MarketNet: Market-based Protection of Network Systems and Services

Apostolos Dailianas, Columbia University

Today’s network systems offer considerable power to attackers, which can (a) pursue unlimited attempts to compromise network resources; (b) evade detection; and (c) hide their identity and avoid liability. In this talk, I will present the MarketNet technology I developed for my dissertation. MarketNet introduces a novel approach to large-scale network protection that shifts power from attackers to resource owners. MarketNet uses market mechanisms to price resources and to allocate budgets among consumers. A resource owner can (a) tightly control access to a resource and its exposure to attacks; (b) monitor and audit resource access using resource-independent instrumentation and mechanisms; (c) detect attacks by using generic statistical algorithms; and (d) enforce liability and traceability of attackers. I will show how MarketNet technologies have been applied for the protection of software systems and services, such as the Simple Network Management Protocol (SNMP) and the Java Virtual Machine (JVM). Lastly, I will introduce a MarketNet-based intrusion detection system.