Achieving resilient networks with diversity and network coding
This dissertation provides strong resilience techniques applying to general networks. Examples of important networks are private wired networks connecting large datacenters, overlay topology networks delivering live television broadcasts, and wireless mesh networks rapidly set up after a disaster to replace existing damaged infrastructure. Given the trends of increased reliance on networks and capabilities of attackers, network security is vital to national security. Network attacks can be characterized along the two dimensions of access and motivation. Attacker access can be either as an insider or outsider. An insider has more capabilities of having full control of some routing nodes. Attacker motivation can be targeting confidentiality, data integrity, or availability where availability is the only one that cannot typically be dealt by the known cryptographic techniques of encryption, digital signatures, or message authentication codes. In this dissertation, we focus on insider attackers that attack the availability of the network. ^ Our first step towards resilience is to ensure that an attacker cannot compromise nodes that partition the network since such an attack trivially succeeds in preventing availability. Such large compromises are likely in today's typical network deployment where all routers have identical components and a single successful exploit can be repeatedly used against all routers in the network. In our work, we demonstrate how diversity alleviates such problems when assigning diversity optimally to routers in the network. Routers that are diverse enough to not permit common exploits must have different components such as hardware, operating systems, routing code, and even administrators. These types of diversity are limited, so our assignment of diversity to routers typically has very few variants which must be assigned to a large number of routing nodes. We provide a comprehensive study of diversity assignment in networks by proposing problems for various network goals, techniques to solve these problems optimally or at scale, and demonstrated benefits of applying such analysis to real topologies. ^ Diversity ensures that a network remains well-connected by honest nodes even after sophisticated compromise attempts. However, an attacker can still succeed in attacking availability by attacking the routing protocol. We provide techniques resistant to insider attacks when using network coding. Network coding offers higher performance in a network by performing encoding techniques on packets. Insiders can attack the encoding technique in two ways by either forcing incorrect decoding or delaying decoding. For pollution attacks, forcing incorrect decoding, our work proposes a new defense against pollution attacks overcoming limitations of prior work which includes expensive security computation at routers, communication overhead that scales with the number of insiders, and delayed verification. For entropy attacks, delaying decoding, to the best of our knowledge our work is the first to demonstrate the effectiveness of such attacks along with considering defenses for sophisticated entropy attackers which collude.^
Cristina Nita-Rotaru, Purdue University.