Maelstrom: Churn as Shelter
Tyson Condie and Varun Kacholia and Sriram Sankararaman and Petros Maniatis and Joseph M. Hellerstein
EECS Department, University of California, Berkeley
Technical Report No. UCB/EECS-2005-11
November 10, 2005
http://www2.eecs.berkeley.edu/Pubs/TechRpts/2005/EECS-2005-11.pdf
Structured overlays are an important and powerful class of overlay networks that has emerged in recent years. They are typically targeted at peer-to-peer deployments involving millions of user-managed machines on the Internet. In this paper we address routing-table poisoning attacks against structured overlays, in which adversaries attempt to intercept traffic and control the system by convincing other nodes to use compromised nodes as their overlay network neighbors. In keeping with the fully-decentralized goals of structured overlay design, we propose a defense mechanism that makes minimal use of centralized infrastructure. Our approach, induced churn, utilizes periodic routing-table resets, unpredictable identifier changes, and a rate limit on routing-table updates. Induced churn leaves adversaries at the mercy of chance: they have little opportunity to strategize their positions in the overlay, and cannot entrench themselves in any position that they do acquire. We implement induced churn in Maelstrom, an extension to the broadly used Bamboo distributed hash table. Our Maelstrom experiments over a simulated network demonstrate robust routing with very modest costs in bandwidth and latency, at levels of adversarial activity where unprotected overlays are rendered almost completely useless.
BibTeX citation:
@techreport{Condie:EECS-2005-11, Author= {Condie, Tyson and Kacholia, Varun and Sankararaman, Sriram and Maniatis, Petros and Hellerstein, Joseph M.}, Title= {Maelstrom: Churn as Shelter}, Year= {2005}, Month= {Nov}, Url= {http://www2.eecs.berkeley.edu/Pubs/TechRpts/2005/EECS-2005-11.html}, Number= {UCB/EECS-2005-11}, Abstract= {Structured overlays are an important and powerful class of overlay networks that has emerged in recent years. They are typically targeted at peer-to-peer deployments involving millions of user-managed machines on the Internet. In this paper we address routing-table poisoning attacks against structured overlays, in which adversaries attempt to intercept traffic and control the system by convincing other nodes to use compromised nodes as their overlay network neighbors. In keeping with the fully-decentralized goals of structured overlay design, we propose a defense mechanism that makes minimal use of centralized infrastructure. Our approach, induced churn, utilizes periodic routing-table resets, unpredictable identifier changes, and a rate limit on routing-table updates. Induced churn leaves adversaries at the mercy of chance: they have little opportunity to strategize their positions in the overlay, and cannot entrench themselves in any position that they do acquire. We implement induced churn in Maelstrom, an extension to the broadly used Bamboo distributed hash table. Our Maelstrom experiments over a simulated network demonstrate robust routing with very modest costs in bandwidth and latency, at levels of adversarial activity where unprotected overlays are rendered almost completely useless.}, }
EndNote citation:
%0 Report %A Condie, Tyson %A Kacholia, Varun %A Sankararaman, Sriram %A Maniatis, Petros %A Hellerstein, Joseph M. %T Maelstrom: Churn as Shelter %I EECS Department, University of California, Berkeley %D 2005 %8 November 10 %@ UCB/EECS-2005-11 %U http://www2.eecs.berkeley.edu/Pubs/TechRpts/2005/EECS-2005-11.html %F Condie:EECS-2005-11