Security Analysis of Distributed Consensus-based Network Architecture

Abstract

Cloud computing is one of the most important communication paradigms supporting services related to data storage, execution of complex computations, hosting of applications, etc. The cloud is typically implemented over a network of data centers, which are giant, geographically remote warehouse-type facilities that host the computing and storage resources and run the related processes. The data centers are typically interconnected by optical fiber links capable of supporting high capacity and low latency communication. Their significance makes data center networks an alluring target for attacks aimed at disrupting services in order to cause damage or provoke chaos. The attacks are not constrained to the software realm, but can take place in the physical domain as well, e.g., by disabling data centers or cutting the optical fiber links to disrupt connectivity. In distributed systems, consensus-based services are applied to take decisions regarding the distribution of resources, networking, or allocation of services. In consensusbased systems, instead of relying on a central system, there is a handful of selected nodes in the network that are part of an election system which takes decisions and enforces action via consensus. For a consensus to be reachable, a majority of the electing nodes need to be available and responding to requests initiated within the network. If a majority does not exist, the system will not work. Hence, the vulnerability lies in the capability of an attacking agent to disrupt network connectivity and/or the electing nodes such that a majority cannot be formed and consensus cannot be reached. The main objective of this thesis is to provide an insight into the vulnerabilities of consensus-based systems to physical infrastructure attacks, i.e., fiber cuts and/or disabling of data centers. To this end, we develop an optimization model aimed at identifying the minimum effort needed by an attacker to prevent a majority from forming in a given data center network. The problem is formulated as an integer linear program and used to assess the vulnerability of three real-world reference network topologies of different sizes and characteristics, running consensus processes. Node placements guided by different topological principles, as well as random, are compared. The developed framework and analysis of security vulnerabilities of distributed data center networks has the potential to support decisions related to the design of such networks and improve their robustness to network infrastructure attacks.