COLLOQUIUM Computer Science Department, Boston University and Reliable Information Systems and Cyber Security Center Boston University Speaker: Professor Cristina Nita-Rotaru Purdue University Date: Wednesday, February 22 Time: 3:00 Place: Room MCS 135, 111 Cummington Street (for directions, see www.cs.bu.edu/colloquium) Title: Towards Robust Overlay Networks: Enhancing Adaptivity Mechanisms with Byzantine Resilience Abstract: Adaptive measurement-based overlay networks offer increased performance and resilience to benign failures for end-to-end communication by using aggressive adaptivity mechanisms. These mechanisms dynamically optimize application-centric metrics such as latency, jitter, bandwidth, and loss rate. However, end-systems are more vulnerable than core routers, making overlay networks susceptible to malicious attacks coming from untrusted outsiders, and especially from trusted (but compromised) members of the overlay. Unlike outsider attacks, insider (or Byzantine) attacks can not be prevented by simply deploying cryptographic authentication mechanisms. In this talk, we present several insider attacks against adaptivity mechanisms in overlay networks and demonstrate them against the ESM/Narada multicast overlay system. The attacks target the overlay network construction, maintenance, and availability and allow malicious nodes to control significant traffic in the network,facilitating further attacks such as selective forwarding and traffic analysis. We propose techniques to enhance the adaptivity mechanisms with Byzantine-resilience and demonstrate their effectiveness through real-life deployments and emulations conducted on the PlanetLab and DETER testbeds, respectively. Biography: Cristina Nita-Rotaru is an Assistant Professor in the Department of Computer Science and a member of Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University. She leads the Dependable and Secure Distributed Systems Laboratory. Her research interests lie in designing distributed systems, network protocols and applications that are dependable and secure, while maintaining acceptable levels of performance. Her Ph.D. work, Secure Spread, focused on providing support for secure and robust services for group communication. Secure Spread is one of the 12 technologies featured on a DARPA DVD summarizing the accomplishment of 6 programs (Cyber Panel, Dynamic Coalitions, Chats, OASIS, Fault Tolerant Networks, and IA OPX) and it was selected to participate in JWID 2004, a large coalition experiment. Her current research focuses on designing intrusion-tolerant architectures for distributed services that scale to wide-area networks, investigating survivable services in multi-hop wireless networks and building robust and secure overlay networks. Her work is funded by the Center for Education and Research in Information Security and Assurance (CERIAS), by the Defense Advanced Research Projects Agency (DARPA), and by the National Science Foundation (NSF). Cristina Nita-Rotaru holds a Ph.D. in Computer Science from Johns Hopkins University and a M. Sc. from Politehnica University of Bucharest, Romania. More information available at http://homes.cerias.purdue.edu/~crisn/ Host: Azer Bestavros