-1718135 - National Science Foundation; CNS-1931714 - National Science Foundation; HR00112020021 - Department of Defense/DARPA; 000000000000000000000000000000000000000000000000000000037211 - SRI Internationalhttps://www.usenix.org/system/files/sec22-albab.pdfPublished versio

Uncovering product vulnerabilities with threat knowledge graphs

Threat modeling and security assessment rely on public information on products, vulnerabilities and weaknesses. So far, databases in these categories have rarely been analyzed in combination. Yet, doing so could help predict unreported vulnerabilities and identify common threat patterns. In this paper, we propose a methodology for producing and optimizing a knowledge graph that aggregates knowledge from common threat databases (CPE, CVE, and CWE). We apply the threat knowledge graph to predict associations between threat databases, specifically between products and vulnerabilities. We evaluate the prediction performance based on historical data, using precision, recall, and F1-score metrics. We demonstrate the ability of the threat knowledge graph to uncover many associations that are currently unknown but will be revealed in the future.CNS-1908087 - National Science Foundation; ECCS-2128517 - National Science Foundation; CCF-2006628 - National Science Foundation; CNS-1717858 - National Science FoundationAccepted manuscrip

FroDO: Friendly Routing Over Dunbar-based Overlays

Centralized Online Social Networks (OSNs) have become the main communication channel in both the personal and the business domain. A current trend for developing OSN services is towards the distribution of the social network infrastructure by using P2P architectures as basis for Distributed Online Social Networks (DOSNs). One of the main challenges of DOSNs comes from guaranteeing privacy and protection of private data. To ensure a certain level of trust, we propose a Dunbar-based approach applied to Pastry. Furthermore, we introduce goLLuM, a general solution, which overrides drawbacks of the previous solution and which can be used in structured and unstructured P2P networks. Our protocol enables to route messages via friendly nodes only, even if only few friends per node exist. By using synthetic models and real-data traces for the representation of friendship relationships we compare a baseline with a more refined algorithm and show the effectiveness of the latte