1 / 21

7 years in PowerPoint format

7 years in PowerPoint format. Wu-chang Feng wuchang@cs.pdx.edu. Fond memories of RTCL. The closed door of 2222 EECS. Stay in school, fool!. When can I graduate? Never asked this question, but one that was much worse. Can I stay longer?. A career year thanks to Prof. Shin and Dilip.

missy
Download Presentation

7 years in PowerPoint format

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 7 years in PowerPoint format Wu-chang Feng wuchang@cs.pdx.edu

  2. Fond memories of RTCL • The closed door of 2222 EECS

  3. Stay in school, fool! When can I graduate? • Never asked this question, but one that was much worse Can I stay longer? • A career year thanks to Prof. Shin and Dilip

  4. After graduation • San Francisco (1999-2001) • Proxinet => Puma Technology => Pumatech => Intellisync joined left

  5. Finding my Feng Shui to Oregon • 2001-present

  6. Academic hijinx! • Mergers and acquisitions only happen in industry, right? • OGI => OHSU => Portland State University “Donning sporty eye-patches and brandishing cutlasses (figuratively), computer profs at Portland State University staged a raid on Oregon Graduate Institute. The downtown university snatched 10 tech professors from the Oregon Health & Science University subdivision, instantly upping its digital cred.” Willamette Week, Sept. 22, 2004 http://www.wweek.com/story.php?story=5527

  7. Current coordinates in Portland

  8. Oregon

  9. And now for something completely different…. Research!

  10. The Forensix Computer TiVo • Motivation • Analyzing and recovering from hacking incidents is a costly, time-consuming, human-intensive task • Goal of Forensix • Build a computer system “TiVo” • Automatic analysis and replay of all activity on a computer • Build a computer analogy to “Back to the Future” • Selectively “undo” all activity that a hacker has performed

  11. The Forensix Computer TiVo • What about the costs? • Forensic investigator time is expensive • Computing and storage resources are cheap and plentiful • $80 ~ 1 year replay log (small web server) • 10-20% performance degradation • Cost proposition becomes more favorable every day • Status • Fully functional prototype • Replay Shell (demo), Process Tree, Selective undo http://forensix.sourceforge.net/

  12. The Forensix Computer TiVo • Current work • Generalizing the approach • From flat event logs to useful state reconstruction • Audits contain changes of state • Queries look at system state at a given time or over a given time interval • Useful for other applications (distributed network diagnosis) • Failed network connection • Reconstructing network state from distributed event logs to debug cause

  13. Network-layer proof-of-work • Motivation • Undesirable communication is currently uncontrollable • Spam, viruses, worms, denial-of-service attacks • Client puzzles • A proposal for controlling harmful network communication • Force a client to solve a hard puzzle before giving service • IP puzzles • Add client puzzles into the Internet's fundamental layer to thwart all possible network attacks

  14. Network-layer proof-of-work • Status • Fully functional iptables implementation • 180,000 puzzles/sec on commodity hardware • 1Gbs+ for per-packet puzzles with MTU packets • Puzzle generation ~1µs • Puzzle verification ~1µs, constant amount of state • Small packet overhead • Puzzle question ~40 bytes • Puzzle answer ~20 bytes • http://ippuzzles.sourceforge.net/

  15. Network-layer proof-of-work (Take 2) • Problems with IP puzzles • Flooding the issuer and verifier system • Developing new cryptographic primitives • Flooding links leading to puzzle system • Publicly auditable proof-of-work • Verifiers at client edge • Single puzzle function per source, but per-request work • Issuer easily protected from flooding • Is it provably secure? • Provide puzzle protocols with the same provable treatment as other security protocols

  16. Characterizing On-line Games • Successful on-line games require enormous infrastructure and satisfied players • Goal • Characterize aggregate game workloads to provision resources • Real-time GameSpy aggregate data for over 100 on-line games since 2002. • Characterize players to better deliver new content and incentives • Complete event log for Eve On-line MMORPG • Complete event log for a popular Counter-strike server http://www.thefengs.com/wuchang/work/cstrike

  17. Securing On-line Games • Cheating exists in every on-line game • Directly impacts game revenue • Causes paying players to quit • Prevents new players from joining • Goal • Applying bit-commitment and information hiding to ensure cheat-proof playout http://www.thefengs.com/wuchang/work/cstrike

  18. Securing On-line Games • Information exposure cheats • Warcraft3

  19. Securing On-line Games • Information exposure cheats • Warcraft3 with Maphack (reveal map and enemy units)

  20. Scaling On-line Games • Persistent MMORPGs are big business • WoW: 6 million paying $15/month (> $1 billion/year) • Traditional client-server model • Content creation by game publisher • Hosting by game publisher • Public server • Content creation by users • Hosting by users • No persistence

  21. Scaling On-line Games • Goal • Develop public server MMORPG • Technical challenges • Managing persistence • Creating a tamper-resistant virtual economy • Handling unstable infrastructure http://www.thefengs.com/wuchang/work/cstrike

More Related