Securing Internet Coordinate Embedding Systems
This paper addresses the issue of the security of Internet Coordinate Systems, by proposing a general method for malicious behavior detection during coordinate computations. We first show that the dynamics of a node, in a coordinate system without abnormal or malicious behavior, can be modeled by a Linear State Space model and tracked by a Kalman filter. Then we show that the obtained model can be generalized in the sense that the parameters of a filter calibrated at a node can be used effectively to model and predict the dynamic behavior at another node, as long as the two nodes are not too far apart in the network. This leads to the proposal of a Surveyor infrastructure: Surveyor nodes are trusted, honest nodes that use each other exclusively to position themselves in the coordinate space, and are therefore immune to malicious behavior in the system. During their own coordinate embedding, other nodes can then use the filter parameters of a nearby Surveyor as a representation of normal, clean system behavior to detect and filter out abnormal or malicious activity. A combination of simulations and Planet- Lab experiments are used to demonstrate the validity, generality, and effectiveness of the proposed approach for two representative coordinate embedding systems, namely Vivaldi and NPS.
| Attachment | Size |
|---|---|
| fp253-kaafar.pdf | 1.52 MB |
related problems in securing decentralised services
This is a very nice piece of work and well motivated and executed and evaluated - one comment though is that securing coordinates in space is very similar to securing distributed time services - there was a large body of work on securing NTP (and other services like it) 15 years ago - attacks on clocks can be used to undermine transaction services, so there are soem strong motivations to carry them out - the techniques used in NTP to select and filter out bad chimers are not so very different - see dave mills work on NTP for some papers