Skip to main content
SpringerLink
Log in

The Frog-Boiling Attack: Limitations of Anomaly Detection for Secure Network Coordinate Systems

  • Conference paper
Security and Privacy in Communication Networks (SecureComm 2009)

Abstract

A network coordinate system assigns Euclidean “virtual” coordinates to every node in a network to allow easy estimation of network latency between pairs of nodes that have never contacted each other. These systems have been implemented in a variety of applications, most notably the popular Azureus/Vuze BitTorrent client. Zage and Nita-Rotaru (CCS 2007) and independently, Kaafar et al. (SIGCOMM 2007), demonstrated that several widely-cited network coordinate systems are prone to simple attacks, and proposed mechanisms to defeat these attacks using outlier detection to filter out adversarial inputs. We propose a new attack, Frog-Boiling, that defeats anomaly-detection based defenses in the context of network coordinate systems, and demonstrate empirically that Frog-Boiling is more disruptive than the previously known attacks. Our results suggest that a new approach is needed to solve this problem: outlier detection alone cannot be used to secure network coordinate systems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ng, T.S.E., Zhang, H.: Predicting Internet Network Distance with Coordinates-Based Approaches. In: Proceedings of IEEE, INFOCOM (2002)

    Google Scholar 

  2. Dabek, F., Li, J., Sit, E., Robertson, J., Kaashoek, M.F., Morris, R.: Designing a DHT for low latency and high throughput. In: Proceedings of the 1st USENIX Symposium on Networked Systems Design and Implementation, NSDI (2004)

    Google Scholar 

  3. Azureus, http://azureus.sourceforge.net

  4. Vuze Forums, http://forum.vuze.com/thread.jspa?threadID=80764

  5. Ng, T.S.E., Zhang, H.: A network positioning system for the internet. In: Proceedings of the USENIX annual technical conference (2004)

    Google Scholar 

  6. Francis, P., Jamin, S., Jin, C., Jin, Y., Raz, D., Shavitt, Y., Zhang, L.: IDMaps: A Global Internet Host Distance Estimation Service. IEEE/ACM Trans. Netw. 9(5), 525–540 (2001)

    Article  Google Scholar 

  7. Dabek, F., Cox, R., Kaashoek, F., Morris, R.: Vivaldi: A Decentralized Network Coordinate System. In: Proceedings of ACM SIGCOMM (2004)

    Google Scholar 

  8. Costa, M., Castro, M., Rowstron, A., Key, P.: PIC: Practical Internet Coordinates for Distance Estimation. In: Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS) (2004)

    Google Scholar 

  9. Zage, D.J., Nita-Rotaru, C.: On the accuracy of decentralized virtual coordinate systems in adversarial networks. In: Proceedings of the 14th ACM conference on Computer and communications security, CCS (2007)

    Google Scholar 

  10. Kaafar, M.A., Mathy, L., Barakat, C., Salamatian, K., Turletti, T., Dabbous, W.: Securing Internet Coordinate Embedding Systems. In: Proceedings of ACM SIGCOMM (2007)

    Google Scholar 

  11. Su, A.J., Choffnes, D.R., Kuzmanovic, A., Bustamante, F.E.: Drafting Behind Akamai (Travelocity-Based Detouring). In: Proceedings of ACM SIGCOMM (2006)

    Google Scholar 

  12. Denning, D.E.: An Intrusion-Detection Model. IEEE Transactions on Software Engineering SE-13(2) (1987)

    Google Scholar 

  13. Barreno, M., Nelson, B., Sears, R., Joseph, A.D., Tygar, J.D.: Can Machine Learning Be Secure? In: Proceedings of the ACM Symposium on InformAtion, Computer and Communications Security, ASIACCS (2006)

    Google Scholar 

  14. Pyxida, http://pyxida.sourceforge.net

  15. PlanetLab, http://planet-lab.org

  16. Selfish Neighbor Selection, http://csr.bu.edu/sns

  17. Ledlie, J., Pietzuch, P., Seltzer, M.: Network coordinates in the wild. In: Proceedings of the USENIX Symposium on Networked Systems Design and Implementation, NSDI (2007)

    Google Scholar 

  18. Ledlie, J., Pietzuch, P., Seltzer, M.: Stable and accurate network coordinates. In: Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS) (2006)

    Google Scholar 

  19. Kaafar, M.A., Mathy, L., Turletti, T., Dabbous, W.: Real attacks on virtual networks: Vivaldi out of tune. In: Proceedings of the SIGCOMM workshop on Large-scale Attack Defense (2006)

    Google Scholar 

  20. Kalman, R.E.: A new approach to linear filtering and prediction problems. Transactions of the ASME–Journal of Basic Engineering 82(Series D), 35–45 (1960)

    Article  Google Scholar 

  21. CommonSense, http://www.kimvdlinde.com/professional/programming/statistics/commonSense/body.html

  22. Lua, E.K., Griffin, T., Pias, M., Zheng, H., Crowcroft, J.: On the Accuracy of Embeddings for Internet Coordinate Systems. In: Proceedings of ACM SIGCOMM-Usenix Internet Measurement Conference, IMC (2005)

    Google Scholar 

  23. Sherr, M., Blaze, M., Loo, B.T.: Veracity: Practical Secure Network Coordinates via Vote-based Agreements. In: USENIX Annual Technical Conference (2009)

    Google Scholar 

  24. Zhao, X., Lua, E.K., Chen, Y., Song, X., Deng, B., Li, X.: Sniper: Social-link Defense for Network Coordinate Systems. IEEE Conference on Computer Communications (INFOCOM) (2009); poster

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Minnesota, USA

    Eric Chan-Tin, Daniel Feldman, Nicholas Hopper & Yongdae Kim

Authors
  1. Eric Chan-Tin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Daniel Feldman
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nicholas Hopper
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yongdae Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electrical Engineering and Computer Science, Robert R. McCormick School of Engineering and Application Science, Northwestern University, 2145 Sheridian Road, 60208-3118, Evanston, IL, USA

    Yan Chen

  2. Athens Information Technology, Markopoulo Ave., GR-19002, Peania, Greece

    Tassos D. Dimitriou

  3. Institute for Infocomm Research, 1 Fusionopolis Way, 21-01 Connexis, South Tower, 138632, Singapore

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2009 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Chan-Tin, E., Feldman, D., Hopper, N., Kim, Y. (2009). The Frog-Boiling Attack: Limitations of Anomaly Detection for Secure Network Coordinate Systems. In: Chen, Y., Dimitriou, T.D., Zhou, J. (eds) Security and Privacy in Communication Networks. SecureComm 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 19. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-05284-2_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-05284-2_26

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-05283-5

  • Online ISBN: 978-3-642-05284-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation