Thorsten Strufe

Technische Universität Dresden, Dresden, Saxony, Germany

Are you Thorsten Strufe?

Claim your profile

Publications (99)17.88 Total impact

  • Source
    Stefanie Roos · Martin Beck · Thorsten Strufe
    [Show abstract] [Hide abstract]
    ABSTRACT: Friend-to-friend (F2F) overlays, which restrict direct communication to mutually trusted parties, are a promising substrate for privacy-preserving communication due to their inherent membership-concealment and Sybil-resistance. Yet, existing F2F overlays suffer from a low performance, are vulnerable to denial-of-service attacks, or fail to provide anonymity. In particular , greedy embeddings allow highly efficient communication in arbitrary connectivity-restricted overlays but require communicating parties to reveal their identity. In this paper, we present a privacy-preserving routing scheme for greedy embeddings based on anonymous return addresses rather than identifying node coordinates. We show that the return addresses allow plausible deniability. Furthermore, we enhance the routing's resilience by using multiple embeddings and propose a method for efficient content addressing. Our extensive simulation study on real-world data indicates that our approach is highly efficient and effectively mitigates failures as well as powerful denial-of-service attacks.
    Full-text · Conference Paper · Apr 2016
  • Source
    Stefanie Roos · Thorsten Strufe · Tu Dresden

    Full-text · Article · Jan 2016

  • No preview · Article · Jan 2016 · Computer Communications
  • Hani Salah · Julian Wulfheide · Thorsten Strufe
    [Show abstract] [Hide abstract]
    ABSTRACT: Named-Data Networking (NDN) is a promising architecture for future Internet. Its design, however, can be misused to perform a new DDoS attack known as the Interest Flooding Attack (IFA). In IFA, the attacker issues non-satisfiable interest packets, aiming to drop legitimate interest packets by overwhelming pending interest tables in NDN routers. Prior defence mechanisms can be not highly effective, harm legitimate interest packets, and/or incur high overhead. We propose a coordinated defence mechanism against IFAs. We realize our solution by adapting CoMon, a framework that we developed previously to coordinate caching-related decisions in NDN, motivated by its effective, yet affordable, coordination. In our solution, IFAs are detected and mitigated by few routers based on aggregated knowledge of traffic and forwarding states. These routers are selected by a novel heuristic enabling them to observe majority of traffic at early stage. Extensive simulations confirm the feasibility and effectiveness of the solution.
    No preview · Conference Paper · Oct 2015
  • Source
    Hani Salah · Stefanie Roos · Thorsten STrufe
    [Show abstract] [Hide abstract]
    ABSTRACT: The family of Kademlia-type systems represents the most efficient and most widely deployed class of internet scale distributed systems. However, prior research on these systems has mainly been restricted to analyzing deployed systems and suggesting improvements tailored to specific environments rather than exploiting the huge parameter space governing the routing performance. Concise analytic results are rare, due to the complexity of Kademlia’s parallel and non-deterministic lookups. This paper introduces the first comprehensive formal model of the routing for the entire family of Kademlia-type systems. We validate our model against simulations of both the BitTorrent Mainline DHT and eMule’s KAD implementation. The model allows a highly scalable comparison with respect to the hop distribution of different variations to the original protocol. In particular, we show that several of the recent improvements to the protocol in fact have been counterproductive with regard to routing efficiency.
    Full-text · Conference Paper · Aug 2015
  • Source
    Stefanie Roos · Thorsten Strufe
    [Show abstract] [Hide abstract]
    ABSTRACT: Virtual overlays generate topologies for greedy routing , like rings or hypercubes, on connectivity restricted networks. They have been proposed to achieve efficient content discovery in the Darknet mode of Freenet, for instance, which provides a private and secure communication platform for dissidents and whistle-blowers. Virtual overlays create tunnels between nodes with neighboring addresses in the topology. The routing performance hence is directly related to the length of the tunnels, which have to be set up and maintained at the cost of communication overhead in the absence of an underlying routing protocol. In this paper, we show the impossibility to efficiently maintain sufficiently short tunnels. Specifically, we prove that in a dynamic network either the maintenance or the routing eventually exceeds polylog cost in the number of participants. Our simulations additionally show that the length of the tunnels increases fast if standard maintenance protocols are applied. Thus, we show that virtual overlays can only offer efficient routing at the price of high maintenance costs.
    Full-text · Conference Paper · May 2015
  • Source
    Thomas Paul · Daniel Puscher · Thorsten Strufe
    [Show abstract] [Hide abstract]
    ABSTRACT: Privacy in Online Social Networks (OSNs) evolved from a niche topic to a broadly discussed issue in a wide variety of media. Nevertheless, OSNs drastically increase the amount of information that can be found about individuals on the web. To estimate the dimension of data leakage in OSNs, we measure the real exposure of user content of 4,182 Facebook users from 102 countries in the most popular OSN, Facebook. We further quantify the impact of a comprehensible privacy control interface that has been shown to extremely decrease configuration efforts as well as misconfiguration in audience selection. Our study highlights the importance of usable security. (i) The total amount of content that is visible to Facebook users does not dramatically decrease by simplifying the audience selection interface, but the composition of the visible content changes. (ii) Which information is uploaded to Facebook as well as which information is shared with whom strongly depends on the user's country of origin.
    Full-text · Article · May 2015
  • Thomas Paul · Daniel Puscher · Thorsten Strufe
    [Show abstract] [Hide abstract]
    ABSTRACT: Online Social Networking is a fascinating phenomena, attracting more than one billion people. It supports basic human needs such as communication, socializing with others and reputation building. Thus, an in-depth understanding of user behavior in Online Social Networks (OSNs) can provide major insights into human behavior, and impacts design choices of social platforms and applications. However, researchers have only limited access to behavioral data. As a consequence of this limitation, user behavior in OSNs as well as its development in recent years are still not deeply understood. In this paper, we present a study about user behavior on the most popular OSN, Facebook, with 2071 participants from 46 countries. We elaborate how Facebookers orchestrate the offered functions to achieve individual benefit in 2014 and evaluate user activity changes from 2009 till 2014 to understand the development of user behavior. Inter alia, we focus on the most important functionality, the newsfeed, to understand content sharing amongst users. We (i) yield a better understanding on content sharing and consumption and (ii) refine behavioral assumptions in the literature to improve the performance of alternative social platforms. Furthermore, we (iii) contribute evidence to the discussion of Facebook to be an aging network.
    No preview · Article · May 2015
  • Hani Salah · Julian Wulfheife · Thorsten Strufe
    [Show abstract] [Hide abstract]
    ABSTRACT: Named-Data Networking (NDN) is a promising architecture for future Internet. However, routers and content providers in NDN can be targets for a new DDoS attack called the Interest Flooding Attack (IFA). As a consequence, affected routers drop legitimate interest packets. We argue that IFA can be defended effectively when it is detected and mitigated, at early stage, based on timely and aggregated information of exchanged packets and forwarding states. Towards this end, we adapt CoMon, a framework that we developed formerly to coordinate caching-related decisions in NDN. This choice is motivated by CoMon’s proven ability to realize efficient, yet lightweight, coordination. A preliminary evaluation confirms the effectiveness of our solution against IFAs.
    No preview · Conference Paper · Apr 2015
  • Source
    Stefanie Roos · Giang T Nguyen · Thorsten Strufe
    [Show abstract] [Hide abstract]
    ABSTRACT: Mathematical modeling and analysis of distributed systems, mostly applied with the goal of the correctness or asymptotic behavior of a system, rarely provides concrete results and often disregards or simplifies network dynamics. However, concrete performance bounds on a system under churn are highly useful both as a validation of empirical results and a scalable alternative to simulations. In this paper, we first present an abstract methodology for deriving the success probability of an action, such as routing, in a dynamic system, using the session length distribution as the decisive parameter. We evaluate the developed methodology by giving concrete bounds on the success probability of recursive routing. The results do not only show the adaptability of our model, but also reveal that a considerable fraction of routing attempts fails due to a leaving node on the return path rather than due to not reaching the target.
    Full-text · Conference Paper · Mar 2015
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Conducting data analysis and system monitoring in a privacy-preserving manner is extremely important for anonymity systems such as the distributed publication system Freenet. The current obfuscation mechanisms for gathering statistics in Freenet are designed to anonymize both the responding node and the response itself. We show that due to the possibility of repeated targeted queries, hidden information, which can be potentially abused to damage both individual users and the system as a whole, about specific nodes can be derived using Bayesian Statistics. Our evaluation, using both an in-depth simulation study and real-world measurements, show that the hidden information can be inferred accurately in more than 86% of all experiments, with a relative error below 0.05 in more than 99.5% of all considered scenarios. Furthermore, we present an initial design for an improved obfuscation method, which is guaranteed to provide k-anonymity.
    Full-text · Conference Paper · Mar 2015
  • Hani Salah · Thorsten Strufe
    [Show abstract] [Hide abstract]
    ABSTRACT: The autonomous cache management in Content-Centric Networking (CCN) results in suboptimal caching decisions and implies cache-ignorant routing. Cache coordination and similar improvements hence have been the subject of several recent studies. The proposed solutions, however, are either impractical due to their massive coordination overhead, or of limited benefit since they cannot realize perfect coordination. We present CoMon, an architecture for network-wide coordinated caching. CoMon realizes an affordable, yet highly effective, coordination by assigning monitoring and cache-aware (re)routing tasks to only a few nodes, through which the majority of traffic is expected or enforced to pass. CoMon, by design, can maximize the diversity of cached contents and minimize cache replacements. In addition, our simulation study using ISP topologies, shows that CoMon under a pressuring scenario, when coordinates as few as 5% of the nodes, reduces the server hit ratio of both CCN and notable related work by up to 45%. Index Terms: Information-Centric Networking; Coordinated Caching; Cache-Aware Routing
    No preview · Conference Paper · Jan 2015
  • Thomas Paul · Daniel Puscher · Stefan Wilk · Thorsten Strufe
    [Show abstract] [Hide abstract]
    ABSTRACT: Huge quantities of videos are shared via Online Social Networks (OSN) like Facebook and are watched on mobile devices. Internet connections via cellular networks (UMTS / LTE) require the scarce resources radio bandwidth and battery power. Prefetching of videos in areas of WLAN availability has the potential to reduce the power consumption in comparison to data transmission via cellular networks and prefetching can help to avoid users running into traffic caps of their network providers. Furthermore, startup delays can be reduced. Social networks offer contextual information such as likes and comments as well as social graph information which can potentially be used to predict which content will be consumed in the near future. In this paper, we elaborate possibilities to predict content consumption based on the number of likes, comments and the social graph distance. Our detailed analysis of the media access patterns of more than 700 users in Facebook shows that the media consumption does not solely depend on the number of likes or comments. Users tend to watch videos that are uploaded by close friends and family members. Furthermore, the time a video preview stays in the browser-viewport before being clicked (pre-click delay) can be exploited to decrease startup delays.
    No preview · Conference Paper · Jan 2015
  • Paul Gebelein · Thomas Paul · Thorsten Strufe · Wolfgang Effelsberg

    No preview · Article · Jan 2015 · PIK - Praxis der Informationsverarbeitung und Kommunikation
  • D. Germanus · S. Roos · T. Strufe · N. Suri
    [Show abstract] [Hide abstract]
    ABSTRACT: Peer-to-Peer (P2P) protocols usage is proliferating for a variety of applications including time-and safety-critical ones. While the distributed design of P2P provides inherent fault tolerance to certain failures, the large-scale decentralized coordination exhibits various exploitable security threats. One of these key threats are Eclipse attacks, where a large fraction of malicious peers can surround, i.e., eclipse benign peers. Topology-aware localized Eclipse attacks (taLEAs) are a new class of such attacks that allows for highly efficient denial of service attacks with a small amount of malicious resources. Our contribution is twofold: First, we show the generic susceptibility of structured P2P protocols to taLEAs. Second, we propose a new lookup mechanism for the proactive and reactive detection and mitigation of such attacks. Our novel lookup mechanism complements the common deterministic lookup with randomized decisions in order to reduce the predictability of the lookup. We validate our proposed technique via extensive simulations, increasing the lookup success to 100% in many scenarios.
    No preview · Article · Dec 2014
  • Thomas Paul · Antonino Famulari · Thorsten Strufe
    [Show abstract] [Hide abstract]
    ABSTRACT: Abstract Because of growing popularity of Online Social Networks (OSNs) and huge amount of sensitive shared data, preserving privacy is becoming a major issue for OSN users. While most OSNs rely on a centralized architecture, with an omnipotent Service Provider, several decentralized architectures have recently been proposed for decentralized OSNs (DOSNs). In this work, we present a survey of existing proposals. We propose a classification of previous work under two dimensions: (i) types of approaches with respect to resource provisioning devices and (ii) adopted strategies for three main technical issues for DOSN (decentralizing storage of content, access control and interaction/signaling). We point out advantages and limitations of each approach and conclude with a discussion on the impact of DOSNs on users, OSN providers and other stakeholders.
    No preview · Article · Dec 2014 · Computer Networks
  • Source
    Stefanie Roos · Liang Wang · Thorsten Strufe · Jussi Kangasharju
    [Show abstract] [Hide abstract]
    ABSTRACT: Information-centric networks are a new paradigm for addressing and accessing content on the Internet, with Content-Centric Networking (CCN) being one of the more popular candidate solutions. CCN de-couples content from the location it is hosted and allows for mobility of the node requesting the content. However, CCN's ability to handle the mobility of the content source are limited and so far little research has focused on how both endpoints would be able to be mobile. We focus on mobility of the content source, using network embeddings as a tool. Network embeddings have already been proposed for content addressing and mobility management in prior work. In this paper, we first show that previously designed embeddings lead to a highly unbalanced storage and traffic load: More than 90% of all stored references are mapped to one node, which is involved in more than 95% of all queries. We propose a modified embedding, Prefix-S embedding, and a topology-aware key assignment, which enable a uniform distribution of the storage load. The maximum traffic per node is also considerably reduced from more than 95% to 35%.
    Full-text · Article · Sep 2014
  • Giang Nguyen · Mathias Fischer · Thorsten Strufe
    [Show abstract] [Hide abstract]
    ABSTRACT: The robustness of pull-based streaming systems to node failure and churn has been extensively analyzed. Their resistance to sabotage, however, is not well understood, so far. Recent measurement studies on a large deployed pull-based system have discovered stable source-to-peer paths and the convergence of the content dissemination to rather static topologies over time. Thus, an attack on central nodes within these static topologies, which causes serious service disruptions, is feasible. This paper demonstrates attacks that significantly reduce the system’s performance. As a countermeasure, we introduce a novel striping scheme, which decreases the dependencies between peers and thus the impact of attacks. A thorough simulation study indicates that our scheme achieves a high resistance against sabotage attacks at negligible overhead and performance penalties.
    No preview · Conference Paper · Sep 2014
  • Hani Salah · Stefanie Roos · Thorsten Strufe
    [Show abstract] [Hide abstract]
    ABSTRACT: Discovery of nodes and content in large-scale distributed systems is generally based on Kademlia, today. Understanding Kademlia-type systems to improve their performance is essential for maintaining a high service quality for an increased number of participants, particularly when those systems are adopted by latency-sensitive applications. This paper contributes to the understanding of Kademlia by studying the impact of diversifying neighbours’ identifiers within each routing table bucket on the lookup performance. We propose a new, yet backward-compatible, neighbour selection scheme that attempts to maximize the aforementioned diversity. The scheme does not cause additional overhead except negligible computations for comparing the diversity of identifiers. We present a theoretical model for the actual impact of the new scheme on the lookup’s hop count and validate it against simulations of three exemplary Kademlia-type systems. We also measure the performance gain enabled by a partial deployment for the scheme in the real KAD system. The results confirm the superiority of the systems that incorporate our scheme.
    No preview · Conference Paper · Sep 2014
  • Source
    Hani Salah · Stefanie Roos · Thorsten Strufe
    [Show abstract] [Hide abstract]
    ABSTRACT: Discovery of nodes and content in large-scale distributed systems is generally based on Kademlia, today. Understanding Kademlia-type systems to improve their performance is essential for maintaining a high service quality for an increased number of participants, particularly when those systems are adopted by latency-sensitive applications. This paper contributes to the understanding of Kademlia by studying the impact of \emph{diversifying} neighbours' identifiers within each routing table bucket on the lookup performance. We propose a new, yet backward-compatible, neighbour selection scheme that attempts to maximize the aforementioned diversity. The scheme does not cause additional overhead except negligible computations for comparing the diversity of identifiers. We present a theoretical model for the actual impact of the new scheme on the lookup's hop count and validate it against simulations of three exemplary Kademlia-type systems. We also measure the performance gain enabled by a partial deployment for the scheme in the real KAD system. The results confirm the superiority of the systems that incorporate our scheme.
    Full-text · Article · Jul 2014

Publication Stats

781 Citations
17.88 Total Impact Points

Institutions

  • 2014-2016
    • Technische Universität Dresden
      Dresden, Saxony, Germany
  • 2010-2013
    • Technical University Darmstadt
      • Telecooperation Lab (TK)
      Darmstadt, Hesse, Germany
  • 2010-2011
    • Universität Mannheim
      Mannheim, Baden-Württemberg, Germany
  • 2009
    • Institut de France
      Lutetia Parisorum, Île-de-France, France
  • 2008-2009
    • University of Nice-Sophia Antipolis
      Nice, Provence-Alpes-Côte d'Azur, France
  • 2003-2007
    • Technische Universität Ilmenau
      Stadt Ilmenau, Thuringia, Germany