Many multicast overlay networks maintain application-specific performance goals by dynamically adapting the overlay structure when the monitored performance becomes inadequate. This adaptation results in an unstructured overlay where no neighbor selection constraints are imposed. Although such networks provide resilience to benign failures, they are susceptible to attacks conducted by adversaries that compromise overlay nodes. Previous defense solutions proposed to address attacks against overlay networks rely on strong organizational constraints and are not effective for unstructured overlays. In this work, we identify, demonstrate and mitigate insider attacks against measurement-based adaptation mechanisms in unstructured multicast overlay networks. We propose techniques to decrease the number of incorrect adaptations by using outlier detection and limit the impact of malicious nodes by aggregating local information to derive global reputation for each node. We demonstrate the attacks and mitigation techniques through real-life deployments of a mature overlay multicast system.

Reputation systems provide mechanisms through which multiple parties can quantify the trust between one another. These systems seek to generate an accurate assessment in the face of unprecedented community size, while providing anonymity and resilience to malicious attacks.

We focus on attacks and defense mechanisms in reputation systems. We present an analysis framework that allows for general decomposition of existing reputation systems. We classify attacks against reputation systems by identifying which system components and design choices are the target of attacks. We survey defense mechanisms employed by existing reputation systems. Finally, we analyze several landmark systems, characterizing their individual strengths and weaknesses. Our work contributes to understanding 1) which design components of reputation systems are most vulnerable, 2) what are the most appropriate defense mechanisms and 3) how these defense mechanisms can be integrated into existing or future reputation systems to make them resilient to attacks.

Many multicast overlay networks maintain application-specific performance goals such as bandwidth, latency, jitter and loss rate by dynamically changing the overlay structure using measurement-based adaptation mechanisms. This results in an unstructured overlay where no neighbor selection constraints are imposed. Although such networks provide resilience to benign failures, they are susceptible to attacks conducted by adversaries that compromise overlay nodes. Previous defense solutions proposed to address attacks against overlay networks rely on strong organizational constraints and are not effective for unstructured overlays. In this work, we identify, demonstrate and mitigate insider attacks against measurement-based adaptation mechanisms in unstructured multicast overlay networks. The attacks target the overlay network construction, maintenance, and availability and allow malicious nodes to control significant traffic in the network, facilitating selective forwarding, traffic analysis, and overlay partitioning. We propose techniques to decrease the number of incorrect or unnecessary adaptations by using outlier detection. We demonstrate the attacks and mitigation techniques in the context of a mature, operationally deployed overlay multicast system, ESM, through real-life deployments and emulations conducted on the PlanetLab and DETER testbeds, respectively.

We explore the problem of portable and flexible privacy preserving access rights that permit access to a large collection of digital goods.  Privacy-preserving access control means that the service provider can neither learn what access rights a customer has nor link a request to access an item to a particular customer, thus maintaining privacy of both customer activity and customer access rights. Flexible access rights allow a customer to choose a subset of items or groups of items from the repository, obtain access to and be charged only for the items selected. And portability of access rights means that the rights themselves can be stored on small devices of limited storage space and computational capabilities such as smartcards or sensors, and therefore the rights must be enforced using the limited re-  sources available.  In this paper, we present and compare two schemes that address the problem of such access rights. We show that much can be achieved if one allows for even a negligible amount of false positives

This paper studies a discrepancy-sensitive approach to dynamic fractional cascading. We provide an efficient data structure for dominated maxima searching in a dynamic set of points in the plane,  which in turn leads to an efficient dynamic data structure that can answer queries for nearest neighbors using any Minkowski metric.

In this work, we collect and analyze all of the IP and TCP headers of packets seen on a network that either violate existing standards or should not appear in modern internets. Our goal is to determine the reason that these packets appear on the network and evaluate what proportion of such packets could cause actual damage. Thus, we examine and divide the unusual packets obtained during our experiments into several categories based on their type and possible cause and show the results.

With the growing threat of abuse of network resources, it becomes increasingly important to be able to detect malformed packets on a network and estimate the damage they can cause. Carefully constructed, certain types of packets can cause a victim host to crash while other packets may be sent only to gather necessary information about hosts and networks can be viewed as a prelude to attack. In this paper, we collect and analyze all of the IP and TCP packets seen on a network that either violate existing standards or should not appear in modern internets. Our goal is to determine what these suspicious packets mean and evaluate what proportion of such packets can cause actual damage. Thus, we divide unusual packets obtained during our experiments into several categories depending on the severity of their consequences, including indirect consequences as a result of information gathering, and show the result. The traces analyzed were gathered at Ohio University’s main Internet link, providing a massive amount of statistical data.

With the tremendous growth of Internet resources, we observe a rapid increase in the number of network applications and protocol implementations, which are not always thoroughly evaluated and tasted. A growing number of network attacks attempt to disrupt legitimate communication or deny access to network resources to legitimate users. both poor implementations and intentional abuse of network resources “pollute” a network with malformed packets and can become a threat to sound communication. In this work, we collect and analyze all of the IP and TCP headers of packets seen on a network that either violate existing standards or should not appear in modern internets. Our goal is to determine the reason that these packets appear on the network and evaluate what proportion of such packets could cause actual damage. thus, we examine and devide the unusual packets obtained during our experiments into several categories based on their possible cause, which ranges form errors in network implementation to carefully constructed attack packets, and show the results. The traces analyzed were gathered at two different data sources at Ohio University—the university’s main Internet link connecting it to its ISP and a local network with student dormitory traffic—and provide a massive amount of statistical data.

The main result of this paper is a protocol for negotiation trust between (two users) without revealing either credentials or policies, which each credential has its own access policy associated with it. Our protocol carries out this privacy-preserving trust negotiation between (two users), while enforcing each credential’s policy.

This paper introduced a framework for ATN in which the diverse credential schemes and protocols can be combined, integrated, and used as needed. A policy language is introduced that enables negotiators to specify authorization requirements that must be met by an opponent to receive various amounts of information about certified attributes and the credentials that contain it. The language also supports the use of uncertified attributes, allowing them to be required as part of policy satisfaction, and to place their (automatic) disclosure under policy control.

Indirect communication channels have been effectively employed in the communications world to bypass mechanisms that do not permit direct communication between unauthorized parties. Such covert channels emerge as a threat to information-sensitive systems in which leakage to unauthorized parties may be unacceptable (e.g., military systems). In this dissertation, we show that traffic analysis can counter traditional event-based covert channels, which do not employ any additional scheme to obfuscate the channel further. For these channels, we introduce effective noiseless and noisy covert channel detection mechanisms that capture the anomalous traffic patterns. However, because a motivated user can potentially hide the channel further, we introduce a new family of covert channels that do not produce such anomaly. These IP time-replay covert channels transmit covert messages by adjusting packet timings consistent with inter-arrival time sequences that are extracts from recently recorded normal sequences. Under certain assumptions and lowered data rates, these channels generate output sequences that are equal in distribution to normal sequences allowing them to by-pass traffic anomaly detection schemes that are based on distribution analysis. Additionally, we illustrate that these channels can potentially survive channel elimination schemes such as jammers and network data pumps with lowered data rates. Thus, we discuss two types of transformations on packet inter-arrival times to increase the efficacy of existing elimination schemes.

Digital watermarking is the practice of hiding a message in an image, audio, video or other digital media elements. Since the late 1990

Digital watermarking is the practice of inserting a signal, known as the watermark, into an original signal in an imperceptible manner. The watermark encodes or represents information that can protect the watermarked signal, typically identifying the owner (source) or the intended recipient (destination) of the signal. The embedded watermark may be detected by using a watermark detector, which enables an application to react to the presence (or absence) of the watermark in a signal. However, the watermarked signal may be processed, or attacked, prior to watermark detection. Attacks may remove the embedded watermark or make the watermark more difficult to detect. One type of attack that has received considerable attention is synchronization attacks. A synchronization attack confuses the watermark detector by re-positioning the embedded watermark. Most watermark detectors will fail to detect the watermark embedded in the attacked signal unless the position of the watermark can be identified. This is a significant vulnerability in robust watermark detection. The process of identifying the position of the watermark is known as watermark detector synchronization. A new framework is developed for temporal synchronization in blind symmetric video watermarking. Embedding and detection models are proposed that encompass the behavior of many video watermarking techniques. These models demonstrate that synchronization is challenging when the watermark lacks redundancy, but also that efficient synchronization can be achieved by designing the watermark with temporal redundancy. The temporal synchronization models are adapted to xiv spatial synchronization in still image watermarks. For spatial synchronization, redundancy is obtained by constructing a watermark which induces a pattern in the auto-correlation. Experimental results support the theoretical foundations for both temporal and spatial synchronization. In addition, earlier exploration in watermarking led to the development of a semifragile watermarking technique for image authentication. The semi-fragile technique is capable of detecting significant alterations to the watermarked image, but is tolerant to lossy JPEG compression and other, more subtle alterations. This earlier work is not related to watermark synchronization.

Introduction to number theory. Discussion of cryptographic algorithms Attacks on cryptographic algorithms

Sums of squares of integers, combinatorial number theory, modular forms, Bernoulli numbers, Szemeredi’s theorem