Brahms: byzantine resilient random membership sampling

We present Brahms, an algorithm for sampling random nodes in a large dynamic system prone to malicious behavior. Brahms stores small membership views at each node, and yet overcomes Byzantine attacks by a linear portion of the system. Brahms is composed of two components. The first one is a resilient gossip-based membership protocol. The second one uses a novel memory-efficient approach for uniform sampling from a possibly biased stream of ids that traverse the node. We evaluate Brahms using rigorous analysis, backed by simulations, which show that our theoretical model captures the protocol's essentials. We study two representative attacks, and show that with high probability, an attacker cannot create a partition between correct nodes. We further prove that each node's sample converges to a uniform one over time. To our knowledge, no such properties were proven for gossip protocols in the past.

[1]  Bruce P. Hillam A Generalization of Krasnoselski's Theorem on the Real Line , 1975 .

[2]  Ralph C. Merkle,et al.  Secure communications over insecure channels , 1978, CACM.

[3]  Jeffrey Scott Vitter,et al.  Random sampling with a reservoir , 1985, TOMS.

[4]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[5]  Scott Shenker,et al.  Epidemic algorithms for replicated database maintenance , 1988, OPSR.

[6]  David R. Karger,et al.  Consistent hashing and random trees: distributed caching protocols for relieving hot spots on the World Wide Web , 1997, STOC '97.

[7]  Hagit Attiya,et al.  Distributed Computing: Fundamentals, Simulations and Advanced Topics , 1998 .

[8]  Noga Alon,et al.  The Space Complexity of Approximating the Frequency Moments , 1999 .

[9]  Kenneth P. Birman,et al.  Bimodal multicast , 1999, TOCS.

[10]  Yishay Mansour,et al.  On diffusing updates in a Byzantine environment , 1999, Proceedings of the 18th IEEE Symposium on Reliable Distributed Systems.

[11]  Alan M. Frieze,et al.  Min-Wise Independent Permutations , 2000, J. Comput. Syst. Sci..

[12]  Marcin Paprzycki,et al.  Distributed Computing: Fundamentals, Simulations and Advanced Topics , 2001, Scalable Comput. Pract. Exp..

[13]  Anne-Marie Kermarrec,et al.  SCAMP: Peer-to-Peer Lightweight Membership Service for Large-Scale Group Communication , 2001, Networked Group Communication.

[14]  Rajeev Motwani,et al.  Sampling from a moving window over streaming data , 2002, SODA '02.

[15]  Piotr Indyk,et al.  Maintaining Stream Statistics over Sliding Windows , 2002, SIAM J. Comput..

[16]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[17]  Luca Trevisan,et al.  Counting Distinct Elements in a Data Stream , 2002, RANDOM.

[18]  Edith Cohen,et al.  Search and replication in unstructured peer-to-peer networks , 2002, ICS '02.

[19]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.

[20]  Anne-Marie Kermarrec,et al.  Peer-to-Peer Membership Management for Gossip-Based Protocols , 2003, IEEE Trans. Computers.

[21]  Kai-Yeung Siu,et al.  Distributed construction of random expander networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[22]  Gurmeet Singh Manku,et al.  Symphony: Distributed Hashing in a Small World , 2003, USENIX Symposium on Internet Technologies and Systems.

[23]  Fred B. Schneider,et al.  Tolerating malicious gossip , 2003, Distributed Computing.

[24]  Anne-Marie Kermarrec,et al.  Lightweight probabilistic broadcast , 2003, TOCS.

[25]  David R. Karger,et al.  Simple Efficient Load-Balancing Algorithms for Peer-to-Peer Systems , 2004, SPAA '04.

[26]  Jared Saia,et al.  Choosing a random peer , 2004, PODC '04.

[27]  Christian Scheideler,et al.  Group Spreading: A Protocol for Provably Secure Distributed Name Service , 2004, ICALP.

[28]  Idit Keidar,et al.  Exposing and eliminating vulnerabilities to denial of service attacks in secure gossip-based multicast , 2004, International Conference on Dependable Systems and Networks, 2004.

[29]  Miguel Castro,et al.  Defending against eclipse attacks on overlay networks , 2004, EW 11.

[30]  Christos Gkantsidis,et al.  Random walks in peer-to-peer networks , 2004, IEEE INFOCOM 2004.

[31]  Idit Keidar,et al.  Araneola: a scalable reliable multicast system for dynamic environments , 2004, Third IEEE International Symposium on Network Computing and Applications, 2004. (NCA 2004). Proceedings..

[32]  John E. Hopcroft,et al.  Correctness of a gossip based membership protocol , 2005, PODC '05.

[33]  Joseph M. Hellerstein,et al.  Maelstrom: Churn as shelter , 2005 .

[34]  Márk Jelasity,et al.  T-Man: Gossip-Based Overlay Topology Management , 2005, Engineering Self-Organising Systems.

[35]  Maarten van Steen,et al.  CYCLON: Inexpensive Membership Management for Unstructured P2P Overlays , 2005, Journal of Network and Systems Management.

[36]  Robbert van Renesse,et al.  Fireflies: scalable support for intrusion-tolerant network overlays , 2006, EuroSys.

[37]  Idit Keidar,et al.  Exposing and eliminating vulnerabilities to denial of service attacks in secure gossip-based multicast , 2004, IEEE Transactions on Dependable and Secure Computing.

[38]  Michael Dahlin,et al.  BAR gossip , 2006, OSDI '06.

[39]  Atul Singh,et al.  Eclipse Attacks on Overlay Networks: Threats and Defenses , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[40]  Christian Scheideler,et al.  Towards a scalable and robust DHT , 2006, SPAA.

[41]  Ziv Bar-Yossef,et al.  Random sampling from a search engine's index , 2006, WWW '06.

[42]  Roy Friedman,et al.  RaWMS -: random walk based lightweight membership service for wireless ad hoc network , 2006, MobiHoc '06.

[43]  Christian Scheideler,et al.  Robust Random Number Generation for Peer-to-Peer Systems , 2006, OPODIS.

[44]  Christian Scheideler,et al.  Towards a Scalable and Robust DHT , 2006, SPAA '06.

[45]  Joseph M. Hellerstein,et al.  Induced Churn as Shelter from Routing-Table Poisoning , 2006, NDSS.

[46]  Anne-Marie Kermarrec,et al.  Peer counting and sampling in overlay networks: random walk methods , 2006, PODC '06.

[47]  David Hales,et al.  Identifying Malicious Peers Before It's Too Late: A Decentralized Secure Peer Sampling Service , 2007, First International Conference on Self-Adaptive and Self-Organizing Systems (SASO 2007).

[48]  Anne-Marie Kermarrec,et al.  Gossip-based peer sampling , 2007, TOCS.

[49]  Christian Scheideler,et al.  Towards Scalable and Robust Overlay Networks , 2007, IPTPS.

[50]  Roy Friedman,et al.  RaWMS - Random Walk Based Lightweight Membership Service for Wireless Ad Hoc Networks , 2008, TOCS.

[51]  Michael Kaminsky,et al.  SybilGuard: defending against sybil attacks via social networks , 2008, TNET.

[52]  Phillip B. Gibbons,et al.  SybilGuard: Defending Against Sybil Attacks via Social Networks , 2006, IEEE/ACM Transactions on Networking.

[53]  Idit Keidar,et al.  Brahms: byzantine resilient random membership sampling , 2008, PODC '08.

[54]  Christian Scheideler,et al.  Robust random number generation for peer-to-peer systems , 2006, Theor. Comput. Sci..