Speaker: Ion Stoica
University of California at Berkeley
Monday, February 27, 2006
11:00 am - 12:00 pm
EBU3b 1202

ABSTRACT
Designing infrastructures that give untrusted third-parties (such as end-hosts) control over routing is a promising research direction for achieving flexible and efficient communication. However, serious concerns remain over the deployment of such infrastructures, none less than the new security vulnerabilities they introduce. The flexible control plane of these infrastructures can be exploited to launch many types of powerful attacks with little effort.

In this talk, I will introduce a model for forwarding infrastructures, analyze potential security vulnerabilities, and present techniques to address these vulnerabilities. The main technique that we propose is the use of simple, light-weight, cryptographic constraints on forwarding entries. We show that it is possible to: prevent all known attacks on end-hosts, and bound the flooding attacks that can be launched on the infrastructure nodes to a small constant. Our mechanisms are general and apply to a variety of earlier proposals such as the Internet Indirection Infrastructure (i3), DataRouter, and Network Pointers.

BIO
Ion Stoica received his Ph.D. from Carnegie Mellon University in 2000. He is an Assistant Professor in the EECS Department at University of California at Berkeley, where he does research on peer-to-peer network technologies in the Internet, resource management, network architectures. Stoica is the recipient of a Sloan Foundation Fellowship (2003), a Presidential Early Career Award for Scientists & engineers (PECASE) (2002), and of the ACM doctoral dissertation award (2001). He is a member of the ACM.