1 / 18

Security Mechanisms for Distributed Computing Systems

2011/12/15. Security Mechanisms for Distributed Computing Systems. A9ID1007, Xu Ling Kobayashi Laboratory GSIS, TOHOKU UNIVERSITY. Background. Distributed computing systems (DCSs) Definition: A system where nodes share their computing power with each other to finish certain goals

rachel
Télécharger la présentation

Security Mechanisms for Distributed Computing Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 2011/12/15 Security Mechanisms for Distributed Computing Systems A9ID1007, Xu Ling Kobayashi Laboratory GSIS, TOHOKU UNIVERSITY

  2. Background • Distributed computing systems (DCSs) • Definition: A system where nodes share their computing power with each other to finish certain goals • Example: P2P systems (Skype), volunteer computing systems (SETI@home), Grid

  3. Task 1 Task 1 Task 2 Task 3 Task 4 Result 1 Result 2 Result 3 Result 4 Task 2 Task n Background • Example: Volunteer computing system • A system that utilizes the idling computing resources on the network to finish computing intensive tasks host worker 2 worker 3 worker 4 worker 1 The structure of a typical volunteer computing system

  4. Background • Categorization • Centralized DCSs (e.g., volunteer computing): • Few servers and many clients. • Only have server-client communication • Decentralized DCSs (e.g., P2P) : all nodes are equal and communicate with each other • Hybrid DCSs (e.g., skype) • Most nodes are equal, and communicate with each other • A few servers exist • Authorized DCSs: DCSs that contain trustful authorities (e.g., volunteer computing systems) • Unauthorized DCSs: DCSs that contain no trustful authority (e.g., P2P systems)

  5. Task 1 Task 1 Task 2 Task 3 Task 4 1+1=2 1+1=2 1+1=2 1+1=3 Task 2 Task n Background: Attack to DCSs • False result attack (FRA) (for centralized DCSs) • One host node and multiple worker nodes • Host dispatches tasks to workers. Workers compute tasks and return returns to host • Malicious workers return incorrect results to host host worker 2 worker 3 Malicious worker 4 worker 1

  6. Background: Attack to DCSs • Sybil attack (SA) (For decentralized and hybrid DCSs) • A few malicious users controls many Sybil nodes (malicious nodes) to break the system protocol • Sybil nodes can launch various attacks 1+1=3 1+1=3! 1+1=3 Honest node Sybil node 1+1=3 1+1=2 1+1=? 1+1=? 1+1=? 1+1=? malicious user 1+1=?

  7. Background: Existing solution to the false result attack 11*11=121! v is malicious host • The host dispatches multiple tasks to each worker v • These tasks contains some special tasks called quizzes • The host checks the correctness of the answers of quizzes Node v is honest only if the answers of the quizzes return by v are correct • Problem: • A Quiz should satisfy: the correctness of the answer of a quiz should be easy to check • Unpractical: How to generate quizzes that satisfy this property is an open problem. 1+1=? 1+1=3 1+2=? 1+2=3 11*11=? (quiz) 11*11=3 (quiz) v

  8. Background: Existing solution to the Sybil attack • Social network model based Sybil detecting (SSD) • Social network model: # of attack edges is small • SSD algorithms • Assumption: The network topology of the DCS obeys SNM • Functionality: For each honest node v, enable v to judge the types of other nodes • Basic idea: the # of attack edges is small  communication between nodes of different types is weakened • My idea: attack edge detecting is important in design effective SSD algorithms • Effective: high judging accuracy • Detect the attack edges and cut them  communication between nodes of different types can be stopped! Attack edges Honest cluster Sybil cluster Attack edge

  9. Objective • Motivation: • For FRA: existing solutions are unpractical (Quiz) • For SA: Attack edge detecting technique can be used to design effective SSD algorithms • Objective: Design effective security mechanisms to resist the false result attack and the Sybil attack on DCSs.

  10. workers 1 are honest; worker 4 is malicious • Approach • Design a practical false result attack resisting algorithm  Enable host to detect malicious workers • Design an effective attack edge detecting-based SSD algorithm for authorized DCSs  For each node v, enable v to know the types of other nodes • Design an attack edge detecting algorithm for unauthorized DCSs For each node v and an incident edge e of v, enable v to know whether e is an attack edge or not worker 2 worker 3 worker 4 (Malicious) worker 1 v1 is honest, v2 is Sybil e1 is not AE, e2 is AE v2 v e2 e1 v1 Honest nodes Sybil nodes

  11. Organization • Introduction • MSC: an Practical Spot Checking Mechanism for Resisting False Result Attack • SybilDetector: an Attack Edge Detecting Based Sybil Detecting Algorithm • RSC: an Attack Edge Detecting Algorithm for Sybil Resisting • Conclusion

  12. Comments from Professor Sone • Comment: Clarify the approaches( ‘detect the malicious nodes’ is too broad, there are many way to detect) • Solution: • To detail the models of FRA and SA, respectively • To specify the research approaches • To specify the functionality of each approach • Approach (old) • For false result attack: enable honest nodes to detect malicious nodes • For Sybil attack: enable honest nodes to detect Sybil nodes • Approach (new) • Design an practical and efficient false result attack resisting algorithm. • Design an effective attack edge detecting-based SSD algorithm for authorized DCSs. • Design an attack edge detecting algorithm for unauthorized DCSs.

  13. Comments from Professor Sone • Comment: Clarify the performance metric (Define the performance metric in the first chapter. Define what is ‘effective’.) • Solution: Define the performance metrics of MSC and SSD algorithms in Chapter 1

  14. Comments from Professor Sone • Comment : Clarify the innovational point: • Emphasize on the new idea rather than the algorithm • Solution: • Point out that the attack edge detecting technique is the innovation point in chapter 1. • Change chapter 4 • Old  RSSR: A Random Walk and Attack Edge Detecting Based Sybil Detecting Algorithm (emphasized RSSR (a SSD algorithm)) • New  RSC: an Attack Edge Detecting Algorithm for Sybil Resisting (emphasize RSC (an attack edge detecting algorithm))

  15. Comments from Professor Sone • Comment : The current social network model considers only two clusters. How to deal with the case of more clusters? • Solution : • Discuss this problem in Section Related Work of Chapter 3. • In the case of more clusters, for each cluster, we have to know the type of at least one node this cluster.

  16. Comments from Professor Sone • Comment : How to deal with nodes changing types? • Solution • Reputation system? (will be vulnerable to the Sybil attack)

  17. Comments from Professor Suganuma • Comment : Explain the baseline algorithms (SybilLimit) used for the performance comparison • Solution: Explain the baseline algorithm (SybilLimit, SOHL) in detail in Section Related Work of Chapter 3 of the dissertation, and in the presentation of the next defense.

  18. Comments from Professor Takizawa • Comment: Clarify the model used (Does this system have trustful authority?). • Solution: • Specify the models of FRA and SA • FRA: centralized • SA: decentralized or hybrid

More Related