Presentation is loading. Please wait.

Presentation is loading. Please wait.

Venkatesh Kumar Auzumeedi

Published byNaomi Ward Modified over 5 years ago

Similar presentations

Presentation on theme: "Venkatesh Kumar Auzumeedi"— Presentation transcript:

1 Venkatesh Kumar Auzumeedi auzumev@sunyit.edu
Bittorrent Protocol Specifications, Security Considerations and Its Benefits. Venkatesh Kumar Auzumeedi

2 Overview 1. Introduction 2. Terminology 3. Protocol Specification 4. Operation 5. Security considerations 6. Benefits 7. References

3 Introduction History Created by Bram Cohen in 2001
At the time, p2p protocols only connected 2 peers to each other. Speed is limited due to one person’s connection Old P2P services like Gnutella, Kazaa, LimeWire are file sharing networks. Peers are interconnected through series of nodes sharing a variety of files. Bits of the file are shared by a peer with available bandwidth for transferring. Bit Torrent, on the other hand, doesn’t create such a broad-based network. It’s file-focused. Anyone who has a copy of the file can create a tracker and make it available.

4 Introduction Increasing Internet bandwidth, widespread digitization of physical media, and the increasing capabilities of personal computers led to widespread adoption of Bit torrent protocol. Bit Torrent is not necessarily designed for privacy although sometimes it is compared with “The Onion Router” which is also abbreviated as “TOR.” The protocols differ vastly, and the common characteristic among them is that they are both used to traffic digital contraband.

5 Brief Introduction Estimated 300 million users as of now [1]
Estimated that Bit torrent upstream traffic accounts for roughly 48.2% in Asia Pacific and 21% in Europe of all traffic in the internet.[2] About a fifth of Internet users around the world continue to regularly access sites using peer to peer protocols offering copyright infringing in music industry alone.[3] Notable companies like Facebook[4], Twitter use Bit torrent protocol to send updates to their servers.[5] AT&T estimated the overall internet traffic bandwidth contribution by BTP to 20%.[6]

6 Description Allows users to join a swarm of hosts to download and upload from each other simultaneously Shares files effectively using file swarming Needs many concurrent sessions Adopts hybrid P2P instead of centralized P2P *Image Reference [7]

7 Terminology Piece : A single piece will have 256 or more 16 kB "blocks", which are the actual smallest transmission units in the bit torrent protocol. Peer : One of a group of clients downloading the same file. Swarm : A group of peers and seeds sharing the same content. Leech : A peer which is downloading with little or no uploading. Sometimes unintentional due to firewall issues. Also used to refer to a peer that is not seeding yet.

8 Terminology Seed : A complete copy of the file being made available for download. Torrent : The instance of a file or group of files being distributed via Bit torrent. Torrent file : A torrent which describes what files are being distributed, where to find parts, and other information needed for the distribution of the file. Tracker : A server that keeps track of the peers and seeds in a swarm. A tracker will not have a copy of the file itself, but it helps manage the file transfer process.

9 Bittorrent Protocol Operation
The Tracker HTTP Protocol (THP) : It is a simple mechanism for introducing peers to each other. A tracker is a HTTP service that must be contacted by a peer in order to join a swarm. A tracker does not by itself provide access to any downloadable data. A tracker relies on peers sending regular requests. It may assume that a peer is dead if it misses a request. Tracker HTTP Protocol (Request) : HTTP service which responds to HTTP GET requests. The response includes a peer list that helps the client participate in the torrent.

10 Parameter Description Info_hash A 20 byte SHA1 hash value and its value is calculated from the info key in the meta info file by the peer. Peer_id a unique 20 byte string used by the client to be identified as a peer and generated by the client itself. port It is a port number a client listens to. This is a must value for establishing a connection with other peers. There is no limitation in the port range value and can establish connection within any range. Uploaded & downloaded This is measured from the moment the client sends started event to the tracker. It is the total amount of data uploaded (downloaded) to the swarm and usually mentioned in bytes. left This is the total amount of data still to be downloaded by the client in order to achieve 100% file completion. event If it is specified, it should contain any one of the following values started, stopped and completed. If no value is mentioned, it makes periodic requests at regular intervals. numwant This is the number of peers a peer wants to be connected by the tracker. It is an optional value. If nothing is mentioned it uses the default value mentioned.

11 Bittorrent Protocol Operation
Tracker HTTP Protocol (Response) : HTTP Service which responds to HTTP GET requests. The response includes a peer list that helps the client participate in the torrent. Returns a random list of peers (50 by default)

12 Key Description failure reason If this key is present, the other keys should not be present. This key indicates a failed request and explains the reason with a human readable error message. interval The amount of time in seconds a peer has to wait before sending another GET request to the tracker. This is a required key. Tracker id String that the client should send back on its next announcements. If absent and a previous announce sent a tracker id, do not discard the old value; keep using it. Complete This value indicates the total number of seeders Incomplete This value indicates the total number of peers or leechers downloading the file. peers This is a required key containing the list of peers a peer has to contact to download the file. It contains the details of each peer’s peer id, ip and port number. The peer id is a self designated value selected by the peer, the ip address contains a string value of either IPv6, IPv4 or DNS name. The port number will be an integer designated to the peer.

13 Bittorrent Protocol Operation
Peer Wire Protocol In order to contact other peers and to share content among them PWP protocol is used. It describes the procedure a peer follows after reading metainfo file and contacting the tracker to join a swarm. It uses asynchronous messages to communicate with other peers and is layered on top of TCP. It facilitates the exchange of pieces as described in the meta-info file. The response includes a peer list that helps the client participate in the torrent. A client must maintain state information for each connection with a remote peer.

14 Bittorrent Protocol Operation
Choked: Whether or not the remote peer has choked this client. When a peer chokes the client, it is a notification that no requests will be answered until the client is unchoked. The client should not attempt to send requests for blocks, and it should consider all pending (unanswered) requests to be discarded by the remote peer. am_choking = 1 // this client is choking the peer am_interested = 0 // this client is interested in the peer peer_choking = 1 // peer is choking this client peer_interested = 0 // peer is interested in this client

15 Piece Selection Algorithms
Super seeding(Initial Seeding Mode) A peer has nothing to trade initially. Important to get a complete piece as soon as possible. Select a random piece of the file and download it. Strict Priority: First Priority : Keep the initial bitfield from each peer Update it with every “have” message Download the pieces that appear least frequently in these peer bitfields

16 Piece Selection Algorithms
Rarest First ( General rule ) : Determine the pieces that are most rare among your peers, and download those first. Ensures that the most commonly available pieces are left till the end to download. Endgame mode : To avoid delays in obtaining the last blocks the protocol requests the last blocks from all peers Sends cancel messages for downloaded blocks to avoid unnecessary transmissions When to start the end game mode is not detailed in the specification

17 Pipelining : Choking Algorithm :
When transferring data over TCP, always have several requests pending at once, to avoid a delay between pieces being sent. At any point in time, some number, typically 5, are requested simultaneously. Every time a piece or a sub-piece arrives, a new request is sent out. Choking Algorithm : It is a temporary refusal to upload. It is one of Bit Torrent's most powerful idea to deal with free riders (those who only download but never upload). Tit-for-tat strategy is based on game-theoretic concepts.

18 Peer selection Algorithm :
It is about selecting peers who are willing to share files back to the current peer Tit for tat in peer selection based on download-speed. The mechanism uses a choking/ unchoking mechanism to control selection. The goal is to get good TCP performance and mitigate free riders Optimistic Unchoking Algorithm : The client uses a part of its available bandwidth for sending data to random peers. The motivation for this mechanism is to avoid bootstrapping problem with the tit for tat selection process and ensure that new peers can join the swarm.

19 Security Considerations
Tracker HTTP protocol issues : Tracker is a HTTP or HTTPS service .The client is vulnerable to attacks when interacting with tracker. The client is subjected to personal information such as his username, location, encryption keys and metrics which allow the tracker to keep and identify the overall statistics of the client. There should be an interface for such interactions which should be taken care during design and implementation phase. DoS attacks on trackers : By denying service to the tracker, the peers associated with the tracker gets affected. To avoid this the load on the tracker has to be distributed. As the metainfo file specifies multiple trackers the significance of the effect is reduced.

20 Peer identity issues : DNS spoofing :
Proper authentication is not present when a tracker is contacted by the peer. Whenever clients contact the tracker using the same ip address from the same host there are chances a client can block the operation of other clients or it can use multiple peer ids and take advantage. So a client should not be taken granted by just considering its peer id. DNS spoofing : Clients use DNS to contact a peer and to use the URL of the tracker. When associating a DNS name to an IP address there is a scope for security attacks by providing invalid details, so care should be taken in validating them. In order to save lookup time and improve performance usually the practice is to cache the result from previous host lookup. In this case the TTL(Time to Live) information provided by DNS should be checked or this can be avoided and a proper name resolver can be used for confirmation. Clients can be spoofed if the trackers change their Ip address, this threat can be avoided by following the above practices.

21 Issues with names of the directory and file names :
Clients should make sure that the names of the files doesn’t interfere with services of the clients local system. When implementing, designers should make sure that they do not get executed without the intentional action of the client Sharing sensitive information Data Integrity : Data exchanged among peers should not be corrupted and there is a need to validate the integrity of it by the client before downloading. The SHA1 value contained in the metainfo file can be used to verify the pieces of data. It is preferred to use this method for small pieces as there are chances of getting valid pieces as invalid when the total file is checked. As validity is checked based on metainfo file, it is assumed that the metainfo file content is not compromised.

22 Benefits : High speed downloads Simplicity, ease of use
Effective use of upload bandwidth Overcoming the free rider problem High content Integrity

23 Conclusion : What’s next for BTP ? Possible Practical Implementations
Live streaming using BTP with less latency Sharing music/media content legally using BTP File sharing without using cloud services.

24 References : [1] ‘P2P not dead’:300mn Bit Torrent users swap TV shows and movies every month. Report from media analytics company TruOptik. [2] The International Federation of the Phonographic Industry, Report from network management company Sandvine. [3] World Digital Music Report 2014 by IFPI/Nielsen. [4] ‘Facebook Uses Bit Torrent, and They Love it’. Torrent Freak. Archived from the original on 19 April [5] ‘Twitter uses Bit Torrent for server deployment’ Torrent Freak. Archived from the original on 26 March [6] ‘AT&T patents system to fast-lane Bit Torrent traffic’. 5 March [7] ‘University of Wurzburg Informatik III(Distributed Systems) Prof. Dr. P. Tran-Gia www3.informatik.uni-wuerzburg.de Towards Efficient Simulation of Large’.

25 References : Ka Cheung Sia, D DOS vulnerability analysis of bit torrent protocol, Department of Computer Science, University of California, LA. Purvi Shah JehanFrançois Pâris, Incorporating Trust in the Bit Torrent Protocol, Department of Computer Science, University of Houston,Houston,TX. Ahmed ElShafee, Vulnerability of the process communication model in bit torrent protocol A study of Bit Torrent protocol trap door and potential attacks on peer to peer users, Ahram Canadian University, Egypt. J.A. Pouwelse, P. Garbacki, D.H.J. Epema, H.J. Sips, Bit torrent P2P file sharing system, measurement and analysis, Department of Computer Science, Delft University of Technology, Netherlands.

Download ppt "Venkatesh Kumar Auzumeedi"

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Rarest First and Choke Algorithms Are Enough

Rarest First and Choke Algorithms Are Enough
Rarest First and Choke Algorithms are Enough Arnaud LEGOUT INRIA, Sophia Antipolis France G. Urvoy-Keller and P. Michiardi Institut Eurecom France.

Rarest First and Choke Algorithms are Enough Arnaud LEGOUT INRIA, Sophia Antipolis France G. Urvoy-Keller and P. Michiardi Institut Eurecom France.
The BitTorrent Protocol

The BitTorrent Protocol
The BitTorrent Protocol. What is BitTorrent?  Efficient content distribution system using file swarming. Does not perform all the functions of a typical.

The BitTorrent Protocol. What is BitTorrent?  Efficient content distribution system using file swarming. Does not perform all the functions of a typical.
Incentives Build Robustness in BitTorrent- Bram Cohen Presented by Venkatesh Samprati.

Incentives Build Robustness in BitTorrent- Bram Cohen Presented by Venkatesh Samprati.
The BitTorrent protocol A peer-to-peer file sharing protocol.

The BitTorrent protocol A peer-to-peer file sharing protocol.
Incentives Build Robustness in BitTorrent Bram Cohen.

Incentives Build Robustness in BitTorrent Bram Cohen.
Bit Torrent (Nick Feamster) February 25, 2008. 2 BitTorrent Steps for publishing – Peer creates.torrent file and uploads to a web server: contains metadata.

Bit Torrent (Nick Feamster) February 25, BitTorrent Steps for publishing – Peer creates.torrent file and uploads to a web server: contains metadata.
The BitTorrent content distribution system CS217 Advanced Topics in Internet Research Guest Lecture Nikitas Liogkas, 5/11/2006.

The BitTorrent content distribution system CS217 Advanced Topics in Internet Research Guest Lecture Nikitas Liogkas, 5/11/2006.
BitTorrent Join the swarm! BY: Joe Petruska. What is BitTorrent? a peer-to-peer file sharing protocol used for distributing large amounts of data.

BitTorrent Join the swarm! BY: Joe Petruska. What is BitTorrent? a peer-to-peer file sharing protocol used for distributing large amounts of data.
CompSci 356: Computer Network Architectures Lecture 21: Content Distribution Chapter 9.4 Xiaowei Yang

CompSci 356: Computer Network Architectures Lecture 21: Content Distribution Chapter 9.4 Xiaowei Yang
Peer to Peer (P2P) Networks and File sharing. By: Ryan Farrell.

Peer to Peer (P2P) Networks and File sharing. By: Ryan Farrell.
Paul Solomine Security of P2P Systems. P2P Systems Used to download copyrighted files illegally. The RIAA is watching you… Spyware! General users become.

Paul Solomine Security of P2P Systems. P2P Systems Used to download copyrighted files illegally. The RIAA is watching you… Spyware! General users become.
A P2P file distribution system ——BitTorrent Fan Bin Sep,25,2004.

A P2P file distribution system ——BitTorrent Fan Bin Sep,25,2004.
Incentives Build Robustness in BitTorrent 1st Workshop on Economics of Peer-to-Peer Systems 2003 Bram Cohen

Incentives Build Robustness in BitTorrent 1st Workshop on Economics of Peer-to-Peer Systems 2003 Bram Cohen
BitTorrent Background. Common Scenario Millions want to download the same popular huge files (for free) –ISO’s –Media (the real example!) Client-server.

BitTorrent Background. Common Scenario Millions want to download the same popular huge files (for free) –ISO’s –Media (the real example!) Client-server.
Middleware for P2P architecture Jikai Yin, Shuai Zhang, Ziwen Zhang.

Middleware for P2P architecture Jikai Yin, Shuai Zhang, Ziwen Zhang.
COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.

COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.
Client-Server vs P2P or, HTTP vs Bittorrent. Client-Server Architecture SERVER client.

Client-Server vs P2P or, HTTP vs Bittorrent. Client-Server Architecture SERVER client.

Similar presentations

Ads by Google