P2P Storage/Bandwidth Sharing: Fairness and Security.

Slides:

Advertisements

Similar presentations

P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.

Advertisements

Peter Druschel, Rice University Antony Rowstron, Microsoft Research UK

Peer-to-Peer Systems Chapter 25. What is Peer-to-Peer (P2P)? Napster? Gnutella? Most people think of P2P as music sharing.

TAP: A Novel Tunneling Approach for Anonymity in Structured P2P Systems Yingwu Zhu and Yiming Hu University of Cincinnati.

B. Ramamurthy 4/17/ Overview of EC2 Components (fig. 2.1) 10..* /17/20152.

Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility Antony Rowstron, Peter Druschel Presented by: Cristian Borcea.

CHORD – peer to peer lookup protocol Shankar Karthik Vaithianathan & Aravind Sivaraman University of Central Florida.

Lakshmi Narayana Gupta Kollepara 10/26/2009 CSC-8320.

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.

Denial-of-Service Resilience in Peer-to-Peer Systems D. Dumitriu, E. Knightly, A. Kuzmanovic, I. Stoica and W. Zwaenepoel Presenter: Yan Gao.

Trust Establishment in Pervasive Grid Environments Syed Naqvi, Michel Riguidel TÉLÉCOM PARIS ÉNST É cole N ationale S upérieur des T élécommunications.

Pastry: Scalable, decentralized object location and routing for large-scale peer-to-peer systems Antony Rowstron and Peter Druschel Proc. of the 18th IFIP/ACM.

Storage Management and Caching in PAST, a large-scale, persistent peer- to-peer storage utility Authors: Antony Rowstorn (Microsoft Research) Peter Druschel.

FRIENDS: File Retrieval In a dEcentralized Network Distribution System Steven Huang, Kevin Li Computer Science and Engineering University of California,

Paul Solomine Security of P2P Systems. P2P Systems Used to download copyrighted files illegally. The RIAA is watching you… Spyware! General users become.

A Trust Based Assess Control Framework for P2P File-Sharing System Speaker ： Jia-Hui Huang Adviser : Kai-Wei Ke Date ： 2004 / 3 / 15.

P2P Network is good or bad? Sang-Hyun Park. P2P Network is good or bad? - Definition of P2P - History of P2P - Economic Impact - Benefits of P2P - Legal.

Efficient Content Location Using Interest-based Locality in Peer-to-Peer Systems Presented by: Lin Wing Kai.

Peer-to-Peer Computing

A. Frank 1 Internet Resources Discovery (IRD) Peer-to-Peer (P2P) Technology (1) Thanks to Carmit Valit and Olga Gamayunov.

Secure routing for structured peer-to-peer overlay networks (by Castro et al.) Shariq Rizvi CS 294-4: Peer-to-Peer Systems.

CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.

Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.

1 CS 194: Distributed Systems Distributed Hash Tables Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer.

1 Peer-to-Peer Networks Outline Survey Self-organizing overlay network File system on top of P2P network Contributions from Peter Druschel.

Peer-to-Peer Networks Slides largely adopted from Ion Stoica’s lecture at UCB.

 Structured peer to peer overlay networks are resilient – but not secure.  Even a small fraction of malicious nodes may result in failure of correct.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Storage management and caching in PAST PRESENTED BY BASKAR RETHINASABAPATHI 1.

The Study of Security and Privacy in Mobile Applications Name: Liang Wei

Freenet. Anonymity  Napster, Gnutella, Kazaa do not provide anonymity  Users know who they are downloading from  Others know who sent a query  Freenet.

1 Napster & Gnutella An Overview. 2 About Napster Distributed application allowing users to search and exchange MP3 files. Written by Shawn Fanning in.

Peer to Peer Research survey TingYang Chang. Intro. Of P2P Computers of the system was known as peers which sharing data files with each other. Build.

Chord: A Scalable Peer-to-peer Lookup Protocol for Internet Applications Xiaozhou Li COS 461: Computer Networks (precept 04/06/12) Princeton University.

1 Distributed Hash Tables (DHTs) Lars Jørgen Lillehovde Jo Grimstad Bang Distributed Hash Tables (DHTs)

Security Michael Foukarakis – 13/12/2004 A Survey of Peer-to-Peer Security Issues Dan S. Wallach Rice University,

Ivan Osipkov Fighting Freeloaders in Decentralized P2P File Sharing Systems.

Network Computing Laboratory Scalable File Sharing System Using Distributed Hash Table Idea Proposal April 14, 2005 Presentation by Jaesun Han.

Topic: P2P Trading in Social Networks: The Value of Staying Connected The purpose of this paper is to propose a P2P incentive paradigm named Networked.

Enforcing Fair Sharing of Peer-to-Peer Resources Tsuen-Wan “Johnny” Ngan, Dan S. Wallach and Peter Druschel Department of Computer Science, Rice University.

Storage Management and Caching in PAST A Large-scale persistent peer-to-peer storage utility Presented by Albert Tannous CSE 598D: Storage Systems – Dr.

Enabling Peer-to-Peer SDP in an Agent Environment University of Maryland Baltimore County USA.

Node Lookup in P2P Networks. Node lookup in p2p networks In a p2p network, each node may provide some kind of service for other nodes and also will ask.

Peer-to-Peer Network Tzu-Wei Kuo. Outline What is Peer-to-Peer(P2P)? P2P Architecture Applications Advantages and Weaknesses Security Controversy.

FastTrack Network & Applications (KaZaA & Morpheus)

1 Peer-to-Peer Technologies Seminar by: Kunal Goswami (05IT6006) School of Information Technology Guided by: Prof. C.R.Mandal, School of Information Technology.

1 Network Security Lecture 7 Overview of Authentication Systems Waleed Ejaz

Computer Networking P2P. Why P2P? Scaling: system scales with number of clients, by definition Eliminate centralization: Eliminate single point.

6° of Darkness or Using Webs of Trust to Solve the Problem of Global Indexes.

Protocol Requirements draft-bryan-p2psip-requirements-00.txt D. Bryan/SIPeerior-editor S. Baset/Columbia University M. Matuszewski/Nokia H. Sinnreich/Adobe.

P2PSIP Security Analysis and evaluation draft-song-p2psip-security-eval-00 Song Yongchao Ben Y. Zhao

Peer to Peer Network Design Discovery and Routing algorithms

Lecture 5 Page 1 CS 236 Online Key Management Choosing long, random keys doesn’t do you any good if your clerk is selling them for $10 a pop at the back.

A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks E. Damiani S. De Capitani di Vimercati S. Paraboschi P. Samarati F.

LOOKING UP DATA IN P2P SYSTEMS Hari Balakrishnan M. Frans Kaashoek David Karger Robert Morris Ion Stoica MIT LCS.

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P System Aameek Singh, Ling Liu College of Computing, Georgia Tech International.

INTERNET TECHNOLOGIES Week 10 Peer to Peer Paradigm 1.

Outline for Today’s Lecture Administrative: –Happy Thanksgiving –Sign up for demos. Objective: –Peer-to-peer file systems Mechanisms employed Issues Some.

P2P Search COP6731 Advanced Database Systems. P2P Computing  Powerful personal computer Share computing resources P2P Computing  Advantages: Shared.

P2P Search COP P2P Search Techniques Centralized P2P systems  e.g. Napster, Decentralized & unstructured P2P systems  e.g. Gnutella.

Large Scale Sharing Marco F. Duarte COMP 520: Distributed Systems September 19, 2004.

SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.

Peer-to-Peer Information Systems Week 13: Trust Old Dominion University Department of Computer Science CS 495/595 Fall 2003 Michael L. Nelson 11/17/03.

Chapter 29 Peer-to-Peer Paradigm Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Innovations in P2P Communications David A. Bryan College of William and Mary April 11, 2006 Advisor: Bruce B. Lowekamp.

CS 268: Lecture 22 (Peer-to-Peer Networks)

EE 122: Peer-to-Peer (P2P) Networks

Providing Secure Storage on the Internet

Peer-to-Peer Reputations

Peer-To-Peer Data Management

Presentation transcript:

P2P Storage/Bandwidth Sharing: Fairness and Security

Examples Gnutella/KazaA P2P Networks

Properties of Gnutella/KazaA Completely decentralized Nobody to sue (like in Napster), corporations try to sabotage use of the networks No revocation/security mechanisms Freeloaders thrive

Examples Hey, I have a kool song in asf format! Oh really? Let me have a copy!

Examples Can I download from you? I’m running out of bandwidth and storage!

Major Issues Malicious files and malicious servers should be flagged in a secure way Freeloaders should not be able to utilize the system as freely as honest contributors.

Flagging Malicious Content The other “Good Guy” is malicious!

How do we flag malicious behaviour/content? No centralized trusted entity to give this job to Some users may be “bad-mouthing” on others. Therefore, any one user can not be trusted Do we flag users that unknowingly pass somebody else’s content? Online or offline credentials checks?

How do we restrict freeloading? For fair storage distribution, we need to be assured that an “honest” user indeed stores the files he claims. This has to be done continuously since a user can always “dump” the files. For fair bandwidth usage, one needs to be assured that an “honest” user provides sufficient bandwidth to others.

PAST is a secure distributed file-replication system based on Pastry routing network A user can not control where his file will be replicated but he can control the number of replicas (see a note below) A dynamic “challenge” mechanism makes sure that the replicas are really being stored PKI is used for digital signatures PAST is most suitable for backup storage or when the storage demands of a user are higher than his capacity. PAST: review

PAST: review (cont’d) Every node has semi-random nodeId assigned to it. Each file is assigned semi-random fileId A file is replicated among the nodes whose nodeId’s are closest to the fileId (which is generated with a smartcard) fileId=5, 3 copies Any problems?

PAST: smart cards CTA User Here is the secure smart card PAST Centralized Scheme (revocation mechanism is needed) Smart cards are assumed to be uncorruptable

P2P Storage Sharing based on PAST Smart card infrastructure contradicts decentralized nature of P2P networks (Napster is dead but Gnutella and KazaA are thriving) With no central control, decisions should be made by inquiring a quorum of other (random) users Business model should be defined Equilibrium should exist in the system

Business Model What does a user gain by allowing others to download its files? Should a user be charged for replication in PAST, or more generally for storing its files remotely? How 2 unacquainted users interact with each other? How would a new user be able to enter the network?

Can you store “Yesterday” for me? Sure! Do I get credit for that? Can I download this song?

For the right price!

Security Model How about collaboration attacks? Faking storage of a file? Faking/inflating popularity? Inflating bandwidth provided? Can these collaboration be formed dynamically in a way beneficial to the collaborating parties? Should the user have a say where he stores his files?

Storage Sharing Model 1). I’m auditing you. You store your files remotely but who do you store files for? 2). I’m storing files for the guy below 3) Is that true? 4) It’s true

1) I want to store file A at your places 2) This file is huge! Let me keep the first half and you keep the 2 nd and collaborate when audited

Bandwidth Sharing Model 1) I need to download file from you. I’ll be 3 MB in debt to you 2) OK, but you’ll need to return the favor before next download from me 1) I know you don’t owe me, but the guy in between owes me and you owe him. 2) OK but the transfer has to go through the middle guy Cold start?

Cold Start A user with no bandwidth credit should not be given “good faith” credit Instead the new user should cache/publish popular content to accumulate bandwidth credit. Should PAST replication be used? QoS metrics can be used on a pairwise level

Reputations of content and servers Orthogonal to fair storage/bandwidth sharing A server may be publishing somebody else’s malicious file, or a malicious server may be publishing also good files. Need to separate reputations of servers and files. Good reputation allows for server to download more files and attracts others, thereby accumulating bandwidth/storage credit. “Rich get richer” How to avoid cold starts for servers and files?

1) Go ahead, download my files 2) OK, these files look fine. I’ll publish them as well 3) I want to dload the files 4) Why is my system down? Did the guy on the right send bad files on purpose?

1) Can you send me “Matrix Reloaded? 2) Sending it now 3) How about “Hours” instead? Need to be able to check integrity of files incrementally

Other issues Changing 1 bit in a song does not change the song but the file is different. If 2 files differ slightly should they have similar reputation? A fixed file should have a fixed fileId (hash of its content for example) but it’s not required. The same goes for nodeId One can poll for reputations but can this be done offline? When do we eject the server from the network?

Avoiding attacks I’m controlling this IP subnet! Need to inquire over different IP subnets and confirm the results

More attacks 1) I’m sending a query for “Yesterday” 2) I have it and the good guy below does

Incentives to users Changing 1 bit nullifies reputation, therefore self- modifying worms/viruses will not spread quickly. A fixed file should have a fixed fileId (hash of its content for example) but it’s not required. The same goes for nodeId One can poll for reputations but can this be done offline? When do we eject the server from the network?

Conclusions Any comments or ideas?