A PRESENTATION ON
RESOURCE DISCOVERY
IN THE
PEER-TO-PEER NETWORK
by
Aravind Renganathan
PAPERS…..
N.Daswani and H.Garcia-Molina, “N.Daswani and H.Garcia-Molina, “PONG – PONG – CACHE POISONING IN GUESS”CACHE POISONING IN GUESS”, , ACM ACM Conference On Computer and Communications Conference On Computer and Communications Security 2004Security 2004
E.Damiani, S.De Capitani di Vimercati, E.Damiani, S.De Capitani di Vimercati, S.Paraboschi, P.Samarati and F.Violante,S.Paraboschi, P.Samarati and F.Violante,
““A REPUTION BASED APPROACH FOR A REPUTION BASED APPROACH FOR CHOOSING RELIABLE RESOURCE IN PEER-CHOOSING RELIABLE RESOURCE IN PEER-TO-PEER NETWORK”TO-PEER NETWORK”, , ACM Conference On ACM Conference On Computer and Communications Security 2002Computer and Communications Security 2002
Introduction…
What is Peer-to-Peer Network? A sharing and delivery of user specified files among groups
of people who are logged on to a file sharing network. (1)
Peer-to-Peer, or abbreviated P2P, a type of network in which each workstation has equivalent capabilities and responsibilities. (2)
What is Resource Discovery? In a P2P network, discovery of the required file (resource)
over the vast spread clients for downloading.
1 - www.mp3-cdburner.com/MP3-glossary.shtml 2 - http://www.webopedia.com/TERM/p/peer_to_peer_architecture.html
““PONG – CACHE POISONING IN GUESSPONG – CACHE POISONING IN GUESS”” N.Daswani and H.Garcia-MolinaN.Daswani and H.Garcia-Molina
Pong-Cache Poisoning In GUESS
Proposes Policy On….. Resource Discovery that are resilient to attacks by
Malicious Node Algorithms Proposed (Remodeling GUESS)
Seeding Policy (SP) Introduction Protocol (IP) Ping Probe and Pong Choice Policy (PPP and PCP) Cache Replacement Policy (CRP) ID Smearing Algorithm (IDSA) Dynamic Network Partitioning (DNP) Malicious Node Detection (MND)
Gnutella UDP Extension for Scalable Searches (GUESS)
Nodes Cache… Cache contains IDs of the
available node in the network. Node are classified as
Good Node Malicious Node
ID’s are classified as Live Poisoned Dead
Cache Management.. Node’s cache are updated using the
“PING” and “PONG” messages Ping: Query to the available Node’s
Cache to find any new node added Pong: Reply to the Ping from the node’s
cache of the updated network information
Threats to GUESS…
What is Pong Cache Poisoning? Contaminating the good Node’s cache with the Malicious
node’s ID.
Pong cache Poisoning leads to… Denial of Service (DOS)
A good node may query a malicious node, and may not receive a response
Inauthentic Results Query a malicious node and may receive a incorrect
answers to the query. Propagated Cache Poisoning
A good node may respond to a ping with a malicious ID
We Modify the GUESS to….
Maximize the number of live node in the Pong cache
To mitigate the Pong Cache poisoning Limit the number of cache entries with the
malicious node ID Reduce the rate of poisoning occurs
Policies Introduced in GUESS… Seeding Policy (SP)
Seeding is done when a new node wants to join the network Various Seeding Policies..
Random Friend (RF) – New nodes seeds its cache with a random nodes cache
Popular Node (PN) – New node seeds from a node N1, where N1 is a “popular” node
Trusted Directory (TD) – New node seeds from a node that guarantees to be a non-dead. A “Trusted Directory” node is responsible to maintain non-dead node’s list.
Introduction Protocol (IP) Here new born node ping to an existing node’s so that the
existing node makes update the new born node in its cache.
Note: SP should be used in tandem with IP to Achieve liveliness of the network.
Ping Probe and Pong Cache Policy Ping Probe Policy (PPP)
Used to decide which node to ping It helps in identifying dead nodes
Pong Cache Policy (PCP) Determines to which |S| node id’s to respond for a ping
operation |S| - Subset of node IDs in the Pong cache
Cache Replacement Policy (CRP) When pong arrives a subset of the cache is
replaced with new pong IDs. Choices are done by Random Most Recently Used (MRU) Least Recently Used (LRU)
Note: MRU CRP reduces the poisoning rate
ID Smearing Algorithm (IDSA) When node ID repeats in many pong message,
it implies Node may be a malicious node Good node that is overloaded
In this case we drop that ID from the Pong cache. In IDSA a node ID can repeats itself in 1/n pong message.
n – No: of nodes in the system. Note: IDSA limits the no: of poisoned entries
Dynamic Network Partitioning (DNP) In this we partition the network that enhances the search.
J-length of ID Size of partition is 2p : 0<=p<=j No: of partition is 2j-p When j=p there is no need of DNP
Note: when DNP is used with IDSA it mitigates the poisoning
Malicious Node Detection (MND) We try to detect a node is malicious or not based
on our previous experiences. Note: MND is required where Malicious Node > Pong
Cache Size.
Modified GUESS…
““A REPUTION BASED APPROACH FOR A REPUTION BASED APPROACH FOR CHOOSING RELIABLE RESOURCE IN CHOOSING RELIABLE RESOURCE IN
PEER-TO-PEER NETWORKPEER-TO-PEER NETWORK”” E.Damiani, S.De Capitani di Vimercati, E.Damiani, S.De Capitani di Vimercati,
S.Paraboschi, P.Samarati and F.ViolanteS.Paraboschi, P.Samarati and F.Violante
A REPUTION BASED APPROACH FOR CHOOSING A REPUTION BASED APPROACH FOR CHOOSING RELIABLE RESOURCE IN PEER-TO-PEER NETWORKRELIABLE RESOURCE IN PEER-TO-PEER NETWORK
Paper Proposes… Reputation Sharing of a client by which resource
requestor can assess the reliability of the resource offered.
This achieved over the existing P2P protocol by piggybacking.
Algorithm Proposes… Combined reputations of servant and resources
which provides informative polling and overcomes limitation of servant based systems.
Servants and Resources
Resources File shared over the network
Servants - Nodes Servers when sharing resources Client when requesting for resources
XREP Protocol… Basic Assumption
Require a servant to be associated with a servant_id, obtained using a secure hash function
Resource identifier to be associated with the resource content (using hash function on the content)
Experience Repositories Resource repository
(resource_id, value) Resource_id – specify the resource Value – binary value specifying good or bad
Servant repository (servant_id, num_plus, num_minus)
Servant_id – peer has associated with the servants No: successful and unsuccessful downloads
XREP Protocol Phases…
Resource Searching Resource Selection and Vote Polling Vote Evaluation Best Servant Check Resource Downloading
XREP Phases…
XREP Security Consideration Attacks on P2P
Self Replication At any point of time a node can change it name or
resource name. This is overcome by collecting votes on both the
servant and the resource Man in the Middle Attack
A -> D-> B A – client B – server D – Malicious node
This is overcome during the vote evaluation and best servant check phase.
XREP Security Consideration Attacks on Reputation based system
Pseudo spoofing Exploits the use of pseudonyms
This is discovered in the Vote Evaluation Phase ID Stealth
Malicious node generates multiple replies for a query with the stolen ID and its own ID This is prevented in Best Servant Check Phase
Another attack is that Malicious node stealing the Hash of a good resource This becomes ineffective as the downloaded file hash does not
match Shilling
The attacker creates a multiple users with real IP address trying to influence the voting
This invariably increases the cost for the attacker This is made by the TrustVote/TrustVoteReply
Advantages of Combining Both Servant and Resource Reputations.
Reputation’s Life Cycle Impact on peers anonymity Cold-start Performance Bottleneck Blacklisting Data Storage and Bandwidth requirements Threshold Effects
Thank You