Date of Award

6-1-2009

Document Type

Thesis

Degree Name

M.S.

Department

Computer Science

First Advisor

Christian Grothoff, Ph.D.

Second Advisor

Richard Ball, Ph.D.

Third Advisor

Chris Gauthier-Dickey

Fourth Advisor

Ramakrishna Thurimella

Keywords

Dht, Freenet, P2p, Peer-to-peer, Restricted route, Security

Abstract

In many networks, such as mobile ad-hoc networks and friend-to-friend overlay networks, direct communication between nodes is limited to specific neighbors. Friendto-friend “darknet” networks have been shown to commonly have a small-world topology; while short paths exist between any pair of nodes in small-world networks, it is non-trivial to determine such paths with a distributed algorithm. Recently, Clarke and Sandberg proposed the first decentralized routing algorithm that achieves efficient routing in such small-world networks.

Herein this thesis we discuss the first independent security analysis of Clarke and Sandberg’s routing algorithm. We show that a relatively weak participating adversary can render the overlay ineffective without being detected, resulting in significant data loss due to the resulting load imbalance. We have measured the impact of the attack in a testbed of 800 and 400 total nodes using minor modifications to Clarke and Sandberg’s implementation of their routing algorithm in Freenet. Our experiments show that the attack is highly effective, allowing a small number of malicious nodes to cause rapid loss of data on the entire network.

We also discuss various proposed countermeasures designed to detect, thwart or limit the attack. We found that the “darknet” topology limits the ability of effective countermeasures. The problem of fixing the topology proved so intractable due to inherent network characteristics that the idea of using a darknet for Freenet has ii been all but abandoned following the public release of this work. Our hope is that the presented analysis acts as a step towards effective analysis and design of secure distributed routing algorithms for restricted-route topologies.

It should be noted that this thesis is an extended version of the same work presented at ACSAC 2007. The work appears in the conference proceedings as “Routing in the Dark: Pitch Black” [19] largely unmodified from this thesis.

Publication Statement

Copyright is held by the author. User is responsible for all copyright compliance.

Provenance

Received from ProQuest

Rights holder

Nathan S. Evans

File size

84 p.

File format

application/pdf

Language

en

Discipline

Computer science

Download



Share

COinS