S. Felix Wu Computer Science Department University of California, Davis wu@cs.ucdavis

1. Davis Social LinksLeveraging Social Informatics for Cyber Security, from a Networking Perspective S. Felix Wu Computer Science Department University of California, Davis wu@cs.ucdavis.edu http://www.facebook.com/sfelixwu http://dsl.cs.ucdavis.edu

2. my talk today… • “Trying” to identify some architectural concerns of our communication network: • Mostly from the security perspective • Argue why certain features might not be necessary • Proposing a different architecture based on social informatics: • What will we possibly gain? • Why shouldn’t we simply realize this new social layer purely at the application layer (on top of IP, e.g.)? ARL

3. SMTP ARL

4. Unique Routable Identity “Destination Identity” is the ONLY thing you need to communicate with that particular identity! ARL

5. Unique Routable Identity SMTP • Any identity (email address, IP, url) can communicate with any one else. • Email, web, bittorrent, warcraft, skype… “Destination Identity” is the ONLY thing you need to communicate with that particular identity! ARL

6. Properties • Unique global network-layer identifier • IPv4/v6 addresses, email address, FB identity • Global connectivity • Internet ARL

7. “Routable Identity” • Application identity=M=> Network identity • Network identity =R=> Network identity • Network identity =M=>Application identity Application Entity Application Entity DNS OSPF/BGP Network Entity Network Entity ARL

8. ARL

9. Communication Networking • Anybody can communicate with anybody! ARL

10. Hijackable Routable Identify ARL

11. YouTube = 208.65.152.0/22 (AS 36561) • (+0 mins) 18:47 (UTC): AS17557 (Pakistan Telecom) starts announcing 208.65.153.0/24 (a more specific prefix). • (+80 mins) 20:07 (UTC): AS36561 (YouTube) starts announcing 208.65.153.0/24 • (+91 mins ) 20:18 (UTC): AS36561 (YouTube) starts announcing 208.65.153.128/25 and 208.65.153.0/25 • ( 2H, 4mins) 20:51 (UTC): AS3491 (upstream) prepend ( “17557 17557” ) • ( 2H, 14mins) 21:01 (UTC): AS3491 (upstream) withdraw Pakistan Telecom announcement ARL

12. Communication Networking • Anybody can communicate with anybody! • We might not know, though, who we are talking to… ARL

13. Communication Networking • Anybody can communicate with anybody! • We might not know, though, who we are talking to… even if we have tried to secure everything. ARL

14. Email as just an example… Amy Eric Felix Tim ARL

15. Oops… “BTW, a small typo as well!” ARL

16. Communication Networks • Anybody can communicate with anybody! • We might not know, though, who we are talking to… even if we have tried to secure everything. • Not only we often don’t know who we are talking to but also we falsely drop things we shouldn’t! ARL

17. Principle of Communication • Communication is not just about syntactical information (bits/bytes) we are exchanging • Communication is about “changing the relationship” (improving, hopefully)! ARL

18. Social Informatics • What is it? • Social Relationship ARL

19. John Will Amy Eric Justin Felix Mary Nancy Sam Tim ARL

20. John Will Amy Eric Justin Felix Mary Nancy Sam Tim ARL

21. How to realize? ARL

22. SMTP ARL

23. SMTP ARL

24. SMTP Felix Eric Facebook ARL

25. Explicit social context and relationship SMTP Felix Eric Dualism Justin Justin 0.65 0.73 Eric Felix ARL

26. Application Existing Applications Social-Enabled Applications and Games Wrapper Felix Eric Social Context tagging SCOSK Name-ID resolution Community Oriented Keywords Social network transformation Policy/Reputation-based Route discovery OSN SCOSK over OSN ARL

27. Social Informatics • What is it? • Social Relationship, it’s really about quality and the context! ARL

28. Principle of Communication • Communication is not just about syntactical information (bits/bytes) we are exchanging • Communication is about “changing the relationship” (improving, hopefully)! ARL

29. SMTP ARL

30. Social-Control Routing SMTP 3 2 1 ARL

31. “Social Control Layer” Application Entity Application Entity RelationshipPath Selection Social Entity Social Entity Control interface Network Entity Network Route Binding Network Entity ARL

32. Advantages • Relationship-centric Social-aware routing • Quality of Service/Protection/Reputation • QoI: Information + Supporting Relationship • Social-Aware Information Ranking • More details on next Tuesday • Community-Oriented Collaboration • I will cover a little bit today ARL

33. Social-aware Search Engine • Problem(s): • What are the most critical pieces of content for Question or Query X? • Quantitative: Trust/Social Metadata  Information “Ranking” Gain • Google: Voting/Popularity based Ranking • Social Rank: • How do we integrate social context in search engines? • Quantitative: Social/Trust Features  Social Rank

34. Social Search Engine • Web contains random pieces of information • Unverifiable source, no context • Information sharing on social networks • Friend of each user shares certain information • Known source • Social context • How do we integrate social context in search engines? How do we rank the information sources?

35. Information shared within each egocentric network

36. Egonetwork, Gφ(e) = (V, E): Ego, e is connected to each node in the above figure and not shown to improve clarity) Highlighted nodes are sources for certain information

37. Social-aware Search Engine • Problem(s): • What are the most critical pieces of content for Question or Query X? • Quantitative: Trust/Social Metadata  Information “Ranking” Gain • Google: Voting/Popularity based Ranking • Social Rank: • How do we integrate social context in search engines? • Quantitative: Social/Trust Features  Social Rank Network Perspective: How do we make Google decentralized?

38. Kleinberg’s Model • Use only Local information, except the distance to the target. • However, what is the “global distance” in cyber space? Yet, the assumption behind is that the “edges” depend on the “relative distance”. Davis Social Links

39. X, Y, and Z • How will we tell whether the relative distance between X&Y is closer than X&Z? • X, Y, Z (assuming they are all direct friends to each other) • One simple idea: “Keyword intersection” • KW(X), KW(Y), KW(Z) • 1/(#[KW(a) KW(b)] + 1) • Will this work? How about global distance? Davis Social Links

40. Davis Social Links

41. Davis Social Links

42. [A,D] + social context B D A C “A” has to explicitly declare if there is any social context under this communication activity with “D”! But, “D” only cares if it is from “C” or not! ARL

43. Finding B D A C A2D, while D is McDonald’s! D would like “customers” to find the right route. “idea: keyword propagation” e.g., “McDonald’s” ARL

44. as the Social Peer • Attributes: • {McDonald’s Express, 640 W Covell Blvd, # D, Davis, (530) 756-8886, Davis Senior High School, Community Park, North Davis} ARL

45. ARL

46. Announcing B D K: “McDonald’s” A C Hop-by-hop keyword propagation ARL

47. Announcing B D K: “McDonald’s” K: “McDonald’s” A C Hop-by-hop keyword propagation ARL

48. Announcing B D K: “McDonald’s” K: “McDonald’s” K: “McDonald’s” A C Hop-by-hop keyword propagation ARL

49. Announcing B D K: “McDonald’s” K: “McDonald’s” K: “McDonald’s” A C Hop-by-hop keyword propagation And, I know I am doing FLOODING!! ARL

50. in Community of Davis B D A C Who should receive the keyword announcement for “McDonald’s”? ARL