Improving Dependability of Networks with Penalty and Revocation Mechanisms

Thumbnail Image
Journal Title
Journal ISSN
Volume Title
School of Science | Doctoral thesis (article-based) | Defence date: 2014-12-05
Degree programme
78 + app. 74
Aalto University publication series DOCTORAL DISSERTATIONS, 185/2014
Both malicious and non-malicious faults can dismantle computer networks. Thus, mitigating faults at various layers is essential in ensuring efficient and fair network resource utilization. In this thesis we take a step in this direction and study several ways to deal with faults by means of penalties and revocation mechanisms in networks that are lacking a centralized coordination point, either because of their scale or design. Compromised nodes can pose a serious threat to infrastructure, end-hosts and services. Such malicious elements can undermine the availability and fairness of networked systems. To deal with such nodes, we design and analyze protocols enabling their removal from the network in a fast and a secure way. We design these protocols for two different environments. In the former setting, we assume that there are multiple, but independent trusted points in the network which coordinate other nodes in the network. In the latter, we assume that all nodes play equal roles in the network and thus need to cooperate to carry out common functionality. We analyze these solutions and discuss possible deployment scenarios. Next we turn our attention to wireless edge networks. In this context, some nodes, without being malicious, can still behave in an unfair manner. To deal with the situation, we propose several self-penalty mechanisms. We implement the proposed protocols employing a commodity hardware and conduct experiments in real-world environments. The analysis of data collected in several measurement rounds revealed improvements in terms of higher fairness and throughput. We corroborate the results with simulations and an analytic model. And finally, we discuss how to measure fairness in dynamic settings, where nodes can have heterogeneous resource demands.
Supervising professor
Ylä-Jääski, Antti, Prof., Aalto University, Department of Computer Science, Finland
Thesis advisor
Gurtov, Andrei, Dr., Aalto University, Finland
Internet architecture, protocol design, network measurements, wireless sensor and edge networks
Other note
  • [Publication 1]: Dmitriy Kuptsov and Andrei Gurtov. SAVAH: Source Address Validation with Host Identity Protocol. In Proceedings of the First International ICST Conference on Security and Privacy in Mobile Information and Communication Systems, pages 190–201, July 2009.
    DOI: 10.1007/978-3-642-04434-2_17 View at publisher
  • [Publication 2]: Teemu Koponen, Scott Shenker, Hari Balakrishnan, Nick Feamster, Igor Ganichev, Ali Ghodsi, P. Brighten Godfrey, Nick McKeown, Guru Parulkar, Barath Raghavan, Jennifer Rexford, Somaya Arianfar and Dmitriy Kuptsov. Architecting for Innovation. In SIGCOMM Computer Communication Review, vol. 41, pages 24–36, July 2011.
    DOI: 10.1145/2002250.2002256 View at publisher
  • [Publication 3]: Oscar Garcia, Dmitriy Kuptsov, Andrei Gurtov and Klaus Wehrle. Cooperative Security in Distributed Networks. Computer Communications (COMCOM), vol. 36, pages 1284–1297, August 2013.
    DOI: 10.1016/j.comcom.2013.04.007 View at publisher
  • [Publication 4]: Dmitriy Kuptsov, Boris Nechaev, Andrey Lukyanenko and Andrei Gurtov. How penalty leads to improvement: A measurement study of wireless backoff in IEEE 802.11 networks. Computer Networks (COMNET), pages 1–21, September 2014.
    DOI: 10.1016/j.comnet.2014.09.008 View at publisher
  • [Publication 5]: Dmitriy Kuptsov, Boris Nechaev, Andrey Lukyanenko and Andrei Gurtov A Novel Demand-Aware Fairness Metric for IEEE 802.11 Wireless Networks. In Proceedings of the 28th Annual ACM Symposium on Applied Computing (SAC’13), pages 603–610, March 2013.
    DOI: 10.1145/2480362.2480478 View at publisher