Session management for accountability in distributed multimedia services

Internet-based multimedia applications (e.g., voice-over-IP, instant messaging, and video conferencing) are continuing to grow in importance as more people depend on such applications for personal and professional communications. Although performance is almost always a concern with multimedia systems that must satisfy quality-of-service (QoS) constraints, security is also a major requirement given the increasing criticality of such applications. For example, businesses might depend on Internet telephony to reach customers while governments might depend on video streaming to disseminate information. For distributed multimedia services, in addition to the traditional security properties (confidentiality, integrity, and availability), accountability is also important to complement perimeter defenses. Accounting for user actions within the system enables the development of higher-level security services.

[1]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[2]  Seng Wai Loke,et al.  Reputation = f(user ranking, compliance, verity) , 2004 .

[3]  Asser N. Tantawi,et al.  Load Balancing for SIP Server Clusters , 2009, IEEE INFOCOM 2009.

[4]  Ling Liu,et al.  PeerTrust: supporting reputation-based trust for peer-to-peer electronic communities , 2004, IEEE Transactions on Knowledge and Data Engineering.

[5]  Calton Pu,et al.  Resilient trust management for Web service integration , 2005, IEEE International Conference on Web Services (ICWS'05).

[6]  Steven M. Bellovin,et al.  Implementing Pushback: Router-Based Defense Against DDoS Attacks , 2002, NDSS.

[7]  Andreas Haeberlen,et al.  PeerReview: practical accountability for distributed systems , 2007, SOSP.

[8]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.

[9]  Indranil Gupta,et al.  Kelips: Building an Efficient and Stable P2P DHT through Increased Memory and Background Overhead , 2003, IPTPS.

[10]  Sushil Jajodia,et al.  Fast Detection of Denial-of-Service Attacks on IP Telephony , 2006, 200614th IEEE International Workshop on Quality of Service.

[11]  Ben Y. Zhao,et al.  Tapestry: a resilient global-scale overlay for service deployment , 2004, IEEE Journal on Selected Areas in Communications.

[12]  Amin Vahdat,et al.  SHARP: an architecture for secure resource peering , 2003, SOSP '03.

[13]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[14]  Raj Jain,et al.  Analysis of the Increase and Decrease Algorithms for Congestion Avoidance in Computer Networks , 1989, Comput. Networks.

[15]  J D Littler,et al.  A PROOF OF THE QUEUING FORMULA , 1961 .

[16]  Brent N. Chun,et al.  Slice Creation and Management , 2003 .

[17]  Mudhakar Srivatsa,et al.  Mitigating application-level denial of service attacks on Web servers: A client-transparent approach , 2008, TWEB.

[18]  Eugene Ciurana,et al.  Google App Engine , 2009 .

[19]  Sriram Ramabhadran,et al.  Cloud control with distributed rate limiting , 2007, SIGCOMM 2007.

[20]  Mark Handley,et al.  SIP: Session Initiation Protocol , 1999, RFC.

[21]  Karl Aberer,et al.  Managing trust in a peer-2-peer information system , 2001, CIKM '01.

[22]  Mark Handley,et al.  SDP: Session Description Protocol , 1998, RFC.

[23]  Jeffrey S. Chase,et al.  The role of accountability in dependable distributed systems , 2005 .

[24]  Stefan Savage,et al.  Inferring Internet denial-of-service activity , 2001, TOCS.

[25]  Ninghui Li,et al.  Automated trust negotiation using cryptographic credentials , 2005, CCS '05.

[26]  Gonzalo Camarillo,et al.  The 3G IP Multimedia Subsystem : Merging the Internet and the Cellular Worlds , 2004 .

[27]  B. Cohen,et al.  Incentives Build Robustness in Bit-Torrent , 2003 .

[28]  Klara Nahrstedt,et al.  A trust management framework for service-oriented environments , 2009, WWW '09.

[29]  Michael Dahlin,et al.  BAR gossip , 2006, OSDI '06.

[30]  Ralf Steinmetz,et al.  Token-Based Accounting for P2P-Systems , 2005, KiVS.

[31]  Marianne Winslett,et al.  Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation , 2003, TSEC.

[32]  Quan Z. Sheng,et al.  Quality driven web services composition , 2003, WWW '03.

[33]  Scott Shenker,et al.  Epidemic algorithms for replicated database maintenance , 1988, OPSR.

[34]  LeskMichael The New Front Line , 2007, S&P 2007.

[35]  Srikanth Kandula,et al.  Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds , 2005, NSDI.

[36]  Abbas Jamalipour,et al.  A 3GPP-IMS Based Approach for Converging Next Generation Mobile Data Networks , 2007, 2007 IEEE International Conference on Communications.

[37]  Volker Hilt,et al.  Controlling overload in networks of SIP servers , 2008, 2008 IEEE International Conference on Network Protocols.

[38]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[39]  Indranil Gupta,et al.  Preventing DoS attacks in peer-to-peer media streaming systems , 2006, Electronic Imaging.

[40]  Henning Schulzrinne,et al.  A Comparison of SIP and H.323 for Internet Telephony , 1998 .

[41]  Balachander Krishnamurthy,et al.  Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites , 2002, WWW.

[42]  David R. Karger,et al.  Consistent hashing and random trees: distributed caching protocols for relieving hot spots on the World Wide Web , 1997, STOC '97.

[43]  Peter Martini,et al.  Detecting VoIP based DoS attacks at the public safety answering point , 2008, ASIACCS '08.

[44]  David R. Karger,et al.  Chord: a scalable peer-to-peer lookup protocol for internet applications , 2003, TNET.

[45]  Ernesto Damiani,et al.  A reputation-based approach for choosing reliable resources in peer-to-peer networks , 2002, CCS '02.

[46]  Van Jacobson,et al.  Random early detection gateways for congestion avoidance , 1993, TNET.

[47]  Larry L. Peterson,et al.  Reliability and Security in the CoDeeN Content Distribution Network , 2004, USENIX Annual Technical Conference, General Track.

[48]  Dipak Ghosal,et al.  Secure IP Telephony using Multi-layered Protection , 2003, NDSS.

[49]  Atul Singh,et al.  Scrivener: Providing Incentives in Cooperative Content Distribution Systems , 2005, Middleware.

[50]  Heejo Lee,et al.  On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets , 2001, SIGCOMM 2001.

[51]  Mostafa H. Ammar,et al.  A reputation system for peer-to-peer networks , 2003, NOSSDAV '03.