Distributed Quota Enforcement for Spam Control Jee Whan Choi Chaoting Xuan.

Slides:

Advertisements

Similar presentations

Security in Sensor Networks By : Rohin Sethi Aranika Mahajan Twisha Patel.

Advertisements

CS3771 Today: deadlock detection and election algorithms  Previous class Event ordering in distributed systems Various approaches for Mutual Exclusion.

P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.

SPORC: Group Collaboration using Untrusted Cloud Resources Ariel J. Feldman, William P. Zeller, Michael J. Freedman, Edward W. Felten Published in OSDI’2010.

Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.

1 The Case for Byzantine Fault Detection. 2 Challenge: Byzantine faults Distributed systems are subject to a variety of failures and attacks Hacker break-in.

Kademlia: A Peer-to-peer Information System Based on the XOR Metric Petar Mayamounkov David Mazières A few slides are taken from the authors’ original.

The Google File System Authors : Sanjay Ghemawat, Howard Gobioff, Shun-Tak Leung Presentation by: Vijay Kumar Chalasani 1CS5204 – Operating Systems.

Serverless Network File Systems. Network File Systems Allow sharing among independent file systems in a transparent manner Mounting a remote directory.

Page 1 Mutual Exclusion* Distributed Systems *referred to slides by Prof. Paul Krzyzanowski at Rutgers University and Prof. Mary Ellen Weisskopf at University.

Samsara: Honor Among Thieves in Peer-to-Peer Storage Landon P. Cox and Brian D. Noble University of Michigan.

CompSci 356: Computer Network Architectures Lecture 21: Content Distribution Chapter 9.4 Xiaowei Yang

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

Scaling Distributed Machine Learning with the BASED ON THE PAPER AND PRESENTATION: SCALING DISTRIBUTED MACHINE LEARNING WITH THE PARAMETER SERVER – GOOGLE,

Fast Filter Updates for Packet Classification using TCAM Authors: Haoyu Song, Jonathan Turner. Publisher: GLOBECOM 2006, IEEE Present: Chen-Yu Lin Date:

Peer to Peer File Sharing Huseyin Ozgur TAN. What is Peer-to-Peer?  Every node is designed to(but may not by user choice) provide some service that helps.

Intelligent Storage Project Keqiang Wu October 05, 2002.

The Google File System. Why? Google has lots of data –Cannot fit in traditional file system –Spans hundreds (thousands) of servers connected to (tens.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Mitigating Bandwidth- Exhaustion Attacks using Congestion Puzzles XiaoFeng Wang Michael K. Reiter.

بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

Lower and Upper Bounds on Obtaining History Independence Niv Buchbinder and Erez Petrank Technion, Israel.

On The Cryptographic Applications of Random Functions Oded Goldreich Shafi Goldwasser Silvio Micali Advances in Cryptology-CRYPTO ‘ 84 報告人 : 陳昱升.

Aleksandar Kuzmanovic & Edward W. Knightly A Performance vs. Trust Perspective in the Design of End-Point Congestion Control Protocols.

Protecting Free Expression Online with Freenet Presented by Ho Tsz Kin I. Clarke, T. W. Hong, S. G. Miller, O. Sandberg, and B. Wiley 14/08/2003.

Secure routing for structured peer-to-peer overlay networks (by Castro et al.) Shariq Rizvi CS 294-4: Peer-to-Peer Systems.

1 The Sybil Attack John R. Douceur Microsoft Research Presented for Cs294-4 by Benjamin Poon.

Database Systems: Design, Implementation, and Management Eighth Edition Chapter 11 Database Performance Tuning and Query Optimization.

Searching in Unstructured Networks Joining Theory with P-P2P.

Wide-area cooperative storage with CFS

 Structured peer to peer overlay networks are resilient – but not secure.  Even a small fraction of malicious nodes may result in failure of correct.

Presented by: Alvaro Llanos E.  Motivation and Overview  Frangipani Architecture overview  Similar DFS  PETAL: Distributed virtual disks ◦ Overview.

SPORC: Group Collaboration using Untrusted Cloud Resources OSDI 2010 Presented by Yu Chen.

Bigtable: A Distributed Storage System for Structured Data F. Chang, J. Dean, S. Ghemawat, W.C. Hsieh, D.A. Wallach M. Burrows, T. Chandra, A. Fikes, R.E.

FARSITE: Federated, Available, and Reliable Storage for an Incompletely Trusted Environment.

Survey of Peer to Peer Technologies Authors: Bratislav Milić, Jelena Krunić, Veljko Milutinović,

Chord & CFS Presenter: Gang ZhouNov. 11th, University of Virginia.

1 The Design of a Robust Peer-to-Peer System Gisik Kwon Dept. of Computer Science and Engineering Arizona State University Reference: SIGOPS European Workshop.

CS 162 Section Lecture 8. What happens when you issue a read() or write() request?

Secure Incremental Maintenance of Distributed Association Rules.

1 Configurable Security for Scavenged Storage Systems NetSysLab The University of British Columbia Abdullah Gharaibeh with: Samer Al-Kiswany, Matei Ripeanu.

1 The Design of a Robust Peer-to-Peer System Rodrigo Rodrigues, Barbara Liskov, Liuba Shrira Presented by Yi Chen Some slides are borrowed from the authors’

Authentication Applications Unit 6. Kerberos In Greek and Roman mythology, is a multi-headed (usually three-headed) dog, or "hellhound” with a serpent's.

Security Michael Foukarakis – 13/12/2004 A Survey of Peer-to-Peer Security Issues Dan S. Wallach Rice University,

HQ Replication: Efficient Quorum Agreement for Reliable Distributed Systems James Cowling 1, Daniel Myers 1, Barbara Liskov 1 Rodrigo Rodrigues 2, Liuba.

CS 5204 (FALL 2005)1 Leases: An Efficient Fault Tolerant Mechanism for Distributed File Cache Consistency Gray and Cheriton By Farid Merchant Date: 9/21/05.

Kerberos Named after a mythological three-headed dog that guards the underworld of Hades, Kerberos is a network authentication protocol that was designed.

A Scalable Content-Addressable Network (CAN) Seminar “Peer-to-peer Information Systems” Speaker Vladimir Eske Advisor Dr. Ralf Schenkel November 2003.

Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings.

From Viewstamped Replication to BFT Barbara Liskov MIT CSAIL November 2007.

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

Fast Crash Recovery in RAMCloud. Motivation The role of DRAM has been increasing – Facebook used 150TB of DRAM For 200TB of disk storage However, there.

Securing Passwords Against Dictionary Attacks Presented By Chad Frommeyer.

1 Secure Peer-to-Peer File Sharing Frans Kaashoek, David Karger, Robert Morris, Ion Stoica, Hari Balakrishnan MIT Laboratory.

New Client Puzzle Outsourcing Techniques for DoS Resistance Brent Waters, Stanford University Ari Juels, RSA Laboratories Alex Halderman, Princeton University.

1 MSRBot Web Crawler Dennis Fetterly Microsoft Research Silicon Valley Lab © Microsoft Corporation.

 Introduction  Architecture NameNode, DataNodes, HDFS Client, CheckpointNode, BackupNode, Snapshots  File I/O Operations and Replica Management File.

Distributed systems. distributed systems and protocols distributed systems: use components located at networked computers use message-passing to coordinate.

Bigtable: A Distributed Storage System for Structured Data

Large Scale Sharing Marco F. Duarte COMP 520: Distributed Systems September 19, 2004.

11.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 11 Message Integrity and Message Authentication.

GPFS: A Shared-Disk File System for Large Computing Clusters Frank Schmuck & Roger Haskin IBM Almaden Research Center.

RMTP-II Security Considerations Brian Whetten GlobalCast Communications.

Christian Scheideler Dept. of Computer Science

Impact of Neighbor Selection on Performance and Resilience of Structured P2P Networks Sushma Maramreddy.

Providing Secure Storage on the Internet

On-time Network On-chip

From Viewstamped Replication to BFT

Kademlia: A Peer-to-peer Information System Based on the XOR Metric

If my file system only has lots of big video files what block size do I want? Large (correct) Small.

Presentation transcript:

Distributed Quota Enforcement for Spam Control Jee Whan Choi Chaoting Xuan

Contents Introduction Distributed Quota Enforcement (DQE) DQE Architecture Enforcer Design Evaluation Conclusions

Introduction SPAM – Unsolicited Bulk – 50-70% of today is SPAM SPAM Filters – text scanning – Rate of false positive is approximately 1% – Economic damage estimated at 100’s of millions of dollars Distributed Quota Enforcement (DQE) – Quotas on the # of mails a sender can send

Distributed Quota Enforcement Design Objectives – Protocol No False Positives Untrusted Enforcer Privacy – Enforcer Scalability Fault Tolerance High Throughput Attack-Resiliency Mutually Untrusting Nodes

Architecture

Quota Allocation and Creation Quota Allocation – Quota allocated by select few globally trusted quota allocators (QA) Cs = { Spub, expiration time, quota }QApriv Stamp – Created by the sender Stamp = { Cs, {i,t}Spriv }

Stamp Cancellation Protocol

Protocol Objectives False Positives – Hash is unique and one way Untrusted Enforcer – Returns a proof of reuse (fingerprint) Privacy – Hash of the stamp is used instead of the stamp itself An adversary cannot cancel a victim’s stamp before it is created – Stamp contains Sender’s private key

Enforcer Comprises of thousands of untrusted storage nodes Enforcer stores the fingerprints of stamps cancelled in the current and previous epochs List of approved nodes are published by a trusted authority (Bunker) Node receiving the client’s request is called the portal for that request – A client can discover a portal via hard-coding or DNS

Enforcer Design

TEST – Local check – If not found, sequentially send request to other nodes (assigned-nodes) Assigned-nodes are determined by k and r independent hash functions, similar to Chord. r is configurable system parameter – If any node contains k’s value, return it, otherwise return “not found”

SET – Local store – Also store the value in a randomly chosen node from assigned-nodes

TEST and SET Algorithm

Stamp Reuse and Fault Tolerance False negative is possible. Byzantine faults and crash faults are the same – Outcome of adversarial nodes giving false negatives (not-found response) are the same a nodes not responding (crash fault) Depends on the parameters r and p – p – fraction of n total machines that fail during a 2 day cycle – Expected number of times a stamp is used before stamp’s fingerprint has been placed on a good node - 1/(1-2p)+p r *n – If we assume r = 1+log 1/p n, use = 1+3p = 1.3 for p = 0.1

Improvement of Fault Tolerance (our speculation) Randomly chose two or more nodes from the assigned nodes to store the (key, value) pair in the PUT algorithm. Increase the overall storage usage, but significantly i mprove the stamp reuse detection rate.

GET and PUT

GET and PUT (Continue) PUTs are fast Crash recovery of previously cancelled keys Key-value pairs are small in size “Not Found” answers are almost always fast “Found” answers are slow

Avoiding Distributed Livelock Distributed Pipeline: 1. TEST/SET requests from clients. 2. GET/PUT requests from other enforcer no des. 3. GET/PUT responses. Drop the beginning of a pipeline to maximize throughput.

Resource Exhaustion Attacks Attacks: flood of spurious TEST/SET requests. Assumption: Attackers (or zombies they control) have some bandwidth limit. Solution: Max out attackers’ bandwith by requiring large size or multiple copies of TEST/SET packets.

Performance Evaluation

Performance Evaluation (Continue) Enforcer Size billion s daily 2. 65% spam billion disk seeks / day (pessimistic) disk seeks/second/node seconds/day 1881 nodes (3GHz CPU, 1G RAM, 3 Mbits/ sec Bandwith)

Performance Evaluation (Continue)

Question ?