Distributed Mechanism Design and Computer Security

Similar documents
Autonomous Nodes and Distributed Mechanisms

A BGP-Based Mechanism for Lowest-Cost Routing

Performance Evaluation of Multicast Cost Sharing Mechanisms

Understanding the Internet Graph. Christos H. Papadimitriou

Why VCG auctions can hardly be applied to the pricing of inter-domain and ad hoc networks

Vertical Handover Decision Strategies A double-sided auction approach

Introduction to Cryptoeconomics

Mechanism Design for Multicast Cost Sharing in Wireless Networks

CSR: Constrained Selfish Routing in Ad-hoc Networks

Cross-Monotonic Multicast

CSR: Constrained Selfish Routing in Ad-hoc Networks

Ensuring Trustworthiness and Security during Data Transmission in Multihop Wireless Networks

Fast Convergence of Regularized Learning in Games

Using VCG based Designing and Electing Secure Leader Model for Intrusion Detection System in Manet

Distributed Algorithmic Mechanism Design for Network Problems

A BGP-based mechanism for lowest-cost routing

Multiple Agents. Why can t we all just get along? (Rodney King) CS 3793/5233 Artificial Intelligence Multiple Agents 1

Incentives for Honest Path Announcement in BGP

Chapter 13. Digital Cash. Information Security/System Security p. 570/626

Design and Analysis of Protocols The Spyce Way

Introduction to Algorithms / Algorithms I Lecturer: Michael Dinitz Topic: Algorithms and Game Theory Date: 12/3/15

Introduction to Security and User Authentication

Trust-Based and Energy-Aware Incentive Routing Protocol for Multi-hop Wireless Networks

Preventing Unraveling in Social Networks: The Anchored k-core Problem

Game Theory. Presented by Hakim Weatherspoon

The Index Coding Problem: A Game-Theoretical Perspective

CS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University

Distributed Computing Building Blocks for Rational Agents

Distributed Algorithmic Mechanism Design: Recent Results and Future Directions

NEUROSEED WHITEPAPER. Version 1.1. May 1, 2018 Contents of the white paper are subject to changes and improvements

Yale University Department of Computer Science

Congestion Control in the Network

Robust Defenses for Cross-Site Request Forgery

Code Plagiarism CSE. CSE 501 Presentation Scott Settembre, TA September 14, 2010

Computer Security. 14. Blockchain & Bitcoin. Paul Krzyzanowski. Rutgers University. Spring 2019

1448 IEEE/ACM TRANSACTIONS ON NETWORKING, VOL. 19, NO. 5, OCTOBER 2011

Management Information Systems. B15. Managing Information Resources and IT Security

Practical Byzantine Fault Tolerance. Castro and Liskov SOSP 99

SpaceMint Overcoming Bitcoin s waste of energy

Specifying Kerberos 5 Cross-Realm Authentication

Practical Byzantine Fault Tolerance. Miguel Castro and Barbara Liskov

How Formal Analysis and Verification Add Security to Blockchain-based Systems

Design and Implementation of TARF: A Trust-Aware Routing Framework for WSNs

Security of Wireless Networks in Intelligent Vehicle Systems

AN IPSWITCH WHITEPAPER. 7 Steps to Compliance with GDPR. How the General Data Protection Regulation Applies to External File Transfers

CS 251: Bitcoin and Crypto Currencies Fall 2015

Bitcoin, Security for Cloud & Big Data

A Sybil-proof and Time-sensi4ve Incen4ve Tree Mechanism for Crowdsourcing

Wireless Network Security Spring 2013

Distributed Algorithmic Mechanism Design

Wireless Network Security Spring 2012

Notes for Lecture 24

0x1A Great Papers in Computer Security

Cooperation and Accounting Strategy for Multi-hop Cellular Networks

Toward Intrusion Tolerant Clouds

An Optimal Dynamic Pricing Framework for Autonomous Mobile Ad Hoc Networks

The Strategic Justification for BGP

Security and Privacy in Cloud Computing

Hoda Rohani Anastasios Poulidis Supervisor: Jeroen Scheerder. System and Network Engineering July 2014

Combinatorial Auctions: A Survey by de Vries and Vohra

Analysis and Enhancement of RPL under Packet Drop Attacks

Video Game Security. Carter Jones

Leader Election for ID with Prolonged Network Life Time Using ELAR1-VA in MANETs

The Strategic Justification for BGP

Impersonation-Based Mechanisms

Analysis of a Redactable Signature Scheme on Data with Dependencies

Software Quality and Infrastructure Protection for Diffuse Computing

Outline More Security Protocols CS 239 Computer Security February 4, 2004

Hidden-Action in Multi-Hop Routing

Introduction to Cryptography in Blockchain Technology. December 23, 2018

Security Issues In Mobile IP

IN mobile ad-hoc networks, nodes communicate with others

Secure Multiparty Computation

Digital Payments Security Discussion Secure Element (SE) vs Host Card Emulation (HCE) 15 October Frazier D. Evans

Project: A survey and Critique on Algorithmic Mechanism Design

Upgrading Your Home Network Security

Contending Against Energy Debilitating Attacks in Wireless Ad Hoc Sensor Networks

Algorithms, Games, and Networks March 28, Lecture 18

How to (not) Share a Password:

Disk Encryption Buyers Guide

Perfect matchings in O(nlogn) time in regular bipartite graph

5 Encouraging Cooperative Interaction among Network Entities

System Structure. Steven M. Bellovin December 14,

Truthful Least-Priced-Path Routing in Opportunistic Spectrum Access Networks

How to (not) Share a Password:

Micropayments, Now! Probabilistic Micropayments in Bitcoin

CS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University

Figure 4.1: The evolution of a rooted tree.

The changing face of web search. Prabhakar Raghavan Yahoo! Research

DETECTING, DETERMINING AND LOCALIZING MULTIPLE ATTACKS IN WIRELESS SENSOR NETWORK - MALICIOUS NODE DETECTION AND FAULT NODE RECOVERY SYSTEM

Introduction to algorithmic mechanism design

Introduction to VANET

Using Game Theory To Solve Network Security. A brief survey by Willie Cohen

HIPAA Assessment. Prepared For: ABC Medical Center Prepared By: Compliance Department

Securing Multiple Mobile Platforms

Failure Localization in the Internet

Cyberspace : Privacy and Security Issues

shortcut Tap into learning NOW! Visit for a complete list of Short Cuts. Your Short Cut to Knowledge

On the impact of propogation delay on mining rewards in Bitcoin. Xuan Wen 1. Abstract

Broadcast in Ad hoc Wireless Networks with Selfish Nodes: A Bayesian Incentive Compatibility Approach

Transcription:

Distributed Mechanism Design and Computer Security John Mitchell Vanessa Teague Stanford University Acknowledgements: J. Feigenbaum, R. Sami, A. Scedrov

General problem Want to design distributed systems that behave well in presence of Honest agents who host parts of system Rational profit-maximizing agents who control some parts of the infrastructure Irrational malicious agents (maybe not too many of these)

Two models Tamper-proof nodes (FPS) Obedient processor Strategic nodes Clients are strategic Distributed mechanism causes rational agents to bid actual utility [FPS] Client identified with node Agents can Enter own value Run algorithm or lie Pay correctly or not

Specific research question Given Distributed mechanism that elicits certain behavior when properly executed with tamper-proof nodes Design Distributed mechanism that Elicits same behavior Includes incentives to execute correctly Is robust against some forms of attack

This talk: Multicast cost sharing link Node link Node link Distribute some good Node Node Each node has some utility for the good Each link has some cost Who gets the transmission? How much do they pay?

Outline Previous work on multicast cost sharing (Feigenbaum, Papadimitriou & Shenker) Truthful mechanism Distributed algorithm computes mechanism New work: strategic nodes model Why we can t just use the FPS algorithm Techniques to encourage compliance Nodes save signed confirmation of msgs Randomized auditing incents compliance Alternative: neighbors rewarded for turning in cheaters Punish, route around nodes that cause trouble Security of new scheme

Two models Tamper-proof nodes (FPS) Obedient processor Strategic nodes Clients are strategic Distributed mechanism causes rational agents to bid actual utility [FPS] Client identified with node Agents can Enter own value Run algorithm or lie Pay correctly or not

FPS: Maximum welfare utility 3 cost 2 Welfare 3-2 +0+4 = 5 Welfare 2-4 = -2 utility 2 cost 4 utility 1 utility 7 cost 3 Welfare 1-3 +6 = 4 cost 1 Welfare 7-1 = 6

FPS Pricing Mechanism If agent does not receive the good Agent pays nothing If agent receives the good Agent pays: the minimum bid needed to get the transmission, given the other players bids Agent maximizes welfare by telling the truth This is a VCG mechanism

Distributed implementation cost 2 Welfare 3-2 + 4 = 5 W min = 5 utility 3 W min = 5 utility 2 Welfare 2-4 = -2 cost 4 No transmission 1) Send welfare up tree 2) Send min welfare W min down tree 3) Compute payment = utility -W min cost 3 Welfare 1-3 + 6 = 4 utility 1 Welfare 7-1 = 6 utility 7 cost 1 W min = 4

Two models Tamper-proof nodes (FPS) Obedient processor Strategic nodes Clients are strategic Distributed mechanism causes rational agents to bid actual utility [FPS] Client identified with node Agents can Enter own value Run algorithm or lie Pay correctly or not

Node can cheat its children The truth source The cheat source utility 2 Welfare 7-5 = 2 cost 5 cost 3 Welfare 2-3+2 = 1 W min = 1 W min = 1 utility 2 Welfare 2 cost 5 cost 3 Welfare 2-3+2 = 1 W min = 1 W min = 0 utility 7 Parent pays 1 Child pays 6 utility 7 Parent pays 0 Child pays 7 Child can t see that parent doesn t pay

More ways to cheat Second example Node can cheat but all messages look consistent Conclusion Need to use payment and messages to detect cheating

Authenticated protocol Assume public-key infrastructure Nodes collect signed messages so they can prove they paid correctly Sign data from FPS algorithm Add a const. number of other signed messages Content provider checks proofs Make punishment high enough that benefit of cheating is negative

Preventing mischief Node J passes on parent s data p D = Sign(j, W j ) Sign(p, W min ), Sign(p, W j ) utility Wd1 d1 Sign (d1, W d1 ) D, Sign(j, W min ) j D, Sign(d2, W d2 ) Sign(j, W min ) d2 utility Wd2 Children verify j s calculation of W min Content provider may verify payment

Incentives Nodes are audited (select randomly) If node has proof of having paid correctly, OK If node cannot show proof, punish Fine node, or route around (exclude from transmissions) Stop the transmission When j is checked, so is one of its children, d i, to show that W min is correct and W d i matches. If correct, j gets reward 1. If not, d i gets large fine. Inconsistent messages A node reporting inconsistent messages signed by another is rewarded. The other is punished.

Fines, welfares, best strategy If no-one cheats, welfares are the same as FPS Except if j s child is checked, j gets 1 extra If someone cheats Cheater s expected welfare is less than zero Theorem If ancestors and children are welfaremaximizing, then node maximizes own welfare only by sending consistent values

Security against irrational agents Introduce some malicious nodes How much can they reduce group welfare? Exclude the compromised node s utility How much does it cost to be malicious? If you have to be vulnerable, at least make the adversary pay a lot

Security of anti-mischief protocol Assume malicious node has honest neighbours Security almost as good as in tamperproof nodes model To avoid detection, must send messages consistent with some utility Caveats: utility chosen may be negative Denial-of-service attacks easy Don t send any messages, so protocol doesn t terminate Detected cheating stops the protocol

Conclusion Start with a distributed algorithm computes mechanism with tamper-proof nodes Techniques to encourage compliance Nodes save signed confirmation of msgs Randomized auditing incents compliance Security against irrational agent Close to model with tamper-proof algorithm

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback