Decentralizing indexing and bootstrapping for online applications

https://doi.org/10.1049/blc2.12001Abstract Peer-to-peer (P2P) networks utilize centralized entities (trackers) to assist peers in finding and exchanging information. Although modern P2P protocols are now trackerless and their function relies on distributed hash tables (DHTs), centralized entities are still needed to build file indices (indexing) and assist users in joining DHT swarms (bootstrapping). Although the functionality of these centralized entities are limited, every peer in the network is expected to trust them to function as expected (e.g. to correctly index new files). In this work, a new approach for designing and building decentralized online applications is proposed by introducing DIBDApp. The approach combines blockchain, smart contracts and BitTorrent for building up a combined technology that permits to create decentralized applications that do not require any assistance from centralized entities. DIBDApp is a software library composed of Ethereum smart contracts and an API to the BitTorrent protocol that fully decentralizes indexing, bootstrapping and file storing. DIBDApp enables any peer to seamlessly connect to the designed smart contracts via the Web3J protocol. Extensive experimentation on the Rinkeby Ethereum testnet shows that applications built using the DIBDApp library can perform the same operations as in traditional back-end architectures with a gas cost of a few USD cents.Peer reviewe

One Bad Apple Spoils the Bunch: Exploiting P2P Applications to Trace and Profile Tor Users

Tor is a popular low-latency anonymity network. However, Tor does not protect against the exploitation of an insecure application to reveal the IP address of, or trace, a TCP stream. In addition, because of the linkability of Tor streams sent together over a single circuit, tracing one stream sent over a circuit traces them all. Surprisingly, it is unknown whether this linkability allows in practice to trace a significant number of streams originating from secure (i.e., proxied) applications. In this paper, we show that linkability allows us to trace 193% of additional streams, including 27% of HTTP streams possibly originating from "secure" browsers. In particular, we traced 9% of Tor streams carried by our instrumented exit nodes. Using BitTorrent as the insecure application, we design two attacks tracing BitTorrent users on Tor. We run these attacks in the wild for 23 days and reveal 10,000 IP addresses of Tor users. Using these IP addresses, we then profile not only the BitTorrent downloads but also the websites visited per country of origin of Tor users. We show that BitTorrent users on Tor are over-represented in some countries as compared to BitTorrent users outside of Tor. By analyzing the type of content downloaded, we then explain the observed behaviors by the higher concentration of pornographic content downloaded at the scale of a country. Finally, we present results suggesting the existence of an underground BitTorrent ecosystem on Tor

KANSA: high interoperability e-KTP decentralised database network using distributed hash table

e-KTP is an Indonesian Identity Card based on Near Field Communicator technology. This technology was embedded in every e-KTP card for every Indonesian citizen. Until this research, e-KTP technology never to be utilized by any stack-holder neither government agencies nor nongovernment organization or company. e-KTP Technology inside the card never been used and go with conventional with manual copy it with photocopy machine or take a photograph with it. This research was proposing an open standard to utilized e-KTP Technology. The open standard will bring e-KTP technology used as is and used broadly in many government agencies or much commercial company. This research was proposing decentralized network model especially for storing e-KTP data without breaking privacy law. Besides providing high specs of the server, a decentralized model can reduce the cost of server infrastructure. The model was proposing using Distributed Hast Table which was used for peer-to-peer networks. The decentralized model promised high availability and the more secure way to save and access the data. The result of this model can be implemented in many network topology or infrastructure also applicable to implement on Small Medium Enterprise Company

Static Web content distribution and request routing in a P2P overlay

The significance of collaboration over the Internet has become a corner-stone of modern computing, as the essence of information processing and content management has shifted to networked and Webbased systems. As a result, the effective and reliable access to networked resources has become a critical commodity in any modern infrastructure. In order to cope with the limitations introduced by the traditional client-server networking model, most of the popular Web-based services have employed separate Content Delivery Networks (CDN) to distribute the server-side resource consumption. Since the Web applications are often latency-critical, the CDNs are additionally being adopted for optimizing the content delivery latencies perceived by the Web clients. Because of the prevalent connection model, the Web content delivery has grown to a notable industry. The rapid growth in the amount of mobile devices further contributes to the amount of resources required from the originating server, as the content is also accessible on the go. While the Web has become one of the most utilized sources of information and digital content, the openness of the Internet is simultaneously being reduced by organizations and governments preventing access to any undesired resources. The access to information may be regulated or altered to suit any political interests or organizational benefits, thus conflicting with the initial design principle of an unrestricted and independent information network. This thesis contributes to the development of more efficient and open Internet by combining a feasibility study and a preliminary design of a peer-to-peer based Web content distribution and request routing mechanism. The suggested design addresses both the challenges related to effectiveness of current client-server networking model and the openness of information distributed over the Internet. Based on the properties of existing peer-to-peer implementations, the suggested overlay design is intended to provide low-latency access to any Web content without sacrificing the end-user privacy. The overlay is additionally designed to increase the cost of censorship by forcing a successful blockade to isolate the censored network from the rest of the Internet

Analysis of bandwidth attacks in a bittorrent swarm

The beginning of the 21st century saw a widely publicized lawsuit against Napster. This was the first Peer-to-Peer software that allowed its users to search for and share digital music with other users. At the height of its popularity, Napster boasted 80 million registered users. This marked the beginning of a Peer-to-Peer paradigm and the end of older methods of distributing cultural possessions. But Napster was not entirely rooted in a Peer-to-Peer paradigm. Only the download of a file was based on Peer-to-Peer interactions; the search process was still based on a central server. It was thus easy to shutdown Napster. Shortly after the shutdown, Bram Cohen developed a new Peer-to-Peer protocol called BitTorrent. The main principle behind BitTorrent is an incentive mechanism, called a choking algorithm, which rewards peers that share. Currently, BitTorrent is one of the most widely used protocols on the Internet. Therefore, it is important to investigate the security of this protocol. While significant progress has been made in understanding the Bit- Torrent choking mechanism, its security vulnerabilities have not yet been thoroughly investigated. This dissertation provides a security analysis of the Peer-to-Peer protocol BitTorrent on the application and transport layer. The dissertation begins with an experimental analysis of bandwidth attacks against different choking algorithms in the BitTorrent seed state. I reveal a simple exploit that allows malicious peers to receive a considerably higher download rate than contributing leechers, thereby causing a significant loss of efficiency for benign peers. I show the damage caused by the proposed attack in two different environments—a lab testbed comprised of 32 peers and a global testbed called PlanetLab with 300 peers. Our results show that three malicious peers can degrade the download rate by up to 414.99 % for all peers. Combined with a Sybil attack with as many attackers as leechers, it is possible to degrade the download rate by more than 1000 %. I propose a novel choking algorithm which is immune against bandwidth attacks and a countermeasure against the revealed attack. This thesis includes a security analysis of the transport layer. To make BitTorrent more Internet Service Provider friendly, BitTorrent Inc. invented the Micro Transport Protocol. It is based on User Datagram Protocol with a novel congestion control called Low Extra Delay Background Transport. This protocol assumes that the receiver always provides correct feedback, otherwise this deteriorates throughput or yields to corrupted data. I show through experimental evaluation, that a misbehaving Micro Transport Protocol receiver which is not interested in data integrity, can increase the bandwidth of the sender by up to five times. This can cause a congestion collapse and steal a large share of a victim’s bandwidth. I present three attacks, which increase bandwidth usage significantly. I have tested these attacks in real world environments and demonstrate their severity both in terms of the number of packets and total traffic generated. I also present a countermeasure for protecting against these attacks and evaluate the performance of this defensive strategy. In the last section, I demonstrate that the BitTorrent protocol family is vulnerable to Distributed Reflective Denial-of-Service attacks. Specifically, I show that an attacker can exploit BitTorrent protocols (Micro Transport Protocol, Distributed Hash Table, Message Stream Encryption and BitTorrent Sync to reflect and amplify traffic from Bit- Torrent peers to any target on the Internet. I validate the efficiency, robustness, and the difficulty of defence of the exposed BitTorrent vulnerabilities in a Peer-to-Peer lab testbed. I further substantiate lab results by crawling more than 2.1 million IP addresses over Mainline Distributed Hash Table and analyzing more than 10,000 BitTorrent handshakes. The experiments suggest that an attacker is able to exploit BitTorrent peers to amplify traffic by a factor of 50, and in the case of BitTorrent Sync 120. Additionally, I observe that the most popular BitTorrent clients are the most vulnerable ones

Filesharing und Abmahnwesen

Die Arbeit beinhaltet eine rechtsdogmatische und rechtstatsächliche Untersuchung des Phänomens Filesharing, mit einem Fokus auf die Haftung des Inhabers eines Internetanschlusses. Nach Erläuterung der für das Verständnis relevanten technischen Vorfragen folgt eine deskriptive Darstellung von Entwicklung und Stand der Rechtslage. Hierauf wird untersucht, wie aus dieser Rechtslage ein Abmahnwesen - ein in dieser Arbeit entwickelter Begriff - entstehen konnte. Im Anschluss an eine rechtspolitische Kritik und rechtsvergleichende Untersuchung wird diese Rechtslage dogmatisch kritisch gewürdigt. Die Arbeit schließt mit einer Darstellung der Entwicklungsmöglichkeiten de lege lata und de lege ferenda

International Conference on Civil Infrastructure and Construction (CIC 2020)

This is the proceedings of the CIC 2020 Conference, which was held under the patronage of His Excellency Sheikh Khalid bin Khalifa bin Abdulaziz Al Thani in Doha, Qatar from 2 to 5 February 2020. The goal of the conference was to provide a platform to discuss next-generation infrastructure and its construction among key players such as researchers, industry professionals and leaders, local government agencies, clients, construction contractors and policymakers. The conference gathered industry and academia to disseminate their research and field experiences in multiple areas of civil engineering. It was also a unique opportunity for companies and organizations to show the most recent advances in the field of civil infrastructure and construction. The conference covered a wide range of timely topics that address the needs of the construction industry all over the world and particularly in Qatar. All papers were peer reviewed by experts in their field and edited for publication. The conference accepted a total number of 127 papers submitted by authors from five different continents under the following four themes: Theme 1: Construction Management and Process Theme 2: Materials and Transportation Engineering Theme 3: Geotechnical, Environmental, and Geo-environmental Engineering Theme 4: Sustainability, Renovation, and Monitoring of Civil InfrastructureThe list of the Sponsors are listed at page 1

Progenitor cells in auricular cartilage demonstrate promising cartilage regenerative potential in 3D hydrogel culture

The reconstruction of auricular deformities is a very challenging surgical procedure that could benefit from a tissue engineering approach. Nevertheless, a major obstacle is presented by the acquisition of sufficient amounts of autologous cells to create a cartilage construct the size of the human ear. Extensively expanded chondrocytes are unable to retain their phenotype, while bone marrow-derived mesenchymal stromal cells (MSC) show endochondral terminal differentiation by formation of a calcified matrix. The identification of tissue-specific progenitor cells in auricular cartilage, which can be expanded to high numbers without loss of cartilage phenotype, has great prospects for cartilage regeneration of larger constructs. This study investigates the largely unexplored potential of auricular progenitor cells for cartilage tissue engineering in 3D hydrogels