Attack-Resilient Multitree Data Distribution Topologies Sascha Grau 1 Technische Universit¨ at Ilmenau December 19th, 2012 1 This work was supported by the Deutsche Forschungsgemeinschaft under grant number KU 658/10-2. Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 1 / 18
Distribution Topologies Multi-Tree Data Distribution The Goal Data Reliable broadcast of data from a resource-restricted data source s to a large audience of nodes V = { 1 , . . . , n } = [ n ]. s The Approach s s each block of data is split into k subblocks, to be distributed over a fixed set of k trees redundant encoding (e.g. multiple description coding or error-correcting coding) is applied ⇒ nodes are satisfied as long as they receive data in at least a certain share of trees The Applications peer-to-peer live streaming systems reversed data flow: data aggregation tasks Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 2 / 18
Distribution Topologies Multi-Tree Data Distribution The Goal Data Reliable broadcast of data from a resource-restricted data source s to a large audience of nodes V = { 1 , . . . , n } = [ n ]. s The Approach s s each block of data is split into k subblocks, to be distributed over a fixed set of k trees redundant encoding (e.g. multiple description coding or error-correcting coding) is applied ⇒ nodes are satisfied as long as they receive data in at least a certain share of trees The Applications peer-to-peer live streaming systems reversed data flow: data aggregation tasks Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 2 / 18
Distribution Topologies Multi-Tree Data Distribution Topologies Definition (Distribution Topology) A distribution topology with k trees over nodes V is a k -tuple T = ( T 1 , . . . , T k ) of directed trees. For each i ∈ [ k ], the tree T i has the same root s �∈ V and node set { s } ∪ V . s s s Restrictions on Communication possible tree edges { ( u , v ) | u ∈ { s } ∪ V , v ∈ V \ { u }} nodes can have degree-restrictions here : only source is restricted The class T ( n , C , k ) is the set of distribution topologies with k trees over node set [ n ], in which source s has at most Ck incident edges ( C ∈ N ). Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 3 / 18
Distribution Topologies Multi-Tree Data Distribution Topologies Definition (Distribution Topology) A distribution topology with k trees over nodes V is a k -tuple T = ( T 1 , . . . , T k ) of directed trees. For each i ∈ [ k ], the tree T i has the same root s �∈ V and node set { s } ∪ V . s s s Restrictions on Communication possible tree edges { ( u , v ) | u ∈ { s } ∪ V , v ∈ V \ { u }} nodes can have degree-restrictions here : only source is restricted The class T ( n , C , k ) is the set of distribution topologies with k trees over node set [ n ], in which source s has at most Ck incident edges ( C ∈ N ). Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 3 / 18
Distribution Topologies Stable Multi-Tree Distribution Topologies Attacks ... suddenly remove a set of nodes from all trees. are maliciously planned to maximize damage (worst-case model). T 1 T 2 T 3 s s s 3 1 2 5 6 7 2 7 2 5 4 1 6 7 1 3 5 6 3 4 4 Prior Work: damage = number of disturbed source-to-node paths Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 4 / 18
Distribution Topologies Stable Multi-Tree Distribution Topologies Attacks ... suddenly remove a set of nodes from all trees. are maliciously planned to maximize damage (worst-case model). T 1 T 2 T 3 s s s 3 1 2 5 6 7 2 7 2 5 4 1 6 7 1 3 5 6 3 4 4 Prior Work: damage = number of disturbed source-to-node paths Nice, but user-centered notion of damage is more relevant in applications. Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 4 / 18
Distribution Topologies A User-Centered Measure of Damage distribution topology T ∈ T ( n , C , k ) Given: quality threshold z ∈ [ k ] (depending on redundancy in data encoding) set X ⊆ [ n ] of removed nodes Damage b T ( X , z ) T 3 T 2 T 4 Number of nodes not satisfied , i.e., reachable from the T 1 T 5 source in at most k − z of the k trees. v T 1 T 2 T 3 s s s X = { 2 , 5 , 7 } 3 1 2 5 6 7 2 b T ( X , 2) = 6 7 2 5 4 1 6 7 1 3 5 6 3 4 4 Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 5 / 18
Attack-Resilience and Forward-Stability Attack-Resilient Distribution Topologies Goal Determine topologies in T ( n , C , k ), that minimize the maximum possible damage for all attack sizes and quality thresholds. Definition (Attack-Resilient Distribution Topology) A topology T ∈ T ( n , C , k ) is called attack-resilient , if it holds that b T ( X , z ) ≤ max b C ( X , z ) . ∀ x ∈ [ n ] , ∀ z ∈ [ k ] , ∀C ∈ T ( n , C , k ): max X ⊆ V X ⊆ V | X | = x | X | = x Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 6 / 18
Attack-Resilience and Forward-Stability Attack-Resilient Distribution Topologies Goal Determine topologies in T ( n , C , k ), that minimize the maximum possible damage for all attack sizes and quality thresholds. Definition (Attack-Resilient Distribution Topology) A topology T ∈ T ( n , C , k ) is called attack-resilient , if it holds that b T ( X , z ) ≤ max b C ( X , z ) . ∀ x ∈ [ n ] , ∀ z ∈ [ k ] , ∀C ∈ T ( n , C , k ): max X ⊆ V X ⊆ V | X | = x | X | = x Problem: direct analysis is hard Trick: study topologies optimizing a highly similar damage measure Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 6 / 18
Attack-Resilience and Forward-Stability Forward-Damage Forward-Damage bf T ( X , z ) highly similar to damage measure b T ( X , z ) Difference : some directly attacked nodes possibly not counted as damage Consequence : b T ( X , z ) and bf T ( X , z ) differ by at most | X | s s s b T ( { 3 , 4 , 5 } , 2) = 5 3 1 2 5 6 7 2 bf T ( { 3 , 4 , 5 } , 2) = 3 7 2 5 4 1 6 7 1 3 5 6 3 4 4 Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 7 / 18
Attack-Resilience and Forward-Stability Forward-Damage Forward-Damage bf T ( X , z ) highly similar to damage measure b T ( X , z ) Difference : some directly attacked nodes possibly not counted as damage Consequence : b T ( X , z ) and bf T ( X , z ) differ by at most | X | s s s b T ( { 3 , 4 , 5 } , 2) = 5 3 1 2 5 6 7 2 bf T ( { 3 , 4 , 5 } , 2) = 3 7 2 5 4 1 6 7 1 3 5 6 3 4 4 Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 7 / 18
Attack-Resilience and Forward-Stability Dominance of Forward-Damage For growing numbers of nodes in a topology (application-relevant cases), the worst-case forward-damage dominates the worst-case damage. Theorem For all T ∈ T ( n , C , k ) , z ∈ [ k ], and x ∈ [ n ], it holds that bf T ( X , z ) b T ( X , z ) bf T ( X , z ) + min( Cz − 1 , x ) . max ≤ max ≤ max X ⊆ V X ⊆ V X ⊆ V | X | = x | X | = x | X | = x Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 8 / 18
Attack-Resilience and Forward-Stability Dominance of Forward-Damage For growing numbers of nodes in a topology (application-relevant cases), the worst-case forward-damage dominates the worst-case damage. Theorem For all T ∈ T ( n , C , k ) , z ∈ [ k ], and x ∈ [ n ], it holds that bf T ( X , z ) b T ( X , z ) bf T ( X , z ) + min( Cz − 1 , x ) . max ≤ max ≤ max X ⊆ V X ⊆ V X ⊆ V | X | = x | X | = x | X | = x Distribution topologies that minimize forward-damage are: easier to analyze, give a good approximation of attack-resilient topologies for n ≫ Ck . Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 8 / 18
Attack-Resilience and Forward-Stability Restricted Attacks Notions (all heads of T i : H T “ v is head in T i ”: v is adjacent to s in T i i ) “ v is forwarding in T i ”: v is head of or has children in T i Definition ( t -restricted Attack) An attack X is called t-restricted , if there is I ⊆ [ k ], | I | = t , such that every node v ∈ X is forwarding either in a tree T i with i ∈ I or in no tree at all. All t -restricted attacks on topology T constitute the set χ ( T , t ). Special case: all nodes in X together are forwarding in at most t trees s s s 3 1 2 5 6 7 2 7 2 5 4 1 6 7 1 3 5 6 3 4 4 Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 9 / 18
Attack-Resilience and Forward-Stability Restricted Attacks Notions (all heads of T i : H T “ v is head in T i ”: v is adjacent to s in T i i ) “ v is forwarding in T i ”: v is head of or has children in T i Definition ( t -restricted Attack) An attack X is called t-restricted , if there is I ⊆ [ k ], | I | = t , such that every node v ∈ X is forwarding either in a tree T i with i ∈ I or in no tree at all. All t -restricted attacks on topology T constitute the set χ ( T , t ). Special case: all nodes in X together are forwarding in at most t trees s s s { 2 , 3 , 6 } �∈ χ ( T , 2) 3 1 2 5 6 7 2 { 2 , 3 , 4 } ∈ χ ( T , 2) 7 2 5 4 1 6 7 1 3 5 6 3 4 4 Sascha Grau (TU Ilmenau) Multitree Data Distribution Topologies December 19th, 2012 9 / 18
Recommend
More recommend
![Rafael Pass Based on [P-Seeman-Shelat] and [P-Shi] Traditional distributed systems: The](https://c.sambuz.com/859002/rafael-pass-s.jpg)
