Department of Computer Science & Engineering

The Internet today is highly vulnerable to \emph{Internet catastrophes}: events in which an exceptionally successful Internet pathogen, like a worm or email virus, causes data loss on a significant percentage of the computers connected to the Internet. In this paper, we explore the feasibility of using data redundancy, a model of dependent host vulnerabilities, and distributed storage to ensure data survives such events. In particular, we motivate the design of a cooperative, peer-to-peer remote backup system called the \Phoenix\ recovery system, and we argue that \Phoenix\ is a compelling architecture for providing a convenient and effective approach for tolerating Internet catastrophes. Our key observation that makes \Phoenix\ both feasible and practical is that an Internet catastrophe, like any large-scale Internet attack, exploits shared vulnerabilities. Hence, the replication mechanism should take the dependencies of host failures---in this case, host diversity---into account. Using a simulation model we show that, by doing informed placement of replicas, \Phoenix\ provide highly reliable and available cooperative backup and recovery with low overhead: with as few as 2 replicas, the system can backup and recover at least the equivalent of 20\% of storage contributed by each host in the system.

Pre-2018 CSE ID: CS2003-0732