BY: REBECCA NAVARRE & MICHAEL BAKER II Persea: Making Networks More Secure Since Early 2013
Biography Rebecca Navarre Wesleyan College Applied Mathematical Sciences Michael Baker II Tarrant County College Mechanical Engineering
Background Peer-to-Peer Networks Distributed Hash Tables (DHTs) Kad
Peer-to-Peer Networks Purpose: file & resource sharing network Nodes capable of acting like client and server Accessible to peers directly( for pure, no central/intermediary entity) Workload is partitioned between peers. There is no central point of failure. Examples: Napster(centralized), Freenet(Gnutella protocol), Gnutella2 and Kazaa (hybrid)
Peer-to-Peer cont. Hybrid vs. Pure For Hybrid: Allows for a central entity to provide network services or act as a security check. For Pure All nodes are equal. When one node is removed, the network continues without suffering a loss.
Distributed Hash Table Purpose: System of Efficient Resource Discovery Messages come into DHTs, retrieved by matching keys Based on pairs. If change occurs, minimal disruption Allows for large scale data recovery KEYVALUE
Kad Purpose: offers consistent search/find protocol Figure 1
Kad Continued Nodes know about neighbors K-buckets offer resistance to DOS attacks Can’t flood out nodes with LIFO Lookup Source selects α # of closest nodes from its k-bucket Source sends look up request to each α node selected Each α node returns β # of nodes from searching k- buckets Source then has α into β # of nodes in list From this, source selects selects α # of closest nodes from its k-bucket Process continues until it reaches target node
Persea Security Initial Security Social Network & DHT Invitation Only Kad Message entry DHT Social Network New Node N
Hierarchical Node ID Distribution Security Bootstrap/Initiator Nodes ABC D a1 a2 q1 p2p1 d2d Chunk factor:.65 Chunk Factor Calculation 64^(.65) = floor(14.929) = 14
Persea Look Up Effeciency Replication Node holding pair k=3, stored in k-closest nodes KAD PERSEA
What Persea Is Up Against? Sybil Attack Advanced Attack Node Insertion Node ID Hijacking
The Roles of the Attackers Silent Active
Topologies SOCIAL NETWORKNODESEDGES Wiki-Vote Soc-Epinions
Silent vs. Active Sybil Attack Social Network Data Set used: soc-Epinions1
Hop Count: Active Sybil Attack
Active Sybil Attack(wiki-Vote) Social Network Data Set used: wiki-Vote
Advanced & Sybil Attack
Nodes per Attack Edge Social Network Data Set used: soc-Epinions1
Active Sybil Attack (wiki-Vote) Social Network Data Set used: wiki-Vote
Hop Count: Advanced & Sybil Attack Social Network Data Set used: soc-Epinions1
Acknowledgements Dr. Matthew Wright Ph. D. Students: Mahdi Nasrullah Al-Ameen & Charles Gatz Dr. Yazdani University of Texas at Arlington National Science Foundation
Questions? Thank you for your time.