Locating Byzantine Attackers in I Intra-Session Network Coding using S i N k C di i SpaceMac pa Ma Anh Le, Athina Markopoulou University of California, Irvine
Byzantine (a.k.a. Pollution) Attacks Byzantine (a.k.a. Pollution) Attacks x 1 x 2 S S A A B B x x 1 x 1 x 2 x z z C z x 1 +z x 1 +z D x 1 +z D E E F F S Snowball Effect b ll Eff t Anh Le - UC Irvine - SpaceMac 2
Prior Byzantine Defense Mechanisms Prior Byzantine Defense Mechanisms Error Error Attack Attack Locating Locating Correction Detection Attackers - Error- - Extension of - Subspace correcting ti random linear NC d li NC properties ti Communications codes: use - Subspace redundancy properties -Homomorphic - Probabilistic crypto. Non-repudiation primitives: primitives: protocol protocol Cryptography H.Hash, H.Mac, H.Signature Anh Le - UC Irvine - SpaceMac 3
Prior Byzantine Defense Mechanisms Prior Byzantine Defense Mechanisms o Error Correction [Yeung and Cai, 2006], [Zhang, 2006], [Jaggi et al., 2007] o Attack Detection [Ho et al., 2008], [Kehdi and Li, 2009], [Gkantsidis and Rodriguez 2007] [Boneh et al 2009] [Agrawal and Boneh Rodriguez, 2007], [Boneh et al., 2009], [Agrawal and Boneh, 2009], [Li et al., 2010] o Locating Attackers L ti Att k [Jafarisiavoshani et al, 2008], [Wang et al., 2010] Anh Le - UC Irvine - SpaceMac 4
Our Proposal Our Proposal Error Error Error Error Attack Attack Attack Attack Locating Locating Locating Locating Correction Correction Detection Detection Attackers Attackers -Error- -Error- - Extension of - Extension of - Subspace - Subspace Subspace Subspace correcting correcting ti ti random linear NC random linear NC d d li li NC NC properties properties ti ti properties Communications Communications codes: use codes: use - Subspace - Subspace + redundancy redundancy properties (Null properties (Null SpaceMac for p keys) keys) keys) keys) expanding spaces -Homomorphic -Homomorphic - Probabilistic: - Probabilistic: + crypto. crypto. Non-repudiation Non-repudiation non ‐ repudiation primitives: primitives: primitives: primitives: protocol protocol protocol protocol Cryptography Cryptography protocol H.Hash, H.Mac, H.Hash, H.Mac, H.Signature H.Signature Anh Le - UC Irvine - SpaceMac 5
Outline Outline o Background and Motivation o Prior defense mechanisms o Error Correction o Attack Detection o Locating Attackers o Our proposal o Key Observation o SpaceMac p o Collusion Resistance o Evaluation Results o Concluding Remarks Anh Le - UC Irvine - SpaceMac 6
NC & Pollution: Background NC & Pollution Background o Augmentation b a S S v | global encoding vector | l b l n din t (0,1,0,1,0) (0 1 0 1 0) (0,0,1,0,1) o Source space A A B B space spanned by augmented d b d C vectors sent by source a+b a+b o Benign node send vectors (0 1 1 1 1) (0,1,1,1,1) (1 1 1 1 1) (1,1,1,1,1) belonging to source space D o Pollution attacker sends vectors not in source space E F Anh Le - UC Irvine - SpaceMac 7
Locating attackers with subspace properties … (Jafarisiavoshani et al., 2007) o When a polluted packet is o When a polluted packet is C detected: 1. Each node reports its incoming p g spaces to a controller j j 2 2. Controller classifies space C nt ll l ssifi s sp as polluted or not 3. Nodes initiating polluted edges i are identified as attackers h Anh Le - UC Irvine - SpaceMac 8
Example Example o Scenarios: o (1) the attacker lies o (2) the attacker is honest o Result: Attacker could be either A or B Anh Le - UC Irvine - SpaceMac 9
Another Example Another Example E and D are honest E and D are honest E and D lie E and D lie o Suspected nodes: A, B, C, D, E p Anh Le - UC Irvine - SpaceMac 10
Key observation Key observation o If every node cannot lie about its incoming o If every node cannot lie about its incoming space, … … then exact identification is possible then exact identification is possible Anh Le - UC Irvine - SpaceMac 11
Overview of Our Proposal Overview of Our Proposal o Child reports a random vector of each incoming space o Use message authentication code o Use message authentication code (MAC) to prevent child from lying. 1. A malicious child can’t compute a valid MAC tag for a vector out of his incoming space S SpaceMac 2. A benign child is able to compute a valid MAC tag for any vector in his incoming space Anh Le - UC Irvine - SpaceMac 12
Our Proposal Our Proposal o Assumptions Controller knows topology and source space • Reliable channels btw controller and nodes • Sh Shared symmetric keys d i k • o Pollution Detection o Pollution Detection In-network: Homomorphic MAC • [HomMac, RIPPLE] [ ] At receiver: application specific • e.g. by corrupted video frame b t d id f Anh Le - UC Irvine - SpaceMac 13
SpaceMac: Send and Report SpaceMac Send and Report o When j sends vectors, j j it sends SpaceMac tags generated it d S M t t d C using the shared key between j (v 1 , t 1 ) and the controller C … (v n , t n ) (y r , t r ) o When i reports, tag of the random i i reported vector is computed using p p g tags that j sends o SpaceMac allows for generating o SpaceMac allows for generating tag of any linear combination of v i ‘s but not vector out of span(v i ) Anh Le - UC Irvine - SpaceMac 14
SpaceMac: Construction SpaceMac Construction Anh Le - UC Irvine - SpaceMac 15
SpaceMac Attack Game SpaceMac: Attack Game o Adversary wins if: C t 1 y 1 … … t t p y y p o Results: Adversary wins with A prob at most 1/q prob at most 1/q ( y * , t * ) Anh Le - UC Irvine - SpaceMac 16
Expanding Space Expanding Space j C (v 1 , t 1 ) … (v n , t n ) (y r , t r ) o Note that span(v i ) expands over time i i Anh Le - UC Irvine - SpaceMac 17
Related Work: Agrawal and Boneh’ HomMac Anh Le - UC Irvine - SpaceMac 18
Related Work: RIPPLE [Li et. al, 2010] o Inner product MAC o Support nested MACs o Focus on in-network detection Anh Le - UC Irvine - SpaceMac 19
To prevent parents from lying … (W (Wang et al., 2010) t l 2010) o Non repudiation o Non-repudiation protocol: - to prevent j from sending invalid tags di i lid t Anh Le - UC Irvine - SpaceMac 20
SpaceMac: Illustrated SpaceMac Illustrated Controller Controller x 1 , t 1 x 2 , t 2 x 3 , t 3 x 4 , t 4 3 3 S S 4 4 A A B B x 1 , t 1 x 3 , t 3 x 2 , t 2 x 4 , t 4 C … x * , t * x 3 +x 4 , t 3 +t 4 Pollution detected! 3x 1 +x 3 , 3t 1 +t 3 x 2 +2x 4 , t 2 +2t 4 C is located D D x * , t * x * , t * E E F F 2x * +(x 1 +x 2 ), 2t * +(t 1 +t 2 ) Anh Le - UC Irvine - SpaceMac 21
Locating Attackers Locating Attackers In a network with M attackers, with high probability, , g p y, all attackers can be identified after N generations which experience pollution attack, where N ≤ M. E is identified in E is identified in D is identified in D is identified in generation 2 generation 1 Anh Le - UC Irvine - SpaceMac 22
Collusion Resistance Collusion Resistance C ll si Collusion affects the order in which ff ts th d i hi h the attackers are identified. Anh Le - UC Irvine - SpaceMac 23
Performance Evaluation Performance Evaluation o Communication Overhead: Prob. Child blames Parent Prob. Parent tricks Child Overhead (1 byte per tag) 2 -14 2 -16 25 bytes 2 -16 2 -21 30 bytes o Computation Overhead (per tag): Parameters Parameters Mac Mac Verify Verify Combine Combine q=2 8 , m=5, m+n=1024 <1000 µs <1000 µs <1 µs o Locating latency: Number of attackers 12 16 20 Average number of 3.85 4.69 4.89 generations 24
Conclusion Conclusion Error Attack Locating Correction Detection Attackers (+) Exactly locating ( ) E y g - Extension of f - Subspace S b -Error- random linear all attackers properties Comm. correcting NC codes (+) Low computation - Null Keys y and communication and communication - SpaceMac M overhead - Homomorphic cryptographic ( ) (+) Can deal with - Non- Non primitives: i iti large collusion Crypto. repudiation H.Hash, H.Mac, protocol H.Signature Anh Le - UC Irvine - SpaceMac 25
o Questions Anh Le - UC Irvine - SpaceMac 26
Recommend
More recommend
![FERMION DARK MATTER Accepted to JHEP [arXiv:1106.2162] Cornell University In collaboration with](https://c.sambuz.com/952042/fermion-s.jpg)
