Presentation on theme: "Cope with selfish and malicious nodes"— Presentation transcript:
1 Cope with selfish and malicious nodes Jinyang Li
2 P2P requires cooperation Cooperation means nodes obey designHowever, P2P users control the nodesModify the given softwareShut down applicationDelete app filesRate limit application etc.P2P users are mostly selfishAvoid contributing resources as much as possibleP2P nodes could be maliciousAdversary can enroll (arbitrarily) many nodesP2P nodes speak the “right” protocol,but might not do the “right” things.
4 Design space for combating misbehaving nodes Enforce nodes to run desired softwareObfuscate protocol/softwareRely on hardware support to authenticate a running piece of software (Trusted computing)
5 Design space for combating misbehaving nodes 2. Encourage nodes not to be selfishDesign protocols so it is in a node’s best interest to contribute3. Choose trustworthy nodes for interactionIf only a few trusted nodes turn out to be bad, it is okay since data/service is replicated
6 #2 Encourage non-selfish behavior What do selfish users do in file-sharing?Download from others, but refuse to uploadWhy is it bad?If everybody behaves like this, system is useless
7 A layman’s view of game theory CGlobal optimal:Requires both to cooperateD3,30,55,01,1CNash equilibriumboth defect,worst global outcomeDPrisoner’s dilemma (PD)
8 Tit-for-tat What if boy and dog play the game over many iterations? Cooperate in the 1st round, mirror what your opponent did in the last roundTit-for-tat with forgiveness:Occasionally cooperate to end a streak of retaliation and counter-retaliation
9 Tit-for-tat for file sharing Exchanging data between peers is like an iterated PD gameBreak data exchange in multiple rounds.If remote peer does not upload fast enough (defect), choke his download (play defect).
10 Bittorrent Group all peers interested in the same file into a swarm Each node has sth. the other wantsA big file is broken into piecesEach node downloads pieces in random orderEvery 10 seconds, calculate a remote peer’s upload rate, if no good, choke itTit-for-tatPeriodically chooses one random peer to unchoke…with forgiveness
11 How tit-for-tat helps BT Tit-for-tat in BT ensures fair exchange(?)Tit-for-tat prevents selfish behavior(?)All selfish behaviors are non-profitable(?)
12 Cautions in applying tit-for-tat in other scenarios The game must be played over many roundsEach peer must have “goods” valued equally by the otherWhat’s at stake?
13 # Combating malicious nodes Malicious (Byzantine) nodesTheir goal is to bring max harm to youMay also behave randomly and unpredictablyBasic strategyreplicate data/functionalitiesObtain data or votes of results from multiple replicasThe impossibility results:No availability when all nodes are Byzantine.No correct agreement when >1/3 nodes are Byzantine.
14 What’s at stake? What does the system vote on? launch a nuclear missileBuyer or seller’s reputation (eBay)Importance of a webpage (Google)Interesting news (digg)Authenticity of a shared file (Credence)
15 Who can vote? eBay, digg: any registered users Can an adversary register millions of users?Must ensure votes come from independent partiesRestrict voters to humansRestrict one identity per humanCredence:Central authority issues public key to nodesLimit how fast keys are issued to each node
16 What to vote on? Votes could be on subjective or objective matters (Digg) Interesting vs. boring newsCredence insight:Make votes objective, honest users similar votesExample votes:<abf3: britney name, mp3 = type>K<ba9f: britney name, mp3 type>K<35e4: name = >KBinds a vote to its fileBinds a vote to a user
17 How to cast votes?U1 downloads files abf3,ba9f,35e4 with search term “britney mp3”<abf3: britney name, mp3 = type>K<ba9f: britney name, mp3 type>K<35e4: name = >K
18 How to use votes?U2 obtains hash abf3,ba9f,35e4 from search “britney mp3”Goal: Rank hashes according to votesCollect a list of votes for each hash from peersWeight peers using voting history correlationCompute weighted aggregate votes on each hashSort
19 Weight peers based on vote correlation My votesU1’s votesabcd britney name,b234 spears name,4567 madonna nameff45 nina name1234 britney nameabf3 britney nameb234 britney name4567 madonna nameff45 nina name1234 britney name4 votes on same files; 2 positive agreementsP=.52 positive votes from me, 3 positive votes from U1a=.5, b=.75Correlation (p-ab)/sqrt(a(1-a)b(1-b)) = 1.36
20 Weight peers based on vote correlation My votesU2’s votesabcd britney name,b234 spears name,4567 madonna nameff45 nina name1234 britney nameabf3 britney nameb234 britney name4567 madonna nameff45 nina name1234 britney name4 votes on same files; 1 positive agreementsP=0.252 positive votes from me, 3 positive votes from U1a=.5, b=.75Correlation (p-ab)/sqrt(a(1-a)b(1-b)) = -0.57
21 What if there are no overlapping files? Use transitive correlationIf A has high correlation with B, B has high correlation with C, then A has high correlation with C