Presentation on theme: "A P RESENTATION O N R ESOURCE D ISCOVERY I N T HE P EER- T O- P EER N ETWORK by Aravind Renganathan."— Presentation transcript:
A P RESENTATION O N R ESOURCE D ISCOVERY I N T HE P EER- T O- P EER N ETWORK by Aravind Renganathan
P APERS….. N.Daswani and H.Garcia-Molina, “PONG – CACHE POISONING IN GUESS”, ACM Conference On Computer and Communications Security 2004 N.Daswani and H.Garcia-Molina, “PONG – CACHE POISONING IN GUESS”, ACM Conference On Computer and Communications Security 2004 E.Damiani, S.De Capitani di Vimercati, S.Paraboschi, P.Samarati and F.Violante, E.Damiani, S.De Capitani di Vimercati, S.Paraboschi, P.Samarati and F.Violante, “A REPUTION BASED APPROACH FOR CHOOSING RELIABLE RESOURCE IN PEER- TO-PEER NETWORK”, ACM Conference On Computer and Communications Security 2002
Introduction… What is Peer-to-Peer Network? A sharing and delivery of user specified files among groups of people who are logged on to a file sharing network. (1) Peer-to-Peer, or abbreviated P2P, a type of network in which each workstation has equivalent capabilities and responsibilities. (2) What is Resource Discovery? In a P2P network, discovery of the required file (resource) over the vast spread clients for downloading. 1 - www.mp3-cdburner.com/MP3-glossary.shtml 2 - http://www.webopedia.com/TERM/p/peer_to_peer_architecture.html
“ PONG – CACHE POISONING IN GUESS ” N.Daswani and H.Garcia-Molina
Pong-Cache Poisoning In GUESS Proposes Policy On….. Resource Discovery that are resilient to attacks by Malicious Node Algorithms Proposed (Remodeling GUESS) Seeding Policy (SP) Introduction Protocol (IP) Ping Probe and Pong Choice Policy (PPP and PCP) Cache Replacement Policy (CRP) ID Smearing Algorithm (IDSA) Dynamic Network Partitioning (DNP) Malicious Node Detection (MND)
Gnutella UDP Extension for Scalable Searches (GUESS) Nodes Cache… Cache contains IDs of the available node in the network. Node are classified as Good Node Malicious Node ID’s are classified as Live Poisoned Dead Cache Management.. Node’s cache are updated using the “PING” and “PONG” messages Ping: Query to the available Node’s Cache to find any new node added Pong: Reply to the Ping from the node’s cache of the updated network information
Threats to GUESS… What is Pong Cache Poisoning? Contaminating the good Node’s cache with the Malicious node’s ID. Pong cache Poisoning leads to… Denial of Service (DOS) A good node may query a malicious node, and may not receive a response Inauthentic Results Query a malicious node and may receive a incorrect answers to the query. Propagated Cache Poisoning A good node may respond to a ping with a malicious ID
We Modify the GUESS to…. Maximize the number of live node in the Pong cache To mitigate the Pong Cache poisoning Limit the number of cache entries with the malicious node ID Reduce the rate of poisoning occurs
Policies Introduced in GUESS… Seeding Policy (SP) Seeding is done when a new node wants to join the network Various Seeding Policies.. Random Friend (RF) – New nodes seeds its cache with a random nodes cache Popular Node (PN) – New node seeds from a node N1, where N1 is a “popular” node Trusted Directory (TD) – New node seeds from a node that guarantees to be a non-dead. A “Trusted Directory” node is responsible to maintain non-dead node’s list. Introduction Protocol (IP) Here new born node ping to an existing node’s so that the existing node makes update the new born node in its cache. Note: SP should be used in tandem with IP to Achieve liveliness of the network.
Ping Probe and Pong Cache Policy Ping Probe Policy (PPP) Used to decide which node to ping It helps in identifying dead nodes Pong Cache Policy (PCP) Determines to which |S| node id’s to respond for a ping operation |S| - Subset of node IDs in the Pong cache Cache Replacement Policy (CRP) When pong arrives a subset of the cache is replaced with new pong IDs. Choices are done by Random Most Recently Used (MRU) Least Recently Used (LRU) Note: MRU CRP reduces the poisoning rate
ID Smearing Algorithm (IDSA) When node ID repeats in many pong message, it implies Node may be a malicious node Good node that is overloaded In this case we drop that ID from the Pong cache. In IDSA a node ID can repeats itself in 1/n pong message. n – No: of nodes in the system. Note: IDSA limits the no: of poisoned entries Dynamic Network Partitioning (DNP) In this we partition the network that enhances the search. J-length of ID Size of partition is 2 p : 0<=p<=j No: of partition is 2 j-p When j=p there is no need of DNP Note: when DNP is used with IDSA it mitigates the poisoning
Malicious Node Detection (MND) We try to detect a node is malicious or not based on our previous experiences. Note: MND is required where Malicious Node > Pong Cache Size. Modified GUESS…
“ A REPUTION BASED APPROACH FOR CHOOSING RELIABLE RESOURCE IN PEER-TO-PEER NETWORK ” E.Damiani, S.De Capitani di Vimercati, S.Paraboschi, P.Samarati and F.Violante
A REPUTION BASED APPROACH FOR CHOOSING RELIABLE RESOURCE IN PEER-TO-PEER NETWORK Paper Proposes… Reputation Sharing of a client by which resource requestor can assess the reliability of the resource offered. This achieved over the existing P2P protocol by piggybacking. Algorithm Proposes… Combined reputations of servant and resources which provides informative polling and overcomes limitation of servant based systems.
Servants and Resources Resources File shared over the network Servants - Nodes Servers when sharing resources Client when requesting for resources
XREP Protocol… Basic Assumption Require a servant to be associated with a servant_id, obtained using a secure hash function Resource identifier to be associated with the resource content (using hash function on the content) Experience Repositories Resource repository (resource_id, value) Resource_id – specify the resource Value – binary value specifying good or bad Servant repository (servant_id, num_plus, num_minus) Servant_id – peer has associated with the servants No: successful and unsuccessful downloads
XREP Protocol Phases… Resource Searching Resource Selection and Vote Polling Vote Evaluation Best Servant Check Resource Downloading
XREP Security Consideration Attacks on P2P Self Replication At any point of time a node can change it name or resource name. This is overcome by collecting votes on both the servant and the resource Man in the Middle Attack A -> D-> B A – client B – server D – Malicious node This is overcome during the vote evaluation and best servant check phase.
XREP Security Consideration Attacks on Reputation based system Pseudo spoofing Exploits the use of pseudonyms This is discovered in the Vote Evaluation Phase ID Stealth Malicious node generates multiple replies for a query with the stolen ID and its own ID This is prevented in Best Servant Check Phase Another attack is that Malicious node stealing the Hash of a good resource This becomes ineffective as the downloaded file hash does not match Shilling The attacker creates a multiple users with real IP address trying to influence the voting This invariably increases the cost for the attacker This is made by the TrustVote/TrustVoteReply
Advantages of Combining Both Servant and Resource Reputations. Reputation’s Life Cycle Impact on peers anonymity Cold-start Performance Bottleneck Blacklisting Data Storage and Bandwidth requirements Threshold Effects