During a pollution attack, malicious nodes purposely transmit bogus data to the honest nodes to cripple the communication. Securing the communication requires identifying and isolating the malicious nodes. However, in network coding (NC) architectures, random recombinations at the nodes increase the probability that honest nodes relay polluted packets. Thus, discriminating between honest and malicious nodes to isolate the latter turns out to be challenging at best. Band codes (BCs) are a family of rateless codes whose coding window size can be adjusted to reduce the probability that honest nodes relay polluted packets. We leverage such a property to design a distributed scheme for identifying the malicious nodes in the network. Each node counts the number of times that each neighbor has been involved in cases of polluted data reception and exchanges such counts with its neighbor nodes. Then, each node computes for each neighbor a discriminative honest score estimating the probability that the neighbor relays clean packets. We model such probability as a function of the BC coding window size, showing its impact on the accuracy and effectiveness of our distributed blacklisting scheme. We experiment distributing a live video feed in a P2P NC system, verifying the accuracy of our model and showing that our scheme allows us to secure the network against pollution attacks recovering near pre-attack video quality.

Securing Network Coding Architectures against Pollution Attacks with Band Codes / Fiandrotti, Attilio; Gaeta, Rossano; Grangetto, Marco. - In: IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY. - ISSN 1556-6013. - STAMPA. - 14:3(2019), pp. 730-742. [10.1109/TIFS.2018.2859583]

Securing Network Coding Architectures against Pollution Attacks with Band Codes

Fiandrotti, Attilio;GAETA, ROSSANO;Grangetto, Marco
2019

Abstract

During a pollution attack, malicious nodes purposely transmit bogus data to the honest nodes to cripple the communication. Securing the communication requires identifying and isolating the malicious nodes. However, in network coding (NC) architectures, random recombinations at the nodes increase the probability that honest nodes relay polluted packets. Thus, discriminating between honest and malicious nodes to isolate the latter turns out to be challenging at best. Band codes (BCs) are a family of rateless codes whose coding window size can be adjusted to reduce the probability that honest nodes relay polluted packets. We leverage such a property to design a distributed scheme for identifying the malicious nodes in the network. Each node counts the number of times that each neighbor has been involved in cases of polluted data reception and exchanges such counts with its neighbor nodes. Then, each node computes for each neighbor a discriminative honest score estimating the probability that the neighbor relays clean packets. We model such probability as a function of the BC coding window size, showing its impact on the accuracy and effectiveness of our distributed blacklisting scheme. We experiment distributing a live video feed in a P2P NC system, verifying the accuracy of our model and showing that our scheme allows us to secure the network against pollution attacks recovering near pre-attack video quality.
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/2713326
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo