Friday, December 13, 2013

Federated Flow-Based Approach for Privacy Preserving Connectivity Tracking

Presenter: Mentari Djatmiko

Authors: Mentari Djatmiko (NICTA & UNSW), Dominik Schatzmann (ETH Zurich), Xenofontas Dimitropoulos (ETH Zurich), Arik Friedman (NICTA), Roksana Boreli (NICTA & UNSW)

The paper is motivated by Internet outages, which have significant financial and reputation impact. Prior work either uses passive control-plane measurements using BGP data (which suffers from false positives), or active measurements (which suffer from overheads vs. detection granularity tradeoff), or passive data-plane measurements (which don't suffer from the aforementioned shortcomings but have privacy concerns).

The proposed scheme relies on passive data-plane measurements and aims to alleviate privacy concerns. The authors propose secure multi-party computation (MPC), which is a cryptographic protocol that enables privacy preserving connectivity computation. (Slide malfunction during presentation)

The authors present a case study for evaluation.

Q: You focus on outages (which is a binary performance problem). Can you use this scheme for fine-grained performance evaluation?
A: Yes, it's a possible future work.

Q: Does the solution work in real-time? Does it scale for the whole Internet?
A: We have conducted small-scale evaluations yet. It may be challenging to scale it to a large number of domains.

Q: What information are you trying to protect? Are there privacy concerns for connectivity information?

A: Yes, it can be sensitive. For example, access to porn is likely a private thing.