No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Fighting pollution attacks in P2P streaming
Abstract
In recent years, the demand for multimedia streaming over the Internet is soaring. Due to the lack of a centralized point of administration, Peer-to-Peer (P2P) streaming systems are vulnerable to pollution attacks, in which video segments might be altered by any peer before being shared. Among existing proposals, reputation-based defense mechanisms are the most effective and practical solutions. We performed a measurement study on the effectiveness of this class of solutions. We implemented a framework that allows us to simulate different variations of the reputation rating systems, from the centralized global approaches to the decentralized local approaches, under different parameter settings and pollution models. One key finding is that a centralized reputation system is only effective in static network and in defending against light pollution attacks. In general, a fully distributed reputation system is more suitable for the “real-time” P2P streaming system, since it is better in handling network dynamics and fast in detecting the polluters. Based on this key finding, we propose DRank, a fully distributed rank-based reputation system. Experimental results show that this technique is more flexible and robust in fighting pollution attacks.
... This is easily true for homogenous systems, but hardly so for real-life peer distribution. [125] Credit incentives for quality video upload [126] P2P content availability [127], [128] P2P trust management [43], [129] Peer pollution in P2P ...
... Another trust management issue has to do with peer pollution [43], [129]. That is peers deliberately generating, which results in the degraded network for other peers in the network. ...
... That is peers deliberately generating, which results in the degraded network for other peers in the network. The authors in [129] noted that "video segments might be altered by any peer before being shared". It was further mentioned that "among existing proposals, reputation-based defence mechanisms are the most effective and practical solutions". ...
Centralized file-sharing networks have low reliability, scalability issues, and possess a single point of failure, thus making peer-to-peer (P2P) networks an attractive alternative since they are mostly anonymous, autonomous, cooperative, and decentralized. Although, there are review articles on P2P overlay networks and technologies, however, other aspects such as hybrid P2P networks, modelling of P2P, trust and reputation management issues, coexistence with other existing networks, and so on have not been comprehensively reviewed. In addition, existing reviews were limited to articles published in or before 2012. This paper performs a state-of-the-art literature survey on the emerging research areas of P2P networks, applications and ensuing challenges along with proposed solutions by scholars. The literature search for this survey was limited to the top-rated publisher of scholarly articles. This research shows that issues with security, privacy, the confidentiality of information and trust management will need greater attention, especially in sensitive applications like health services and vehicle to vehicle communication ad hoc networks. In addition, more work is needed in developing solutions to effectively investigate and curb deviant behaviours among some P2P networks.
... Content pollution is defined as a malicious fault by which the original video content is modified by a peer that does not have the authorisation to do that. Different types of modifications are possible, such as modifications of the original data, the insertion of new data, and also omission and data destruction [12][13][14][15]. If the P2P system does not deploy any strategy to fight pollution attacks, the transmission can be seriously harmed even if the number of malicious peers is low [16][17][18]. ...
... These solutions employ reputation mechanisms based on the experience of each peer, which peers communicate among themselves. In [15] the authors present a framework to simulate different variations of the reputation strategies, from centralised to distributed approaches. Results lead to the conclusion that the distributed strategy is the best given the dynamic nature of peer-to-peer networks. ...
... Some solutions are based on coding theory, including band codes [13][14][15]. In these solutions peers encode and decode the chunks. ...
Video streaming has become increasingly popular in the Internet. Frequently, video transmissions are based on peer‐to‐peer networks, in which peers running on end‐user hosts transmit data among themselves. An important security vulnerability of this strategy is that content can be easily altered by malicious users. Thus, it becomes essential to diagnose and fight content pollution in these systems. In this work, the authors present a novel strategy that relies on comparison‐based diagnosis to mitigate content pollution in live video streaming peer‐to‐peer networks. This strategy is fully distributed and effectively combats the dissemination of content pollution. In the strategy, peers independently identify and avoid polluters. The solution works on top of the scalable overlay network Fireflies. Experimental results are presented showing the effectiveness and the low overhead of the solution. In particular, the strategy was able to significantly reduce content pollution propagation in diverse network configurations.
... This may make QoS issues, causing much more peers to quit viewing. To evade this, P2P VoD streaming frameworks require a solid error recovery convention that can reconnect left peers rapidly and proficiently to stay away from lost frames and critical deferrals [4,5,12,21,22,24,27,28]. Also, this may cause effects on the utilization rate of the bandwidth of general peers for P2P VoD streaming frameworks. ...
In peer to peer (P2P) video streaming systems, peers in network assist to forward the data to other peers without the interference of central servers. Video on Demand (VoD) is widely using internet service, which offers video to users with effective control when they need it. The major significant problem in developing a P2P VoD system is data scheduling, which concentrates on dealing with transmitting and dispatching data segments within a system efficiently. So a Gravitational Search Algorithm based data Scheduling (GSAS) is presented in this paper. Initially, the network is developed in the form of hierarchical topology. Video file is cached as data segments in each peer in the top layer of the network. Using the priority function, these data segments are sorted or prioritized. Using the proposed GSA algorithm, optimal or suitable peers which cache the requested data segments in the top layer are selected. Then the prioritized data segments from the selected peers are scheduled to the peer which has requested for video sequences. The video file “Grandmother” with the size 53 MB is examined in this approach. This proposed approach is simulated in the network simulator. Simulation results show that the performance of this proposed approach is superior to that of the existing work in terms of throughput and scheduling time.
In the past few years, peer-to-peer (P2P) live streaming systems have gained great commercial success and have become a popular way to deliver multimedia content over the Internet, which received more and more attentions from both industry and academia globally. However, the dramatic rise in popularity makes these systems more likely to be vulnerable targets. In this study, mesh-pull infrastructure architecture and pollution attack principle for P2P live streaming systems were presented firstly, and then the various user behaviours under the pollution attack were analysed. Subsequently, the authors proposed an analytical modelling framework of content pollution attack for P2P live streaming systems. Different from the existing content pollution propagation models, it considers the impact of user behaviours in the attack. Furthermore, to ensure the availability and accuracy of the model, the real-world experimental attack data for a popular commercial system was used to verify it. The results showed that the model is a feasible and efficient tool to analyse and predict content pollution propagation in real-world P2P live streaming systems. The authors' work can provide an in-depth understanding of the content pollution propagation in P2P live streaming systems, and evaluation of restraining illegal content distribution for copyright holders and government.
Structured p2p overlay networks are vulnerable to malicious nodes which can control more than one identities. In such situation, they can mediate and monitor most overlay traffic. The decentralized and dynamic nature of such systems makes the detection of these nodes a very difficult task. In this paper we present a framework for monitoring and mitigating malicious attacks. We argued that monitoring traffic allows us to identify suspicious behavior. Our key idea is to divide the overlay into zones to reduce the number of monitors and capture traffic without disruption the routing protocol. Our solution generates measurements on the whole network and provides a Preset profile, finding a set of peers with malicious behavior that do not follow this profile. Evaluation shows that our framework has a good performance and can detect malicious nodes that are intended to malign the overlay.
Today Peer-To-Peer (P2P) networks are becoming more important from high scalability and low cost point of view, and these networks are popular platform for video streaming. With burgeoning of P2P networks, one of the interesting areas of research is confronting to various attacks and threats against these networks. Since, video streaming is a popular application of P2P networks, some attacks like pollution attacks have made serious challenge. In these attacks fake contents are replaced with the original one, by malicious users, and are broadcasted to the network. Diffusion of these contents cannot be controlled with any control process and causes that the polluted content quickly becomes available in network. Another major impacts of this event are users dissatisfaction performance reduction and poor quality of services. For reason, this article proposes a solution for addressing the pollution attacks on P2P networks. Our approach is based on CDN-P2P architecture which is called “Multi-Level mechanism”. This mechanism, unlike produced methods, uses temporary blocked policy and new technique to calculate reputation. Also Multi-Level mechanism works in a distributed reputation system. Experimental results show that our Multi-Level approach has a good performance against pollution attacks.
P2P streaming systems are popular applications on internet. However, due to the open nature, P2P streaming systems are vulnerable to malicious attacks, especially data pollution attacks. Reputation-based mechanisms are most effective mechanisms to defend data pollution attacks in P2P streaming systems. In this paper, we propose a dynamic reputation management. In our proposed mechanism, a peer's reputation consists of direct and indirect trust. The confidence factor is used to determine the weight of direct trust. We introduce Gompertz Function to adjust the confidence factor, the more interactions, the larger weight of direct trust value is. Besides, to lower the complexity of calculating indirect trust, we introduce threedegree of separation, which only includes neighbors within three degrees while calculating indirect trust. Simulation results show that our proposed reputation management scheme can effectively separate malicious peers, reduce the dissemination of polluted data chunks and defend various kinds of data pollution attacks.
Nowadays, peer-to-peer (P2P) streaming systems have become the most popular way to deliver multimedia content over the internet due to their low bandwidth requirement and high video streaming quality. However, P2P streaming systems are vulnerable to various attacks, especially pollution attacks, due to their distributed and dynamically changing infrastructure. In this paper, by exploring the unique features of various pollution attacks, we propose a trust management system tailored for P2P streaming systems. Both direct trust and indirect trust are taken into consideration in the design of the system. A new approach to model the direct trust is proposed, and a dynamic confidence factor that can dynamically adjust the weight of direct and indirect trust is also proposed. It is shown that the proposed trust management system is effective in identifying polluters and preventing them from further sharing of polluted data chunks.
a b s t r a c t Peer-to-Peer (P2P) streaming has become a popular platform for transmitting live content. However, due to their increasing popularity, P2P live streaming systems may be the target of user opportunistic actions and malicious attacks, which may greatly reduce streaming rate or even stop it completely. In this article, we focus on a specific type of attack called content pollution, in which malicious peers tamper or forge media data, introducing fake content before uploading it to their partners in the overlay network. Specifically, we pres-ent a new decentralized reputation system, named SimplyRep, that quickly identifies and penalizes content polluters, while incurring in low overhead in terms of bandwidth con-sumption. We evaluate our method with both simulation and experiments in PlanetLab, comparing it against two previously proposed approaches, namely, a centralized black list and a distributed reputation system, in various scenarios. Our results indicate that Simply-Rep greatly outperforms the two alternatives considered. In particular, both black list and the distributed reputation method perform poorly when polluters act jointly in a collusion attack, reaching a data retransmission overhead (triggered by polluted chunks received) of 70% and 30%, respectively, whereas the overhead experienced by SimplyRep is at most 2%. Our results also show that SimplyRep is able to quickly isolate almost all polluters under a dissimulation attack, being also somewhat robust to a whitewashing attack, although the latter remains a challenge to effective P2P streaming. Ó 2012 Elsevier B.V. All rights reserved.
P2P mesh-pull live video streaming applications – such as Cool-Streaming, PPLive, and PPStream – have become popular in the recent years. In this paper, we examine the stream pollution attack, for which the attacker mixes polluted chunks into the P2P distribu-tion, degrading the quality of the rendered media at the receivers. Polluted chunks received by an unsuspecting peer not only effect that single peer, but since the peer also forwards chunks to other peers, and those peers in turn forward chunks to more peers, the polluted content can potentially spread through much of the P2P network. The contribution of this paper is twofold. First, by way of experimenting and measuring a popular P2P live video stream-ing system, we show that the pollution attack can be devastating. Second, we evaluate the applicability of four possible defenses to the pollution attack: blacklisting, traffic encryption, hash verifica-tion, and chunk signing. Among these, we conclude that the chunk signing solutions are most suitable.
Copyright holders have been investigating technological solutions to prevent distribution of copyrighted materials in peer-to-peer file sharing networks. A particularly popular technique consists in "poi- soning" a specific item (movie, song, or software title) by injecting a massive number of decoys into the peer-to-peer network, to re- duce the availability of the targeted item. In addition to poisoning, pollution, that is, the accidental injection of unusable copies of files in the network, also decreases content availability. In this paper, we attempt to provide a first step toward understanding the differences between pollution and poisoning, and their respective impact on content availability in peer-to-peer file sharing networks. To that effect, we conduct a measurement study of content availability in the four most popular peer-to-peer file sharing networks, in the ab- sence of poisoning, and then simulate different poisoning strategies on the measured data to evaluate their potential impact. We exhibit a strong correlation between content availability and topological properties of the underlying peer-to-peer network, and show that the injection of a small number of decoys can seriously impact the users' perception of content availability.
P2P mesh-pull live video streaming applications – such as CoolStreaming, PPLive, and PPStream– have become popular in the recent years. In this paper, we examine the stream pollution attack,for which the attacker mixes polluted chunks into the P2P distribution, degrading the quality of therendered media at the receivers. Polluted chunks received by an unsuspecting peer not only effectthat single peer, but since the peer also forwards chunks to other peers, and those peers in turnforward chunks to more peers, the polluted content can potentially spread through much of the P2Pnetwork. The contribution of this paper is twofold. First, by way of experimenting and measuring apopular P2P live video streaming system, we demonstrate that the pollution attack can be devastating.Second, we evaluate the applicability of four possible defenses to the pollution attack: blacklisting,traffic encryption, hash verification, and chunk signing. Among these, we conclude that the chunksigning solutions are most suitable.
This paper presents DONet, a data-driven overlay network for live media streaming. The core operations in DONet are very simple: every node periodically exchanges data availability information with a set of partners, and retrieves unavailable data from one or more partners, or supplies available data to partners. We emphasize three salient features of this data-driven design: 1) easy to implement, as it does not have to construct and maintain a complex global structure; 2) efficient, as data forwarding is dynamically determined according to data availability while not restricted by specific directions; and 3) robust and resilient, as the partnerships enable adaptive and quick switching among multi-suppliers. We show through analysis that DONet is scalable with bounded delay. We also address a set of practical challenges for realizing DONet, and propose an efficient member and partnership management algorithm, together with an intelligent scheduling algorithm that achieves real-time and continuous distribution of streaming contents. We have extensively evaluated the performance of DONet over the PlanetLab. Our experiments, involving almost all the active PlanetLab nodes, demonstrate that DONet achieves quite good streaming quality even under formidable network conditions. Moreover, its control overhead and transmission delay are both kept at low levels. An Internet-based DONet implementation, called CoolStreaming v.0.9, was released on May 30, 2004, which has attracted over 30000 distinct users with more than 4000 simultaneously being online at some peak times. We discuss the key issues toward designing CoolStreaming in this paper, and present several interesting observations from these large-scale tests; in particular, the larger the overlay size, the better the streaming quality it can deliver.
In recent years, the demand for multimedia streaming is soaring over the Internet. Due to the lack of a centralized administrative point, Peer-to-Peer (P2P) streaming system is vulnerable to pollution attacks, in which video segments might be altered by any peer before being shared. Among existing proposals, reputation-based defence mechanisms are the most effective and practical solutions. In this paper, we perform a measurement study on the effectiveness of this class of solutions. We implement a framework that allows us to simulate different variations of the reputation rating systems, from the global approach to the decentralized local approach, under different parameter settings and pollution models. In order to ensure the framework and the simulated solution is representative enough, we dissect existing proposals and implement a flexible defence mechanism, in which different components may be enabled and disabled by simply tuning certain parameters. Our results reveal that global knowledge of the content flow in the network does not necessarily improve the performance. It is often susceptible under collaborative attacks. We also find that expelling misbehaving peers is often more useful to prevent attacks than limiting their likelihood to be connected, although this can lead to poor playback quality.
We propose a new fair scheduling technique, called OCGRR (output controlled grant-based round robin), for the support of DiffServ traffic in a core router. We define a stream to be the same-class packets from a given immediate upstream router destined to an output port of the core router. At each output port, streams may be isolated in separate buffers before being scheduled in a frame. The sequence of traffic transmission in a frame starts from higher-priority traffic and goes down to lower-priority traffic. A frame may have a number of small rounds for each class. Each stream within a class can transmit a number of packets in the frame based on its available grant, but only one packet per small round, thus reducing the intertransmission time from the same stream and achieving a smaller jitter and startup latency. The grant can be adjusted in a way to prevent the starvation of lower priority classes. We also verify and demonstrate the good performance of our scheduler by simulation and comparison with other algorithms in terms of queuing delay, jitter, and start-up latency
In this paper, we describe Credence, a decentralized object reputation and ranking system for large-scale peer-to-peer filesharing networks. Credence counteracts pollution in these networks by allowing honest peers to assess the authenticity of online content through secure tabulation and management of endorsements from other peers. Our system enables peers to learn relationships even in the absence of direct observations or interactions through a novel, flow-based trust computation to discover trustworthy peers. We have deployed Credence as an overlay on top of the Gnutella filesharing network, with more than 10,000 downloads of our client software to date. We describe the system design, our experience with its deployment, and results from a long-term study of the trust network built by users. Data from the live deployment shows that Credence's flow-based trust computation enables users to avoid undesirable content. Honest Credence clients can identify three quarters of the decoys encountered when querying the Gnutella network.
Peer-to-Peer (P2P) live video streaming systems are known to suffer from intermediate attacks due to its inherent vulnerabilities. The content pollution is one of the common attacks that have received little attention in P2P live streaming systems. In this paper, we propose a modeling framework of content pollution in P2P live streaming systems. This model considers both unstructured and structured overlays, and captures the key factors including churns, user interactions, multiple attackers and defensive techniques. The models are verified with simulations and implemented in a real working system, Anysee. We analyze content pollution and its effect in live streaming system. We show that: (1) the impact from content pollution can exponentially increase, similar to the random scanning worms, leading to playback interruption and unnecessary bandwidth consumption; (2) content pollution is influenced by peer cooperation, peer degree and bandwidth in unstructured overlays, and topology breadth in structured ones; (3) the structured overlay is more resilient to content pollution; (4) a hybrid overlay result in better reliability and pollution resistance; (5) hash-based chunk signature scheme is most promising against content pollution.
P2P networks provide a highly reliable way of sharing resources. For the peers to behave honestly trust needs to be incorporated. The trust framework should incorporate self-experience and reputation to calculate trustworthiness of a peer, in order to enable assessing the peers based on the services provided by them. Within the trust framework, various strategies for assessing the peers based on the performance shall be analysed which may result in selection of peers for providing certain type of services. This paper proposes Game Tree strategy, Tit for Tat strategy, Self Trust strategy, Dynamic strategy and Auditing strategy for selecting peers for doing job in trust-driven P2P networks.
P2P flle-sharing systems are susceptible to pollution attacks, whereby corrupted copies of content are aggressively introduced into the system. Recent research indicates that pollution is extensive in several flle sharing systems. In this paper we propose an e-cient measurement methodology for identifying the sources of pollution and estimating the levels of polluted content. The methodology can be used to e-ciently blacklist polluters, evaluate the success of a pollution campaign, to reduce wasted bandwidth due to the transmission of polluted content, and to remove the noise from content measurement data. The proposed method- ology is e-cient in that it does not involve the downloading and analy- sis of binary content, which would be expensive in bandwidth and in computation/human resources. The methodology is based on harvesting metadata from the flle sharing system and then processing ofi-line the harvested meta-data. We apply the technique to the FastTrack/Kazaa flle-sharing network. Analyzing the false positives and false negatives, we conclude that the methodology is e-cient and accurate.
In the emerging peer-to-peer (P2P) live streaming, users cooperate with each other to support efficient delivery of video over networks. Pollution attack is an effective attack against P2P live streaming, where attackers upload useless data to their peers, which may cause distrust among users. To resist pollution attacks and stimulate user cooperation in P2P live streaming, this paper proposes a joint pollution detection and attacker identification system, where polluted chunks are detected as early as possible and trust management is used to identify polluters. We analyze its performance and propose different schemes to address the tradeoff between pollution resistance and system overhead. Our simulation results show that the proposed system can effectively resist pollution attacks while minimizing the user's computation overhead.
Pollution attack is known to have a disastrous effect on existing P2P infrastructures: it can reduce the number of legitimate P2P users by as much as 85%, and it generates abundant bogus data which may deplete the communication bandwidth. We propose a distributed defense and detection mechanism to resolve pollution attacks. The mechanism is composed of a set of “randomized” and “fully distributed” algorithms that can be executed by any legitimate peer. We present the analytical framework to quantify (a) the probability of false negative, (b) the probability of false positive, and (c) the distribution of time needed for detection. In our detection algorithm and analysis, we consider the case of (1) single attacker within the neighborhood, (2) multiple attackers within the neighborhood. Furthermore, we show how to “optimize” the system parameters so as to quickly discover and eliminate malicious peers from the system.
Peer-to-peer networks often use incentive policies to encourage cooperation between nodes. Such systems are generally susceptible to collusion by groups of users in order to gain unfair advantages over others. While techniques have been proposed to combat web spam collusion, there are few measurements of real collusion in deployed systems. In this paper, we report analysis and measurement results of user collusion in Maze, a large-scale peer-to-peer file sharing system with a non-net-zero point-based incentive policy. We search for colluding behavior by examining complete user logs, and incrementally refine a set of collusion detectors to identify common collusion patterns.We find collusion patterns similar to those found in web spamming. We evaluate how proposed reputation systems would perform on the Maze system. Our results can help guide the design of more robust incentive schemes.