Safety on Untrusted Network Devices
The goal of the SOUND (Safety On Untrusted Network Devices) project is to design a distributed system
that can offer cloud-style services but is highly resilient to cyber-attacks. Rather than focusing on
specific known attacks, we would like to provide resiliency against a broad range of known and unknown
(Byzantine) attacks; for instance, an adversary could compromise a certain number of nodes and modify
them in some arbitrary way. Our goal is to detect and mitigate such attacks whenever possible, e.g.,
by reconfiguring the system to exclude any compromised nodes.
We approach this problem using the principle of mutual suspicion: Nodes continually monitor each other
and check for unusual actions or changes in behavior that could be related to an attack. However, since
we are assuming a very strong adversary, the bar for a successful solution is high: We require a strong,
provable guarantee that the adversary cannot circumvent the system, as well as a practical design that
can efficiently provide this guarantee. We expect that the SOUND project will build on results from
the CRASH/SAFE effort at the level of individual nodes; however,
SOUND goes beyond CRASH/SAFE by considering an entire distributed system with a heterogeneous mix of nodes,
many of which may not be operating in a secure environment.
- Fault Tolerance and the Five-Second Rule
Ang Chen, Hanjun Xiao, Andreas Haeberlen, and Linh Thi Xuan Phan
To appear at: 15th Workshop on Hot
Topics in Operating Systems (HotOS XV),
Kartause Ittingen, Switzerland, May 2015.
- Detecting Covert Timing Channels with Time-Deterministic Replay
Ang Chen, W. Brad Moore, Hanjun Xiao, Andreas Haeberlen, Linh Thi Xuan Phan, Micah Sherr, and Wenchao Zhou
11th USENIX Symposium on
Operating Systems Design and Implementation (OSDI '14),
Broomfield, CO, October 2014.
- Let SDN be your eyes: Secure Forensics in Data Center Networks
Adam Bates, Kevin Butler, Andreas Haeberlen, Micah Sherr, and Wenchao Zhou
NDSS Workshop on
Security of Emerging Network Technologies (SENT '14), San Diego,
CA, February 2014.
- Towards Privacy-Preserving Fault Detection
Antonis Papadimitriou, Mingchen Zhao, and Andreas Haeberlen
9th Workshop on Hot Topics in
Dependable Systems (HotDep '13), Farmington, PA, November 2013.
- Private and Verifiable Interdomain Routing Decisions
Mingchen Zhao, Wenchao Zhou, Alexander J. T. Gurney, Andreas Haeberlen, Micah Sherr,
and Boon Thau Loo
SIGCOMM 2012, Helsinki, Finland, August 2012
[PDF] [BibTex] [Technical report]
- Having your Cake and Eating it too: Routing Security with Privacy Protections
Alexander J. T. Gurney, Andreas Haeberlen, Wenchao Zhou, Micah Sherr, and Boon Thau Loo
10th ACM Workshop on Hot Topics in Networks
(HotNets-X), Cambridge, MA, November 2011.
- Accountable Virtual Machines
Andreas Haeberlen, Paarijaat Aditya, Rodrigo Rodrigues, and Peter Druschel
9th USENIX Symposium on Operating Systems Design and Implementation (OSDI '10), Vancouver, Canada, October 2010.
[PDF] [BibTex] [Slides] [Video]
Jonathan M. Smith
This work is funded by DARPA
under the MRC program.
This is a joint project with BAE systems and Portland State University.