Results 1 - 10
of
48
SoK: P2PWNED — Modeling and Evaluating the Resilience of Peer-to-Peer Botnets
"... Abstract—Centralized botnets are easy targets for takedown efforts by computer security researchers and law enforcement. Thus, botnet controllers have sought new ways to harden the infrastructures of their botnets. In order to meet this objective, some botnet operators have (re)designed their botnet ..."
Abstract
-
Cited by 18 (4 self)
- Add to MetaCart
(Show Context)
Abstract—Centralized botnets are easy targets for takedown efforts by computer security researchers and law enforcement. Thus, botnet controllers have sought new ways to harden the infrastructures of their botnets. In order to meet this objective, some botnet operators have (re)designed their botnets to use Peer-to-Peer (P2P) infrastructures. Many P2P botnets are far more resilient to takedown attempts than centralized botnets, because they have no single points of failure. However, P2P botnets are subject to unique classes of attacks, such as node enumeration and poisoning. In this paper, we introduce a formal graph model to capture the intrinsic properties and fundamental vulnerabilities of P2P botnets. We apply our model to current P2P botnets to assess their resilience against attacks. We provide assessments on the sizes of all eleven active P2P botnets, showing that some P2P botnet families contain over a million bots. In addition, we have prototyped several mitigation strategies to measure the resilience of existing P2P botnets. We believe that the results from our analysis can be used to assist security researchers in evaluating mitigation strategies against current and future P2P botnets. I.
LotusNet: Tunable privacy for distributed online social network services
- Computer Communications
, 2010
"... The evolution of the role of online social networks in the Web has led to a colli-sion between private, public and commercial spheres that have been inevitably connected together in social networking services since their beginning. The growing awareness on the opaque data management operated by many ..."
Abstract
-
Cited by 15 (0 self)
- Add to MetaCart
(Show Context)
The evolution of the role of online social networks in the Web has led to a colli-sion between private, public and commercial spheres that have been inevitably connected together in social networking services since their beginning. The growing awareness on the opaque data management operated by many providers reveals that a privacy-aware service that protects user information from privacy leaks would be very attractive for a consistent portion of users. In order to meet this need we propose LotusNet, a framework for the development of social network services relying on a peer-to-peer paradigm which supports strong user authentication. We tackle the trade-off problem between security, privacy and services in distributed social networks by providing the users the possibility to tune their privacy settings through a very flexible and fine-grained access con-trol system. Moreover, our architecture is provided with a powerful suite of high-level services that greatly facilitates custom application development and mash up.
Practical Robust Communication in DHTs Tolerating a Byzantine Adversary
"... There are several analytical results on distributed hash tables (DHTs) that can tolerate Byzantine faults. Unfortunately, in such systems, critical operations such as data retrieval and message sending incur significant communication costs. For example, a simple scheme used in many Byzantine fault-t ..."
Abstract
-
Cited by 14 (3 self)
- Add to MetaCart
(Show Context)
There are several analytical results on distributed hash tables (DHTs) that can tolerate Byzantine faults. Unfortunately, in such systems, critical operations such as data retrieval and message sending incur significant communication costs. For example, a simple scheme used in many Byzantine fault-tolerant DHT constructions of n nodes requires O(log 3 n) messages; this is likely impractical for real-world applications. Currently, the best known message complexity is O(log 2 n) in expectation; however, the corresponding protocol suffers from prohibitive costs owing to hidden constants in the asymptotic notation and to setup costs. In this paper, we focus on reducing the communication costs against a computationally bounded adversary. We employ threshold cryptography and distributed key generation to define two protocols both of which are more efficient than existing solutions. In comparison, our first protocol is deterministic with O(log 2 n) message complexity and our second protocol is randomized with expected O(log n) message complexity. Further, both the hidden constants and setup costs for our protocols are small and no trusted third party is required. Finally, we present results from microbenchmarks conducted over PlanetLab showing that our protocols are practical for deployment under significant levels of churn and adversarial behaviour. 1.
Secure and flexible framework for decentralized social network services
- In Pervasive Computing and Communications Workshops (PERCOM Workshops), 2010 8th IEEE International Conference on
, 2010
"... Abstract—The rapid growth of the volume of user-generated contents in online social networks has raised many privacy concerns, mainly due to the data exploitation operated by providers. In order to address this problem, the idea of supporting social network services with open peer-to-peer systems ha ..."
Abstract
-
Cited by 8 (1 self)
- Add to MetaCart
(Show Context)
Abstract—The rapid growth of the volume of user-generated contents in online social networks has raised many privacy concerns, mainly due to the data exploitation operated by providers. In order to address this problem, the idea of supporting social network services with open peer-to-peer systems has gained ground very recently. Nevertheless, the development of social network applications on decentralized layers involves several new security and design issues. In this paper we define an architectural model which embeds user identity management in a DHT overlay, providing a very robust and flexible support for any identity-based application. Important features for social applications like reputation man-agement, modular expandability of the application suite and discretionary access control to shared resources can be easily implemented on our framework. Keywords-social networks, privacy, access control, peer-to-peer I.
Eclipse Attacks on Bitcoin’s Peer-to-Peer Network ∗
"... We present eclipse attacks on bitcoin’s peer-to-peer net-work. Our attack allows an adversary controlling a suffi-cient number of IP addresses to monopolize all connec-tions to and from a victim bitcoin node. The attacker can then exploit the victim for attacks on bitcoin’s mining and consensus syst ..."
Abstract
-
Cited by 5 (1 self)
- Add to MetaCart
(Show Context)
We present eclipse attacks on bitcoin’s peer-to-peer net-work. Our attack allows an adversary controlling a suffi-cient number of IP addresses to monopolize all connec-tions to and from a victim bitcoin node. The attacker can then exploit the victim for attacks on bitcoin’s mining and consensus system, including N-confirmation double spending, selfish mining, and adversarial forks in the blockchain. We take a detailed look at bitcoin’s peer-to-peer network, and quantify the resources involved in our attack via probabilistic analysis, Monte Carlo simu-lations, measurements and experiments with live bitcoin nodes. Finally, we present countermeasures, inspired by botnet architectures, that are designed to raise the bar for eclipse attacks while preserving the openness and decen-tralization of bitcoin’s current network architecture. 1
Design and analysis of a social botnet
- Computer Networks
"... Online Social Networks (OSNs) have attracted millions of active users and have become an integral part of today’s Web ecosystem. Unfortunately, in the wrong hands, OSNs can be used to harvest private user data, distribute malware, control botnets, perform surveillance, spread misinformation, and eve ..."
Abstract
-
Cited by 4 (2 self)
- Add to MetaCart
(Show Context)
Online Social Networks (OSNs) have attracted millions of active users and have become an integral part of today’s Web ecosystem. Unfortunately, in the wrong hands, OSNs can be used to harvest private user data, distribute malware, control botnets, perform surveillance, spread misinformation, and even influence algorithmic trading. Usually, an adversary starts off by running an infiltration campaign using hijacked or adversary-owned OSN accounts, with an objective to connect with a large number of users in the targeted OSN. In this article, we evaluate how vulnerable OSNs are to a large-scale infiltration campaign run by socialbots: bots that control OSN accounts and mimic the actions of real users. We adopted the design of a traditional web-based botnet and built a prototype of a Socialbot Network (SbN): a group of coordinated programmable socialbots. We operated our prototype on Facebook for eight weeks, and collected data about user behavior in response to a large-scale infiltration campaign. Our results show that (1) by exploiting known social behaviors of users, OSNs such as Facebook can be infiltrated with a success rate of up to 80%, (2) subject to user profile privacy settings, a successful infiltration can result in privacy breaches where even more private user data are exposed, (3) given the economics of today’s underground markets, running a large-scale infiltration campaign might be profitable but is still not particularly attractive as a sustainable and independent business, (4) the security of socially-aware systems that use or integrate OSN platforms can be at risk, given the infiltration capability of an adversary in OSNs, and (5) defending against malicious socialbots raises a set of challenges that relate to web automation, online-offline identity binding, and usable security.
On the Design of Socially-Aware Distributed Systems
, 2012
"... Dedication To my beloved parents Panayiota and Ioannis Kourtellis for teaching me the importance of an education, and always motivating me to pursue my dreams. Acknowledgments I would like to thank Dr. Adriana Iamnitchi for being my major professor and academic advisor for the past six years. Her he ..."
Abstract
-
Cited by 4 (4 self)
- Add to MetaCart
(Show Context)
Dedication To my beloved parents Panayiota and Ioannis Kourtellis for teaching me the importance of an education, and always motivating me to pursue my dreams. Acknowledgments I would like to thank Dr. Adriana Iamnitchi for being my major professor and academic advisor for the past six years. Her help and guidance inspired me to overcome any diffi-culties in my research, and her persistence motivated me throughout my doctoral studies.
Collaborative Intrusion Detection Framework: Characteristics, Adversarial Opportunities and Countermeasures
"... Complex Internet attacks may come from multiple sources, and target multiple networks and technologies. Nevertheless, Collaborative Intrusion Detection Systems (CIDS) emerges as a promising solution by using information from multiple sources to gain a better understanding of objective and impact of ..."
Abstract
-
Cited by 3 (0 self)
- Add to MetaCart
(Show Context)
Complex Internet attacks may come from multiple sources, and target multiple networks and technologies. Nevertheless, Collaborative Intrusion Detection Systems (CIDS) emerges as a promising solution by using information from multiple sources to gain a better understanding of objective and impact of complex Internet attacks. CIDS also help to cope with classical problems of Intrusion Detection Systems (IDS) such as zero-day attacks, high false alarm rates and architectural challenges, e. g., centralized designs exposing the Single-Point-of-Failure. Improved complexity on the other hand gives raise to new exploitation opportunities for adversaries. The contribution of this paper is twofold. We first investigate related research on CIDS to identify the common building blocks and to understand vulnerabilities of the Collaborative Intrusion Detection Framework (CIDF). Second, we focus on the problem of anonymity preservation in a decentralized intrusion detection related message exchange scheme. We use techniques from design theory to provide multi-path peer-to-peer communication scheme where the adversary can not perform better than guessing randomly the originator of an alert message. 1
Increasing the Resilience of Critical SCADA Systems Using Peer-toPeer Overlays
- in ISARCS 2010, 1st International Symposium on Architecting Critical Systems
, 2010
"... Abstract. Supervisory Control and Data Acquisition (SCADA) systems are migrating from isolated to highly-interconnected large scale architectures. In addition, these systems are increasingly composed of standard Internet technologies and use public networks. Hence, while the SCADA functionality has ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
(Show Context)
Abstract. Supervisory Control and Data Acquisition (SCADA) systems are migrating from isolated to highly-interconnected large scale architectures. In addition, these systems are increasingly composed of standard Internet technologies and use public networks. Hence, while the SCADA functionality has increased, its vulnerability to cyber threats has also risen. These threats often lead to reduced system availability or compromised data integrity, eventually resulting in risks to public safety. Therefore, enhancing the reliability and security of system operation is an urgent need. Peer-to-Peer (P2P) techniques allow the design of selforganizing Internet-scale communication overlay networks. Two inherent resilience mechanisms of P2P networks are path redundancy and data replication. This paper shows how SCADA system’s resilience can be improved by using P2P technologies. In particular, the two previously mentioned resilience mechanisms allow circumventing crashed nodes and detecting manipulated control data. 1
Blocking-Resistant Network Services using Unblock,” http://unblock.cs.washington.edu/unblock.pdf, October 2012, retrieved
, 2012
"... The desire for uncensored access to the Internet has motivated the development of both open proxies like Tor and social graph-based overlays like FreeNet. However, neither design is sufficient, as relays in open proxies are easily exposed and blocked, and overlays based just on social trust suffer f ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
The desire for uncensored access to the Internet has motivated the development of both open proxies like Tor and social graph-based overlays like FreeNet. However, neither design is sufficient, as relays in open proxies are easily exposed and blocked, and overlays based just on social trust suffer from poor availability and performance. In this paper, we introduce the design for a new overlay service, Unblock, constructed from an augmented social graph. In Unblock, multi-hop paths through social links protect individual participants from exposure to adversaries. Unblock achieves good performance by introducing additional links in the network graph in a manner that minimizes vulnerability. We also develop several transport level techniques for improved latency. We demonstrate the practicality of the system for web traffic workloads. 1
