Paul Solomine Security of P2P Systems. P2P Systems Used to download copyrighted files illegally. The RIAA is watching you… Spyware! General users become.

Slides:



Advertisements
Similar presentations
ARP Cache Poisoning How the outdated Address Resolution Protocol can be easily abused to carry out a Man In The Middle attack across an entire network.
Advertisements

Code-Red : a case study on the spread and victims of an Internet worm David Moore, Colleen Shannon, Jeffery Brown Jonghyun Kim.
The BitTorrent Protocol. What is BitTorrent?  Efficient content distribution system using file swarming. Does not perform all the functions of a typical.
Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.
Denial-of-Service Resilience in Peer-to-Peer Systems D. Dumitriu, E. Knightly, A. Kuzmanovic, I. Stoica and W. Zwaenepoel Presenter: Yan Gao.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
CompSci 356: Computer Network Architectures Lecture 21: Content Distribution Chapter 9.4 Xiaowei Yang
Peer to Peer (P2P) Networks and File sharing. By: Ryan Farrell.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Peer-to-Peer Networks João Guerreiro Truong Cong Thanh Department of Information Technology Uppsala University.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
1 Denial-of-Service Resilience in P2P File Sharing Systems Dan Dumitriu (EPFL) Ed Knightly (Rice) Aleksandar Kuzmanovic (Northwestern) Ion Stoica (Berkeley)
P2P Network is good or bad? Sang-Hyun Park. P2P Network is good or bad? - Definition of P2P - History of P2P - Economic Impact - Benefits of P2P - Legal.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Peer-to-Peer (or P2P) From user to user. Peer-to-peer implies that either side can initiate a session and has equal responsibility. Corey Chan Andrew Merfeld.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
P2P NETWORKS Legal Risks. Who’s On First Identity crisis Each computer can be client Each computer can be server “Servent”
Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.
Client-Server vs P2P or, HTTP vs Bittorrent. Client-Server Architecture SERVER client.
Freenet. Anonymity  Napster, Gnutella, Kazaa do not provide anonymity  Users know who they are downloading from  Others know who sent a query  Freenet.
Introduction Widespread unstructured P2P network
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel
Trusted Computing, Peer-To-Peer Distribution, and the Economics of Pirated Entertainment Peter Scott Based on paper by S. E. Schechter, R. A. Greenstadt,
BitTorrent Presentation by: NANO Surmi Chatterjee Nagakalyani Padakanti Sajitha Iqbal Reetu Sinha Fatemeh Marashi.
Peer to Peer Network Anas Hardan. What is a Network? What is a Network? A network is a group of computers and other devices (such as printers) that are.
BitTorrent Internet Technologies and Applications.

BitTorrent How it applies to networking. What is BitTorrent P2P file sharing protocol Allows users to distribute large amounts of data without placing.
1 Telematica di Base Applicazioni P2P. 2 The Peer-to-Peer System Architecture  peer-to-peer is a network architecture where computer resources and services.
Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.
Peer-to-Peer Networking. Presentation Introduction Characteristics and Challenges of Peer-to-Peer Peer-to-Peer Applications Classification of Peer-to-Peer.
P2P Web Standard IS3734/19/10 Michael Radzin. What is P2P? Peer to Peer Networking (P2P) is a “direct communications initiations session.” Modern uses.
Peer to Peer Research survey TingYang Chang. Intro. Of P2P Computers of the system was known as peers which sharing data files with each other. Build.
Peer-to-Peer Networks University of Jordan. Server/Client Model What?
Vulnerabilities in peer to peer communications Web Security Sravan Kunnuri.
Bit Torrent A good or a bad?. Common methods of transferring files in the internet: Client-Server Model Peer-to-Peer Network.
CRIME - A crime is a wrongdoing classified by the state or Congress as a felony or misdemeanor. A crime is an offence against a public law. This word,
BitTorrent Nathan Marz Raylene Yung. BitTorrent BitTorrent consists of two protocols – Tracker HTTP protocol (THP) How an agent joins a swarm How an agent.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
1 Distributed Hash Tables (DHTs) Lars Jørgen Lillehovde Jo Grimstad Bang Distributed Hash Tables (DHTs)
Peer to Peer Networks November 28, 2007 Jenni Aaker David Mize.
Othman Othman M.M., Koji Okamura Kyushu University 1.
Peer-to-Peer Network Tzu-Wei Kuo. Outline What is Peer-to-Peer(P2P)? P2P Architecture Applications Advantages and Weaknesses Security Controversy.
1 Peer-to-Peer Technologies Seminar by: Kunal Goswami (05IT6006) School of Information Technology Guided by: Prof. C.R.Mandal, School of Information Technology.
Information Security in Distributed Systems Distributed Systems1.
6° of Darkness or Using Webs of Trust to Solve the Problem of Global Indexes.
ADVANCED COMPUTER NETWORKS Peer-Peer (P2P) Networks 1.
P2PSIP Security Analysis and evaluation draft-song-p2psip-security-eval-00 Song Yongchao Ben Y. Zhao
A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks E. Damiani S. De Capitani di Vimercati S. Paraboschi P. Samarati F.
Computer Security By Duncan Hall.
Bit Torrent Nirav A. Vasa. Topics What is BitTorrent? Related Terms How BitTorrent works Steps involved in the working Advantages and Disadvantages.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
INTERNET TECHNOLOGIES Week 10 Peer to Peer Paradigm 1.
NETWORK SECURITY Definitions and Preventions Toby Wilson.
Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.
Distributed Systems Ryan Chris Van Kevin. Kinds of Systems Distributed Operating System –Offers Transparent View of Network –Controls multiprocessors.
Information Systems Design and Development Security Risks Computing Science.
Forms of Network Attacks Gabriel Owens COSC 352 February 24, 2011.
Information Systems Design and Development Security Precautions Computing Science.
DIVYA K 1RN09IS016 RNSIT1. Cloud computing provides a framework for supporting end users easily through internet. One of the security issues is how to.
By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.
Comparison of Network Attacks COSC 356 Kyler Rhoades.
Network security Vlasov Illia
An example of peer-to-peer application
Computer Security Firewalls November 19, 2018 ©2004, Bryan J. Higgs.
Presentation transcript:

Paul Solomine Security of P2P Systems

P2P Systems Used to download copyrighted files illegally. The RIAA is watching you… Spyware! General users become foolish! Privacy/Law Various Attacks!

P2P Networks – How They Work While there are many ways to classify the various applications and P2P networks uses, the general idea of P2P systems is split into two kinds of networks based on their degree of centralization: pure peer-to-peer and hybrid peer-to-peer systems.

Pure P2P – Gnutella Network. There is no central database or server that knows the locations of files on the Gnutella network. Machines on the network communicate with one another to locate certain files using a distributed query approach. This basically means that your computer knows of at least one other IP address connected to the Gnutella network. If the requested file is not on a machine you submit a search query to, that machine will send out the same search query to other machines it’s connected to, repeating the process to at least seven levels depending on the request’s time to live. This makes searching thousands of machine happen at fairly quick speeds.

Pure P2P

Hybrid P2P Hybrid P2P networks usually contain some kind of a server or database that keeps all information on the peers accessing the network and responds to all requests. This means that the network is usually centralized. Peers host the available resources, and let the server know what resources are available to be shared. An original piece of software to use this kind of network was the older Napster, which used a database of information to control its file sharing.

Hybrid P2P

BitTorrent BitTorrent technology is a relatively new kind of P2P system. This P2P application uses a tracker file (which directs your computer to a server that organizes the various pieces of the file being uploaded and download) to organize tit-for-tat downloading. A tit-for-tat system means the more of the file you upload, the more you can download. Computers that are uploading the completed file are known as seeders, and computers that are uploading and downloading various trade pieces are known as leechers ; together this is called the file swarm.

BitTorrent

Privacy & Law

Privacy – BitTorrent Example.

The Law - Limewire VS. and

Spyware…KaZaa

General Attacks used against P2P Systems & Prevention/Defense Denial of Service Man in the middle Worms

Denial of Service Attack Denial of service attacks are a lower level attack that are used against P2P systems. Lower level attacks focus on the communication aspect (TCP/IP) of P2P systems. Generally, a DoS attack is an attempt to make a computer resource unavailable to those who intend to use it. The most common form of DoS attack is flood of packets that are invalid. This prevents valid queries for files, or in BitTorrent’s case, queries for parts of file; from being delivered. This forces all communications to stop in any routes being affected. DoS and DDoS attacks are most likely to occur in large networks such as Gnutella.

Denial of Service

Denial of Service Defense / “Pricing” Detection is the primary solution of DoS attacks, but the problem of monitoring a P2P application the entire time it’s being used is not common practice unless it’s being done by protection programs such as Avast Anti-Virus’s P2P shield. A direct solution known as “ pricing ” can be implemented to limit the speed of requests a node makes in a network. Some P2P clients such as KaZaa create supernodes to prevent DoS attacks.

“Pricing”

Man-in-the-Middle Attack The other common lower level attack used against P2P systems is a man-in-the-middle attack (MITM). A MITM is a form of attack used against cryptography in various forms of network applications. It is general identified as an when an attacker is able to read, insert, or modify messages between two parties. An attacker usually gains control by placing himself between two nodes in communication.

Man-in-the-Middle Attack

Man-in-the-Middle Defense The most used form of prevention of a MITM is the use of digital signatures. These signatures are based on public key cryptography allowing the verification of communication between two nodes sending queries to one another. Public key cryptography also prevents an attacker from being able to read queries being sent.

Worms Worms can affect either the communication or application level of a P2P system, classifying this attack method as a mid-level attack. Worms use various P2P networks to send copies of itself to other nodes usually harming the network by consuming bandwidth. A Worm can become a high threat to a P2P system because a high amount of users could be using the same client to connect a certain P2P network, allowing the worm to easily spread through nodes due to software vulnerabilities in the specific software.

Worms

Worms: Defense The only way a P2P network can defend itself against worms is to keep various P2P clients using the network secure. The client should be written in methods to avoid common flaws such as buffer overflows. Avoiding use of hybrid networks decreases risks of P2P worms, due to super nodes allowing faster spreading of infection.

Specific Attacks used against P2P Systems Rational Attack Sybil Attack Eclipse Attack

Rational Attack Rational attacks are basically part of the human factor of using a P2P system. A rational attack is when a user is not cooperating with how the P2P system works to other user’s advantages. Many users will cancel the uploading of files, or not share any files at all.

Rational Attack Defense The only way to defend against rational attacks is by setting some kind of standard for how the P2P system is used. The only P2P system that can enforce this kind of rule is BitTorrent. Some private BitTorrent trackers record the amount of data that is uploaded and downloaded, and when an equal ratio of seeding and leeching is not demonstrated, the user usually ends up getting banned.

Sybil Attack Sybil attacks are used to create fake identities on various P2P networks either to gain a better reputation to increase download capabilities, or to eventually take control of the entire network. An attacker usually joins a network as many different nodes in an ID space. An attacker can control all queries in the network once he has enough nodes in the same segment. This is a form of a gateway attack that could possibly lead to an eclipse attack.

Sybil Attack

Sybil Attack Defense It is impossible to completely erase the threat of a sybil attack against a P2P system. The only effective method of defense would be to slow the rate of how fast an attacker can generate enough nodes, similar to how one would defend against a DoS attack. P2P networks would have to apply some sort of node ID expiration to the network.

Eclipse Attack A large scale MITM attack known as an eclipse is possible by separating a network into two partitions. When this is done, all communication must be forwarded through some form of malicious code. This could successfully take an entire P2P network down, taking control of all node communication.

Eclipse Attack

Eclipse Attack Defense Defending against an eclipse would be done in a similar method to that of defending a P2P network against a MITM. Digital signatures and public key cryptography would be implemented to defend against fake communication over the network. Protection against a malicious user placing new nodes in an ID space must also be implemented into defense because sybil attacks allow the execution of an eclipse attack.

Conclusion Use a PURE P2P network! Problems to be addressed: Prevent the node from choosing its node ID Limit the rate at which nodes may join the network, and send requests (perhaps with pricing) Use public key cryptography and digital signatures to eliminate message tampering, fake messages, and unauthorized reading. Use and develop open standards, in order to diversify the software used in the network

THANK YOU! (The fat lady is singing…it’s over.)

References Attack Pics & 4 Rules: Marling Engle & Javed I. Khan P2P System Pics: How Stuff Works. Other References for information on Final Paper.