210 likes | 396 Views
7 years in PowerPoint format. Wu-chang Feng wuchang@cs.pdx.edu. Fond memories of RTCL. The closed door of 2222 EECS. Stay in school, fool!. When can I graduate? Never asked this question, but one that was much worse. Can I stay longer?. A career year thanks to Prof. Shin and Dilip.
E N D
7 years in PowerPoint format Wu-chang Feng wuchang@cs.pdx.edu
Fond memories of RTCL • The closed door of 2222 EECS
Stay in school, fool! When can I graduate? • Never asked this question, but one that was much worse Can I stay longer? • A career year thanks to Prof. Shin and Dilip
After graduation • San Francisco (1999-2001) • Proxinet => Puma Technology => Pumatech => Intellisync joined left
Finding my Feng Shui to Oregon • 2001-present
Academic hijinx! • Mergers and acquisitions only happen in industry, right? • OGI => OHSU => Portland State University “Donning sporty eye-patches and brandishing cutlasses (figuratively), computer profs at Portland State University staged a raid on Oregon Graduate Institute. The downtown university snatched 10 tech professors from the Oregon Health & Science University subdivision, instantly upping its digital cred.” Willamette Week, Sept. 22, 2004 http://www.wweek.com/story.php?story=5527
The Forensix Computer TiVo • Motivation • Analyzing and recovering from hacking incidents is a costly, time-consuming, human-intensive task • Goal of Forensix • Build a computer system “TiVo” • Automatic analysis and replay of all activity on a computer • Build a computer analogy to “Back to the Future” • Selectively “undo” all activity that a hacker has performed
The Forensix Computer TiVo • What about the costs? • Forensic investigator time is expensive • Computing and storage resources are cheap and plentiful • $80 ~ 1 year replay log (small web server) • 10-20% performance degradation • Cost proposition becomes more favorable every day • Status • Fully functional prototype • Replay Shell (demo), Process Tree, Selective undo http://forensix.sourceforge.net/
The Forensix Computer TiVo • Current work • Generalizing the approach • From flat event logs to useful state reconstruction • Audits contain changes of state • Queries look at system state at a given time or over a given time interval • Useful for other applications (distributed network diagnosis) • Failed network connection • Reconstructing network state from distributed event logs to debug cause
Network-layer proof-of-work • Motivation • Undesirable communication is currently uncontrollable • Spam, viruses, worms, denial-of-service attacks • Client puzzles • A proposal for controlling harmful network communication • Force a client to solve a hard puzzle before giving service • IP puzzles • Add client puzzles into the Internet's fundamental layer to thwart all possible network attacks
Network-layer proof-of-work • Status • Fully functional iptables implementation • 180,000 puzzles/sec on commodity hardware • 1Gbs+ for per-packet puzzles with MTU packets • Puzzle generation ~1µs • Puzzle verification ~1µs, constant amount of state • Small packet overhead • Puzzle question ~40 bytes • Puzzle answer ~20 bytes • http://ippuzzles.sourceforge.net/
Network-layer proof-of-work (Take 2) • Problems with IP puzzles • Flooding the issuer and verifier system • Developing new cryptographic primitives • Flooding links leading to puzzle system • Publicly auditable proof-of-work • Verifiers at client edge • Single puzzle function per source, but per-request work • Issuer easily protected from flooding • Is it provably secure? • Provide puzzle protocols with the same provable treatment as other security protocols
Characterizing On-line Games • Successful on-line games require enormous infrastructure and satisfied players • Goal • Characterize aggregate game workloads to provision resources • Real-time GameSpy aggregate data for over 100 on-line games since 2002. • Characterize players to better deliver new content and incentives • Complete event log for Eve On-line MMORPG • Complete event log for a popular Counter-strike server http://www.thefengs.com/wuchang/work/cstrike
Securing On-line Games • Cheating exists in every on-line game • Directly impacts game revenue • Causes paying players to quit • Prevents new players from joining • Goal • Applying bit-commitment and information hiding to ensure cheat-proof playout http://www.thefengs.com/wuchang/work/cstrike
Securing On-line Games • Information exposure cheats • Warcraft3
Securing On-line Games • Information exposure cheats • Warcraft3 with Maphack (reveal map and enemy units)
Scaling On-line Games • Persistent MMORPGs are big business • WoW: 6 million paying $15/month (> $1 billion/year) • Traditional client-server model • Content creation by game publisher • Hosting by game publisher • Public server • Content creation by users • Hosting by users • No persistence
Scaling On-line Games • Goal • Develop public server MMORPG • Technical challenges • Managing persistence • Creating a tamper-resistant virtual economy • Handling unstable infrastructure http://www.thefengs.com/wuchang/work/cstrike