Research Article
The Frog-Boiling Attack: Limitations of Anomaly Detection for Secure Network Coordinate Systems
@INPROCEEDINGS{10.1007/978-3-642-05284-2_26, author={Eric Chan-Tin and Daniel Feldman and Nicholas Hopper and Yongdae Kim}, title={The Frog-Boiling Attack: Limitations of Anomaly Detection for Secure Network Coordinate Systems}, proceedings={Security and Privacy in Communication Networks. 5th International ICST Conference, SecureComm 2009, Athens, Greece, September 14-18, 2009, Revised Selected Papers}, proceedings_a={SECURECOMM}, year={2012}, month={5}, keywords={Vivaldi Anomaly Detection Network Coordinate Systems}, doi={10.1007/978-3-642-05284-2_26} }- Eric Chan-Tin
Daniel Feldman
Nicholas Hopper
Yongdae Kim
Year: 2012
The Frog-Boiling Attack: Limitations of Anomaly Detection for Secure Network Coordinate Systems
SECURECOMM
Springer
DOI: 10.1007/978-3-642-05284-2_26
Abstract
A network coordinate system assigns Euclidean “virtual” coordinates to every node in a network to allow easy estimation of network latency between pairs of nodes that have never contacted each other. These systems have been implemented in a variety of applications, most notably the popular Azureus/Vuze BitTorrent client. Zage and Nita-Rotaru (CCS 2007) and independently, Kaafar (SIGCOMM 2007), demonstrated that several widely-cited network coordinate systems are prone to simple attacks, and proposed mechanisms to defeat these attacks using outlier detection to filter out adversarial inputs. We propose a new attack, Frog-Boiling, that defeats anomaly-detection based defenses in the context of network coordinate systems, and demonstrate empirically that Frog-Boiling is more disruptive than the previously known attacks. Our results suggest that a new approach is needed to solve this problem: outlier detection alone cannot be used to secure network coordinate systems.
