Download - 7 years in PowerPoint format
7 years in PowerPoint format
Wu-chang [email protected]
Fond memories of RTCL
● The closed door of 2222 EECS
Stay in school, fool!
When can I graduate?– Never asked this question, but one that was much worse
Can I stay longer?–A career year thanks to Prof. Shin and Dilip
After graduation
● San Francisco (1999-2001)● Proxinet => Puma Technology => Pumatech => Intellisync
joined left
Finding my Feng Shui to Oregon
● 2001-present
Academic hijinx!
● Mergers and acquisitions only happen in industry, right?– OGI => OHSU => Portland State University
“Donning sporty eye-patches and brandishing cutlasses (figuratively), computer profs at Portland State University staged a raid on Oregon Graduate Institute. The downtown university snatched 10 tech professors from the Oregon Health & Science University subdivision, instantly upping its digital cred.”
Willamette Week, Sept. 22, 2004http://www.wweek.com/story.php?story=5527
Current coordinates in Portland
Oregon
And now for something completely different….
Research!
The Forensix Computer TiVo
● Motivation– Analyzing and recovering from hacking incidents is a costly,
time-consuming, human-intensive task● Goal of Forensix
– Build a computer system “TiVo”● Automatic analysis and replay of all activity on a computer
– Build a computer analogy to “Back to the Future”● Selectively “undo” all activity that a hacker has performed
The Forensix Computer TiVo
● What about the costs?– Forensic investigator time is expensive– Computing and storage resources are cheap and plentiful
● $80 ~ 1 year replay log (small web server)● 10-20% performance degradation
– Cost proposition becomes more favorable every day● Status
– Fully functional prototype● Replay Shell (demo), Process Tree, Selective undo
http://forensix.sourceforge.net/
The Forensix Computer TiVo
● Current work– Generalizing the approach
● From flat event logs to useful state reconstruction● Audits contain changes of state● Queries look at system state at a given time or over a given time
interval
– Useful for other applications (distributed network diagnosis)● Failed network connection● Reconstructing network state from distributed event logs to debug
cause
Network-layer proof-of-work
● Motivation– Undesirable communication is currently uncontrollable
● Spam, viruses, worms, denial-of-service attacks
– Client puzzles● A proposal for controlling harmful network communication● Force a client to solve a hard puzzle before giving service
● IP puzzles– Add client puzzles into the Internet's fundamental layer to
thwart all possible network attacks
Network-layer proof-of-work
● Status– Fully functional iptables implementation
● 180,000 puzzles/sec on commodity hardware– 1Gbs+ for per-packet puzzles with MTU packets– Puzzle generation ~1µs– Puzzle verification ~1µs, constant amount of state
● Small packet overhead– Puzzle question ~40 bytes– Puzzle answer ~20 bytes
● http://ippuzzles.sourceforge.net/
Network-layer proof-of-work (Take 2)
● Problems with IP puzzles– Flooding the issuer and verifier system
● Developing new cryptographic primitives
– Flooding links leading to puzzle system● Publicly auditable proof-of-work
– Verifiers at client edge● Single puzzle function per source, but per-request work
– Issuer easily protected from flooding
– Is it provably secure?● Provide puzzle protocols with the same provable treatment as other
security protocols
Characterizing On-line Games
● Successful on-line games require enormous infrastructure and satisfied players
● Goal– Characterize aggregate game workloads to provision resources
● Real-time GameSpy aggregate data for over 100 on-line games since 2002.
– Characterize players to better deliver new content and incentives● Complete event log for Eve On-line MMORPG● Complete event log for a popular Counter-strike server
http://www.thefengs.com/wuchang/work/cstrike
Securing On-line Games
● Cheating exists in every on-line game● Directly impacts game revenue
– Causes paying players to quit– Prevents new players from joining
● Goal– Applying bit-commitment and information hiding to ensure
cheat-proof playout
http://www.thefengs.com/wuchang/work/cstrike
Securing On-line Games● Information exposure cheats
– Warcraft3
Securing On-line Games● Information exposure cheats
– Warcraft3 with Maphack (reveal map and enemy units)
Scaling On-line Games● Persistent MMORPGs are big business
– WoW: 6 million paying $15/month (> $1 billion/year)● Traditional client-server model● Content creation by game publisher● Hosting by game publisher
– Public server● Content creation by users● Hosting by users● No persistence
Scaling On-line Games
● Goal– Develop public server MMORPG
● Technical challenges– Managing persistence– Creating a tamper-resistant virtual economy– Handling unstable infrastructure
http://www.thefengs.com/wuchang/work/cstrike