No icon

Magic Train: Design of Measurement Methods Against Bandwidth Inflation Attacks

Magic Train: Design of Measurement Methods Against Bandwidth Inflation Attacks

Abstract:

Bandwidth measurement is important for many network applications and services, such as peer-to-peer networks, video caching and anonymity services. To win a bandwidth-based competition for some malicious purpose, adversarial Internet hosts may falsely announce a larger network bandwidth. Some preliminary solutions have been proposed to this problem. They can either evade the bandwidth inflation by a consensus view (i.e., opportunistic bandwidth measurements) or detect bandwidth frauds via forgeable tricks (i.e., detection through bandwidth’s CDF symmetry). However, smart adversaries can easily remove the forgeable tricks and report an equally larger bandwidth to avoid the consensus analyses. To defend against the smart bandwidth inflation frauds, we design magic train, a new measurement method which combines an unpredictable packet train with estimated round-trip time (RTT) for detection. The inflation behaviors can be detected through highly contradictory bandwidth results calculated using different magic trains or a train’s different segments, or large deviation between the estimated RTT and the RTT reported by the train’s first packet. Being an uncooperative measurement method, magic train can be easily deployed on the Internet. We have implemented the magic train using RAW socket and LibPcap, and evaluated the implementation in a controlled testbed and the Internet. The results have successfully confirmed magic train’s effectiveness in detecting and preventing smart bandwidth inflation attacks.

Existing System:

Networking systems highly depend on bandwidth measurement for their services optimization and load balancing false bandwidth reports could render these systems unreliable and vulnerable. A typical attack falling into this attacking category is bandwidth inflation attack, by which adversarial hosts can falsely report a larger bandwidth to others. With such attack, adversarial peers in peer-to-peer file sharing networks can induce more traffic from other peers by reporting to others an inflated bandwidth. Moreover, the bandwidth inflation attack is very insidious. In many cases, it does not do direct harm to its victims. Instead, it is often used to increase the efficiency of other attacks. For example, adversarial proxies in video caching systems can pretend to have a larger bandwidth to receive more videos for caching and later embed advertisements into these videos for profits or redirect more victim users to malicious videos. In onion routing systems, adversarial routers usually exploit bandwidth inflation to enlarge the victim population under their correlation-like attacks. Recent research has demonstrated a successful bandwidth inflation from 4 Mbps to 50 Mbps in the Tor network, therefore exposing the hidden services through correlation-like attacks more efficiently and with lower cost

Proposed System:

We propose a novel measurement method to detect smart bandwidth inflation frauds. Rather than launching the detection through consensus analyses or forgeable tricks, our method employs an unpredictable, yet long enough, packet train (we call it magic train) instead. Since the train is designed with unpredictable elements, adversarial hosts cannot have a priori knowledge about the measurement packets, hence being unable to regularly delay or correctly rush trains’ packets on the fly. Irregular delays can make the bandwidth results computed based on different trains or a train’s different successive packets highly contradictive, and rushing an incorrect packet can immediately reveal a dishonest behavior.

We have designed a novel magic train to secure bandwidth measurements against bandwidth inflation attacks, by which the bandwidth can be inflated to an arbitrary value and forgeable tricks can be mimicked. We have also designed a magic delay algorithm to secure capacity measurement.

We have conducted a comprehensive study to understand advanced bandwidth inflation attacking variants and proposed solutions to detect or prevent them. Our solutions exploit magic trains’ unpredictable characteristics to thwart even smart bandwidth inflation frauds.

Comment As:

Comment (0)