Emma Dauterman, Vivian Fang, Natacha Crooks, R. A. Popa
Many systems today distribute trust across multiple parties such that the system provides certain security properties if a subset of the parties are honest. In the past few years, we have seen an explosion of academic and industrial cryptographic systems built on distributed trust, including secure multi-party computation applications (e.g., private analytics, secure learning, and private key recovery) and blockchains. These systems have great potential for improving security and privacy, but face a significant hurdle on the path to deployment. We initiate study of the following problem: a single organization is, by definition, a single party, and so how can a single organization build a distributed-trust system where corruptions are independent? We instead consider an alternative formulation of the problem: rather than ensuring that a distributed-trust system is set up correctly by design, what if instead, users can audit a distributed-trust deployment? We propose a framework that enables a developer to efficiently and cheaply set up any distributed-trust system in a publicly auditable way. To do this, we identify two application-independent building blocks that we can use to bootstrap arbitrary distributed-trust applications: secure hardware and an append-only log. We show how to leverage existing implementations of these building blocks to deploy distributed-trust systems, and we give recommendations for infrastructure changes that would make it easier to deploy distributed-trust systems in the future.
{"title":"Reflections on trusting distributed trust","authors":"Emma Dauterman, Vivian Fang, Natacha Crooks, R. A. Popa","doi":"10.1145/3563766.3564089","DOIUrl":"https://doi.org/10.1145/3563766.3564089","url":null,"abstract":"Many systems today distribute trust across multiple parties such that the system provides certain security properties if a subset of the parties are honest. In the past few years, we have seen an explosion of academic and industrial cryptographic systems built on distributed trust, including secure multi-party computation applications (e.g., private analytics, secure learning, and private key recovery) and blockchains. These systems have great potential for improving security and privacy, but face a significant hurdle on the path to deployment. We initiate study of the following problem: a single organization is, by definition, a single party, and so how can a single organization build a distributed-trust system where corruptions are independent? We instead consider an alternative formulation of the problem: rather than ensuring that a distributed-trust system is set up correctly by design, what if instead, users can audit a distributed-trust deployment? We propose a framework that enables a developer to efficiently and cheaply set up any distributed-trust system in a publicly auditable way. To do this, we identify two application-independent building blocks that we can use to bootstrap arbitrary distributed-trust applications: secure hardware and an append-only log. We show how to leverage existing implementations of these building blocks to deploy distributed-trust systems, and we give recommendations for infrastructure changes that would make it easier to deploy distributed-trust systems in the future.","PeriodicalId":339381,"journal":{"name":"Proceedings of the 21st ACM Workshop on Hot Topics in Networks","volume":"292 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134329384","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Alex Davidson, Matthias Frei, Marten Gartner, Hamed Haddadi, Jordi Subira Nieto, A. Perrig, Philipp Winter, Franccois Wirz
The question at which layer network functionality is presented or abstracted remains a research challenge. Traditionally, network functionality was either placed into the core network, middleboxes, or into the operating system - but recent developments have expanded the design space to directly introduce functionality into the application (and in particular into the browser) as a way to expose it to the user. Given the context of emerging path-aware networking technology, an interesting question arises: which layer should handle the new features? We argue that the browser is becoming a powerful platform for network innovation, where even user-driven properties can be implemented in an OS-agnostic fashion. We demonstrate the feasibility of geo-fenced browsing using a prototype browser extension, realized by the SCION path-aware networking architecture, without introducing any significant performance overheads.
{"title":"Tango or square dance?: how tightly should we integrate network functionality in browsers?","authors":"Alex Davidson, Matthias Frei, Marten Gartner, Hamed Haddadi, Jordi Subira Nieto, A. Perrig, Philipp Winter, Franccois Wirz","doi":"10.1145/3563766.3564111","DOIUrl":"https://doi.org/10.1145/3563766.3564111","url":null,"abstract":"The question at which layer network functionality is presented or abstracted remains a research challenge. Traditionally, network functionality was either placed into the core network, middleboxes, or into the operating system - but recent developments have expanded the design space to directly introduce functionality into the application (and in particular into the browser) as a way to expose it to the user. Given the context of emerging path-aware networking technology, an interesting question arises: which layer should handle the new features? We argue that the browser is becoming a powerful platform for network innovation, where even user-driven properties can be implemented in an OS-agnostic fashion. We demonstrate the feasibility of geo-fenced browsing using a prototype browser extension, realized by the SCION path-aware networking architecture, without introducing any significant performance overheads.","PeriodicalId":339381,"journal":{"name":"Proceedings of the 21st ACM Workshop on Hot Topics in Networks","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128576000","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Recent congestion control research has focused on purpose-built algorithms designed for the special needs of specific applications. Often, limited testing before deploying a CCA results in unforeseen and hard-to-debug performance issues due to the complex ways a CCA interacts with other existing CCAs and diverse network environments. We present CC-Fuzz, an automated framework that uses genetic search algorithms to generate adversarial network traces and traffic patterns for stress-testing CCAs. Initial results include CC-Fuzz automatically finding a bug in BBR that causes it to stall permanently, and automatically discovering the well-known low-rate TCP attack, among other things.
{"title":"CC-fuzz: genetic algorithm-based fuzzing for stress testing congestion control algorithms","authors":"Devdeep Ray, S. Seshan","doi":"10.1145/3563766.3564088","DOIUrl":"https://doi.org/10.1145/3563766.3564088","url":null,"abstract":"Recent congestion control research has focused on purpose-built algorithms designed for the special needs of specific applications. Often, limited testing before deploying a CCA results in unforeseen and hard-to-debug performance issues due to the complex ways a CCA interacts with other existing CCAs and diverse network environments. We present CC-Fuzz, an automated framework that uses genetic search algorithms to generate adversarial network traces and traffic patterns for stress-testing CCAs. Initial results include CC-Fuzz automatically finding a bug in BBR that causes it to stall permanently, and automatically discovering the well-known low-rate TCP attack, among other things.","PeriodicalId":339381,"journal":{"name":"Proceedings of the 21st ACM Workshop on Hot Topics in Networks","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134148920","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Alexander Dietmüller, Siddhant Ray, Romain Jacob, L. Vanbever
Generalizing machine learning (ML) models for network traffic dynamics tends to be considered a lost cause. Hence for every new task, we design new models and train them on model-specific datasets closely mimicking the deployment environments. Yet, an ML architecture called Transformer has enabled previously unimaginable generalization in other domains. Nowadays, one can download a model pre-trained on massive datasets and only fine-tune it for a specific task and context with comparatively little time and data. These fine-tuned models are now state-of-the-art for many benchmarks. We believe this progress could translate to networking and propose a Network Traffic Transformer (NTT), a transformer adapted to learn network dynamics from packet traces. Our initial results are promising: NTT seems able to generalize to new prediction tasks and environments. This study suggests there is still hope for generalization through future research.
{"title":"A new hope for network model generalization","authors":"Alexander Dietmüller, Siddhant Ray, Romain Jacob, L. Vanbever","doi":"10.1145/3563766.3564104","DOIUrl":"https://doi.org/10.1145/3563766.3564104","url":null,"abstract":"Generalizing machine learning (ML) models for network traffic dynamics tends to be considered a lost cause. Hence for every new task, we design new models and train them on model-specific datasets closely mimicking the deployment environments. Yet, an ML architecture called Transformer has enabled previously unimaginable generalization in other domains. Nowadays, one can download a model pre-trained on massive datasets and only fine-tune it for a specific task and context with comparatively little time and data. These fine-tuned models are now state-of-the-art for many benchmarks. We believe this progress could translate to networking and propose a Network Traffic Transformer (NTT), a transformer adapted to learn network dynamics from packet traces. Our initial results are promising: NTT seems able to generalize to new prediction tasks and environments. This study suggests there is still hope for generalization through future research.","PeriodicalId":339381,"journal":{"name":"Proceedings of the 21st ACM Workshop on Hot Topics in Networks","volume":"42 9","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"113973519","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
H. Balakrishnan, D. Katabi, Aditya Akella, I. Stoica
It is our pleasure to welcome you to the tenth ACM SIGCOMM Workshop on Hot Topics in Networks---HotNets X. As with previous instances of this workshop, the goal has been to provide a venue for publication and discussion of early-stage, provocative research. We received 119 submissions and accepted 24 papers. The accepted papers cover topics ranging from novel network architectures to wireless networks, data center networks, energy, privacy and security issues. � �Like many conferences, we adopted a 2-round review process. Our program committee wrote over 450 reviews to ensure every paper received at least 3 reviews, with a little more than half the papers proceeding to the second round and receiving at least 2 additional reviews. Nearly 60 papers were discussed in the full-day PC meeting. We aimed to ensure that highly innovative work would be accepted even if not quite "fully baked", and encourage papers that identify fundamental open questions, or offer a constructive critique of the state of networking research. In achieving this goal, we were helped by the high quality of submissions, and the incredibly thorough reviews and positive discussions during the PC meeting. While there were papers that produced divided opinions among the PC, we were able to converge and achieve consensus on the accepted papers in a constructive manner.
{"title":"Proceedings of the 21st ACM Workshop on Hot Topics in Networks","authors":"H. Balakrishnan, D. Katabi, Aditya Akella, I. Stoica","doi":"10.1145/2070562","DOIUrl":"https://doi.org/10.1145/2070562","url":null,"abstract":"It is our pleasure to welcome you to the tenth ACM SIGCOMM Workshop on Hot Topics in Networks---HotNets X. As with previous instances of this workshop, the goal has been to provide a venue for publication and discussion of early-stage, provocative research. We received 119 submissions and accepted 24 papers. The accepted papers cover topics ranging from novel network architectures to wireless networks, data center networks, energy, privacy and security issues. \u0000 \u0000Like many conferences, we adopted a 2-round review process. Our program committee wrote over 450 reviews to ensure every paper received at least 3 reviews, with a little more than half the papers proceeding to the second round and receiving at least 2 additional reviews. Nearly 60 papers were discussed in the full-day PC meeting. We aimed to ensure that highly innovative work would be accepted even if not quite \"fully baked\", and encourage papers that identify fundamental open questions, or offer a constructive critique of the state of networking research. In achieving this goal, we were helped by the high quality of submissions, and the incredibly thorough reviews and positive discussions during the PC meeting. While there were papers that produced divided opinions among the PC, we were able to converge and achieve consensus on the accepted papers in a constructive manner.","PeriodicalId":339381,"journal":{"name":"Proceedings of the 21st ACM Workshop on Hot Topics in Networks","volume":"9 14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123996747","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: