Title :
Automated vulnerability discovery in distributed systems
Author :
Banabic, Radu ; Candea, George ; Guerraoui, Rachid
Author_Institution :
Sch. of Comput. & Commun. Sci., EPFL, Lausanne, Switzerland
Abstract :
In this paper we present a technique for automatically assessing the amount of damage a small number of participant nodes can inflict on the overall performance of a large distributed system. We propose a feedback-driven tool that synthesizes malicious nodes in distributed systems, aiming to maximize the performance impact on the overall behavior of the distributed system. Our approach focuses on the interface of interaction between correct and faulty nodes, clearly differentiating the two categories. We build and evaluate a prototype of our approach and show that it is able to discover vulnerabilities in real systems, such as PBFT, a Byzantine Fault Tolerant system. We describe a scenario generated by our tool, where even a single malicious client can bring a BFT system of over 250 nodes down to zero throughput.
Keywords :
distributed processing; security of data; software fault tolerance; BFT system; Byzantine fault tolerant system; automated vulnerability discovery; distributed system; faulty node; feedback-driven tool; malicious client; malicious node; real system; Computer bugs; Peer to peer computing; Protocols; Servers; Software; Testing; Throughput;
Conference_Titel :
Dependable Systems and Networks Workshops (DSN-W), 2011 IEEE/IFIP 41st International Conference on
Conference_Location :
Hong Kong
Print_ISBN :
978-1-4577-0374-4
Electronic_ISBN :
978-1-4577-0373-7
DOI :
10.1109/DSNW.2011.5958811
