Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments

Decentralized systems are a subset of distributed systems where multiple authorities control different components and no authority is fully trusted by all. This implies that any component in a decentralized system is potentially adversarial. We revise fifteen years of research on decentralization and privacy, and provide an overview of key systems, as well as key insights for designers of future systems. We show that decentralized designs can enhance privacy, integrity, and availability but also require careful trade-offs in terms of system complexity, properties provided, and degree of decentralization. These trade-offs need to be understood and navigated by designers. We argue that a combination of insights from cryptography, distributed systems, and mechanism design, aligned with the development of adequate incentives, are necessary to build scalable and successful privacy-preserving decentralized systems

The evolution of P2P networks for file exchange: the interaction between social controversy and technical change

Since the irruption of Napster in 1999, Peer-to-Peer computer networks for file exchange have been at the heart of a heated debate that has eventually evolved into a wide social controversy across the world, involving legal, economical, and even political issues. This essay analyzes the effects of this controversy on the technical innovations that have shaped the evolution of those systems. It argues that the usual image of a single two-sided conflict does not account for most of the technical changes involved. P2P entrepreneurs and creators show a wide range of motivations and business strategies -if any- and users are not a monolithic group with a common set of goals and values. As a result, the actual historical evolution of those networks does not follow a simple linear path but a more complex and multidirectional development

JXTA security in basic peer operations

Open Access Documen

Comparative Analysis of P2P Architectures for Energy Trading and Sharing

Rising awareness and emergence of smart technologies have inspired new thinking in energy system management. Whilst integration of distributed energy resources in micro-grids (MGs) has become the technique of choice for consumers to generate their energy, it also provides a unique opportunity to explore energy trading and sharing amongst them. This paper investigates peer-to-peer (P2P) communication architectures for prosumers’ energy trading and sharing. The performances of common P2P protocols are evaluated under the stringent communication requirements of energy networks defined in IEEE 1547.3-2007. Simulation results show that the structured P2P protocol exhibits a reliability of 99.997% in peer discovery and message delivery whilst the unstructured P2P protocol yields 98%, both of which are consistent with the requirements of MG applications. These two architectures exhibit high scalability with a latency of 0.5 s at a relatively low bandwidth consumption, thus, showing promising potential in their adoption for prosumer to prosumer communication

Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences

In this survey, we first briefly review the current state of cyber attacks, highlighting significant recent changes in how and why such attacks are performed. We then investigate the mechanics of malware command and control (C2) establishment: we provide a comprehensive review of the techniques used by attackers to set up such a channel and to hide its presence from the attacked parties and the security tools they use. We then switch to the defensive side of the problem, and review approaches that have been proposed for the detection and disruption of C2 channels. We also map such techniques to widely-adopted security controls, emphasizing gaps or limitations (and success stories) in current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages. Listing abstract compressed from version appearing in repor