Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lapsy Garg. P2P Networks Gnutella Protocol Topological Scan Worms Passive Scan Worms Solutions.

Published byDwight Sparks Modified over 9 years ago

Similar presentations

Presentation on theme: "Lapsy Garg. P2P Networks Gnutella Protocol Topological Scan Worms Passive Scan Worms Solutions."— Presentation transcript:

1 Lapsy Garg

2 P2P Networks Gnutella Protocol Topological Scan Worms Passive Scan Worms Solutions

3 Resource Sharing P2P Nodes act both as servers and clients Resilient to single node failure Almost Infinite Storage Capacity Examples Gnutella Kazza Bit Torrent

4 Do not waste time probing unused IP addresses. Do not generate high rate of failed connections Ability to merge malicious traffic into P2P traffic Detection systems based on analysis of worm scans cannot differentiate between the normal p2p activity of a client from a worm. Hence, difficult to detect

5 Distributed p2p protocol Defines the way in which peers communicate over the network Highly fault tolerant Some popular Gnutella Clients LimeWire BearShare Gtk-Gnutella

6 Each Servant has a self selected servant_id A Gnutella Node is typically connected to 2-12 nodes Time to Live(TTL) Further limits the horizon of Nodes When a message is passed through a node its TTL is reduced by 1 If TTL=0, then the message is not forwarded further File exchange involved two phases Search Download

7 Search To search for a file a node, say n, sends a search Query message to its neighbor nodes. On receiving a search Query, nodes look for a match in their local data set If a match is found a Hit message is generated which is sent back over the same path through which Query message came to the node Query message is forwarded further if TTL is not zero Download On receiving Hit messages node n selects a node to download the file The Downloads happen via a HTTP connection

8 (1)Query (2)Query (3)Query (4) Hit (5) Hit (6) Hit (7) Download Peer A Peer D Peer B Peer C

9 P2P Worms Topological Scan Worms Passive Worms

10

11

12 Do not waste time probing unavailable IP address Can use information available with infected p2p node to search for vulnerable nodes Most of the worm detection systems based on analysis of worm scans rendered useless Vulnerability in the Application No case of such worms has been reported yet

13 Gnutella assumes nodes are trustworthy, which is not always the case There is no way to determine the authenticity of the files being advertised by a peer The decision to download a file is more or less based on filename or file size

14 Vulnerability in the protocol Wait for the vulnerable targets to contact them Case 1 Worm can create infected copies of itself with attractive filenames and place them in the share folder of the p2p client or will replace the files present in the shared folder with itself e.g. VBS.Gnutella, Benjamin Worm etc. Case 2 Answers positively to a proportion of search queries by changing the name of the corrupted file to match the search query e.g. Gnuman Case 3 – Middle Man Attack The infected node can forward the search query and collect good responses to the given query and reply with same to gain better trust of the user No case of this kind of worm has been reported

15 Most of the solutions proposed to solve the problem of Passive Worms are based on building trust between the peers Some of the popular approaches are: EigenTrust Credence XRep These approaches do slow down the worm propagation but they do not do anything to detect the worms

16 Generates the global reputation of the peers without the presence of any central authority Files from the highly reputed peers are given higher preference Assumes that files downloaded from the highly reputed peers are much less likely to be infected or junk This approach would not work if a highly reputed peer starts sharing an infected file

17 Each peer generates a trust graph i.e. how much it trusts other peers based on its experience with other nodes Before a file download, it will collect the votes from other peers about the file The weight of each vote will depend on the reputation of the voter The files will then get sorted in decreasing order of reputation, which is calculated based on the votes for the file

18 [1] Worm List, http://www.viruslist.com/en/virusesdescribed?chapter=153311928. [2] Gnutella, http://www9.limewire.com/developer/gnutella_protocol_0.4.pdf. [3] LimeWire, http://www.limewire.com.http://www.limewire.com [4] N. Curtis, R. Safavi-Naini, and W. Susilo. X2rep: Enhanced trust semantics for the xrep protocol. In Applied Cryptography and Network Security, Yellow Mountain, China, June, 2004. [5] E. Damiani, S. D. C. di Vimercati, S. Paraboschi, P. Samarati, and F. Violante. A reputationbased approach for choosing reliable resources in peer-to-peer networks. In ACM Conference on Computers and Communications Security, Washington, DC, October 2002. [6] E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, and P. Samarati. Managing and sharing servents’ reputations in p2p systems. IEEE Transactions on Knowledge and Data Engineering, vol. 15, n.4, pp. 840-854, July/August 2003. [7] M Engle and JI Khan. Vulnerabilities of p2p systems and a critical look at their solutions. Medianet Lab Technical Report, Department of Computer Science, Kent State University, 2006. [8] S. D. Kamvar, M. T. Schlosser, and H. Garcia-Molina. The eigentrust algorithm for reputation management in p2p networks., In Proceedings of the Twelfth International World Wide Web Conference, 2003. [9] Nassima Khiat, Yannick Carlinet, and Nazim Agoulmine. The emerging threat of peer-topeer worms. MonAM 2006 Workshop, 2006. [10] Kevin Walsh and Emin Gün Sirer. Experience with a distributed object reputation system for peer-to-peer filesharing. In Proceedings of the Symposium on Networked System Design and Implementation (NSDI), San Jose, California, May 2006. [11] Lidong Zhou., Lintao Zhang., Frank McSherry., Nicole Immorlica, Manuel Costa, and Steve Chien. A first look at peer-to-peer worms: Threats and defenses. In Proceedings of the IPTPS, 2005.

Download ppt "Lapsy Garg. P2P Networks Gnutella Protocol Topological Scan Worms Passive Scan Worms Solutions."

Similar presentations

Performance in Decentralized Filesharing Networks Theodore Hong Freenet Project.

Performance in Decentralized Filesharing Networks Theodore Hong Freenet Project.
Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.

Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.
A P RESENTATION O N R ESOURCE D ISCOVERY I N T HE P EER- T O- P EER N ETWORK by Aravind Renganathan.

A P RESENTATION O N R ESOURCE D ISCOVERY I N T HE P EER- T O- P EER N ETWORK by Aravind Renganathan.
Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.

Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.
1 An Overview of Gnutella. 2 History The Gnutella network is a fully distributed alternative to the centralized Napster. Initial popularity of the network.

1 An Overview of Gnutella. 2 History The Gnutella network is a fully distributed alternative to the centralized Napster. Initial popularity of the network.
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.
Denial-of-Service Resilience in Peer-to-Peer Systems D. Dumitriu, E. Knightly, A. Kuzmanovic, I. Stoica and W. Zwaenepoel Presenter: Yan Gao.

Denial-of-Service Resilience in Peer-to-Peer Systems D. Dumitriu, E. Knightly, A. Kuzmanovic, I. Stoica and W. Zwaenepoel Presenter: Yan Gao.
Experience with an Object Reputation System for Peer-to-Peer File Sharing NSDI’06(3th USENIX Symposium on Networked Systems Design & Implementation) Kevin.

Experience with an Object Reputation System for Peer-to-Peer File Sharing NSDI’06(3th USENIX Symposium on Networked Systems Design & Implementation) Kevin.
Peer-to-Peer Networks João Guerreiro Truong Cong Thanh Department of Information Technology Uppsala University.

Peer-to-Peer Networks João Guerreiro Truong Cong Thanh Department of Information Technology Uppsala University.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Peer-to-peer archival data trading Brian Cooper Joint work with Hector Garcia-Molina (and others) Stanford University.

Peer-to-peer archival data trading Brian Cooper Joint work with Hector Garcia-Molina (and others) Stanford University.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
UNIVERSITY OF JYVÄSKYLÄ Chedar P2P platform InBCT 3.2 Peer-to-Peer communication Cheese Factory -project Research Assistant.

UNIVERSITY OF JYVÄSKYLÄ Chedar P2P platform InBCT 3.2 Peer-to-Peer communication Cheese Factory -project Research Assistant.
FRIENDS: File Retrieval In a dEcentralized Network Distribution System Steven Huang, Kevin Li Computer Science and Engineering University of California,

FRIENDS: File Retrieval In a dEcentralized Network Distribution System Steven Huang, Kevin Li Computer Science and Engineering University of California,
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Paul Solomine Security of P2P Systems. P2P Systems Used to download copyrighted files illegally. The RIAA is watching you… Spyware! General users become.

Paul Solomine Security of P2P Systems. P2P Systems Used to download copyrighted files illegally. The RIAA is watching you… Spyware! General users become.
1 Denial-of-Service Resilience in P2P File Sharing Systems Dan Dumitriu (EPFL) Ed Knightly (Rice) Aleksandar Kuzmanovic (Northwestern) Ion Stoica (Berkeley)

1 Denial-of-Service Resilience in P2P File Sharing Systems Dan Dumitriu (EPFL) Ed Knightly (Rice) Aleksandar Kuzmanovic (Northwestern) Ion Stoica (Berkeley)
ODISSEA Mehdi Kharrazi Kulesh Shanmugasundaram Security Issues.

ODISSEA Mehdi Kharrazi Kulesh Shanmugasundaram Security Issues.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.

Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.

Similar presentations

Ads by Google