Results 1 - 10
of
11
P2P Second Life: experimental validation using Kad
- In Infocom, Rio De Janeiro
, 2009
"... Abstract—Applications such as Second Life require massive deployment of servers worldwide to support a large number of users. We investigate experimentally how Peer-to-Peer (P2P) communication could help cut the deployment cost and increase the scalability of Social Virtual Worlds such as Second Lif ..."
Abstract
-
Cited by 10 (1 self)
- Add to MetaCart
(Show Context)
Abstract—Applications such as Second Life require massive deployment of servers worldwide to support a large number of users. We investigate experimentally how Peer-to-Peer (P2P) communication could help cut the deployment cost and increase the scalability of Social Virtual Worlds such as Second Life. We design and build a communication infrastructure that distributes the management of the virtual world among user resources using a structured P2P network. Our communication infrastructure is implemented on the top of Kad, the P2P network that supports millions of eMule users. We then use avatar and object traces collected on Second Life to perform a realistic emulation of P2P Second Life over the Internet. We show that, despite using a standard P2P solution, P2P Second Life is mostly consistent, persistent and scalable. However, the latency avatars experience to recover from an inconsistent view of the virtual world can become disturbing for very large numbers of participants and objects. We analyze and discuss this limitation and give recommendation on how to design P2P Social Virtual Worlds. I.
Measuring the Storm Worm Network
"... The Storm worm is a botnet which appeared in the early months of 2007. Its prolific growth, the use of decentralized command and control communication based on the Overnet P2P protocol and fast-flux servers for secondary-stage binary distribution, as well as the capability to aggressively defend its ..."
Abstract
-
Cited by 7 (0 self)
- Add to MetaCart
(Show Context)
The Storm worm is a botnet which appeared in the early months of 2007. Its prolific growth, the use of decentralized command and control communication based on the Overnet P2P protocol and fast-flux servers for secondary-stage binary distribution, as well as the capability to aggressively defend itself, make Storm a notable species in the malware ecosystem. Despite considerable interest, Storm’s defensive capabilities and its distributed nature have complicated the accurate estimation of its size and understanding of its network behavior. In this paper, we actively probe the Storm botnet using Overnet queries to estimate its size – approximately 600,000 and 430,000 during the second and third week of October 2007, respectively. At the same time, we found several other surprising artifacts. Unlike traditional DHTs, the distribution of peer IDs is not uniform. Furthermore, we observed a small percentage of nodes which publish a large number of IDs, what we believe is an indication of index poisoning. Taken as a whole, these results provide insights which may facilitate researchers to curtail the Storm phenomenon as well as future P2P-based botnets. 1
Misusing Kademlia protocol to perform DDoS attacks
- in: Proceedings of the International Symposium on Parallel and Distributed Processing with Applications (ISPA
, 2008
"... Abstract—Kademlia-based DHT has been deployed in many P2P applications and it is reported that there are millions of simultaneous users in Kad network. For such a protocol that significantly involves so many peers, its robustness and security must be evaluated carefully. In this paper, we analyze th ..."
Abstract
-
Cited by 3 (2 self)
- Add to MetaCart
(Show Context)
Abstract—Kademlia-based DHT has been deployed in many P2P applications and it is reported that there are millions of simultaneous users in Kad network. For such a protocol that significantly involves so many peers, its robustness and security must be evaluated carefully. In this paper, we analyze the Kademlia protocol and identify several potential vulnerabilities. We classify potential attacks as three types: asymmetric attack, routing table reflection attack and index reflection attack. A limited real-world experiment was run on eMule and the results show that these attacks tie up bandwidth and TCP connection resources of victim. We analyze the results of our experiment in three aspects: the effect of DDoS attacks by misusing Kad in eMule, the comparison between asymmetric attack and routing table reflection attack, and the distribution of attacks. More large-scale DDoS attack can be performed by means of a little more effort. We introduce some methods to amplify the performance of attack and some strategies to evade detection. Finally, we further discuss several solutions for these DDoS attacks. Keywords- Kademlia; DDoS; P2P; Security I.
WINNOWING: Protecting P2P Systems Against Pollution By Cooperative Index Filtering
"... Abstract—Pollution (i.e., sharing corrupted files, or contaminating index information with bogus index records) is a de facto problem in many file sharing Peer-to-Peer (P2P) systems. Since pollution squanders network resources and frustrates users with unprofitable downloads (due to polluted files) ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
Abstract—Pollution (i.e., sharing corrupted files, or contaminating index information with bogus index records) is a de facto problem in many file sharing Peer-to-Peer (P2P) systems. Since pollution squanders network resources and frustrates users with unprofitable downloads (due to polluted files) and unproductive download requests (due to bogus index records), the future success of file sharing based P2P systems is questionable unless properly addressed. In this paper, we propose a novel anti-pollution scheme called winnowing. Winnowing aims to purify the index records (i.e. the information on files or the publishers) held by each index node in the system, so that download attempts based on these index records are more likely to yield satisfactory results. To attain this goal, index nodes block bogus publish messages by verifying the publisher and the contents of the publish message upon receipt of a keyword or content publish message. Second, index nodes collect feedback from the users who have downloaded files via their index records. The collected feedback is then processed and reflected in the matching index record in a novel way. Careful consideration is given to reducing the impact of false feedback, and malicious index nodes. Publish message verification has been implemented on top of the latest eMule client and extensive data has been collected from the Kad network, using this modified client. The measurement results are summarized in this paper. The the findings from the measurement study are incorporated into our analytical model, which is used to investigate the performance of user feedback mediation. The model demonstrates the effectiveness of user feedback mediation: fast convergence to near-optimal performance and insensitivity to various pollution attacks including the attacks which attempt to bypass winnowing. I.
Fair Quality of Experience (QoE) Measurements Related 141 of Experience in Database Systems with Networking Technologies
- In 8th International Conference on Wired/Wireless Internet Communications, (WWIC
, 2010
"... Abstract. This paper addresses the topic of Fair QoE measurements in networking. The research of new solutions in networking is oriented to improve the user experience. Any application or service can be im-proved and the deployment of new solutions is mandatory to get the user satisfaction. However, ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Abstract. This paper addresses the topic of Fair QoE measurements in networking. The research of new solutions in networking is oriented to improve the user experience. Any application or service can be im-proved and the deployment of new solutions is mandatory to get the user satisfaction. However, different solutions exist; thus, it is necessary to select the most suitable ones. Nevertheless, this selection is difficult to make since the QoE is subjective and the comparison among different technologies is not trivial. The aim of this paper is to give an overview on how to perform fair QoE measurements to facilitate the study and re-search of new networking solutions and paradigms. However, previously to address this problem, an overview about how networking affects to the QoE is provided. 1
A Peer-To-Peer-based Storage Platform for Storing Session Data in Internet Access Networks
"... Internet service providers (ISPs) have to store session data of their customers for operation, management, and control tasks. Thereby, each access node (AN) of an ISP’s access network keeps track of session data (e.g., IP addresses, MAC addresses, and lease times of IP addresses) of all connected cu ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Internet service providers (ISPs) have to store session data of their customers for operation, management, and control tasks. Thereby, each access node (AN) of an ISP’s access network keeps track of session data (e.g., IP addresses, MAC addresses, and lease times of IP addresses) of all connected customers. Session data is highly volatile due to continuous changes. It has to be stored persistently as it is required for regular data forwarding and traffic filtering. In case of an AN’s restart or crash, it needs to be reloaded. Today, session data is stored in an AN’s flash memory, which is limited in its availability and rewritability and intended for other purposes. Therefore, this paper proposes to organize ANs into a distributed hash table (DHT)-based Peer-to-Peer network to share their available RAM resources. Thereby, the DHT network serves as semi-permanent distributed memory for a structured redundant and interleaved storage of session data. In doing so, availability of session data is actually increased despite using RAM for data storage. After a restart or crash, an AN reloads session data by selectively reading required data from the DHT network. 1
Author manuscript, published in "ICN 2008, Cancun: Mexico (2008)" A Distributed and Adaptive Revocation Mechanism for P2P networks
, 2008
"... Abstract—With the increasing deployment of P2P networks, supervising the malicious behaviours of participants, which degrade the quality and performance of the overall delivered service, is a real challenge. In this paper, we propose a fully distributed and adaptive revocation mechanism based on the ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract—With the increasing deployment of P2P networks, supervising the malicious behaviours of participants, which degrade the quality and performance of the overall delivered service, is a real challenge. In this paper, we propose a fully distributed and adaptive revocation mechanism based on the reputation of the peers. The originality of our approach is that the revocation is integrated in the core of the P2P protocol and does not need complex consensus and cryptographic mechanisms, hardly scalable. The reputation criteria evolve with the contribution of a peer to the network in order to highlight and help fight against selfish or malicious behaviours. The preliminary results show that the user perceived delays are not highly impacted and that our solution is resistant to reputation and revocation attacks. Index Terms—P2P networks, revocation mechanism, reputation mechanism, remote accounts, KAD I.
Circuit and Systems
"... Communication aspects in an RF system combining radar and wireless communications ..."
Abstract
- Add to MetaCart
(Show Context)
Communication aspects in an RF system combining radar and wireless communications
SECURITY PROPERTIES IN AN OPEN PEER-TO-PEER NETWORK Abstract
"... This paper proposes to address new requirements of confidentiality, integrity and availability properties fitting to peer-to-peer domains of resources. The enforcement of security properties in an open peer-topeer network remains an open problem as the literature have mainly proposed contribution on ..."
Abstract
- Add to MetaCart
(Show Context)
This paper proposes to address new requirements of confidentiality, integrity and availability properties fitting to peer-to-peer domains of resources. The enforcement of security properties in an open peer-topeer network remains an open problem as the literature have mainly proposed contribution on availability of resources and anonymity of users. That paper proposes a novel architecture that eases the administration of a peer-to-peer network. It considers a network of safe peer-to-peer clients in the sense that it is a commune client software that is shared by all the participants to cope with the sharing of various resources associated with different security requirements. However, our proposal deals with possible malicious peers that attempt to compromise the requested security properties. Despite the safety of an open peer-to-peer network cannot be formally guaranteed, since a end user has privileges on the target host, our solution provides several advanced security enforcement. First, it enables to formally define the requested security properties of the various shared resources. Second, it evaluates the trust and the reputation of the requesting peer by sending challenges that test the fairness of its peer-to-peer security policy. Moreover, it proposes an advanced Mandatory Access Control that enforces the required peer-to-peer security properties through an automatic projection of the requested properties onto SELinux policies. Thus, the SELinux system of the requesting peer is automatically configured with
Responsible Editor: L. Salgarelli Keywords:
, 2011
"... bo ben a r t i c l e i n f o Article history: ..."
(Show Context)
