Abstract: Serverless distributed computing has received significant attention from both the industry and the research community. Among the most popular applications are the wide area network file systems, exemplified by CFS, Farsite and OceanStore. These file systems store filbes on a large collection of untrusted nodes that form an overlay network. They use cryptographic techniques to secure files from malicious nodes. Unfortunately, cryptographic techniques cannot protect a file holder from a Denial-of-Service (DoS) or a host compromise attack. Hence, most of these distributed file systems are vulnerable to targeted file attacks, wherein an adversary attempts to attack a small (chosen) set of files by attacking the nodes that host them.

In this talk, I will describe LocationGuard - a location hiding technique for securing overlay file storage systems from targeted file attacks. LocationGuard has three essential components: (i) location key that serves as the key to the location of a file, (ii) lookup guard, a secure algorithm to locate a file in the overlay network such that neither the key nor the location is revealed to an adversary, and (iii) a set of location inference guards against various inference attacks such as lookup frequency, IP-address, file replica, and file size inference attacks. We show that the combination of location key, lookup guard, and location inference guards makes it very hard for an adversary to infer the location of a target file by either actively or passively observing the overlay network. LocationGuard can be used to mitigate Denial-of-Service (DoS) and host compromise attacks by constructing an efficient file access control mechanism, while adding almost zero performance overhead and very minimal storage overhead to the overlay file system.

Biography: Ling Liu is currently an associate professor at the <http://www.cc.gatech.edu/>College of Computing at <http://www.ogi.edu/>Georgia Tech. She directs the research programs in Distributed Data Intensive Systems, examining research issues and technical challenges in building scalable and secure distributed data intensive systems. Her current research interests include performance, security, and privacy issues in peer to peer and grid computing, mobile location based services, sensor network systems, and distributed enterprise computing technology.  Her recent research in security has been focused on developing safe guards for securing wide area distributed data intensive systems, including event guards, content guards, location guards, trust guards. She has published over 150 international journal and conference articles. She currently serves as co-chair of several IEEE conferences, including the co-PC chair of IEEE 2006 International Conference on Data Engineering (ICDE 06), the vice chair of the Internet Computing track of the IEEE 2006 International Conference on Distributed Computing (ICDCS 06), and is on the editorial board of several international journals, including an associate editor of IEEE Transactions on Knowledge and Data Engineering (TKDE), International Journal of Very Large Databases (VLDBJ), and International Journal of Web Service Research. Most of Dr. Liu's current research has been sponsored by <http://www.nsf.org> NSF, <http://www.doe.gov>DoE, <http://www.darpa.mil> DARPA, <http://www.ibm.com> IBM, and <http://www.hp.com>HP.

More information may be found at: http://www.cc.gatech.edu/~lingliu/