Reference : Conceptual Approaches for Securing Networks and Systems
Dissertations and theses : Doctoral thesis
Engineering, computing & technology : Computer science
Conceptual Approaches for Securing Networks and Systems
Becker, Sheila [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)]
University of Luxembourg, ​Luxembourg, ​​Luxembourg
Université de Lorraine, ​​France
Docteur en Informatique
Engel, Thomas mailto
Festor, Olivier
[en] Security ; Virtual Coordinate Systems ; Frog-Boiling ; Game Theory ; Machine Learning
[en] Peer-to-peer real-time communication and media streaming applications optimize their performance by using application-level topology estimation services such as virtual coordinate systems. Virtual coordinate systems allow nodes in a peer-to-peer network to accurately predict latency between arbitrary nodes without the need of performing extensive measurements. However, systems that leverage virtual coordinates as supporting building blocks, are prone to attacks conducted by compromised nodes that aim at disrupting, eavesdropping, or mangling with the underlying communications.

Recent research proposed techniques to mitigate basic attacks (inflation, deflation, oscillation) considering a single attack strategy model where attackers perform only one type of attack. In this work, we define and use a game theory framework in order to identify the best attack and defense strategies assuming that the attacker is aware of the defense mechanisms. Our approach leverages concepts derived from the Nash equilibrium to model more powerful adversaries. We apply the game theory framework to demonstrate the impact and efficiency of these attack and defense strategies using a well-known virtual coordinate system and real-life Internet data sets.

Thereafter, we explore supervised machine learning techniques to mitigate more subtle yet highly effective attacks (frog-boiling, network-partition) that are able to bypass existing defenses. We evaluate our techniques on the Vivaldi system against a more complex attack strategy model, where attackers perform sequences of all known attacks against virtual coordinate systems, using both simulations and Internet deployments.

File(s) associated to this reference

Fulltext file(s):

Open access
BeckerS - Thesis.pdfAuthor postprint4 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.