Message dropping attacks in overlay networks: Attack detection and attacker identification

Liang Xie, Sencun Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Overlay multicast networks are used by service providers to distribute contents such as web pages, streaming multimedia data, or security updates to a large number of users. However, such networks are extremely vulnerable to message dropping attacks by malicious or selfish nodes that intentionally drop packets they are required to forward. It is difficult to detect such attacks both efficiently and effectively, not mentioning to further identify the attackers, especially when members in the overlay switch between online/offline statuses frequently. We propose a random-sampling-based scheme to detect such attacks, and a path-resolving-based scheme to identify the attack nodes. Our schemes work for dynamic overlay networks and do not assume the global knowledge of the overlay hierarchy. Analysis and simulation results show that our schemes are bandwidthefficient and they both have high detection/identification rates but low false positive rates.

Original languageEnglish (US)
Title of host publication2006 Securecomm and Workshops
DOIs
StatePublished - Dec 1 2006
Event2006 Securecomm and Workshops - Baltimore, MD, United States
Duration: Aug 28 2006Sep 1 2006

Publication series

Name2006 Securecomm and Workshops

Other

Other2006 Securecomm and Workshops
CountryUnited States
CityBaltimore, MD
Period8/28/069/1/06

Fingerprint

Overlay networks
Websites
Switches
Sampling
service provider
multimedia
simulation

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Communication

Cite this

Xie, Liang ; Zhu, Sencun. / Message dropping attacks in overlay networks : Attack detection and attacker identification. 2006 Securecomm and Workshops. 2006. (2006 Securecomm and Workshops).
@inproceedings{68e6a5e6b219460fa2b11443b5e7cdff,
title = "Message dropping attacks in overlay networks: Attack detection and attacker identification",
abstract = "Overlay multicast networks are used by service providers to distribute contents such as web pages, streaming multimedia data, or security updates to a large number of users. However, such networks are extremely vulnerable to message dropping attacks by malicious or selfish nodes that intentionally drop packets they are required to forward. It is difficult to detect such attacks both efficiently and effectively, not mentioning to further identify the attackers, especially when members in the overlay switch between online/offline statuses frequently. We propose a random-sampling-based scheme to detect such attacks, and a path-resolving-based scheme to identify the attack nodes. Our schemes work for dynamic overlay networks and do not assume the global knowledge of the overlay hierarchy. Analysis and simulation results show that our schemes are bandwidthefficient and they both have high detection/identification rates but low false positive rates.",
author = "Liang Xie and Sencun Zhu",
year = "2006",
month = "12",
day = "1",
doi = "10.1109/SECCOMW.2006.359534",
language = "English (US)",
isbn = "1424404231",
series = "2006 Securecomm and Workshops",
booktitle = "2006 Securecomm and Workshops",

}

Xie, L & Zhu, S 2006, Message dropping attacks in overlay networks: Attack detection and attacker identification. in 2006 Securecomm and Workshops., 4198794, 2006 Securecomm and Workshops, 2006 Securecomm and Workshops, Baltimore, MD, United States, 8/28/06. https://doi.org/10.1109/SECCOMW.2006.359534

Message dropping attacks in overlay networks : Attack detection and attacker identification. / Xie, Liang; Zhu, Sencun.

2006 Securecomm and Workshops. 2006. 4198794 (2006 Securecomm and Workshops).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Message dropping attacks in overlay networks

T2 - Attack detection and attacker identification

AU - Xie, Liang

AU - Zhu, Sencun

PY - 2006/12/1

Y1 - 2006/12/1

N2 - Overlay multicast networks are used by service providers to distribute contents such as web pages, streaming multimedia data, or security updates to a large number of users. However, such networks are extremely vulnerable to message dropping attacks by malicious or selfish nodes that intentionally drop packets they are required to forward. It is difficult to detect such attacks both efficiently and effectively, not mentioning to further identify the attackers, especially when members in the overlay switch between online/offline statuses frequently. We propose a random-sampling-based scheme to detect such attacks, and a path-resolving-based scheme to identify the attack nodes. Our schemes work for dynamic overlay networks and do not assume the global knowledge of the overlay hierarchy. Analysis and simulation results show that our schemes are bandwidthefficient and they both have high detection/identification rates but low false positive rates.

AB - Overlay multicast networks are used by service providers to distribute contents such as web pages, streaming multimedia data, or security updates to a large number of users. However, such networks are extremely vulnerable to message dropping attacks by malicious or selfish nodes that intentionally drop packets they are required to forward. It is difficult to detect such attacks both efficiently and effectively, not mentioning to further identify the attackers, especially when members in the overlay switch between online/offline statuses frequently. We propose a random-sampling-based scheme to detect such attacks, and a path-resolving-based scheme to identify the attack nodes. Our schemes work for dynamic overlay networks and do not assume the global knowledge of the overlay hierarchy. Analysis and simulation results show that our schemes are bandwidthefficient and they both have high detection/identification rates but low false positive rates.

UR - http://www.scopus.com/inward/record.url?scp=50049104045&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=50049104045&partnerID=8YFLogxK

U2 - 10.1109/SECCOMW.2006.359534

DO - 10.1109/SECCOMW.2006.359534

M3 - Conference contribution

AN - SCOPUS:50049104045

SN - 1424404231

SN - 9781424404230

T3 - 2006 Securecomm and Workshops

BT - 2006 Securecomm and Workshops

ER -