Securing Network Coding Architectures against Pollution Attacks with Band Codes

During a pollution attack, malicious nodes purposely transmit bogus data to the honest nodes to cripple the communication. Securing the communication requires identifying and isolating the malicious nodes. However, in network coding (NC) architectures, random recombinations at the nodes increase the probability that honest nodes relay polluted packets. Thus, discriminating between honest and malicious nodes to isolate the latter turns out to be challenging at best. Band codes (BCs) are a family of rateless codes whose coding window size can be adjusted to reduce the probability that honest nodes relay polluted packets. We leverage such a property to design a distributed scheme for identifying the malicious nodes in the network. Each node counts the number of times that each neighbor has been involved in cases of polluted data reception and exchanges such counts with its neighbor nodes. Then, each node computes for each neighbor a discriminative honest score estimating the probability that the neighbor relays clean packets. We model such probability as a function of the BC coding window size, showing its impact on the accuracy and effectiveness of our distributed blacklisting scheme. We experiment distributing a live video feed in a P2P NC system, verifying the accuracy of our model and showing that our scheme allows us to secure the network against pollution attacks recovering near pre-attack video quality.