220 likes | 381 Views
A P RESENTATION O N R ESOURCE D ISCOVERY I N T HE P EER- T O- P EER N ETWORK. by Aravind Renganathan. P APERS…. N.Daswani and H.Garcia-Molina, “ PONG – CACHE POISONING IN GUESS” , ACM Conference On Computer and Communications Security 2004
E N D
APRESENTATION ONRESOURCE DISCOVERY IN THE PEER-TO-PEER NETWORK by Aravind Renganathan
PAPERS….. • N.Daswani and H.Garcia-Molina, “PONG – CACHE POISONING IN GUESS”, ACM Conference On Computer and Communications Security 2004 • E.Damiani, S.De Capitani di Vimercati, S.Paraboschi, P.Samarati and F.Violante, “A REPUTION BASED APPROACH FOR CHOOSING RELIABLE RESOURCE IN PEER-TO-PEER NETWORK”, ACM Conference On Computer and Communications Security 2002
Introduction… • What is Peer-to-Peer Network? • A sharing and delivery of user specified files among groups of people who are logged on to a file sharing network. (1) • Peer-to-Peer, or abbreviated P2P, a type of network in which each workstation has equivalent capabilities and responsibilities. (2) • What is Resource Discovery? • In a P2P network, discovery of the required file (resource) over the vast spread clients for downloading. 1 - www.mp3-cdburner.com/MP3-glossary.shtml 2 - http://www.webopedia.com/TERM/p/peer_to_peer_architecture.html
“PONG – CACHE POISONING IN GUESS”N.Daswani and H.Garcia-Molina
Pong-Cache Poisoning In GUESS • Proposes Policy On….. • Resource Discovery that are resilient to attacks by Malicious Node • Algorithms Proposed (Remodeling GUESS) • Seeding Policy (SP) • Introduction Protocol (IP) • Ping Probe and Pong Choice Policy (PPP and PCP) • Cache Replacement Policy (CRP) • ID Smearing Algorithm (IDSA) • Dynamic Network Partitioning (DNP) • Malicious Node Detection (MND)
Gnutella UDP Extension for Scalable Searches (GUESS) • Nodes Cache… • Cache contains IDs of the available node in the network. Node are classified as • Good Node • Malicious Node ID’s are classified as • Live • Poisoned • Dead • Cache Management.. • Node’s cache are updated using the “PING” and “PONG” messages • Ping: Query to the available Node’s Cache to find any new node added • Pong: Reply to the Ping from the node’s cache of the updated network information
Threats to GUESS… • What is Pong Cache Poisoning? • Contaminating the good Node’s cache with the Malicious node’s ID. • Pong cache Poisoning leads to… • Denial of Service (DOS) • A good node may query a malicious node, and may not receive a response • Inauthentic Results • Query a malicious node and may receive a incorrect answers to the query. • Propagated Cache Poisoning • A good node may respond to a ping with a malicious ID
We Modify the GUESS to…. • Maximize the number of live node in the Pong cache • To mitigate the Pong Cache poisoning • Limit the number of cache entries with the malicious node ID • Reduce the rate of poisoning occurs
Policies Introduced in GUESS… • Seeding Policy (SP) • Seeding is done when a new node wants to join the network • Various Seeding Policies.. • Random Friend (RF) – New nodes seeds its cache with a random nodes cache • Popular Node (PN) – New node seeds from a node N1, where N1 is a “popular” node • Trusted Directory (TD) – New node seeds from a node that guarantees to be a non-dead. A “Trusted Directory” node is responsible to maintain non-dead node’s list. • Introduction Protocol (IP) • Here new born node ping to an existing node’s so that the existing node makes update the new born node in its cache. • Note: SP should be used in tandem with IP to Achieve liveliness of the network.
Ping Probe and Pong Cache Policy • Ping Probe Policy (PPP) • Used to decide which node to ping • It helps in identifying dead nodes • Pong Cache Policy (PCP) • Determines to which |S| node id’s to respond for a ping operation • |S| - Subset of node IDs in the Pong cache • Cache Replacement Policy (CRP) • When pong arrives a subset of the cache is replaced with new pong IDs. Choices are done by • Random • Most Recently Used (MRU) • Least Recently Used (LRU) • Note: MRU CRP reduces the poisoning rate
ID Smearing Algorithm (IDSA) • When node ID repeats in many pong message, it implies • Node may be a malicious node • Good node that is overloaded • In this case we drop that ID from the Pong cache. • In IDSA a node ID can repeats itself in 1/n pong message. n – No: of nodes in the system. • Note: IDSA limits the no: of poisoned entries • Dynamic Network Partitioning (DNP) • In this we partition the network that enhances the search. • J-length of ID • Size of partition is 2p : 0<=p<=j • No: of partition is 2j-p • When j=p there is no need of DNP • Note: when DNP is used with IDSA it mitigates the poisoning
Malicious Node Detection (MND) • We try to detect a node is malicious or not based on our previous experiences. • Note: MND is required where Malicious Node > Pong Cache Size. • Modified GUESS…
“A REPUTION BASED APPROACH FOR CHOOSING RELIABLE RESOURCE IN PEER-TO-PEER NETWORK”E.Damiani, S.De Capitani di Vimercati, S.Paraboschi, P.Samarati and F.Violante
A REPUTION BASED APPROACH FOR CHOOSING RELIABLE RESOURCE IN PEER-TO-PEER NETWORK • Paper Proposes… • Reputation Sharing of a client by which resource requestor can assess the reliability of the resource offered. • This achieved over the existing P2P protocol by piggybacking. • Algorithm Proposes… • Combined reputations of servant and resources which provides informative polling and overcomes limitation of servant based systems.
Servants and Resources • Resources • File shared over the network • Servants - Nodes • Servers when sharing resources • Client when requesting for resources
XREP Protocol… • Basic Assumption • Require a servant to be associated with a servant_id, obtained using a secure hash function • Resource identifier to be associated with the resource content (using hash function on the content) • Experience Repositories • Resource repository • (resource_id, value) • Resource_id – specify the resource • Value – binary value specifying good or bad • Servant repository • (servant_id, num_plus, num_minus) • Servant_id – peer has associated with the servants • No: successful and unsuccessful downloads
XREP Protocol Phases… • Resource Searching • Resource Selection and Vote Polling • Vote Evaluation • Best Servant Check • Resource Downloading
XREP Security Consideration • Attacks on P2P • Self Replication • At any point of time a node can change it name or resource name. • This is overcome by collecting votes on both the servant and the resource • Man in the Middle Attack • A -> D-> B • A – client • B – server • D – Malicious node • This is overcome during the vote evaluation and best servant check phase.
XREP Security Consideration • Attacks on Reputation based system • Pseudo spoofing • Exploits the use of pseudonyms • This is discovered in the Vote Evaluation Phase • ID Stealth • Malicious node generates multiple replies for a query with the stolen ID and its own ID • This is prevented in Best Servant Check Phase • Another attack is that Malicious node stealing the Hash of a good resource • This becomes ineffective as the downloaded file hash does not match • Shilling • The attacker creates a multiple users with real IP address trying to influence the voting • This invariably increases the cost for the attacker • This is made by the TrustVote/TrustVoteReply
Advantages of Combining Both Servant and Resource Reputations. • Reputation’s Life Cycle • Impact on peers anonymity • Cold-start • Performance Bottleneck • Blacklisting • Data Storage and Bandwidth requirements • Threshold Effects