| An overlay network is a network that is built over another network, which is commonly established by the end hosts or users' making connections autonomally. Typical overlay networks include Peer-to-Peer networks, social networks, etc. As the overlay networks have the characteristics such as flexible architectures and on-demand routing mechanisms, they can conventionally build variety of applications, such as Peer-to-Peer file sharing, media streaming and online social websites.Although the academic and industrial circles have studied overlay networks extensively, much of the existing work focuses on the application realization, performance improvement, network evolution, etc., while the security issues of overlay networks are not widely concerned. Actually, similar to traditional networks, there are malicious nodes and behaviors in the overlay networks, including virus, worms, Denial of Service attacks, fake identities, etc. From the perspective of the fact that the overlay networks allow end hosts to participate in topology construction and message routing, these security issues are much easier to perform and can lead to worse situations in overlay networks. Even if the overlay network technology can realize relatively satisfying system scalability, dynamic adaptation and service reliability, there will be no self-contained network architecture and it cannot attract users to high security demand applications, if the security issues are not really solved. Therefore, the security related problems are investigated, and taking the most general and important issues - the virus/worm epidemics - as the research objects, defensive strategies are proposed and studied in overlay networks.Since an overlay networks is in the upper layer which covers an existing network, its architecture consists of two aspects: the original one in the existing network and the emerging one in the overlay network. From the overlay network's perspective, the components include the users, the carriers which the users rely on (e.g., computers and devices), and connections among them. Then to defend these components against the epidemics, corresponding strategies should cover of user behavior related epidemic defense, carrier activity based epidemic defense and overlay network routing mechanism based epidemic defense. While from the existing network's perspective, the epidemics should be still handled both in advance and afterwards, especially on containing the epidemic affect range and propogation rate.Based on above understandings, a thorough and effective defense framework of overlay network epidemics is summarized as below:First, to provide a secure relay mechanism for the application level routing. Epidemics can take advantage of application level information to increase the attack hit rate, so providing effective defense on the relay mechanism which is commonly used by overlay networks can reduce the propagation rate in the beginning of an epidemic;Second, to provide a benign guidance on user behaviors. The epidemics anticipate accelerating the spread of virus entity (e.g., infected files), so by well-designed guidance on user behaviors through resource property presentation, the attack can be correspondingly contained;Third, to provide the admission mechanism in carrier activities. In different scenarios the carriers play various roles, which act differently on the epidemic propogation, so Securing key roles (carriers) effectively means restricting the epidemic effectively;Fourth, to limit the attack range of epidemics by the network partition strategy. Network clustering and partition can shrink the potential contact range of the epidemics to several degrees, which both guard a majority of end nodes and slow the hit rate of epidemics in underlying networks;Fifth, to restore infected nodes by the distributed targeted immunization strategy. Realizing effective targeted immunization and providing it with desired dynamic and distributed adaptation is considered as a powerful solution to clean up the epidemics.The former three points are from the overlay network's view and the latter two are from the underlying network's view. By integrating these strategies into a highly effective and flexible defensive framework, the epidemics in overlay network can be mostly defended. Besides, by the defensive models and measurement and simulation results, a better understanding of the keys in overlay network epidemic defensive strategies can be obtained, and the foundation of perceiving the security issues in overlay networks can be formed. It is believed this work has significant theoretical and practical meanings for keeping the overlay network in safety.
|
PDF Full Text Request