1 The Pollution Attack in P2P Live Video Streaming: Measurement Results and Defenses Prithula Dhungel Xiaojun Hei Keith W. Ross Nitesh Saxena Polytechnic.

Slides:

Advertisements

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Advertisements

1 Security for Ad Hoc Network Routing. 2 Ad Hoc Networks Properties Mobile Wireless communication Medium to high bandwidth High variability of connection.

ISA 662 IKE Key management for IPSEC Prof. Ravi Sandhu.

1 Chapter 40 - Physiology and Pathophysiology of Diuretic Action Copyright © 2013 Elsevier Inc. All rights reserved.

REQ Drop from Demand Response Programs Process Flow Retail Customer Demand Response Service Provider (DRSP) Distribution Company 1 Drop Request.

Efficient Secure Aggregation in VANETs Maxim Raya, Adel Aziz, and Jean-Pierre Hubaux Laboratory for computer Communications and Applications (LCA) EPFL.

Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.

Layered Video for Incentives in P2P Live Streaming

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, Tom Kinneging.

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.

MULTIPLYING MONOMIALS TIMES POLYNOMIALS (DISTRIBUTIVE PROPERTY)

ADDING INTEGERS 1. POS. + POS. = POS. 2. NEG. + NEG. = NEG. 3. POS. + NEG. OR NEG. + POS. SUBTRACT TAKE SIGN OF BIGGER ABSOLUTE VALUE.

SUBTRACTING INTEGERS 1. CHANGE THE SUBTRACTION SIGN TO ADDITION

MULT. INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.

Teacher Name Class / Subject Date A:B: Write an answer here #1 Write your question Here C:D: Write an answer here.

Cryptography encryption authentication digital signatures

Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.

Public Key Cryptosystem

Giuseppe Bianchi Lecture 6.1: Extras: Merkle Trees.

Toward Practical Public Key Anti- Counterfeiting for Low-Cost EPC Tags Alex Arbit, Avishai Wool, Yossi Oren, IEEE RFID April

Performance Analysis of Peer-to-Peer File Transfer Network Sayantan Mitra Vibhor Goyal 1.

RIPPLE Authentication for Network Coding Yaping Li, The Chinese University of Hong Kong Hongyi Yao, Tsinghua University Minghua Chen, The Chinese University.

Match On Card Technology and its use for PKI Mgr. Miroslav Valeš Sales Manager Eastern Europe May 9, 2001 CATE 2001 Security and Protection.

O X Click on Number next to person for a question.

© S Haughton more than 3?

IP Multicast Information management 2 Groep T Leuven – Information department 2/14 Agenda •Why IP Multicast ? •Multicast fundamentals •Intradomain.

Luca Maria Aiello, Università degli Studi di Torino, Computer Science department 1 Tempering Kademlia with a robust identity based system.

1 Directed Depth First Search Adjacency Lists A: F G B: A H C: A D D: C F E: C D G F: E: G: : H: B: I: H: F A B C G D E H I.

Graphing Ax + By = C Topic

Lets play bingo!!. Calculate: MEAN Calculate: MEDIAN

Past Tense Probe. Past Tense Probe Past Tense Probe – Practice 1.

This, that, these, those Number your paper from 1-10.

WHICH PORT TEST INTEGRATED TECHNOLOGY. 1: WHICH PORT IS THIS?

Addition 1’s to 20.

25 seconds left…...

Test B, 100 Subtraction Facts

11 = This is the fact family. You say: 8+3=11 and 3+8=11

Rennes, 24/10/2014 Cristina Onete CIDRE/ INRIA Privacy in signatures. Hiding in rings, hiding in groups.

1 Ke – Kitchen Elements Newport Ave. – Lot 13 Bethesda, MD.

L8. Reviews Rocky K. C. Chang, May Foci of this course 2 Rocky K. C. Chang  Understand the 3 fundamental cryptographic functions and how they are.

O X Click on Number next to person for a question.

Off-the-Record Communication, or, Why Not To Use PGP

Advanced Security Constructions and Key Management Class 16.

Having Fun with P2P Keith W. Ross Polytechnic University

Mohamed Hefeeda 1 School of Computing Science Simon Fraser University, Canada Analysis of Multimedia Authentication Schemes Mohamed Hefeeda (Joint work.

Research Trends in MANETs at CIIT, Islamabad Mohammad Mahboob Yasin, PhD COMSATS Institute of Information Technology.

INSENS: Intrusion-Tolerant Routing For Wireless Sensor Networks By: Jing Deng, Richard Han, Shivakant Mishra Presented by: Daryl Lonnon.

KIANOOSH MOKHTARIAN SCHOOL OF COMPUTING SCIENCE SIMON FRASER UNIVERSITY 3/24/2008 Secure Multimedia Streaming.

DSAC (Digital Signature Aggregation and Chaining) Digital Signature Aggregation & Chaining An approach to ensure integrity of outsourced databases.

SPINS: Security Protocols for Sensor Networks Adrian Perrig Robert Szewczyk Victor Wen David Culler Doug TygarUC Berkeley.

DSAC (Digital Signature Aggregation and Chaining) Digital Signature Aggregation & Chaining An approach to ensure integrity of outsourced databases.

A Lightweight Hop-by-Hop Authentication Protocol For Ad- Hoc Networks Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date:2005/01/20.

MIS: Malicious Nodes Identification Scheme Network-Coding-Based Peer-to-Peer Streaming Qiyan Wang, Long Vu, Klara Nahrstedt, Himanshu Khurana Department.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Organization  Introduction to Network Coding  Practical Network Coding  Secure Network Coding  Structured File Sharing  Conclusion.

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

Chien-Ming Chen, Yue-Hsun Lin, Ya-Ching Lin, and Hung-Min Sun IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 23, NO. 4, APRIL 2012 Citation:42.

Shambhu Upadhyaya 1 Ad Hoc Networks – Network Access Control Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 20)

Security for Broadcast Network

Whatsapp Security Ahmad Hijazi Systèmes de Télécommunications & Réseaux Informatiques (STRI) 20 April 2016.

SPINS: Security Protocols for Sensor Networks

SPINS: Security Protocols for Sensor Networks

Presentation transcript:

1 The Pollution Attack in P2P Live Video Streaming: Measurement Results and Defenses Prithula Dhungel Xiaojun Hei Keith W. Ross Nitesh Saxena Polytechnic University

2 The Pollution Attack Attacker joins an ongoing video channel Attacker advertises it has a large number of chunks W hen neighbors request chunks, attacker sends bogus chunks Receiver plays back bogus chunks Each receiver may further forward the polluted chunks

3 Peer Polluter request

4 Contributions Identified the pollution attack in P2P live video streaming applications Verify via experimental results (in PPLive) that pollution attack can be devastating Survey possible defenses against the attack

5 Pollution Experiment Figure: PPLive pollution experiment setup

6 Measurement Results (1) Figure: Number of peers viewing channel over experiment periods

7 Brooklyn Peer Figure: Clean and polluted chunks to/from Brooklyn peer

8 Hong Kong Peer Figure: Clean and polluted chunks to/from Hong Kong peer

9 Pollution Defense Mechanisms Blacklisting Traffic Encryption Chunk Signing –Sign-All Approach –Signature-Amortization Approaches Star Chaining Merkle Tree –Sign-and-Correct Approach

10 Chunk Signing Use PKI Every video source has public-private key pair Source uses private key to sign the chunks Receiver uses public key of source to verify integrity of chunk

11 Sign-All (1) Source –Source signs each chunk –Sends signature (authentication information) with corresponding chunk Receiver –Verifies each chunk individually using authentication information and public key of source

12 Sign-All (2) Chunk processing independence Bandwidth overhead -For a stream of m chunks, m signatures For 372 kbps channel with chunk size of 4000 bytes, around 3% Computation overhead - 1 (expensive) signature operation per chunk

13 Block Signing Chunks organized into blocks –Each block contains n chunks After generating n chunks, hash concatenation of all hashes, and sign result Reduces computation But cant verify individual chunks

14 Star Chaining Chunks organized into blocks –Each block contains n chunks After generating n chunks, calculate authentication information for each chunk –Signed hash of concatenation of all chunk hashes –Along with, all hashes of other n-1 chunks Receiver, chunk by chunk: –Applies public key to get hash of hashes –Verifies by concatenating hash of current chunk with those of the n-1 chunks, and taking hash

15 Star Chaining Computation overhead –> 1 signature per block Loss –> If some chunks are lost in block, can still decode rest Bandwidth overhead -> for block of n chunks, n-1 hashes + n signatures For channel of bitrate 372 kbps and chunk size of 4000 bytes, n = 32, about 16%

16 Merkle Tree Computation overhead –> 1 signature per block Loss –> If some chunks are lost in block, can still decode rest Bandwidth overhead -> nlog 2 n hashes + n signatures (about 5%)

17 Conclusion The pollution attack can be devastating Defenses: –Signature Amortization (Merkle Tree) – less computational overhead and delay at receiver but more bandwidth overhead –Sign-and-Correct – less bandwidth requirement but higher processing delay and computational requirement Based on requirements of the application, either of the two could be used

18 References [1] C. K.Wong and S. S. Lam. Digital signatures for flows and multicasts. IEEE/ACM Trans. Netw., [2] A. Lysyanskaya, R. Tamassia, and N. Triandopoulos. Multicast authentication in fully adversarial networks. In IEEE Symposium on Security and Privacy, 2004.

Thank You!