1 / 47

Having Fun with P2P

Having Fun with P2P. Keith W. Ross Polytechnic University http://cis.poly.edu/~ross. Many Apps Migrating Client-Server to P2P . File sharing File and patch distribution Live video streaming Video on demand VoIP Hybrid CDN/P2P. Today’s Talk. P2P security Is BitTorrent Unstoppable?

whitney
Télécharger la présentation

Having Fun with P2P

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Having Fun with P2P Keith W. Ross Polytechnic University http://cis.poly.edu/~ross

  2. Many Apps Migrating Client-Server to P2P • File sharing • File and patch distribution • Live video streaming • Video on demand • VoIP • Hybrid CDN/P2P

  3. Today’s Talk • P2P security • Is BitTorrent Unstoppable? • Survey of P2P video streaming research • Creating an open P2P video streaming ecosystem Research supported by: NSF, Microsoft, Movie Labs, Huawei, Verizon, Panasonic, Len Shustek

  4. Why study P2P Security? • P2P is potentially more vulnerable than client server. • Need to understand the security issues for architecting future P2P apps • Attacks from entertainment industry reveal weak spots in P2P

  5. Security work joint with: Jian Liang Naoum Naoumov Rakesh Kumar Prithula Dhungel Xiaojun Hei Di Wu

  6. Earlier work onKazaa and eDonkey • FastTrack/Kazaa • Unstructured P2P network • Overnet/Kad • Structured (DHT) P2P network • Part of eDonkey/eMule

  7. File Pollution: Infocom 05 original content polluted content pollution company

  8. File Pollution pollution server pollution company file sharing network pollution server pollution server pollution server

  9. File Pollution Unsuspecting users spread pollution !

  10. File Pollution Unsuspecting users spread pollution ! Yuck

  11. Index Poisoning: Infocom 06 index titlelocationbigparty 123.12.7.98smallfun 23.123.78.6heyhey 234.8.89.20 23.123.78.6 123.12.7.98 file sharing network 234.8.89.20

  12. Index Poisoning index titlelocationbigparty 123.12.7.98smallfun 23.123.78.6heyhey 234.8.89.20 index titlelocationbigparty 123.12.7.98smallfun 23.123.78.6heyhey 234.8.89.20bighit 111.22.22.22 23.123.78.6 123.12.7.98 234.8.89.20 111.22.22.22

  13. FastTrack Copies

  14. Overnet Copies

  15. Is BitTorrent Unstoppable? (IPTPS 2008; extended version available) • How can record/movie companies limit piracy in BitTorrent? • Suing companies? • Suing users? • Internet attacks? • How vulnerable is BitTorrent to attacks?

  16. BitTorrent torrent: group of peers exchanging chunks of a file tracker: tracks peers in torrent; providestracker list trading chunks torrent index server:search for torrents;provides .torrent file peer

  17. BitTorrent Ecosystem • Open protocol • 50+ client implementations • Dozens of tracker implementations • Dozens of torrent location sites • 5 million simultaneous users & growing • Evolving: • Peer discovery: DHTs, gossiping • Proprietary protocols, private torrents

  18. Seeds and leechers File divided into 256KB pieces. Each piece is 16 blocks. Download blocks and assemble pieces Hash piece to check integrity Peers advertise pieces they have to neighbors Peer sends blocks to four neighbors currently sending it data at the highest rate And also to one random neighbor BitTorrent Basics

  19. Classes of BitTorrent Attacks Attacks against an existing torrent • against leechers • against initial seed • against peer discovery • against peer discover Decoy attacks: attacker creates own torrent • Seeding a polluted file • Seeding a file and delivering only 99%

  20. Fake Block Attack • Attacker establishes TCP connections with legitimate peers • Peer downloads one fake block from attacker • and 15 good blocks from legit peers • Hash failure – download is prolonged Acknowledgment: Thanks to Vishal Misra for bringing this attack to our attention.

  21. Simple analysis of fake block attack What is the probability of a hash failure? • n = # neighbors advertising piece • m = attack nodes (m < n) • k = # neighbors from which it is downloading the 16 blocks

  22. 70% failure requires 20% attack neighbors γ increases for rare pieces and in end game Probability of a clean piece

  23. Connection attack • Attacker establishes many TCP connections to each target peer. • Doesn’t upload any blocks • Chatty peer: keeps connection active with repeated BT handshake messages

  24. Passive Measurements • Collect traces while downloading • Azureus and uTorrent • DSL and Ethernet • 54 downloads of “Foo Fighters” (108 MB) • Developed parser to analyze BT trace • To estimate download time without attack: • Obtain blacklist from torrentfreak.com • Use Peer Guardian to prevent connections to blacklisted peers

  25. Azureus results • Download is NOT being prolonged by more than 50% for DSL

  26. Zoom in one Azureus trace Chatty-peers make upa major fraction of the useful peers.

  27. Handshake messages sent by chatty peers

  28. uTorrent

  29. Zoom in on uTorrent trace

  30. Passive Measurement Conclusions • Anti-P2P companies applying different strategies for different BT clients • Largely ineffective for Ethernet clients • For DSL, download time increases by 30-60%

  31. Active Measurements • Crawl peers in torrent and identify • Fake-block attack peers • Chatty peers • Looked at 8 box-office movie torrents • Some under attack; some not • Crawler speaks Azureus protocol to Azureus peers • and conventional protocol to all other peers

  32. Active Measurement Conclusions • Several, but not all, top-box movies are under attack • Published blacklists do not cover all the attackers in a torrent • Most attackers enter through gossiping

  33. Seed Attack • “Nip in the bud” • Make many connections to seed, download at high rate • Rationale: Conventional algo gives all its bandwidth to 5 highest downloaders

  34. Planet Lab experiments • Put 30 leechers on PL nodes; upload capacity capped at 512 kbps • Seed upload capacity 160 kbps • Azureus and uTorrent • 0-60 attack peers • Start seed, start 5 leechers, start attack peers, start 25 leechers

  35. Seed attack results delay attacker bandwidth

  36. BitTorrent Conclusions • Attacks against leechers can prolong downloads • But is 50% enough? • Blacklists are helpful; adaptive blacklist is needed • Seed is surprisingly resilient to attacks • Attacks must be tailored to client types • BitTorrent ecosystem is difficult to stop!

  37. Today’s Talk • P2P security • Is BitTorrent Unstoppable? • Survey of P2P video streaming research • Creating an open P2P video streaming ecosystem Research supported by: NSF, Microsoft, Movie Labs, Huawei, Verizon, Panasonic, Len Shustek

  38. Live Streaming: Faculty Collaborators ProfessorYong Liu Professor Shiv Panwar Professor Yao Wang and Professor Nitsesh Saxena (CS)

  39. obtain list of peers peer Basic idea P2P live streaming tracker trade chunks Source of video

  40. PPLive: Chinese New Year 2006

  41. @ Polytechnic • Infrastructure for measuring P2P live video systems • Xiaojun Hei, Jian Liang, Yong Liu • Stochastic modeling of P2P live streaming • Rakesh Kumar, Yong Liu • Incentives and scalable video for live P2P streaming • Zhengye Liu, Yanming Shen, Shiv Panwar, Yao Wang • Security of P2P live streaming systems • Prithula Dhungel, Xiaojun Hei, Nitesh Saxena • P2P VoD, Hybrid P2P-CDN • Angela Wang, MSR colleagues • Developing our own live P2P video system • Master’s students

  42. Open P2P Live Streaming • Create an ecosystem for live streaming • Need incentives • The more you upload the better the quality • Layered video • Chunk-based • Substream-based • Accommodate user generated content

  43. Thank You !

More Related