Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov 12 1 Rumor Riding Anonymizing Unstructured Peer- to-Peer System Jinsong Han and Yunhao.

Slides:



Advertisements
Similar presentations
Pastry Peter Druschel, Rice University Antony Rowstron, Microsoft Research UK Some slides are borrowed from the original presentation by the authors.
Advertisements

1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.
Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
Mudhakar Srivatsa, Ling Liu and Arun Iyengar Presented by Mounica Atluri.
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.
LightFlood: An Optimal Flooding Scheme for File Search in Unstructured P2P Systems Song Jiang, Lei Guo, and Xiaodong Zhang College of William and Mary.
Gnutella 2 GNUTELLA A Summary Of The Protocol and it’s Purpose By
Small-world Overlay P2P Network
Peer-to-Peer Networks João Guerreiro Truong Cong Thanh Department of Information Technology Uppsala University.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.
Rheeve: A Plug-n-Play Peer- to-Peer Computing Platform Wang-kee Poon and Jiannong Cao Department of Computing, The Hong Kong Polytechnic University ICDCSW.
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
Network Coding for Large Scale Content Distribution Christos Gkantsidis Georgia Institute of Technology Pablo Rodriguez Microsoft Research IEEE INFOCOM.
بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.
Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.
Efficient Content Location Using Interest-based Locality in Peer-to-Peer Systems Presented by: Lin Wing Kai.
Low-Cost and Reliable Mutual Anonymity Protocol in Peer-to- Peer Networks Li Xiao Zhichen Xu Xiaodong Zhang IEEE Transactions on parallel and distributed.
Pseudo Trust: Zero-Knowledge Based Authentication in Anonymous Peer-to-Peer Protocols Li Lu, Lei Hu State Key Lab of Information Security, Graduate School.
presented by Hasan SÖZER1 Scalable P2P Search Daniel A. Menascé George Mason University.
MuON: Epidemic Based Mutual Anonymity Neelesh Bansod, Ashish Malgi, Byung Choi and Jean Mayo.
Multicast Security CS239 Advanced Network Security April 16 th, 2003 Yuken Goto.
1CS 6401 Peer-to-Peer Networks Outline Overview Gnutella Structured Overlays BitTorrent.
Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.
A distributed Search Service for Peer-to-Peer File Sharing in Mobile Applications From U. of Dortmund, Germany.
Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01.
On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)
Introduction Widespread unstructured P2P network
Privacy-Preserving P2P Data Sharing with OneSwarm -Piggy.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
1 Reading Report 4 Yin Chen 26 Feb 2004 Reference: Peer-to-Peer Architecture Case Study: Gnutella Network, Matei Ruoeanu, In Int. Conf. on Peer-to-Peer.
Network Layer (3). Node lookup in p2p networks Section in the textbook. In a p2p network, each node may provide some kind of service for other.
 Introduction  VoIP  P2P Systems  Skype  SIP  Skype - SIP Similarities and Differences  Conclusion.
Jonathan Walpole CSE515 - Distributed Computing Systems 1 Teaching Assistant for CSE515 Rahul Dubey.
Overlay Network Physical LayerR : router Overlay Layer N R R R R R N.
Using the Small-World Model to Improve Freenet Performance Hui Zhang Ashish Goel Ramesh Govindan USC.
Chord: A Scalable Peer-to-peer Lookup Protocol for Internet Applications Xiaozhou Li COS 461: Computer Networks (precept 04/06/12) Princeton University.
BitTorrent enabled Ad Hoc Group 1  Garvit Singh( )  Nitin Sharma( )  Aashna Goyal( )  Radhika Medury( )
Crowds: Anonymity for Web Transactions Michael K. Reiter Aviel D. Rubin Jan 31, 2006Presented by – Munawar Hafiz.
TOMA: A Viable Solution for Large- Scale Multicast Service Support Li Lao, Jun-Hong Cui, and Mario Gerla UCLA and University of Connecticut Networking.
WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,
Securing Distributed Sensor Networks Udayan Kumar Subhajit Sengupta Sharad Sonapeer.
Peer to Peer A Survey and comparison of peer-to-peer overlay network schemes And so on… Chulhyun Park
APPLICATION LAYER MULTICASTING
1 Secure Peer-to-Peer File Sharing Frans Kaashoek, David Karger, Robert Morris, Ion Stoica, Hari Balakrishnan MIT Laboratory.
Computer Networking P2P. Why P2P? Scaling: system scales with number of clients, by definition Eliminate centralization: Eliminate single point.
Plethora: Infrastructure and System Design. Introduction Peer-to-Peer (P2P) networks: –Self-organizing distributed systems –Nodes receive and provide.
ADVANCED COMPUTER NETWORKS Peer-Peer (P2P) Networks 1.
Algorithms and Techniques in Structured Scalable Peer-to-Peer Networks
Two Peer-to-Peer Networking Approaches Ken Calvert Net Seminar, 23 October 2001 Note: Many slides “borrowed” from S. Ratnasamy’s Qualifying Exam talk.
P2P Search COP P2P Search Techniques Centralized P2P systems  e.g. Napster, Decentralized & unstructured P2P systems  e.g. Gnutella.
Netprog: Chat1 Chat Issues and Ideas for Service Design Refs: RFC 1459 (IRC)
K. Salah1 Security Protocols in the Internet IPSec.
Decentralized Trust Management for Ad-Hoc Peer-to-Peer Networks Thomas Repantis Vana Kalogeraki Department of Computer Science & Engineering University.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 
CS Spring 2010 CS 414 – Multimedia Systems Design Lecture 24 – Introduction to Peer-to-Peer (P2P) Systems Klara Nahrstedt (presented by Long Vu)
Zueyong Zhu† and J. William Atwood‡
Anonymous Communication
Location Cloaking for Location Safety Protection of Ad Hoc Networks
CHAPTER 3 Architectures for Distributed Systems
Early Measurements of a Cluster-based Architecture for P2P Systems
Anonymous Communication
Replica Placement Heuristics of Application-level Multicast
Computer Networks Protocols
Anonymous Communication
Presentation transcript:

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov 12 1 Rumor Riding Anonymizing Unstructured Peer- to-Peer System Jinsong Han and Yunhao Liu Department of Computer Science Hong Kong University of Science and Technology

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov 12 2 Privacy r the right to be let alone: one of the rights most cherished by people. r Who is talking to whom should be confidential or private in the Internet. m Who is searching a public database? m Which movie are you downloading? m Which companies are collaborating? m Who are you talking to via ?

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov 12 3 However… r Your machine’s IP uniquely identifies you across web sites. r Nothing illegal about cross-referencing. r The goal of Internet anonymity: A host can communicate with a server while nobody can determine its identity

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov 12 4 Anonymous Routing r Anonymity is the state of being indistinguishable from other members of some group. Don’t know Who is Searching or Downloading What from Whom. r Main goal is to provide mechanism for routing that hides initiator’s and responder’s IP address. r Not trying to protect content of message.

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov 12 5 Previous Approaches: Mainly Path-based I B C A R

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov 12 IP D C IP C B Path-based Examples: Mix & Onion ABCD IP D IP C IP B IP D M IP C IP D M D C B M D C IP C M D ABCDABCD Public keys IP

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov 12 7 APFS: Mutual Anonymity Server Client

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov 12 8 Why NOT path-based? r Path based m Difficulty in path construction and maintenance m Cryptographic computation overhead is high: RSA-based m Vulnerable to many attacks

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov 12 9 Basic Goals: A New Mutual Anonymity Protocol for P2P r Non-path based Approach m No need to collect public keys for pre-construct a “secured path” m Changing delivery paths often m Eliminating path maintenance overhead r Lightweight: Symmetric key only

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Query and Downloading in Unstructured P2P Systems r Flooding based query r Reversed path based response r Direct downloading Initiator Query Responder Response Downloading

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Our Design: Rumor Riding Initiator I Cipher rumor Key rumor sower s a Flooding Responder C=Encrypt ( q ) K C K IPs a  q q, IPs a

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Response Initiator I Responder Response key rumor Reversed Path of key rumor Response cipher rumor sower s b TCP Link sower s a Reversed path of cipher rumor IPs a IPs b  Re

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Confirm Initiator I Responder Reversed path of response key rumor Reversed path of response cipher rumor sower s b Confirm cipher rumor Confirm key rumor sower s c TCP Link

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov File Delivery Initiator I Responder Data rumor sower s d TCP Link sower s a Data rumor

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Several Important Issues Setting of rumors m Can rumors meet? m Ideal collision distance? m How many sowers and where are they? r Overhead m Traffic overhead m Cryptographic overhead r Response time of queries

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Trace Driven Simulation r Physical network: BRITE, 30, ,000 nodes r Overlay network: real traces, within 10 5 nodes (Clip2 and Ion P2P ) r Each peer issues 0.3 queries per minute r Peer dynamically coming and leaving m Mean: 10 minutes

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Collision Rate Theoretical vs. Simulation - The collision rates in the P2P topology are usually higher than the theoretical results -The suggested number of rumors k and TTL value of each rumor (also the path length of each rumor) L is k × L ≥ 100

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Collision Distance r If L is larger than 25 (1 ≤ k ≤ 6), the average collision distance is no less than 5 r When the rumors’ TTL value L is larger than 30 for k = [1..6], over 90% sowers have a collision distance larger than 5 r L > 30 and 1 ≤ k ≤ 6 can effectively guarantee the safe collision distance and approximate random distribution of sowers.

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Sower Number r At the least a number of sowers for each query, but obviously too many sowers will lead to heavy overhead r Each (k, k)-Rumor Riding scheme has no more than 10 sowers when k × L ≤ 200 r k × L should be in a range [100, 200] in order to meet both the reliability and the scalability requirements

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Traffic Overhead r The (6, 6)-RR is the only one larger than the Shortcut (ICDCS’03) in the average traffic cost

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Response Time r Multiple rumor scheme would reduce the response latency effectively r Also incur more traffic overhead and message replications

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Cryptographic Overhead

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Prototype Implementation Experience TABLE I Throughput of Algorithms AlgorithmsThroughput (Mbytes/s) 128-bit AES key generation0.217± bit AES Encryption8.155±0.256 CRC-32 calculation137.48± bit RSA Encryption0.148± bit RSA Decryption ± r Examined the throughput of algorithms m Key generation, 128 bits AES En/Decryption, CRC-32, 1024bits RSA En/Decryption

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Thank you ! Jinsong Han and Yunhao Liu HKUST

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Background

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Peer-to-Peer Model (P2P) r Peer to Peer(P2P) m Fully utilizing the resource of the whole system m Peers are both clients and servers in an overlay network r Unstructured P2P architecture m Centralized, Decentralized, and Hybrid

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Responder Broadcasting Based r Broadcast or multicast  Using the receivers ’ public key to encrypt the message  P 5 (S&P ’ 02) Initiator

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Anonymity Guarantees Message coding attackWithstands attacks Local collaborating attackWithstands unless all neighbors are malicious Timing attackWithstands attacks Traceback attackWithstands unless global adversary Predecessor attackWithstands attacks Traffic analysis attackWithstands attacks

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Message Coding Attack r Attackers analyze the message coding format r Especially effective to fresh nodes m The fresh node would lose its anonymity immediately if sending first plaintext query to the observer. r Solving method: encryption m RR uses AES encryption and split the message into two parts. Any single rumor will not expose the information of the query.

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Local Collaborating r Two collaborating adversaries could be neighbors of the initiator. r To confuse the local adversaries, a sower selects a subset of its neighbors to send the plaintext query, and the two collaborating nodes will not receive the (plaintext+cipher/key). kc ba Is ba I and s will not send the plaintext query to a and b

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Time and Traffic Analysis r Check the correlation between two traffics P1P1 PnPn IR kK+1 ∆t K’K’+1 ∆t’ 1 2 k 1 2 k Time difference Packet number account Latency analysis Clogging packets Shaping the traffic …… 1:001:051:201:25

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Invulnerable to Timing & Traffic Analysis Attack r The random walking property of rumors make it hard to build the correlation of traffics r Messages of a query cycle are not belonging to a same traffic r No continuous path in RR

Rumor Riding, IEEE ICNP2006, Jinsong Han & Yunhao Liu, HKUST, Nov Predecessor Attack r Predecessor attack m An initiator repeatedly communicates to a specific responder in many rounds m Adversaries simply log any node that sends a message to the path m In this case, the initiator is most likely the one which appears more r RR m Rumors correlating to a message walk randomly and interact with random sowers unpredictably m Sowers are not fixed

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.