Presentation is loading. Please wait.

Presentation is loading. Please wait.

Davis Social Links Relationship-Oriented Social-Centric Future Internet Architecture S. Felix Wu Computer Science Department University of California,

Published byLynn O’Connor’ Modified over 7 years ago

Similar presentations

Presentation on theme: "Davis Social Links Relationship-Oriented Social-Centric Future Internet Architecture S. Felix Wu Computer Science Department University of California,"— Presentation transcript:

1 Davis Social Links Relationship-Oriented Social-Centric Future Internet Architecture S. Felix Wu Computer Science Department University of California, Davis wu@cs.ucdavis.edu http://www.facebook.com/sfelixwu http://dsl.cs.ucdavis.edu

2 07/22/2010Davis Social Links2 Outline A series of unfortunate events –Vulnerabilities and Root Causes Relationship-Oriented Architecture –How would this help? FAITH –Facebook Application Identification, Transformation, and Hypervisor

3 07/22/2010Davis Social Links3 The emails I received typically each morning…

4 07/22/2010Davis Social Links4 You have a few seconds to decide……

5 07/22/2010Davis Social Links5 To me personally, this is a typical social spam. I didn’t really know this guy!

6 07/22/2010Davis Social Links6 Root Cause Analysis Why did Spam or DDoS occur in the first place? Does these attacks have anything to do with the “architecture”? –What feature(s) have been leveraged (to enable the attack)?

7 07/22/2010Davis Social Links7 Pick your favor Spam Filter(s)

8 07/22/2010Davis Social Links8 The Implication of FP’s Spam-filters have to be conservative… We will have some false negatives in our own inboxes. We will spend our own time to further filter.. –For me, 1~2 seconds per email A: eliminate 99.99% spams, 10% hams B: eliminate 60% spams, 0.00001% hams

9 07/22/2010Davis Social Links9 Internet SMTP 33130 Autonomous Systems 311755 Address Prefixes announced BGP + DNS http://bgp.potaroo.net/cidr/

10 07/22/2010Davis Social Links10 Unique Routable Identity “Destination Identity” is the ONLY thing you need to communicate with that particular identity!

11 07/22/2010Davis Social Links11 SMTP Unique Routable Identity Any identity (email address, IP, url) can communicate with any one else. –Email, web, bittorrent, warcraft, skype… “Destination Identity” is the ONLY thing you need to communicate with that particular identity!

12 07/22/2010Davis Social Links12 Properties Unique global network-layer identifier –IPv4/v6 addresses Global connectivity –The primary job of BGP –311755 Address Prefixes announced Once the attacker has the URI, they can do whatever they want?! The capability that we can send emails to each other. Randomized DDoS

13 07/22/2010Davis Social Links13 Internet Architecture Our Internet architecture allows a group of network nodes sending packets (or messages) toward certain IP (or email) address prefixes (within a period of time).

14 07/22/2010Davis Social Links14 Internet Architecture Our Internet architecture allows a group of network nodes sending packets (or messages) toward certain IP (or email) address prefixes (within a period of time). Unavoidable! Restrict/control such behavior! –But, how?

15 07/22/2010Davis Social Links15 What is undesirable? We might not have a clear answer. But, we want to avoid a manual and per message process to respond!

16 07/22/2010Davis Social Links16 Future Internet Design We know something about what we don’t like under the current architecture. We know very very little about the requirements of the future!

17 07/22/2010Davis Social Links17 A Very Challenging Argument… We know something about what we don’t like “under” the current architecture?! We know very very little about the requirements of the future! –What are the possible future applications and why will the current Internet architecture be insufficient?

18 07/22/2010Davis Social Links18 During my 85 minutes talk today… “Trying” to identify some architectural concerns of our current Internet: –Mostly from the security perspective –Argue why certain features might not be necessary Proposing a different architecture based on social informatics: –What will we possibly gain? –Why shouldn’t we simply realize this new social layer purely at the application layer (on top of IP, e.g.)?

19 07/22/2010Davis Social Links19 During my 85 minutes talk today… “Trying” to identify some architectural concerns of our current Internet: –Mostly from the security perspective –Argue why certain features might not be necessary Proposing a different architecture based on social informatics: –What will we possibly gain? –Why shouldn’t we simply realize this new social layer purely at the application layer (on top of IP, e.g.)? I am trying to raise questions…

20 07/22/2010Davis Social Links20 Relationship-Oriented Internet is about leveraging some form of relationship to communicate And, the result of the communication might change the nature of the relationship

21 07/22/2010Davis Social Links21 Relationship

22 07/22/2010Davis Social Links22 Relationship?!

23 07/22/2010Davis Social Links23 Email Relationship The capability that we can send emails to each other.

24 07/22/2010Davis Social Links24 To me personally, this is a typical social spam. I didn’t really know this guy!

25 07/22/2010Davis Social Links25 Oops… “BTW, a small typo as well!”

26 07/22/2010Davis Social Links26

27 07/22/2010Davis Social Links27 11/16 /2007 11/26 /2007 In my office 11/27 /2007 Spammed? 12/10 /2007 “Memoryless” For Felix Wu

28 07/22/2010Davis Social Links28 SMTP

29 07/22/2010Davis Social Links29 SMTP

30 07/22/2010Davis Social Links30 Eric Felix Justin We are trying to make the information of social context and relationship explicit! Dualism SMTP

31 07/22/2010Davis Social Links31 Internet SMTP 33130 Autonomous Systems 311755 Address Prefixes announced BGP + DNS http://bgp.potaroo.net/cidr/

32 07/22/2010Davis Social Links32 Social-Control Routing

33 07/22/2010Davis Social Links33

34 07/22/2010Davis Social Links34 Facebook DSL Kernel Policy/Reputation-based Route discovery Community Oriented Keywords Name-ID resolution Social Context DSLoFB SMTP Eric Felix Native DSL Applications and Games Existing Applications Wrapper 0.65 0.73

35 07/22/2010Davis Social Links35 https://dslcore.slice1054.genislices.emulab.net/soemail/src/login.php X-DSL 0.650.73

36 07/22/2010Davis Social Links36

37 07/22/2010Davis Social Links37 Felix, the receiver, decides… AB C D Pkt[c>d] Trust(D>C) Pkt[bcd] Trust(C>B) Pkt[abc] Trust(B>A) Pkt[ab]

38 07/22/2010Davis Social Links38 Trust Structure We want to stabilize these decentralized values such that they can be used to effectively choose the “best” route.

39 07/22/2010Davis Social Links39 Routing with Trust

40 07/22/2010Davis Social Links40 Simulation study of 100K+ nodes…

41 07/22/2010Davis Social Links41 Pairwise 1-way Trust

42 07/22/2010Davis Social Links42

43 07/22/2010Davis Social Links43 Trust/Reputation Systems performance and responsiveness to dynamics (of trust and reputation) –Assuming no oracle or human reset (and we might not have ground truth in real-time anyway). –operations and management Bounded/unbounded for life-time expected attack instances –Versus bounded for a fix period of time –Probabilistic versus Deterministic –Assuming no collusive attacks

44 07/22/2010Davis Social Links44 SMTP 0.650.73

45 07/22/2010Davis Social Links45 Relationship Capability and Context Justin EricFelix 0.65 0.73

46 07/22/2010Davis Social Links46 Question #1 Why does “the relationship” matter? Content versus Relationship Justin EricFelix 0.65 0.73

47 07/22/2010Davis Social Links47 Examples… Why does “the relationship” matter? Felix trusts Justin Justin EricFelix 0.65 0.73

48 07/22/2010Davis Social Links48 But, what does “0.73” mean? Justin EricFelix 0.730.65 Relationship, it’s complicated!  Collusion  Delayed Evaluation  Opinion Dynamics/Fluctuation  Social Isolation  Asymmetric Social Trust

49 07/22/2010Davis Social Links49 Examples… Why does “the relationship” matter? Felix trusts Justin, or Felix believes that Eric has not contacted too many professors! Justin EricFelix 0.65 0.73

50 07/22/2010Davis Social Links50 Communication and Relationship Social capitals/resources ??? Communication sometimes is not just between Eric and Felix! It might also depend on what/which others are communicating!

51 07/22/2010Davis Social Links51 Architecture Our Internet architecture allows a group of network nodes sending packets (or messages) toward certain IP (or email) address prefixes.

52 07/22/2010Davis Social Links52 Architecture Our Internet architecture allows a group of network nodes sending packets (or messages) toward certain IP (or email) address prefixes if and only if the relationship chains supporting the communication are strong enough.

53 07/22/2010Davis Social Links53 Question #2 Why bother to change the IP layer?

54 07/22/2010Davis Social Links54 Question #2 Why bother to change the IP layer? BTW, this is my soft spot so I will try my best but be honest/humble…

55 07/22/2010Davis Social Links55 Social/Networking 1 2 3 Relationship Graph Abstraction/Dynamics

56 07/22/2010Davis Social Links56 “Routable Identity” Application identity =M=> Network identity Network identity =R=> Network identity Network identity =M=> Application identity Application Entity Network Entity BGP DNS

57 07/22/2010Davis Social Links57 “App/Route Identity” Application identity =M=> Network identity Network identity =R=> Network identity Network identity =M=> Application identity Keywords =(MF-R)=> “Multiple Paths” Application identity selection Network route selection

58 07/22/2010Davis Social Links58 “Social Control Layer” Application Entity Network Entity Network Route Binding Relationship Path Selection Social Entity Social Entity Control interface

59 07/22/2010Davis Social Links59 “Social Control Layer” Application Entity Network Entity AL-BGP Network Route Selection Social Entity Social Entity Dualism

60 07/22/2010Davis Social Links60 Hijackable Routable Identify

61 07/22/2010Davis Social Links61 Application Test <> “Layer 3”

62 07/22/2010Davis Social Links62 “App/Route Identity” Application identity =M=> Network identity Network identity =R=> Network identity Network identity =M=> Application identity Keywords =(MF-R)=> “Multiple Paths” Application identity selection Network route selection The end user will have some control via the social layer!

63 07/22/2010Davis Social Links63 URI versus ADC URI (Unique Routable Identity) –We assume that our destination target is bound to an URI. –We assume that both the MAPPING (e.g., DNS) and ROUTING (e.g., BGP) are correct. ADC (Application Dependent Credential) –The lower layer (like search engine) will give us a few options to click. –The application (or the user) will then choose the one (or ones).

64 07/22/2010Davis Social Links64 Phishing Attacks Today, somebody would trick us to believe that they are the official Well Fargo! In DSL, ANYBODY can claim to be WF as long as they announce the magic keywords. –So, we are “Phishing by Default”.

65 07/22/2010Davis Social Links65 Why not? Relying on IP (& BGP), URL, DNS, and trusted browser plus uncompromised Javascripts and captures might not be terribly secure anyway. We need end-to-end mutual authentication for certain applications, and more importantly, at the application layer! –Different applications have different security requirements!

66 07/22/2010Davis Social Links66 Social-View of Network-Layer DDoS Remapping, Soft Binding, Trust-based Prioritization

67 07/22/2010Davis Social Links67 Social Network versus Internet Conjecture –It’s much harder to profile on the Internet than on some abstraction of social networks! –Example: Dunbar’s number (~150) Maintaining Stable Social Relationship –Example: Mutual friends Real SN: less than 38 friends Farmville/Mafia War: 150~170 and still growing…

68 07/22/2010Davis Social Links68 How many? within how much time? Social capitals/resources “anomalous” social transactions Justin Eric ??? Felix The response from the dark side….  obtain the expected social profile  leverage a large number of compromised social bots  each produce/consume a very small amount of SR

69 07/22/2010Davis Social Links69 Architecture Our Internet architecture allows a group of network nodes sending packets (or messages) toward certain IP (or email) address prefixes if and only if the relationship chains supporting the communication are strong enough. The relationship chain being utilized will determine the quality of service.

70 07/22/2010Davis Social Links70 We lost “Global Connectivity”! We cannot propagate all the keywords “too far away” for the concern of scalability. –Global reachability is sacrificed. But, “Less might well be More” –In between deny and allow by default… –Communication is mutual! –As an example, if we want to communicate with a certain far-reach region as “our mission”, then we will send a missionary there on OSN!

71 07/22/2010Davis Social Links71 Who is Salma?

72 07/22/2010Davis Social Links72 My message to Salma

73 07/22/2010Davis Social Links73 My message to Salma

74 07/22/2010Davis Social Links74 The Social Path(s)

75 07/22/2010Davis Social Links75 “Per-Keyword Propagation Policy” For each keyword, we will associate it with a propagation policy: [T, N, A] –T: Trust Value Threshold –N: Hop counts left to propagate (-1 each step) –A: Community Attributes Examples: –[>0.66, 4, “Davis”] K via L 1 –[>=0,, ] K via L 2 Social DNS

76 07/22/2010Davis Social Links76 Hop Count Community Attribute Trust Keyword & its propagation policy

77 07/22/2010Davis Social Links77 Community A B C D A connected graph of social nodes sharing a set of community attributes

78 07/22/2010Davis Social Links78 reaching Western Africa…

79 07/22/2010Davis Social Links79 Connecting to Western Africa Sending a missionary there Socially!

80 07/22/2010Davis Social Links80 Social Network Transformation Each application might need different OSN topologies. Justin EricFelix 0.730.65

81 07/22/2010Davis Social Links81 Farmville and Facebook Justin EricFelix FB friends: 790+ FV neighbors: 30+ neighbor friend

82 07/22/2010Davis Social Links82 Farmville and Facebook Justin EricFelix FB friends: 790+ FV neighbors: 30+ neighbor friend Is this necessary?

83 07/22/2010Davis Social Links83 Fighter’s Club A couple millions users A Coalition game ~ like Warcraft Team members who are Facebook friends receive higher fighting powers ~1400 new friendships established daily ~10% of users with >95% friendships purely based on this game.

84 07/22/2010Davis Social Links84 http Anybody with an IP address Roughly your friends (or friend 2 s) Quality of the Friendship may have been out of control… “more realistic” social network online social network

85 07/22/2010Davis Social Links85 Social Network Transformation What is the best/effective VPSN for this application X? –Virtual Private Social Network JustinEricFelix neighbor friend JustinEricFelix JustinEricFelix FB friendFV friend

86 07/22/2010Davis Social Links86 In the middle… Bit Torrent Peer selection –Currently no “Social” Relationship involved Farmville Neighbors –Must leverage Facebook friendship 0%100%

87 07/22/2010Davis Social Links87 Good or bad news?? Stability in Social/Relationship Networks –properties that we can leverage, enforce, analyze? (application dependent) JustinEricFelix JohnAmy NancyMarySamTim Social Bot Master

88 07/22/2010Davis Social Links88 Layers of Social Networks JustinEricFelix JohnAmy NancyMarySamTim Social Bot Master

89 07/22/2010Davis Social Links89 Layers of Social Networks JustinEricFelix JohnAmy NancyMarySamTim Social Bot Master Justin Eric FelixJohn Amy NancyMary SamTim VPSN

90 07/22/2010Davis Social Links90 Social Informatics Service Providers Let’s have fun… but not JUST have fun, hopefully! Protocol Entity (L3~7) API (+ Social API) Protocol Entity (L3~7) Application and/or User Trustworthiness/Privacy Anonymity/Censorship Usability Explicit Making Relationships Explicit

91 07/22/2010Davis Social Links91 FAITH FAITH (Facebook Application Identifier Translator & Hypervisor) like NAT (Network Address Translation) “Should I have faith in you?”

92 07/22/2010Davis Social Links92 FAITH+DSL+GENI FAITH DSL 1 2 3

93 07/22/2010Davis Social Links93 DSL is an old idea! We, as human, have been using similar social communication principles. Maybe it is a good opportunity to re-think about our cyber communication system. Re-consider the current Internet architecture 1.Global Connectivity vs. Mutual Interest 2.Unique Routable Identifier vs. Application Dependent Credential AB AB F F F And, I certainly don’t have the answer yet…

94 07/22/2010Davis Social Links94 Remarks Social-Centric Networking –Packet/Flow + “Relationship” –Trust Management –Social Network in Progression/Development “Softer/Fuzzy” Resolution via Keywords –Name, Content, Identification –Semantic Analysis Social Network Control to Bridge the Gap

95 07/22/2010Davis Social Links95 Little demo later if any one is interested…

96 07/22/2010Davis Social Links96 Acknowledgements NSF/FIND, GENI, ARO/MURI, ARL/NS- CTA, Intel

Download ppt "Davis Social Links Relationship-Oriented Social-Centric Future Internet Architecture S. Felix Wu Computer Science Department University of California,"

Similar presentations

1 Davis Social Links Social Network Kernel for Future Internet Design Norm Matloff, Michael Neff, S. Felix Wu, Computer Science Diane Felmlee Sociology.

1 Davis Social Links Social Network Kernel for Future Internet Design Norm Matloff, Michael Neff, S. Felix Wu, Computer Science Diane Felmlee Sociology.
Mapping Service Templates to Concrete Network Semantics Some Ideas.

Mapping Service Templates to Concrete Network Semantics Some Ideas.
Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
The need for BGP AfNOG Workshops Philip Smith. “Keeping Local Traffic Local”

The need for BGP AfNOG Workshops Philip Smith. “Keeping Local Traffic Local”
Davis Social Links FIND: Facebook-based INternet Design S. Felix Wu Computer Science Department University of California, Davis

Davis Social Links FIND: Facebook-based INternet Design S. Felix Wu Computer Science Department University of California, Davis
How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.

How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
02/06/2006ecs236 winter 20061 Intrusion Detection ecs236 Winter 2006: Intrusion Detection #4: Anomaly Detection for Internet Routing Dr. S. Felix Wu Computer.

02/06/2006ecs236 winter Intrusion Detection ecs236 Winter 2006: Intrusion Detection #4: Anomaly Detection for Internet Routing Dr. S. Felix Wu Computer.
The Future of the Internet Jennifer Rexford ’91 Computer Science Department Princeton University

The Future of the Internet Jennifer Rexford ’91 Computer Science Department Princeton University
Building a Strong Foundation for a Future Internet Jennifer Rexford ’91 Computer Science Department (and Electrical Engineering and the Center for IT Policy)

Building a Strong Foundation for a Future Internet Jennifer Rexford ’91 Computer Science Department (and Electrical Engineering and the Center for IT Policy)
Center for Autonomic Computing Intel Portland, April 30, 2010 Autonomic Virtual Networks and Applications in Cloud and Collaborative Computing Environments.

Center for Autonomic Computing Intel Portland, April 30, 2010 Autonomic Virtual Networks and Applications in Cloud and Collaborative Computing Environments.
Cyber Security Challenges a social informatics touch on old attacks S. Felix Wu University of California, Davis 16/5/2013IEEE Intelligence and Security.

Cyber Security Challenges a social informatics touch on old attacks S. Felix Wu University of California, Davis 16/5/2013IEEE Intelligence and Security.
SocialFilter: Introducing Social Trust to Collaborative Spam Mitigation Michael Sirivianos Telefonica Research Telefonica Research Joint work with Kyungbaek.

SocialFilter: Introducing Social Trust to Collaborative Spam Mitigation Michael Sirivianos Telefonica Research Telefonica Research Joint work with Kyungbaek.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.

BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.

Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.
1 Computer Communication & Networks Lecture 22 Network Layer: Delivery, Forwarding, Routing (contd.)

1 Computer Communication & Networks Lecture 22 Network Layer: Delivery, Forwarding, Routing (contd.)
Impact of Prefix Hijacking on Payments of Providers Pradeep Bangera and Sergey Gorinsky Institute IMDEA Networks, Madrid, Spain Developing the Science.

Impact of Prefix Hijacking on Payments of Providers Pradeep Bangera and Sergey Gorinsky Institute IMDEA Networks, Madrid, Spain Developing the Science.
P2P SIP Names & Security Cullen Jennings

P2P SIP Names & Security Cullen Jennings
Freenet File sharing for a political world. Freenet: A Distributed Anonymous Information Storage and Retrieval System I. Clarke, O. Sandberg, B. Wiley,

Freenet File sharing for a political world. Freenet: A Distributed Anonymous Information Storage and Retrieval System I. Clarke, O. Sandberg, B. Wiley,

Similar presentations

Ads by Google