1 / 31

A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks

A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks. E. Damiani S. De Capitani di Vimercati S. Paraboschi P. Samarati F. Violante. Presented by: Li Meixuan, Li Qihua. Outline. Introduction P2P Security Issues P2P Information Sharing Architecture

eudora
Download Presentation

A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Reputation-Based Approach forChoosing Reliable Resources inPeer-to-Peer Networks E. Damiani S. De Capitani di Vimercati S. Paraboschi P. Samarati F. Violante Presented by: Li Meixuan, Li Qihua

  2. Outline • Introduction • P2P Security Issues • P2P Information Sharing Architecture • XRep Protocol • XRep Security Considerations • Combining Servent and Resource Reputation • Distribution of Servents and Resources • Conclusion

  3. Introduction Family of applications that exploit the Internet to offer services where each participant acts both as a client and as a resource provider • File sharing • Distributed processing • Instant messaging

  4. P2P Security Issues • Exploited to distribute malicious software. • P2P content distribution may involve spamming. • Anonymous P2P environment makes it difficult to choose resources from the various resource providers. * Introduce the concept of combined reputation of servents and resources in P2P scenarios.

  5. P2P Information Sharing Architecture • Servent (server + client) • A node in the P2P network that plays the role of both client and server. • P2P networks for file exchange involves two phases: • 1. Search of the servents where the requested information resides • 2. Download from the exporting servents the requested information • Pure P2P • Centralized index • Distributed architecture with supernodes

  6. P2P Information Sharing Architecture Pure P2P - Gnutella Query S Query QueryHit Query Query QueryHit Query O Query Query Query Servent looking for a resource S O Offerer

  7. P2P Information Sharing Architecture Pure P2P - Gnutella • Servent sends broadcast Query message to every node it is directly linked to. • Servents identifying the requested file will reply with QueryHit message. • QueryHit message contains ResultSet and the pair of <IP address, port> used to download the file. • Query messages tag with a TTL to avoid overloading the network.

  8. XREP Protocol Basic Assumptions • Each node keeps track and share with others information about the reputation of their peers and resources. • Reputation sharing is based on a distributed polling protocol. • Each servent has a servent_id which is a digest of a public key obtained using a secure hash function. • Each resource has an identifier which is a digest computed by applying a secure hash function to the resource content.

  9. XREP Protocol Reputations Storage • resource_repository: set of pairs (resource_id,value) • servent_repository: set of triples (servent_id, num_plus, num_minus) • Translation of reputaion into votes: votes are expressed on the basis of information available in the experience_respositories • Peers vote positively only for servents with which it never had bad experiences.

  10. XREP Protocol - Polling

  11. XREP Protocol - Polling Phase 1 – Resource Searching Initiator p sends a Query message for searching resources and servents matching that request respond with a QueryHit Query(search_string, min_speed) Initiator p Servent s QueryHit(num_hit,IP,Port,speed,Result,trailer,servent_id)

  12. XREP Protocol - Polling

  13. XREP Protocol - Polling Phase 2 – Vote Polling p polls its peers about the reputation of a resource r and the set T of servents that offer it. Peers wishing to respond send back a PollReply Poll(r, T, PKpoll) Initiator p Servent s PollReply({(IP,Port,Votes)}PKpoll)

  14. XREP Protocol - Polling

  15. XREP Protocol - Polling Phase 3 – Vote Evaluation p selects a set of voters, contacts them directly and expects back a confirmation message. TrueVote(Votesj) Initiator p Servent s TrueVoteReply(response)

  16. XREP Protocol - Polling

  17. XREP Protocol - Polling Phase 4 – Best servent check p contacts the best servent s to check the fact that it exports resource r AreYou(servent_ids, r) Initiator p Servent s AreYouReply([response]SKs,PKs)

  18. XREP Protocol - Polling

  19. XREP Protocol - Polling Phase 5 – Resource download p selects a servent s, downloads a resource r, and checks it against its digest. download(r) Initiator p Servent s resource(r)

  20. XRep Security Considerations • XRep protects the P2P networks from the following common attacks • Self replication • Man in the middle • Pseudospoofing • ID Stealth • Shilling

  21. XRep Security Considerations: Self Replication • A malicious peer makes use of anonymity to answer positively queries and returns doctored content. • Using XRep, the resource will be given a bad vote, reducing the likelihood of the resource getting downloaded again • Self replication will only work at cold-start, where there is no information about the resource

  22. XRep Security Considerations: Man in the middle • A malicious peer, D, can lie in between 2 “honest” peers, intercepts the QueryHit message and modifies it • XRep neutralises this attack, since D will not be selected based on his bad reputation

  23. XRep Security Considerations: Pseudospoofing • Attackers exploit the P2P systems use of pseudonyms, thus they can create and control multiple phony identities • XRep uses digest-based mechanism, recognizing doctored resources and discarding them • The protocol has an IP checking mechanism. Fake ids created by malicious peers will collapse into a single IP cluster, which will then receive an overall bad reputation • Fake IPs given by attackers will also fail due to the TrueVote/TrueVoteReply message exchange

  24. XRep Security Considerations: ID Stealth • ID stealth is a variation of pseudospoofing, where the attacker D ‘steals’ the IDs of reputable servents. • D can reply Query messages with digests of corrupted info using the stolen ids, along with his. • Peer A polls the network to collect votes regarding the servents and the resource. • XRep ensures that A will check if the most voted servent actually offers the resource before downloading

  25. XRep Security Considerations: Shilling • Shilling uses real IP addresses for multiple identities to influence the votes of a doctored resource or a malicious servent - shills. • The protocol tries to ensure a high number of votes, making it expensive for a malicious user to maintain a sufficient number of shills. • Shills usually not involved in transactions, thus their reputation are likely to be low

  26. Combining Servent and Resource-based Reputations • XRep combines both servent and resource-based reputations in its protocol, thus combining advantages from both schemes • Changes with respect to: • Reputations’ life cycle. • Reputations of new resources take after reputation of servent • Resources have longer life cycle • Impact on peers anonymity. • Pseudonyms can be permanent since a pseudonym will have its respective reputation • Peers can have new identities due to resource-based reputation

  27. Combining Servent and Resource-based Reputations • Changes with respect to • Cold-start • Newcomers can immediately participate in distribution of well known resources • Performance bottlenecks • Bottlenecks can be reduced, peers can choose from reputable servents or resource to download • Blacklisting • Resource blacklisting prevents the distribution of malicious software • Servent blacklisting discourages the change of pseudonyms, difficult for malicious users to be chosen for download when they start afresh

  28. Combining Servent and Resource-based Reputations • Changes with respect to • Data storage and bandwidth requirements • Resource-based reputation requires substantially more information to be maintained • Threshold effect • Have a reasonable threshold of votes to determine the reputation for each poll • In servent-based scenario, difficult in reaching the threshold due to short lift cycle of servent id • In resource-based reputation, it would be difficult for a resource to be wide spread enough to have sufficient votes

  29. Distribution of Servents and Resources • The distribution of servents and resources affects the success of the XRep protocol • Frequent resources are more frequently searched, thus the votes are likely to be high • Few servents offering many resources will be well-known, getting more votes • The effectiveness of the protocol will be the probabilistic sum of effectiveness of the separate reputations • Free loaders can participate in the voting despite not sharing files

  30. Conclusion • XRep is a reputation-based management protocol for anonymous P2P environments • Represents a step towards a self-regulating P2P system for preventing malicious behaviour in P2P systems

  31. References • E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati, F. Violante, "A Reputation-based Approach for Choosing Reliable Resources in Peer-to-Peer Networks," in Proc. of the 9th ACM Conference on Computer and Communications Security, Washington, DC, USA, November 17-21, 2002 • A. Abdul-Rahman and S. Hailes. Supporting trust in virtual communities. In Proc. of the Hawaii International Conference on System Sciences, Maui, Hawaii, January 2000 • E. Adar and B. Huberman. Free riding on gnutella. Technical report, Xerox PARC, August 2000. • Karl Aberer , Zoran Despotovic, Managing trust in a peer-2-peer information system, Proceedings of the tenth international conference on Information and knowledge management, October 05-10, 2001, Atlanta, Georgia, USA

More Related