Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 The Pollution Attack in P2P Live Video Streaming: Measurement Results and Defenses Prithula Dhungel Xiaojun Hei Keith W. Ross Nitesh Saxena Polytechnic.

Similar presentations


Presentation on theme: "1 The Pollution Attack in P2P Live Video Streaming: Measurement Results and Defenses Prithula Dhungel Xiaojun Hei Keith W. Ross Nitesh Saxena Polytechnic."— Presentation transcript:

1 1 The Pollution Attack in P2P Live Video Streaming: Measurement Results and Defenses Prithula Dhungel Xiaojun Hei Keith W. Ross Nitesh Saxena Polytechnic University

2 2 The Pollution Attack Attacker joins an ongoing video channel Attacker advertises it has a large number of chunks W hen neighbors request chunks, attacker sends bogus chunks Receiver plays back bogus chunks Each receiver may further forward the polluted chunks

3 3 Peer Polluter request

4 4 Contributions Identified the pollution attack in P2P live video streaming applications Verify via experimental results (in PPLive) that pollution attack can be devastating Survey possible defenses against the attack

5 5 Pollution Experiment Figure: PPLive pollution experiment setup

6 6 Measurement Results (1) Figure: Number of peers viewing channel over experiment periods

7 7 Brooklyn Peer Figure: Clean and polluted chunks to/from Brooklyn peer

8 8 Hong Kong Peer Figure: Clean and polluted chunks to/from Hong Kong peer

9 9 Pollution Defense Mechanisms Blacklisting Traffic Encryption Chunk Signing –Sign-All Approach –Signature-Amortization Approaches Star Chaining Merkle Tree –Sign-and-Correct Approach

10 10 Chunk Signing Use PKI Every video source has public-private key pair Source uses private key to sign the chunks Receiver uses public key of source to verify integrity of chunk

11 11 Sign-All (1) Source –Source signs each chunk –Sends signature (authentication information) with corresponding chunk Receiver –Verifies each chunk individually using authentication information and public key of source

12 12 Sign-All (2) Chunk processing independence Bandwidth overhead -For a stream of m chunks, m signatures For 372 kbps channel with chunk size of 4000 bytes, around 3% Computation overhead - 1 (expensive) signature operation per chunk

13 13 Block Signing Chunks organized into blocks –Each block contains n chunks After generating n chunks, hash concatenation of all hashes, and sign result Reduces computation But cant verify individual chunks

14 14 Star Chaining Chunks organized into blocks –Each block contains n chunks After generating n chunks, calculate authentication information for each chunk –Signed hash of concatenation of all chunk hashes –Along with, all hashes of other n-1 chunks Receiver, chunk by chunk: –Applies public key to get hash of hashes –Verifies by concatenating hash of current chunk with those of the n-1 chunks, and taking hash

15 15 Star Chaining Computation overhead –> 1 signature per block Loss –> If some chunks are lost in block, can still decode rest Bandwidth overhead -> for block of n chunks, n-1 hashes + n signatures For channel of bitrate 372 kbps and chunk size of 4000 bytes, n = 32, about 16%

16 16 Merkle Tree Computation overhead –> 1 signature per block Loss –> If some chunks are lost in block, can still decode rest Bandwidth overhead -> nlog 2 n hashes + n signatures (about 5%)

17 17 Conclusion The pollution attack can be devastating Defenses: –Signature Amortization (Merkle Tree) – less computational overhead and delay at receiver but more bandwidth overhead –Sign-and-Correct – less bandwidth requirement but higher processing delay and computational requirement Based on requirements of the application, either of the two could be used

18 18 References [1] C. K.Wong and S. S. Lam. Digital signatures for flows and multicasts. IEEE/ACM Trans. Netw., [2] A. Lysyanskaya, R. Tamassia, and N. Triandopoulos. Multicast authentication in fully adversarial networks. In IEEE Symposium on Security and Privacy, 2004.

19 Thank You!


Download ppt "1 The Pollution Attack in P2P Live Video Streaming: Measurement Results and Defenses Prithula Dhungel Xiaojun Hei Keith W. Ross Nitesh Saxena Polytechnic."

Similar presentations


Ads by Google