Slowing down to speed up: Protecting users against massive attacks in content distribution systems

Abstract

Content Distribution Systems (CDS) are those de- signed to efficiently deliver (to interested parties) a variety of contents. CDS may be classified in two groups. The first group (moderated) comprises the set of systems in which contents are checked against their descriptions before being published. The second group (non-moderated) is the set of systems without any kind of moderation. Since descriptions are of paramount importance to enable users to find contents, non-moderated CDS are clearly vulnerable to malicious interferences and susceptible to content pollution. Furthermore, colluding attackers may flood the system with imprecise metadata and turn the system into a useless content distribution platform. To protect the system from massive malicious behaviors and provide better Quality- of-Experience (QoE) to users, this paper presents a novel con- servative strategy to mitigate collusion attacks in non-moderated CDS. The rationale behind this simple, yet very effective strategy, is to delay user’s actions and randomly authorize them. Results indicate that this “artificial delay” reduces the effect of attackers in the system and, hence, increases user’s QoE.

Publication
IEEE/IFIP NOMS
Avatar
Flavio Santos
UFRGS MSc 2008-2010, UFRGS PhD 2010-2013, now a Data Infrastructure Engineer at Spotify, Sweden