A Survivable Information Infrastructure for National Civilian BioDefense

An NSF grant (January 2005 - September 2007) to Johns Hopkins Univesity, Purdue University, UCLA and Telcordia Technologies. A component of the NSF Cyber Trust program.
Principal Investigators: Yair Amir, Brian Coan, Cristina Nita-Rotaru and Rafail Ostrovsky.

Overview

This project focuses on the theoretical foundation and the protocols that facilitate a survivable information infrastructure that meets the critical requirements of a national emergency response system. Specifically, the project will address the following challenges:

Expand the existing theoretical framework to analyze the behavior of malicious and colluding participants.
Design and construct a scalable survivable messaging system that operates correctly under a strong adversarial model that includes insider threat and denial of service attacks.
Design and construct information access protocols that protect against compromised database servers providing incorrect data or servers that deny access to legitimate users.
Prevent malicious users from learning unauthorized information.

The domain of application for this work is the Clinicians' Biodefense Network (CBN), a nationwide Internet-based information exchange system designed to provide clinicians with critical information in the aftermath of a bioterrorist attack. The CBN is designed to mitigate benign Internet faults and to resist a physical attack on one location. However, it is not able to correctly operate under a stronger threat model that includes insider attacks. Solutions for this stronger threat model are not currently available and present a major research challenge. This project will construct a prototype survivable system based on the CBN, and from it draw general principles. It will develop a solid theoretical foundation and novel system tools to facilitate building national emergency networks that are resilient against cyber-attacks in crisis situations, when those networks are most urgently needed.

Students

Related Publications

We are developing the survivable messaging infrastructure based on our Spines toolkit.

Scaling Byzantine Fault-Tolerant Replication to Wide Area Networks
In the Proceedings of the IEEE International Conference on Dependable Systems and Networks (DSN06), pages 105-114, Philadelphia, June 2006. A longer version is available as CNDS Technical Report 2006-2.
Yair Amir, Claudiu Danilov, Danny Dolev, Jonathan Kirsch, John Lane, Cristina Nita-Rotaru, Josh Olsen, David Zage
This paper presents the first hierarchical Byzantine fault-tolerant replication architecture suitable to systems that span multiple wide area sites. The architecture confines the effects of any malicious replica to its local site, reduces message complexity of wide area communication, and allows read-only queries to be performed locally within a site for the price of additional standard hardware. We present proofs that our algorithm provides safety and liveness properties. A prototype implementation is evaluated over several network topologies and is compared with a flat Byzantine fault-tolerant approach. The experimental results show considerable improvement over flat Byzantine replication algorithms, bringing the performance of Byzantine replication closer to existing benign fault-tolerant replication techniques over wide area networks.
1-800-OVERLAYS: Using Overlay Networks to Improve VoIP Quality
To appear in the Proceedings of the 15th International Workshop on Network and Operating Systems Support for Digital Audio and Video (NOSSDAV), Skamania, Washington, June 13th-14th, 2005. A longer version is available as CNDS Technical Report 2004-2.
Yair Amir, Claudiu Danilov, Stuart Goose, David Hedqvist, Andreas Terzis
In this paper we describe two algorithms to improve the performance of VoIP applications. These mechanisms are used for localized packet loss recovery and rapid rerouting in the event of network failures. The algorithms are deployed on the routers of an application-level overlay network and require no changes to the underlying infrastructure. Initial experimental results indicate that these two approaches can be composed to yield voice quality on par with the PSTN.
Reliable Communication in Overlay Networks
In the Proceedings of the IEEE International Conference on Dependable Systems and Networks (DSN03), San Francisco, June 2003.
Yair Amir and Claudiu Danilov
Reliable point-to-point communication is usually achieved in overlay networks by applying TCP/IP on the end nodes of a connection. This paper presents an hop-by-hop reliability approach that considerably reduces the latency and jitter of reliable connections. Our approach is feasible and beneficial in overlay networks that do not have the scalability and interoperability requirements of the global Internet.
The effects of the hop-by-hop reliability approach are quantified in simulation as well as in practice using a newly developed overlay network software that is fair with the external traffic on the Internet. The experimental results show that the overhead associated with overlay network processing at the application level does not play an important factor compared with the considerable gain of the approach.