Qing Han, R. Eguchi, S. Mehrotra, N. Venkatasubramanian
We present a graphical model based approach for on-line state estimation of water distribution system failures during large-scale disasters. Water distribution systems often exhibit extreme fragilities during large-scale disasters (e.g., earthquakes) resulting in massive pipe breaks, water contamination, and disruption of service. To monitor and identify potential problems, hidden state information must be extracted from limited and noisy data environments. This requires estimating the operating states of the water system quickly and accurately. We model the water system as a factor graph, characterizing the non-linearity of fluid flow in a network that is dynamically altered by leaks, breaks and operations designed to minimize water loss. The approach considers a structured probabilistic framework which models complex interdependencies within a high-level network topology. The proposed two-phase approach, which begins with a network decomposition using articulation points followed by the distributed Gauss-Newton Belief Propagation (GN-BP) based inference, can deliver optimal estimates of the system state in near real-time. The approach is evaluated in canonical and real-world water systems under different levels of physical and cyber disruptions, using the Water Network Tool for Resilience (WNTR) recently developed by Sandia National Lab and Environmental Protection Agency (EPA). Our results demonstrate that the proposed GN-BP approach can yield an accurate estimation of system states (mean square error 0.02) in a relatively fast manner (within 1s). The two-phase mechanism enables the scalability of state estimation and provides a robust assessment of performance of large-scale water systems in terms of computational complexity and accuracy. A case study on the identification of "faulty zones" shows that 80% broken pipelines and 99% loss-of-service to end-users can be localized.
{"title":"Enabling State Estimation for Fault Identification in Water Distribution Systems Under Large Disasters","authors":"Qing Han, R. Eguchi, S. Mehrotra, N. Venkatasubramanian","doi":"10.1109/SRDS.2018.00027","DOIUrl":"https://doi.org/10.1109/SRDS.2018.00027","url":null,"abstract":"We present a graphical model based approach for on-line state estimation of water distribution system failures during large-scale disasters. Water distribution systems often exhibit extreme fragilities during large-scale disasters (e.g., earthquakes) resulting in massive pipe breaks, water contamination, and disruption of service. To monitor and identify potential problems, hidden state information must be extracted from limited and noisy data environments. This requires estimating the operating states of the water system quickly and accurately. We model the water system as a factor graph, characterizing the non-linearity of fluid flow in a network that is dynamically altered by leaks, breaks and operations designed to minimize water loss. The approach considers a structured probabilistic framework which models complex interdependencies within a high-level network topology. The proposed two-phase approach, which begins with a network decomposition using articulation points followed by the distributed Gauss-Newton Belief Propagation (GN-BP) based inference, can deliver optimal estimates of the system state in near real-time. The approach is evaluated in canonical and real-world water systems under different levels of physical and cyber disruptions, using the Water Network Tool for Resilience (WNTR) recently developed by Sandia National Lab and Environmental Protection Agency (EPA). Our results demonstrate that the proposed GN-BP approach can yield an accurate estimation of system states (mean square error 0.02) in a relatively fast manner (within 1s). The two-phase mechanism enables the scalability of state estimation and provides a robust assessment of performance of large-scale water systems in terms of computational complexity and accuracy. A case study on the identification of \"faulty zones\" shows that 80% broken pipelines and 99% loss-of-service to end-users can be localized.","PeriodicalId":219374,"journal":{"name":"2018 IEEE 37th Symposium on Reliable Distributed Systems (SRDS)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114642257","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In the age of Big Data, releasing protected sensitive data at a future point in time is critical for various applications. Such self-emerging data release requires the data to be protected until a prescribed data release time and be automatically released to the recipient at the release time, even if the data sender goes offline. While straight-forward centralized approaches provide a basic solution to the problem, unfortunately they are limited to a single point of trust and involve a single point of control. This paper presents decentralized techniques for supporting self-emerging data using smart contracts in Ethereum blockchain networks. We design a credible and enforceable smart contract for supporting self-emerging data release. The smart contract employs a set of Ethereum peers to jointly follow the proposed timed-release service protocol allowing the participating peers to earn the remuneration paid by the service users. We model the problem as an extensive-form game with imperfect information to protect against possible adversarial attacks including some peers destroying the private data (drop attack) or secretly releasing the private data before the release time (release-ahead attack). We demonstrate the efficacy and attack-resilience of the proposed techniques through rigorous analysis and experimental evaluation. Our implementation and experimental evaluation on the Ethereum official test network demonstrate the low monetary cost and the low time overhead associated with the proposed approach and validate its guaranteed security properties.
{"title":"Decentralized Release of Self-Emerging Data using Smart Contracts","authors":"Chao Li, Balaji Palanisamy","doi":"10.1109/SRDS.2018.00033","DOIUrl":"https://doi.org/10.1109/SRDS.2018.00033","url":null,"abstract":"In the age of Big Data, releasing protected sensitive data at a future point in time is critical for various applications. Such self-emerging data release requires the data to be protected until a prescribed data release time and be automatically released to the recipient at the release time, even if the data sender goes offline. While straight-forward centralized approaches provide a basic solution to the problem, unfortunately they are limited to a single point of trust and involve a single point of control. This paper presents decentralized techniques for supporting self-emerging data using smart contracts in Ethereum blockchain networks. We design a credible and enforceable smart contract for supporting self-emerging data release. The smart contract employs a set of Ethereum peers to jointly follow the proposed timed-release service protocol allowing the participating peers to earn the remuneration paid by the service users. We model the problem as an extensive-form game with imperfect information to protect against possible adversarial attacks including some peers destroying the private data (drop attack) or secretly releasing the private data before the release time (release-ahead attack). We demonstrate the efficacy and attack-resilience of the proposed techniques through rigorous analysis and experimental evaluation. Our implementation and experimental evaluation on the Ethereum official test network demonstrate the low monetary cost and the low time overhead associated with the proposed approach and validate its guaranteed security properties.","PeriodicalId":219374,"journal":{"name":"2018 IEEE 37th Symposium on Reliable Distributed Systems (SRDS)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131525853","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
S. Bouget, Yérom-David Bromberg, H. Mercier, E. Rivière, François Taïani
Mobile Ad-hoc Networks (MANETs) use limited-range wireless communications and are thus exposed to partitions when nodes fail or move out of reach of each other. Detecting partitions in MANETs is unfortunately a nontrivial task due to their inherently decentralized design and limited resources such as power or bandwidth. In this paper, we propose a novel and fully decentralized approach to detect partitions (and other large membership changes) in MANETs that is both accurate and resource efficient. We monitor the current composition of a MANET using the lightweight aggregation of compact membership-encoding filters. Changes in these filters allow us to infer the likelihood of a partition with a quantifiable level of confidence. We first present an analysis of our approach, and show that it can detect close to 100% of partitions under realistic settings, while at the same time being robust to false positives due to churn or dropped packets. We perform a series of simulations that compare against alternative approaches and confirm our theoretical results, including above 90% accurate detection even under a 40% message loss rate.
{"title":"Mind the Gap: Autonomous Detection of Partitioned MANET Systems using Opportunistic Aggregation","authors":"S. Bouget, Yérom-David Bromberg, H. Mercier, E. Rivière, François Taïani","doi":"10.1109/SRDS.2018.00025","DOIUrl":"https://doi.org/10.1109/SRDS.2018.00025","url":null,"abstract":"Mobile Ad-hoc Networks (MANETs) use limited-range wireless communications and are thus exposed to partitions when nodes fail or move out of reach of each other. Detecting partitions in MANETs is unfortunately a nontrivial task due to their inherently decentralized design and limited resources such as power or bandwidth. In this paper, we propose a novel and fully decentralized approach to detect partitions (and other large membership changes) in MANETs that is both accurate and resource efficient. We monitor the current composition of a MANET using the lightweight aggregation of compact membership-encoding filters. Changes in these filters allow us to infer the likelihood of a partition with a quantifiable level of confidence. We first present an analysis of our approach, and show that it can detect close to 100% of partitions under realistic settings, while at the same time being robust to false positives due to churn or dropped packets. We perform a series of simulations that compare against alternative approaches and confirm our theoretical results, including above 90% accurate detection even under a 40% message loss rate.","PeriodicalId":219374,"journal":{"name":"2018 IEEE 37th Symposium on Reliable Distributed Systems (SRDS)","volume":"724 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127546256","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
To solve Byzantine agreement, n nodes with real input values, among which t < n/3 are Byzantine, have to agree on a common consensus value. Previous research has mainly focused on determining a consensus value equal to an input value of some arbitrary node. In this work we instead assume that the values of the nodes are ordered and introduce a novel validity condition which accepts consensus values that are close to the k-th smallest value of the correct nodes. We propose a deterministic algorithm that approximates the k-th smallest value and show that this approximation is the best possible for the synchronous message passing model. Our approach is furthermore extended to multiple dimensions, where the order is not well-defined, and we show that our algorithm can be applied to determine a value that lies within a box around all correct input vectors.
{"title":"Byzantine Agreement with Interval Validity","authors":"D. Melnyk, Roger Wattenhofer","doi":"10.1109/SRDS.2018.00036","DOIUrl":"https://doi.org/10.1109/SRDS.2018.00036","url":null,"abstract":"To solve Byzantine agreement, n nodes with real input values, among which t < n/3 are Byzantine, have to agree on a common consensus value. Previous research has mainly focused on determining a consensus value equal to an input value of some arbitrary node. In this work we instead assume that the values of the nodes are ordered and introduce a novel validity condition which accepts consensus values that are close to the k-th smallest value of the correct nodes. We propose a deterministic algorithm that approximates the k-th smallest value and show that this approximation is the best possible for the synchronous message passing model. Our approach is furthermore extended to multiple dimensions, where the order is not well-defined, and we show that our algorithm can be applied to determine a value that lies within a box around all correct input vectors.","PeriodicalId":219374,"journal":{"name":"2018 IEEE 37th Symposium on Reliable Distributed Systems (SRDS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128425204","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Embedded devices, personal gadgets and networks thereof are becoming increasingly pervasive, mainly due the advent of, and hype surrounding, the so-called Internet of Things (IoT). Such devices often perform critical actuation tasks, as well as collect, store and process sensitive data. Therefore, as confirmed by recent examples (such as the Mirai botnet), they also represent very attractive attack targets. To mitigate attacks, remote attestation (RA) has emerged as a distinct security service that aims at detecting malware presence on an embedded device. Most prior RA schemes focus on attesting a single devices and do not scale. In recent years, schemes for collective (group or swarm) RA have been designed. However, none is applicable to autonomous and dynamic network settings. This paper presents US-AID – the first collective attestation schemes for large autonomous dynamic networks of embedded devices. AID verifies overall network integrity by combining continuous in-network attestation with a key exchange mechanism and Proofs-of-non-Absence. Using device absence detection US-AID defends against physical attacks that require disconnecting attacked devices form the network for a non-negligible time. We demonstrate feasibility of US-AID with proof-of-concept implementation on state-of-the-art security architectures for low-end embedded devices and on an autonomous testbed formed of six drones. We also assess its scalability and practicality via extensive simulations.
{"title":"US-AID: Unattended Scalable Attestation of IoT Devices","authors":"Ahmad Ibrahim, A. Sadeghi, G. Tsudik","doi":"10.1109/SRDS.2018.00013","DOIUrl":"https://doi.org/10.1109/SRDS.2018.00013","url":null,"abstract":"Embedded devices, personal gadgets and networks thereof are becoming increasingly pervasive, mainly due the advent of, and hype surrounding, the so-called Internet of Things (IoT). Such devices often perform critical actuation tasks, as well as collect, store and process sensitive data. Therefore, as confirmed by recent examples (such as the Mirai botnet), they also represent very attractive attack targets. To mitigate attacks, remote attestation (RA) has emerged as a distinct security service that aims at detecting malware presence on an embedded device. Most prior RA schemes focus on attesting a single devices and do not scale. In recent years, schemes for collective (group or swarm) RA have been designed. However, none is applicable to autonomous and dynamic network settings. This paper presents US-AID – the first collective attestation schemes for large autonomous dynamic networks of embedded devices. AID verifies overall network integrity by combining continuous in-network attestation with a key exchange mechanism and Proofs-of-non-Absence. Using device absence detection US-AID defends against physical attacks that require disconnecting attacked devices form the network for a non-negligible time. We demonstrate feasibility of US-AID with proof-of-concept implementation on state-of-the-art security architectures for low-end embedded devices and on an autonomous testbed formed of six drones. We also assess its scalability and practicality via extensive simulations.","PeriodicalId":219374,"journal":{"name":"2018 IEEE 37th Symposium on Reliable Distributed Systems (SRDS)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131163552","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Many distributed protocols and applications rely on causal broadcast to ensure consistency criteria. However, none of causality tracking state-of-the-art approaches scale in large and dynamic systems. This paper presents a new non-blocking causal broadcast protocol suited for such systems. The proposed protocol outperforms state-of-the-art in size of messages, execution time complexity, and local space complexity. Most importantly, messages piggyback control information the size of which is constant. We prove that for both static and dynamic systems. Consequently, large and dynamic systems can finally afford causal broadcast.
{"title":"Breaking the Scalability Barrier of Causal Broadcast for Large and Dynamic Systems","authors":"Brice Nédelec, P. Molli, A. Mostéfaoui","doi":"10.1109/SRDS.2018.00016","DOIUrl":"https://doi.org/10.1109/SRDS.2018.00016","url":null,"abstract":"Many distributed protocols and applications rely on causal broadcast to ensure consistency criteria. However, none of causality tracking state-of-the-art approaches scale in large and dynamic systems. This paper presents a new non-blocking causal broadcast protocol suited for such systems. The proposed protocol outperforms state-of-the-art in size of messages, execution time complexity, and local space complexity. Most importantly, messages piggyback control information the size of which is constant. We prove that for both static and dynamic systems. Consequently, large and dynamic systems can finally afford causal broadcast.","PeriodicalId":219374,"journal":{"name":"2018 IEEE 37th Symposium on Reliable Distributed Systems (SRDS)","volume":"72 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121899481","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: