DESIGN AND ANALYSIS OF ACCOUNTABLE NETWORKED AND DISTRIBUTED SYSTEMS

This dissertation focuses on the design and analysis of accountable computing for a wide range of networked systems with affordable expense. The central idea is to incorporate accountability, a long-neglected security objective, into the design and implementation of modern computing systems. Broadly speaking, accountability in the cyber-security domain means that every entity ought to be held responsible for its behavior, and that there always exists undeniable and verifiable evidence linking each event to the liable entities. This dissertation studies accountable computing in three different contexts, including traditional distributed systems, cloud computing, and the Smart Grid. We first propose a quantitative model called P-Accountability to assess the degree of system accountability. P-Accountability consists of a flat model and a hierarchical model. Our results show that P-Accountability is an effective metric to evaluate general distributed systems such as PeerReview [1] in terms of accountability. Next, we develop Accountable MapReduce for cloud computing to prevent malicious working machines from manipulating the processing results. To achieve this goal, we set up a group of auditors to perform an Accountability-Test (A-test) that checks all working machines and detects malicious nodes in real time. Finally, we investigate the accountability issues in the neighborhood area smart grid. A mutual inspection scheme is presented to enable non-repudiation for metering. In addition, we propose and analyze a suite of algorithms to identify malicious meters for the detection of energy theft. iii DEDICATION This dissertation is dedicated to everyone who helped me, guided me, and inspired me.

[1]  Andreas Haeberlen,et al.  CSAR: A Practical and Provable Technique to Make Randomized Systems Accountable , 2009, NDSS.

[2]  Jennifer Rexford,et al.  Accountability in hosted virtual networks , 2009, VISA '09.

[3]  Georgios Kalogridis,et al.  Privacy protection system and metrics for hiding electrical events , 2011, Int. J. Secur. Networks.

[4]  Yang Xiao,et al.  Achieving Accountable MapReduce in cloud computing , 2014, Future Gener. Comput. Syst..

[5]  R. K. Shyamasundar,et al.  Introduction to algorithms , 1996 .

[6]  Lawrence C. Paulson,et al.  Accountability protocols: Formalized and verified , 2006, TSEC.

[7]  Naga K. Govindaraju,et al.  Mars: A MapReduce Framework on graphics processors , 2008, 2008 International Conference on Parallel Architectures and Compilation Techniques (PACT).

[8]  Dmitry Podkuiko,et al.  Energy Theft in the Advanced Metering Infrastructure , 2009, CRITIS.

[9]  Yang Xiao,et al.  P-Accountable Networked Systems , 2010, 2010 INFOCOM IEEE Conference on Computer Communications Workshops.

[10]  Ronald L. Rivest,et al.  Introduction to Algorithms, Second Edition , 2001 .

[11]  Bharat B. Madan,et al.  A method for modeling and quantifying the security attributes of intrusion tolerant systems , 2004, Perform. Evaluation.

[12]  Jianqing Zhang,et al.  Application-Aware Secure Multicast for Power Grid Communications , 2010 .

[13]  Katerina J. Argyraki,et al.  Loss and Delay Accountability for the Internet , 2007, 2007 IEEE International Conference on Network Protocols.

[14]  R.E. Brown,et al.  Impact of Smart Grid on distribution system design , 2008, 2008 IEEE Power and Energy Society General Meeting - Conversion and Delivery of Electrical Energy in the 21st Century.

[15]  Radha Jagadeesan,et al.  Towards a Theory of Accountability and Audit , 2009, ESORICS.

[16]  Chen Wang,et al.  A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accountable , 2010, HotCloud.

[17]  Nick Feamster,et al.  Holding the Internet Accountable , 2007, HotNets.

[18]  Nick Feamster,et al.  Accountable internet protocol (aip) , 2008, SIGCOMM '08.

[19]  Ruth Breu,et al.  Quantitative Assessment of Enterprise Security System , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[20]  John M. Boone,et al.  INTEGRITY-ORIENTED CONTROL OBJECTIVES: PROPOSED REVISIONS TO THE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA (TCSEC), DoD 5200.28-STD , 1991 .

[21]  Sanjay Ghemawat,et al.  MapReduce: Simplified Data Processing on Large Clusters , 2004, OSDI.

[22]  Yang Xiao,et al.  Accountable MapReduce in cloud computing , 2011, 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[23]  Vern Paxson,et al.  End-to-end Internet packet dynamics , 1997, SIGCOMM '97.

[24]  Jie Wu,et al.  A Quantitative Study of Accountability in Wireless Multi-hop Networks , 2010, 2010 39th International Conference on Parallel Processing.

[25]  Ting Yu,et al.  SecureMR: A Service Integrity Assurance Framework for MapReduce , 2009, 2009 Annual Computer Security Applications Conference.

[26]  Jeffrey S. Chase,et al.  The role of accountability in dependable distributed systems , 2005 .

[27]  Peng Liu,et al.  Secure and privacy-preserving information aggregation for smart grids , 2011, Int. J. Secur. Networks.

[28]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[29]  Yang Xiao Flow-net methodology for accountability in wireless networks , 2009, IEEE Network.

[30]  Yang Xiao,et al.  Building Accountable Smart Grids in Neighborhood Area Networks , 2011, 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011.

[31]  Yu Er-keng The vision of future smart grid , 2008 .

[32]  Shen Jie Survey on Smart Grid Technology , 2009 .

[33]  Yang Xiao,et al.  Throughput and delay limits of IEEE 802.11 , 2002, IEEE Communications Letters.

[34]  Yang Xiao,et al.  Non-repudiation in neighborhood area networks for smart grid , 2013, IEEE Communications Magazine.

[35]  H. Farhangi,et al.  The path of the smart grid , 2010, IEEE Power and Energy Magazine.

[36]  J.E.R. Alves,et al.  Identification of energy theft and tampered meters using a central observer meter: a mathematical approach , 2003, 2003 IEEE PES Transmission and Distribution Conference and Exposition (IEEE Cat. No.03CH37495).

[37]  Yang Xiao,et al.  Accountability in smart grids , 2011, 2011 IEEE Consumer Communications and Networking Conference (CCNC).

[38]  P. Reiher,et al.  Building accountability into the future Internet , 2008, 2008 4th Workshop on Secure Network Protocols.

[39]  Joan Feigenbaum,et al.  Towards a formal model of accountability , 2011, NSPW '11.

[40]  Yang Xiao,et al.  Exploring Malicious Meter Inspection in Neighborhood Area Smart Grids , 2013, IEEE Transactions on Smart Grid.

[41]  Yang Xiao,et al.  A survey of communication/networking in Smart Grids , 2012, Future Gener. Comput. Syst..

[42]  Stefan Savage,et al.  Proceedings of the ACM SIGCOMM 2008 conference on Data communication , 2008, SIGCOMM 2008.

[43]  D. Du,et al.  Combinatorial Group Testing and Its Applications , 1993 .

[44]  Yang Xiao,et al.  PeerReview re-evaluation for accountability in distributed systems or networks , 2012, Int. J. Secur. Networks.

[45]  Jimeng Sun,et al.  DisCo: Distributed Co-clustering with Map-Reduce: A Case Study towards Petabyte-Scale End-to-End Mining , 2008, 2008 Eighth IEEE International Conference on Data Mining.

[46]  Vitaly Shmatikov,et al.  Airavat: Security and Privacy for MapReduce , 2010, NSDI.

[47]  Svein J. Knapskog,et al.  A Game-Theoretic Approach to Stochastic Security and Dependability Evaluation , 2006, 2006 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing.

[48]  Andreas Haeberlen,et al.  PeerReview: practical accountability for distributed systems , 2007, SOSP.

[49]  Jeffrey S. Chase,et al.  Strong accountability for network storage , 2007, TOS.

[50]  Jeffrey S. Chase,et al.  Trust but verify: accountability for network services , 2004, EW 11.

[51]  Steven B. Lipner,et al.  Trusted Computer System Evaluation Criteria ( Orange Book ) December , 2001 .

[52]  Yang Xiao,et al.  Cyber Security and Privacy Issues in Smart Grids , 2012, IEEE Communications Surveys & Tutorials.

[53]  Jing Liu,et al.  Achieving Accountability in Smart Grid , 2014, IEEE Systems Journal.

[54]  B.F. Wollenberg,et al.  Toward a smart grid: power delivery for the 21st century , 2005, IEEE Power and Energy Magazine.

[55]  Deepa Kundur,et al.  Towards modelling the impact of cyber attacks on a smart grid , 2011, Int. J. Secur. Networks.

[56]  Geoffrey C. Fox,et al.  MapReduce for Data Intensive Scientific Analyses , 2008, 2008 IEEE Fourth International Conference on eScience.

[57]  Sudhir Aggarwal,et al.  Incorporating accountability into internet email , 2009, SAC '09.

[58]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[59]  Lingfeng Wang,et al.  Support vector machine based data classification for detection of electricity theft , 2011, 2011 IEEE/PES Power Systems Conference and Exposition.

[60]  R. Dorfman The Detection of Defective Members of Large Populations , 1943 .

[61]  Ralf Küsters,et al.  Accountability: definition and relationship to verifiability , 2010, CCS '10.

[62]  Giampaolo Bella,et al.  Inductive verification of cryptographic protocols , 2000 .

[63]  Kunle Olukotun,et al.  Map-Reduce for Machine Learning on Multicore , 2006, NIPS.

[64]  Yang Xiao,et al.  PeerReview Analysis and Re-evaluation for Accountability in Distributed Systems or Networks , 2010, ISA.

[65]  Andreas Haeberlen,et al.  A case for the accountable cloud , 2010, OPSR.

[66]  Bo Fu,et al.  SCADA communication and security issues , 2014, Secur. Commun. Networks.

[67]  Yang Xiao,et al.  Accountable Administration and Implementation in Operating Systems , 2011, 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011.

[68]  Patrick D. McDaniel,et al.  Security and Privacy Challenges in the Smart Grid , 2009, IEEE Security & Privacy.

[69]  Pramod Bhatotia,et al.  Brief announcement: modelling MapReduce for optimal execution in the cloud , 2010, PODC.

[70]  Toby Moncaster,et al.  Re-ECN: Adding Accountability for Causing Congestion to TCP/IP , 2010 .

[71]  Daisuke Takahashi,et al.  Accountability using flow-net: design, implementation, and performance evaluation , 2012, Secur. Commun. Networks.