Matthew Wright
University of Texas at Arlington
Computer Science and Engineering
Computer Science Building, Room 151
Faculty Host: Brian Levine
Social networks are great for connecting with other people, but they can also be leveraged for enhanced security properties. In this talk, I will describe two systems -- Pisces and Persea -- that we have designed to take advantage of the information that is inherent in the social network structure. Pisces is a system for enhancing anonymity in peer-to-peer (P2P) anonymity system designs. An anonymity system, such as the popular Tor network, helps protect your privacy on the Internet and enables people in countries like Syria to get around Internet censorship. In Pisces, we route our anonymity paths through users' social connections using verifiable random paths. We show that this technique provides much better privacy than prior designs in the face of strong attackers.
Persea addresses the reliability of looking up information and resources in a P2P system, such as Skype or Bittorrent. Existing systems are vulnerable to an attacker adding many malicious peer nodes, e.g. by using a botnet, and having them undermine the reliability of lookups. We propose a P2P system, Persea, based on a bootstrap tree -- essentially a social network that shows how each person entered the P2P system via a series of invitations. We embed the bootstrap tree into the identities that nodes use to locate themselves and perform lookups. We argue that this approach is more suitable to P2P systems than prior approaches and show that it provides lookup success rates at least as good as in prior work.
Matthew Wright is an associate professor at the University of Texas at Arlington. He graduated with his Ph.D from the Department of Computer Science at the University of Massachusetts in May, 2005, where he earned his M.S. in 2002. His dissertation work addresses the robustness of
anonymous communications. His other interests include secure and sybil-resistant P2P systems, security and privacy in mobile and ubiquitous systems, and understanding the human element of security and privacy. Previously, he earned his B.S. degree in Computer Science at Harvey Mudd College. He is a recipient of the NSF CAREER Award and the Outstanding Paper Award at the 2002 Symposium on Network and Distributed System Security.