Exposing and Eliminating Vulnerabilities to Denial of Service Attacks in Secure Gossip-Based Multicast

We propose a framework and methodology for quantifying the effect of denial of service (DoS) attacks on a distributed system. We present a systematic study of the resistance of gossip-based multicast protocols to DoS attacks. We show that even distributed and randomized gossip-based protocols, which eliminate single points of failure, do not necessarily eliminate vulnerabilities to DoS attacks. We propose Drum - a simple gossip-based multicast protocol that eliminates such vulnerabilities. Drum was implemented in Java and tested on a large cluster. We show, using closed-form mathematical analysis, simulations, and empirical tests, that Drum survives severe DoS attacks.

[1]  Keith Marzullo,et al.  Gossip versus Deterministically Constrained Flooding on Small Networks , 2000, DISC.

[2]  Richard M. Karp,et al.  Randomized rumor spreading , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[3]  Fred B. Schneider,et al.  COCA: a secure distributed online certification authority , 2002 .

[4]  Markus G. Kuhn,et al.  Analysis of a denial of service attack on TCP , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[5]  Andrew B. Whinston,et al.  Defeating distributed denial of service attacks , 2000 .

[6]  Rocky K. C. Chang,et al.  Defending against flooding-based distributed denial-of-service attacks: a tutorial , 2002, IEEE Commun. Mag..

[7]  Anne-Marie Kermarrec,et al.  Lightweight probabilistic broadcast , 2001, 2001 International Conference on Dependable Systems and Networks.

[8]  Indranil Gupta,et al.  Scalable fault-tolerant aggregation in large process groups , 2001, 2001 International Conference on Dependable Systems and Networks.

[9]  Andrew A. Chien,et al.  Tolerating denial-of-service attacks using overlay networks: impact of topology , 2003, SSRS '03.

[10]  Indranil Gupta,et al.  A churn-resistant peer-to-peer web caching system , 2003, SSRS '03.

[11]  Kenneth P. Birman,et al.  Bimodal multicast , 1999, TOCS.

[12]  Anne-Marie Kermarrec,et al.  Efficient epidemic-style protocols for reliable and scalable multicast , 2002, 21st IEEE Symposium on Reliable Distributed Systems, 2002. Proceedings..

[13]  Eric W. Weisstein,et al.  The CRC concise encyclopedia of mathematics , 1999 .

[14]  Anne-Marie Kermarrec,et al.  Adaptive gossip-based broadcast , 2003, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings..

[15]  Dahlia Malkhi,et al.  Optimal Unconditional Information Diffusion , 2001, DISC.

[16]  Vern Paxson,et al.  How to Own the Internet in Your Spare Time , 2002, USENIX Security Symposium.

[17]  B. Pittel On spreading a rumor , 1987 .

[18]  Keith Marzullo,et al.  Directional Gossip: Gossip in a Wide Area Network , 1999, EDCC.

[19]  Yishay Mansour,et al.  Diffusion without false rumors: on propagating updates in a Byzantine environment , 2003, Theor. Comput. Sci..

[20]  Anne-Marie Kermarrec,et al.  Probabilistic Reliable Dissemination in Large-Scale Systems , 2003, IEEE Trans. Parallel Distributed Syst..

[21]  Mike Hibler,et al.  An integrated experimental environment for distributed systems and networks , 2002, OPSR.

[22]  Scott Shenker,et al.  Epidemic algorithms for replicated database maintenance , 1988, OPSR.

[23]  Fred B. Schneider,et al.  Tolerating malicious gossip , 2003, Distributed Computing.

[24]  Robbert van Renesse,et al.  COCA: a secure distributed online certification authority , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[25]  Michael K. Reiter,et al.  Efficient update diffusion in byzantine environments , 2001, Proceedings 20th IEEE Symposium on Reliable Distributed Systems.

[26]  Stefan Savage,et al.  Inferring Internet denial-of-service activity , 2001, TOCS.