Browsing by Author "Hopper, Nicholas J."

Now showing 1 - 7 of 7
  • Thumbnail Image
    Item
    Censorship resistant overlay publishing
    (2011-11-01) Vasserman, Eugene Y.; Heorhiadi, Victor; Kim, Yongdae; Hopper, Nicholas J.
    The fundamental requirement of censorship resistance is content availability and discoverability --- it should be easy for users to find and access documents. At the same time, participating storage providers should be unaware of what they are storing to preserve plausible deniability. Fulfilling these requirements simultaneously seems impossible --- how does a system maintain a searchable index of content for users and yet hide it from storage providers? These paradoxical requirements have been previously reconciled by requiring out-of-band communication to either find ways to connect to the system, locate files, or learn file decryption keys --- an unacceptable situation when easy content discovery is critical. This paper describes a design for a peer-to-peer, permanent, and unblockable content store which is easily searchable and yet self-contained, i.e. does not require out-of-band communication. To achieve this, we separate file data, metadata, and encryption keys such that someone searching for information about a specific topic can retrieve all three components and reconstruct the file, but someone who only stores at most two components can neither determine the nature of the file content nor locate the missing component. We begin by identifying the core requirements for unblockable storage systems to resist state-level Internet censorship, construct a system that fulfills those requirements, and analyze how it avoids the problem of prior attempts at censorship resistance. Finally, we present measurements of a deployed proof-of-concept implementation, demonstrating the feasibility of our design.
  • Thumbnail Image
    Item
    Keep your friends close: Incorporating trust into social network-based Sybil defenses
    (2010-08-24) Mohaisen, Abedelaziz; Hopper, Nicholas J.; Kim, Yongdae
    Social network-based Sybil defenses exploit the algorithmic properties of social graphs to infer the extent to which an arbitrary node in such a graph should be trusted. However, these systems do not consider the different amounts of trust represented by different graphs, and different levels of trust between nodes, though trust is a crucial requirement in these systems. For instance, co-authors in an academic collaboration graph are trusted in a different manner than social friends. Furthermore, some social friends are more trusted than others. However, previous designs for social network-based Sybil defenses have not considered the inherent trust properties of the graphs they use. In this paper we introduce several designs to tune the performance of Sybil defenses by accounting for differential trust in social graphs and modeling these trust values by biasing random walks performed on these graphs. Surprisingly, we find that the cost function, the required length of random walks to accept all honest nodes with overwhelming probability, is much greater in graphs with high trust values, such as co-author graphs, than in graphs with low trust values such as online social networks. We show that this behavior is due to the greater number of close-knit communities in high-trust graphs, requiring longer walk to traverse multiple communities. Furthermore, we show that our proposed designs to account for trust increase the cost function of graphs with low trust value.
  • Thumbnail Image
    Item
    Shadow: Running Tor in a Box for Accurate and Efficient Experimentation
    (2011-09-23) Jansen, Rob; Hopper, Nicholas J.
    Tor is a large and popular overlay network providing both anonymity to its users and a platform for anonymous communication research. New design proposals and attacks on the system are challenging to test in the live network because of deployment issues and the risk of invading users' privacy, while alternative Tor experimentation techniques are limited in scale, are inaccurate, or create results that are difficult to reproduce or verify. We present the design and implementation of Shadow, an architecture for efficiently running accurate Tor experiments on a single machine. We validate Shadow's accuracy with a private Tor deployment on PlanetLab and a comparison to live network performance statistics. To demonstrate Shadow's powerful capabilities, we investigate circuit scheduling and find that the EWMA circuit scheduler reduces aggregate client performance under certain loads when deployed to the entire Tor network. Our software is open source and available for download.
  • Thumbnail Image
    Item
    Taking Routers Off Their Meds: Unstable Routers and the Buggy BGP Implementations That Cause Them
    (2011-11-30) Schuchard, Max; Thompson, Christopher; Hopper, Nicholas J.; Kim, Yongdae
    Both academic research and historical incidents have shown the impact of unstable BGP speakers on network performance and reliability. A large amount of time and energy has been invested improving router stability. In this paper, we show how an adversary in control of a BGP speaker in a transit AS can cause a victim router in an arbitrary location on the Internet to become unstable. Through experimentation with both hardware and software routers, we examine the behavior of routers under abnormal conditions and come to four conclusions. First, routers placed in certain states behave in anything but a stable manner. Second, unexpected but perfectly legal BGP messages can place routers into those states with disconcerting ease. Third, an adversary can use these messages to disrupt a victim router to which he is not directly connected. Fourth, modern best practices do little to prevent these attacks. These conclusions lead us to recommend more rigorous testing of BGP implementations, focusing as much on protocol correctness as software correctness.
  • Thumbnail Image
    Item
    The Distributed Virtual Network for High Fidelity, Large Scale Peer to Peer Network Simulation
    (2010-12-16) Foo Kune, Denis; Malchow, Tyson; Tyra, James; Hopper, Nicholas J.; Kim, Yongdae
    The ability to analyze the behavior of large distributed systems can be limited by the modeling tools used. The Distributed Virtual Network (DVN) is a discrete event network simulator providing a platform for realistic, high fidelity, scalable and repeatable simulations of large distributed systems. With a global view of the network, it provides the ability to quantify the behavior of the system under stress and attack conditions. We present the architecture of the simulator along with the simulation results from a real world P2P protocol implementation ported to DVN. We also compare DVN with another similar tool, outlining the benefits of our contribution.
  • Thumbnail Image
    Item
    Throttling Tor Bandwidth Parasites
    (2011-09-23) Jansen, Rob; Syverson, Paul; Hopper, Nicholas J.
    Tor's network congestion and performance problems stem from a small percentage of users that consume a large fraction of available relay bandwidth. These users continuously drain relays of excess bandwidth, creating new network bottlenecks and exacerbating the effects of existing ones. Attacking the problem at its source, we present the design of three new algorithms that throttle clients to reduce network congestion and increase interactive client performance. Unlike existing techniques, our algorithms adaptively adjust throttling parameters given only information local to a relay. We implement our algorithms in Tor and compare significant client performance benefits using network-wide deployments of our algorithms under a variety of network loads. We also analyze the effects of throttling on anonymity and compare the security of our algorithms under adversarial attack. Software patches for our algorithms will be submitted to Tor.
  • Thumbnail Image
    Item
    Why Kad Lookup Fails
    (2009-06-26) KangJeong, Hun; Chan-tin, Eric D.; Hopper, Nicholas J.; Kim, Yongdae
    A Distributed Hash Table (DHT) is a structured overlay network service that provides a decentralized lookup for mapping objects to locations. In this paper, we study the lookup performance of locating nodes responsible for replicated information in Kad - one of the largest DHT networks existing currently. Throughout the measurement study, we found that Kad lookups locate only 18% of nodes storing replicated data. This failure leads to limited reliability and an inefficient use of resources during lookups. Ironically, we found that this poor performance is due to the high level of routing table similarity, despite the relatively high churn rate in the network. This similarity results in duplicated responses from many peers en route to a target, which effectively limits the number of unique nodes found - hence the nodes responsible for storing replicated data are not located. We propose solutions which either exploit the high routing table similarity or avoid the duplicate returns using multiple target keys. Our solutions can locate more than 80% of nodes storing the replicated information while simultaneously balancing the lookup load.