5,147 research outputs found
Evaluating a peer-to-peer storage system in presence of malicious peers
International audienceWe present a peer-to-peer based storage system and evaluate its resistance in the presence of malicious peers. To do so, we resort to simulation of the actual code borrowed from the production system. Our analysis allows to identify the main threats, prioritise them and propose directions for mitigating the attacks
The Reputation, Opinion, Credibility and Quality (ROCQ) Scheme
An implicit assumption of trust in the participants is at the basis of most Peer-to-Peer (P2P) networks. However, in practice, not all participants are benign or cooperative. Identifying such peers is critical to the smooth and effective functioning of a P2P network. In this paper, we present the ROCQ mechanism, a reputation-based trust management system that computes the trustworthiness of peers on the basis of transaction-based feedback. The ROCQ model combines four parameters: Reputation (R) or a peer's global trust rating, Opinion (O) formed by a peer's first-hand interactions, Credibility (C) of a reporting peer and Quality (Q) or the confidence a reporting peer puts on the judgement it provides. We then present a distributed implementation of our scheme over FreePastry, a structured P2P network. Experimental results considering different models for malicious behavior indicate the contexts in which the ROCQ scheme performs better than existing schemes
Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments
Decentralized systems are a subset of distributed systems where multiple
authorities control different components and no authority is fully trusted by
all. This implies that any component in a decentralized system is potentially
adversarial. We revise fifteen years of research on decentralization and
privacy, and provide an overview of key systems, as well as key insights for
designers of future systems. We show that decentralized designs can enhance
privacy, integrity, and availability but also require careful trade-offs in
terms of system complexity, properties provided, and degree of
decentralization. These trade-offs need to be understood and navigated by
designers. We argue that a combination of insights from cryptography,
distributed systems, and mechanism design, aligned with the development of
adequate incentives, are necessary to build scalable and successful
privacy-preserving decentralized systems
Detection and mitigation of the eclipse attack in chord overlays
Distributed hash table-based overlays are widely used to support efficient information
routing and storage in structured peer-to-peer networks, but they are also subject to numerous
attacks aimed at disrupting their correct functioning. In this paper, we analyse the impact of the
eclipse attack on a chord-based overlay in terms of number of key lookups intercepted by a
collusion of malicious nodes. We propose a detection algorithm for the individuation of ongoing
attacks to the chord overlay, relying on features that can be independently estimated by each
network peer, which are given as input to a C4.5-based binary classifier. Moreover, we propose
some modifications to the chord routing protocol in order to mitigate the effects of such attacks.
The countermeasures introduce a limited traffic overhead and can operate either in a distributed
fashion or assuming the presence of a centralised trusted entity. Numerical results show the
effectiveness of the proposed mitigation techniques
- …