On Pollution attacks in fully connected P2P networks using trusted peers



Cristóbal Medina-López, Ilshat Shakirov, L.G. Casado and Vicente González-Ruiz



Feder

Department of Informatics
University of Almería
Spain


Feder Gobierno de España Junta de Andalucia CEIA3 P2PSP protocol

Follow the slideshow on the Web


URL of these Slides:

http://slides.p2psp.org/2016-12-ISDA/



Diapositivas

Table of Contents


  • Motivation
  • P2PSP
  • Pollution Attacks
  • Proposal
    • STrPe-DS model

  • Experiments
    • Test bed
    • Experimental results

  • Conclusions

Table of Contents


  • Motivation
  • P2PSP
  • Pollution Attacks
  • Proposal
    • STrPe-DS model

  • Experiments
    • Test bed
    • Experimental results

  • Conclusions

Motivation

  • We have a P2P streaming system and we need to ensure the stream quality. So, we have to expel the Malicious Peers (MPs) using Trusted Peers (TPs) before they drive out the Well Intended Peers (WIPs).


  • It is not an easy task because each decision made by one part (TPs) may have a countermeasure by the other part (MPs).


  • We find a difficult multi-objective optimization problem in the Malicious side and also in the Trusted Peers side.

Motivation

Multi-objetive optimization problem

  • MP side: to minimize the stream quality

    - to maximize the number of detected TPs.

    - to minimize the number of MPs (cost).

    - to minimize the number of MPS expelled by TPs.

    - to maximize the number of polluted chunks in WIPs.

    - to perform previous task in a minimun number of rounds.


  • TP side: to maximize the stream quality

    - to minimize the number of MPs (this minimize the number of polluted chunks in the team).

    - to minimize the number of TPs (cost).

    - to perform previous task in a minimun number of rounds.

Table of Contents


  • Motivation
  • P2PSP
  • Pollution Attacks
  • Proposal
    • STrPe-DS model

  • Experiments
    • Test bed
    • Experimental results

  • Conclusions
P2PSP protocol

How does a P2PSP system work?


A P2PSP Team


A P2PSP Team

How does a P2PSP system work?


A P2PSP Team


A P2PSP Team

1. The video is sent in real time to the Splitter.


How does a P2PSP system work?


A P2PSP Team


A P2PSP Team

1. The video is sent in real time to the Splitter.


2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.


How does a P2PSP system work?


A P2PSP Team


A P2PSP Team

1. The video is sent in real time to the Splitter.


2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.


How does a P2PSP system work?


A P2PSP Team


A P2PSP Team

1. The video is sent in real time to the Splitter.


2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.


How does a P2PSP system work?


A P2PSP Team


A P2PSP Team

1. The video is sent in real time to the Splitter.


2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.


How does a P2PSP system work?


A P2PSP Team


A P2PSP Team

1. The video is sent in real time to the Splitter.


2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.


3. Each peer sends its chunks to each other in order to ensure that everyone has the whole stream.


How does a P2PSP system work?


A P2PSP Team


A P2PSP Team

1. The video is sent in real time to the Splitter.


2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.


3. Each peer sends its chunks to each other in order to ensure that everyone has the whole stream.


4. Peers send the stream to the player.

Table of Contents


  • Motivation
  • P2PSP
  • Pollution Attacks
  • Proposals
    • STrPe-DS model

  • Experiments
    • Test bed
    • Experimental results

  • Conclusions

Pollution Attacks


Pollution attacks consist of a peer or a set of peers modifying the content of the stream. Can be done as a combination of different kind of attack.


Pollution Attacks


Persistent, Selective and Collaborative attack: several attackers may collaborate to produce selective and persistent attacks on a large set of peers.


Collaborative Attack

Table of Contents


  • Motivation
  • P2PSP
  • Pollution Attacks
  • Proposal
    • STrPe-DS model

  • Experiments
    • Test bed
    • Experimental results

  • Conclusions

Strategy based on Trusted Peers and Digital Signatures


It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:


STrPe-DS

Strategy based on Trusted Peers and Digital Signatures


It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:


STrPe-DS

1.When peers join the team they receive the public key of the splitter.


Strategy based on Trusted Peers and Digital Signatures


It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:


STrPe-DS

1.When peers join the team they receive the public key of the splitter.


2.For each chunk, the splitter sends a message like this:
{chunk, nChunk, dst, S priv (H(chunk + nChunk + dst))}.


Strategy based on Trusted Peers and Digital Signatures


It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:


STrPe-DS

1.When peers join the team they receive the public key of the splitter.


2.For each chunk, the splitter sends a message like this:
{chunk, nChunk, dst, S priv (H(chunk + nChunk + dst))}.


3.The peers verify dst and check if the hash value is correct.


Strategy based on Trusted Peers and Digital Signatures


It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:


STrPe-DS

1.When peers join the team they receive the public key of the splitter.


2.For each chunk, the splitter sends a message like this:
{chunk, nChunk, dst, S priv (H(chunk + nChunk + dst))}.


3.The peers verify dst and check if the hash value is correct.


4.The splitter periodically requests the list of removed peers to the TP.


Strategy based on Trusted Peers and Digital Signatures


It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:


STrPe-DS

1.When peers join the team they receive the public key of the splitter.


2.For each chunk, the splitter sends a message like this:
{chunk, nChunk, dst, S priv (H(chunk + nChunk + dst))}.


3.The peers verify dst and check if the hash value is correct.


4.The splitter periodically requests the list of removed peers to the TP.


5.Peers removed by any TP are directly expelled by the splitter after a random time.


Strategy based on Trusted Peers and Digital Signatures



  • Can trusted peers expel the bad guys by following these basic rules?


    Non-repudiation

Table of Contents


  • Motivation
  • P2PSP
  • Pollution Attacks
  • Proposals
    • STrPe-DS model

  • Experiments
    • Test bed
    • Experimental results

  • Conclusions

Test bed


Behavior of the entities


  • Churn:

    • TPs are incorporated into the team at random.

    • Peers stay in the team a period of time modeled by a Weibull distribution.


  • MPs:

    • Always attack in a persistent, selective and collaborative way.

    • They do not attack over 50% of the team.

    • They scout for TPs doing a one-to-one attack during a period of time (MPTR).

    • If after MPTR an MP is not expelled, the attacked peer is added to a "safe to attack" list.

    • All MPs attack to the "safe to attack" list.


  • TPs:

    • TPs inform to the splitter about attacks ASAP.

    • A TP will leave the team after complain about an MP with probability Ptpl in order to avoid its detection by MPs.

Table of Contents


  • Motivation
  • P2PSP
  • Pollution Attacks
  • Proposals
    • STrPe-DS model

  • Experiments
    • Test bed
    • Experimental results

  • Conclusions

Experimental results


Results obtained by simulation [war-games]


experiments experiments

Table of Contents


  • Motivation
  • P2PSP
  • Pollution Attacks
  • Proposals
    • STrPe-DS model

  • Experiments
    • Test bed
    • Experimental results

  • Conclusions

Conclusions


Experiments show that we need at least the same number of TPs than MPs to mitigate the attack completely. So, an approach based on Trusted Peers is enough to mitigate pollution attacks when the number of malicious is not too large.


When the number of malicious is large, improvements in the policies and additional techniques should be addressed.

good guys?

Thanks!