IRIS: a robust information system against insider dos-attacks

Abstract

In this work we present the first scalable distributed information system, i.e., a system with low storage overhead, that is provably robust against Denial-of-Service (DoS) attacks by a current insider. We allow a current insider to have complete knowledge about the information system and to have the power to block any ξ-fraction of its servers by a DoS-attack, where ξ can be chosen up to a constant. The task of the system is to serve any collection of lookup requests with at most one per non-blocked server in an efficient way despite this attack. Previously, scalable solutions were only known for DoS-attacks of past insiders, where a past insider only has complete knowledge about some past time point t0 of the information system. Scheideler et al. [2, 3] showed that in this case it is possible to design an information system so that any information that was inserted or last updated after t0 is safe against a DoS-attack. But their constructions would not work at all for a current insider. The key idea behind our IRIS system is to make extensive use of coding. More precisely, we present two alternative distributed coding strategies with an at most logarithmic storage overhead that can handle up to a constant fraction of blocked servers.