Download presentation
Presentation is loading. Please wait.
1
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links1 Davis Social Links A Socially Structured P2P System S. Felix Wu University of California, Davis wu@cs.ucdavis.edu http://www.cs.ucdavis.edu/~wu/
2
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links2 P2P Unstructured P2P –Napster, Bittorrent Structured P2P –DHT/Chord
3
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links3 Unstructured P2P
4
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links4 Unstructured P2P Where is this piece of music? What is the location of this content? What is the current IP address of this skype user?
5
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links5 Structured P2P
6
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links6 DHT-based BT Tracker Index key (Content- Dependent) The owner of the identifier matching this hash entry will be the tracker for the corresponding index key! Sharing/Downloading FreeBSD 5.4 CD images PUT & GET
7
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links7 DHT-based P2P Index key Routing from a key to an identifier PUT & GET
8
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links8 DHT vs. DSL DHT –[Contents, Keys, Identifiers] –Conceptually, we have a global hash table! DSL –[Contents, Keys, Relative Identifiers] –Social/trust relationships along the route path
9
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links9 DSL Peers
10
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links10 A Social Link representing a trust relationship in the application layer. Trust Attribute
11
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links11 Requirement for a Social Link They know how to communicate with each other (such as IP or email addresses) in any layer! Trust Attribute
12
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links12 Social Keywords Soccer, BGP, Davis, California, Intrusion Detection,…
13
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links13 Social Keywords Soccer, BGP, Davis, California, Intrusion Detection,… Social keywords represents your interests and the semantic/social interpretation of you. Ownership
14
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links14 Identifier and Key Under DSL, each peer has its own decision or policy regarding what “social keywords” to announce, and it can change the announcement itself any time. There is NO global identifier. Relative Peering relationship only.
15
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links15 DHT The binding among Content, Key, Identifier is “relatively static”. Once the key of the content is known, the route path to the identifier/key owner is determined, assuming the DHT ring is stable. –What does this imply?
16
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links16 Multiple Social Links BGP, Davis, California, Intrusion Detection,… Soccer, Wine, Bike, Davis, California,…
17
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links17 Social Keywords can be Anything Lord_of_the_Ring, Spiderman3, Royal Casino, Troy, … wu@cs.ucdavis.eduwu@cs.ucdavis.edu, sfelixwu@gmail.com,… sfelixwu@gmail.com
18
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links18 Propagation
19
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links19 Aggregation Ownership Similar to Scope-Limited Flooding in Gnutella/Freenet, but more scalable with aggregation.
20
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links20 How to Aggregate? Local rules or dictionaries {s1, s2,…, sn} --- “S”
21
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links21 How to find “content X”? Owner of XOther Peers Remember that under DSL there is no such thing called “global identifier”.
22
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links22 Use the right “keywords for X”! Owner of XOther Peers Query
23
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links23 Example Potential Targets Potential Peers “Davis,CA” “Sacramento,CA” Northern California Greater Sacramento Area Which keywords to use?
24
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links24 Example Potential Targets Potential Peers “Davis,CA” “Sacramento,CA” Northern California Greater Sacramento Area “North California” “Davis, CA”
25
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links25 No Unique Identifier!!! Two peers might announced exactly the same set of keywords!
26
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links26 Example Potential Targets Potential Peers “Davis,CA” Northern California Greater Sacramento Area Who will receive the query?? Query
27
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links27 No Unique Identifier!!! Two peers might announced exactly the same set of keywords! Both of them will receive the query, and this might not be a problem.
28
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links28
29
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links29 No Unique Identifier!!! Two peers might announced exactly the same set of keywords! Both of them will receive the query, and this might not be a problem. Usually, end2end applications can tell which one (or ones) is really wanted.
30
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links30 DSL in a Social Network Owner of XOther Peers Query AppTest
31
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links31 Trackerless BitTorrent Owner of XOther Peers Query AppTest
32
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links32 Tracker Volunteer VolunteerOther Peers Query AppTest Content/Key Tracker
33
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links33
34
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links34 Tracker Volunteers VolunteersOther Peers Query AppTest Content/Key Tracker
35
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links35 DSL-Torrent How to seed your torrent? –Use DSL to search for all the volunteers –You can screen out “unqualified” trackers by not contacting them. (owner controllability) How to contact/select the tracker(s)? –Use the keywords, of course –But, use the right aggregation keywords to reach the trackers closer to the “UCDavis” social circle!
36
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links36
37
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links37 Monitoring Seed Tracker With Trackerless, the inspector might become the tracker itself to record all the IP addresses of the peers –Traceability vs. Privacy How about DSL-Torrent?
38
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links38
39
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links39 DSL vs. Google
40
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links40 “Google” It’s about the “content” –Data-centric networking. Input to the Engine –A set of key words characterizing the target document. Output –A set of documents/links matching the keywords
41
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links41 “DSL” It’s also about the “content” –Application will decide the mechanism to further the communication. Input to the Decentralized Engine –A set of key words characterizing the target document (plus the aggregation keywords). Output –A set of DSL entities with the DSP (Davis Social Path pointer) matching the keywords
42
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links42 DSL Search Engine DSL Social World Receiver or Content Sender or Reader We are not just connecting the IP addresses! We are connecting all the contents that can be interpreted!
43
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links43 Google vs. DSL Google is essentially a “routing” framework between the contents and their potential consumers. Google decides how to extract the “key words” from your (the owner) web page or document.
44
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links44 Google vs. DSL Google is essentially a “routing” framework between the contents and their potential consumers. Google decides how to extract the “key words” from your (the owner) web page or document. A DSL “owner/receiver to be” has the complete control over that. A balance between: –How I would like others to know about me? And, I might want different folks to know me in different ways! –How I can differentiate myself from other Felix Wu?
45
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links45 DSL (Davis Social Links) Principle: –Communication should reflect the (social/trust) relationship between the sender and the receiver, and the receiver should have ways to control that. Design: –Route discovery based on social keywords and their potential aggregation –Separation of identity and routability –Penalty and Reputation framework AB AB F F F
46
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links46 Separation of Routing & Identity Under DSL, we do not have any fix format identity (defined and interpreted by applications).
47
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links47 Internet and IP address Basic datagram service between one IP address and another Routing: exchanging the information regarding the address space and how to reach them. Applications built on top of the services –Skype, Google, Bittorrent, Youtube, IM,…
48
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links48 Separation of Routing & Identity Under DSL, we do not have any fix format identity (defined and interpreted by applications). In route discovery, the “sender to be” within DSL has no idea whether that is the “right” receiver! –Try “Felix Wu” on Google… –And, some applications don’t even care about that. –The “receiver to be” will need to answer an application level challenge within the route discovery process.
49
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links49 Communication Applications: email, skype, bittorrent, warcraft, youtube, www.united.com, imwww.united.com –Why do I need IP address as a user? –Why do I need DNS lookup as a user? –Why do we need global identity? Global connectivity without global identity!
50
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links50 An Identity under DSL “Key words” plus one or more DSL paths –Why will this be sufficient for communication? –Especially, when even the DSL information itself is decentralized? (I.e., in general, no one single DSL router knows the complete DSP.)
51
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links51 Are you two talking to the same Felix Wu? We can have so many simple tests if it is true.
52
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links52 Keyword: wu@cs.ucdavis.edu I sent you an email earlier containing two “secure random numbers”. Here is the first one, and what is the other one?
53
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links53 A Social Link
54
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links54 An extra plane Data, Control, Management planes –Internet Reference model Trust and Social Plane! Traceability –Tracing routers is one thing (probably not very interesting) –Tracing the social relationship is the key to almost everything!
55
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links55 DSL Route Discovery & Trust Management DSL Forwarding Plane
56
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links56 Global Communication Infrastructure Information assurance about the infrastructure itself Supporting securer & more effective communications –Internet infrastructure is somewhat “neutral”. –If we have a common software vulnerability, the Internet guarantees that a robust botnet can be rapidly developed at “network speed.”
57
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links57 Problem? or “Internet is doing exactly what it supposed to do!” spam/spit/spim, worm, spyware, DDoS, virus, phishing, cyberbully… Proposition #1: can the applications (plus firewall/IPS/NAT, maybe PKI) be able to win the battle by themselves? Proposition #2: can the network infrastructure help in a fundamental way?
58
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links58 Issues about Internet Security Mixtures of Good and Bad activities Privacy is not really preserved while we can not trace the attack sources The trust is very ad hoc -- e.g., anybody can claim to be N years old in blog or the most honest seller on eBay Detection is arm-racing, while prevention is not really clear what to prevent
59
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links59 Problem? or “Internet is doing exactly what it supposed to do!” spam/spit/spim, worm, spyware, DDoS, virus, phishing, cyberbully… Proposition #1: can the applications (plus firewall/IPS/NAT, maybe PKI) be able to win the battle by themselves? Proposition #2: can the network infrastructure help in a fundamental way? –I don’t know but I will give it a try…
60
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links60 Contact me! FROM:MR.CHEUNG PUI Hang Seng Bank Ltd Sai Wan Ho Branch 171 Shaukiwan Road Hong Kong. Please contact me on my personal box [puicheungcheungpui@yahoo.com] Let me start by introducing myself. I am Mr. Cheung Pui,director of operations of the Hang Seng Bank Ltd,Sai Wan Ho Branch. I have a obscured business suggestion for you. Before the U.S and Iraqi war our client Major Fadi Basem who was with the Iraqi forces and also business man made a numbered fixed deposit for 18 calendar months, with a value of Twenty Four millions Five Hundred Thousand United State Dollars only in my branch. Upon maturity several notice was sent to him,…
61
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links61 The same message content “M” from Cheung Pui “M” from Cheung Pui via GGCS mailing list “M” from Cheung Pui via Felix Wu
62
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links62 Social Link Identification “M” from Cheung Pui Probably a spam “M” from Cheung Pui via GGCS mailing list Probably not interesting “M” from Cheung Pui via Felix Wu Better be more serious… (at least I hope)
63
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links63 Social Links We have been utilizing the social infrastructure to enhance our communication for a long time! But, can we bring it to the cyber space? –So our trust can be propagated and managed in network speed!
64
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links64 Route Discovery Messages Soccer, BGP, Davis, California, Intrusion Detection, Liechtenstein AND/OR expression Soccer, BGP, Davis, California, Intrusion Detection, Liechtenstein + a few extra { a bag of expected words} Accepted or not?? Receiver
65
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links65 Route Discovery & DSL Table 001002 Potential Receivers Potential Senders incomingoutgoingDSL ID Davis CaliforniaJapan001 JapanNorthern California002 003 Davis CA Northern California
66
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links66 Limited Resources........
67
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links67 M........ Keywords and aggregated keywords “content addressable emails”
68
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links68 Function F(incoming) = outgoing 001002 Potential Receivers Potential Senders incomingoutgoingDSL ID Davis CaliforniaJapan001 JapanNorthern California002 003 Davis CA Northern California Policy driven Maybe itself a service
69
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links69 Forwarding: Source Routing Sender: Data packet SR 003, 001
70
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links70 Forwarding: Source Routing 003 001 Sender: Data packet SR 003, 001
71
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links71 Traceability Any one individually in the Internet won’t know much about who is talking to what. But, if necessary, we can trace back hop by hop using local DSL ID.
72
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links72 Social Connection In route discovery, the receiver might want to know “how are we socially connected?” It is controlled by the sender and the intermediate DSL routers regarding how much information need to expose? –Part of the “application test” –If we are going to expose any information, we need to know why (I.e., the application) –Maybe, we need intermediate DSL router tests as well!
73
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links73 Traceability Support infrastructure, social routers –Forensics available per data packet If one person launches a command to a large number of bots to DDoS/spam some victim, we will be able to identify how this person is “socially connected” to the communication infrastructure. –And, still we will maintain reasonable/strong user privacy.
74
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links74 DSL Route Discovery & Trust Management DSL Forwarding Plane
75
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links75 Parallel/Overlay Communication
76
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links76 Parallel Information Information among applications Meta-information regarding the information! –Social path information information Meta Information
77
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links77 Filtering in “Layer-3” IP header and Transport header Packet payload analysis
78
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links78 Filtering in DSL “Social Path” information Meta Information
79
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links79 Penalization If Alice had forwarded lots of junk mails to Bob, then Bob will lower the priority of the social link between them. Alice will be informed about the downgrade. Alice needs to investigate “which messages” (from which incoming DSLs) were causing the downgrade.
80
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links80 Asking a Question Get on the bus, Information! information DSL query
81
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links81 Query The Social Plane Application DSL Virtualization information DSL query Application DSL Virtualization DSL query
82
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links82 On/Off the Bus A query –“Is this an attack/virus/worm?” A comment –“I am pretty sure that this is an virus, and you need to harden your environment before you let it off the bus.” A trace –“I want to know who will receive this piece of information indirectly.”
83
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links83 P2P Incentives Trade-off between privacy and availability –If you don’t help in revealing the identities of some communication sessions, you might be downgraded. –If you are too easy to give away some identity related information, you might be downgraded as well.
84
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links84 Revisit Connectivity IPv4/v6 or even email address –You have one IP address and you will be able to connect to every other IP address (if you know who they are). –Problem of binding between application-layer identity and network-layer identity –Spam/DDoS
85
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links85 Definition for DSL Connectivity Given a Stable/Converged Aggregate Table –One DSL node will be able to discover at least one DSL route path toward every other node as long as it knows the origin keywords for the destinations. –Connectivity means that we will be able to reach all DSL nodes advertising the same bag of origin keywords. –Aggregation knowledge -- through the asynchronous converging process (toward a system fixed point).
86
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links86 Fairness in Communication Sender Fairness –If you wish to communicate with another DSL entity, as long as you know the origin keywords, you should have “equal” chance to find “a” path to reach the destination. –Social differentiation is still there (for the knowledge of origin keywords), but there should be nobody in the middle can block your communication!
87
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links87 DSL Connectivity It is possible that some DSL entities converge into different ways of aggregation for the same set of origin or aggregate keywords. But, the connectivity definition is still hold. –As long as the sender knows how to get through it!
88
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links88 Comparison IP/email: –Convergence to an absolute consistent state –IP/email addresses are all you need, but the controllability is biased toward the sender DSL: –Convergence to a relative consistent state –No global identity. Every DSL entity defines its own identity based on origin keywords. –Controllability is more balanced with other application challenges.
89
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links89 Message Prioritization Application IDS Control Mechanisms: Link Ranks Reputation Other Trust-Management Metrics
90
UCDavis, ecs251 Spring 2007 05/18/2007Davis Social Links90 DSL is an old idea! We, as human, have been using similar communication principles. Maybe it is a good opportunity to re-think about communication and trust. Application-level security will play a major role, but will the infrastructure be sufficient to support the end2end security efficiently? AB AB F F F
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.