Effects of Knowledge Base Quality on Peer-to-peer Information Propagation

Peer reviewedPublisher PD

Evidence Collection for Forensic Investigation in Peer to Peer Systems

Abstract Peer to Peer(P2P) file sharing networks are amongst the best free sources of information on the internet. Voluntary participation and lack of control makes them a very attractive option to share data anonymously. However a small group of people take advantage of the freedom provided by these networks and share content that is prohibited by law. Apart from copyrighted content, there are cases where people share les related to Child Pornography which is a criminal offense. Law enforcement attempts to track down these offenders by obtaining a court order for search and seizure of computers at a suspect location. These seized computers are forensically examined using storage and memory-forensics tools. However before the search warrant is issued strong evidence must be presented to provide a reason for suspiscion. Deficient investigation in the intial stages might lead to mis-identification of the source and steer the investigation in a wrong direction. Initial evidence collection on peer to peer le sharing networks is a challenge due to the lack of a central point of control and highly dynamic nature of the networks. The goal of this work is to create a working prototype of an initial evidence collection tool for forensics in P2P networks. The prototype is based on the idea that P2P networks could be monitored by introducing modified peer nodes onto the network for a certain time period and recording relevant information about nodes that possess criminally offensive content. Logging information sent by a suspicious node along with timestamps and unique identication information would provide a strong, verfiiable initial evidence. This work presents one such working prototype in alignment with the goals stated above

Wireless mobile ad-hoc sensor networks for very large scale cattle monitoring

This paper investigates the use of wireless mobile ad hoc sensor networks in the nationwide cattle monitoring systems. This problem is essential for monitoring general animal health and detecting outbreaks of animal diseases that can be a serious threat for the national cattle industry and human health. We begin by describing a number of related approaches for supporting animal monitoring applications and identify a comprehensive set of requirements that guides our approach. We then propose a novel infrastructure-less, self -organized peer to peer architecture that fulfills these requirements. The core of our work is the novel data storage and routing protocol for large scale, highly mobile ad hoc sensor networks that is based on the Distributed Hash Table (DHT) substrate that we optimize for disconnections. We show over a range of extensive simulations that by exploiting nodes’ mobility, packet overhearing and proactive caching we significantly improve availability of sensor data in these extreme conditions

Data Management in the APPA System

International audienceCombining Grid and P2P technologies can be exploited to provide high-level data sharing in large-scale distributed environments. However, this combination must deal with two hard problems: the scale of the network and the dynamic behavior of the nodes. In this paper, we present our solution in APPA (Atlas Peer-to-Peer Architecture), a data management system with high-level services for building large-scale distributed applications. We focus on data availability and data discovery which are two main requirements for implementing large-scale Grids. We have validated APPA's services through a combination of experimentation over Grid5000, which is a very large Grid experimental platform, and simulation using SimJava. The results show very good performance in terms of communication cost and response time

Wireless mobile ad-hoc sensor networks for very large scale cattle monitoring

This paper investigates the use of wireless mobile ad hoc sensor networks in the nationwide cattle monitoring systems. This problem is essential for monitoring general animal health and detecting outbreaks of animal diseases that can be a serious threat for the national cattle industry and human health. We begin by describing a number of related approaches for supporting animal monitoring applications and identify a comprehensive set of requirements that guides our approach. We then propose a novel infrastructure-less, self -organized peer to peer architecture that fulfills these requirements. The core of our work is the novel data storage and routing protocol for large scale, highly mobile ad hoc sensor networks that is based on the Distributed Hash Table (DHT) substrate that we optimize for disconnections. We show over a range of extensive simulations that by exploiting nodes’ mobility, packet overhearing and proactive caching we significantly improve availability of sensor data in these extreme conditions

Blockchain Application - Case Study on Hyperledger Fabric

Usalduse keskkonna saamiseks kasutatakse kolmandaid osapooli ja nende tarkvara platvorme. Plokiahela tehnoloogia ja nutikaid lepingud on üks võimalus, kuidas välistada kolmas osapool. Üks viimased turule tulnud vabatarkvara platvorme on Hyperledger Fabric - modulaarne süsteem, mis kasutab üldkasutavaid programmeerimskeeli nutikate lepingute keelena. See avardab platvormi kasutamist ettevõtte tarkvara loomisel. Võrdleme platvormi tavapäraste lahendustega ning uurime väljakutseid, mida pakub uus plokiahela põhine süsteem ja selle jaoks loodud nutika leping nimega chaincode. Selle töö käigus realiseeriti parkimiseks mõeldud rakendus, mille nutikas leping on kirjutatud Go programmeerimiskeeles.Töö käigus realiseerisime prototüübi, leidsime lahendused tehnilistele probleemidele, realiseerisime kasutusjuhud.To enable software platform to be used without a third trusted party, one of the possibilities is to use blockchain and smart contracts. One of the latest platform is open-source Hyperledger Fabric, a modular system that uses conventional programming languages for smart contracts. This opens up vast possibilities for using it product centric enterprise systems. In this paper we compare the platform to a conventional solution and study the challenges provided by the smart contract called chaincode. We implement a parking spot application for multisided market using smart contract and Go programming language. In the end we have a working prototype with solutions to technical problems, covering predetermined use cases

Attacking and securing Network Time Protocol

Network Time Protocol (NTP) is used to synchronize time between computer systems communicating over unreliable, variable-latency, and untrusted network paths. Time is critical for many applications; in particular it is heavily utilized by cryptographic protocols. Despite its importance, the community still lacks visibility into the robustness of the NTP ecosystem itself, the integrity of the timing information transmitted by NTP, and the impact that any error in NTP might have upon the security of other protocols that rely on timing information. In this thesis, we seek to accomplish the following broad goals: 1. Demonstrate that the current design presents a security risk, by showing that network attackers can exploit NTP and then use it to attack other core Internet protocols that rely on time. 2. Improve NTP to make it more robust, and rigorously analyze the security of the improved protocol. 3. Establish formal and precise security requirements that should be satisfied by a network time-synchronization protocol, and prove that these are sufficient for the security of other protocols that rely on time. We take the following approach to achieve our goals incrementally. 1. We begin by (a) scrutinizing NTP's core protocol (RFC 5905) and (b) statically analyzing code of its reference implementation to identify vulnerabilities in protocol design, ambiguities in specifications, and flaws in reference implementations. We then leverage these observations to show several off- and on-path denial-of-service and time-shifting attacks on NTP clients. We then show cache-flushing and cache-sticking attacks on DNS(SEC) that leverage NTP. We quantify the attack surface using Internet measurements, and suggest simple countermeasures that can improve the security of NTP and DNS(SEC). 2. Next we move beyond identifying attacks and leverage ideas from Universal Composability (UC) security framework to develop a cryptographic model for attacks on NTP's datagram protocol. We use this model to prove the security of a new backwards-compatible protocol that correctly synchronizes time in the face of both off- and on-path network attackers. 3. Next, we propose general security notions for network time-synchronization protocols within the UC framework and formulate ideal functionalities that capture a number of prevalent forms of time measurement within existing systems. We show how they can be realized by real-world protocols (including but not limited to NTP), and how they can be used to assert security of time-reliant applications-specifically, cryptographic certificates with revocation and expiration times. Our security framework allows for a clear and modular treatment of the use of time in security-sensitive systems. Our work makes the core NTP protocol and its implementations more robust and secure, thus improving the security of applications and protocols that rely on time

4Sensing - decentralized processing for participatory sensing data

Trabalho apresentado no âmbito do Mestrado em Engenharia Informática, como requisito parcial para obtenção do grau de Mestre em Engenharia Informática.Participatory sensing is a new application paradigm, stemming from both technical and social drives, which is currently gaining momentum as a research domain. It leverages the growing adoption of mobile phones equipped with sensors, such as camera, GPS and accelerometer, enabling users to collect and aggregate data, covering a wide area without incurring in the costs associated with a large-scale sensor network. Related research in participatory sensing usually proposes an architecture based on a centralized back-end. Centralized solutions raise a set of issues. On one side, there is the implications of having a centralized repository hosting privacy sensitive information. On the other side, this centralized model has financial costs that can discourage grassroots initiatives. This dissertation focuses on the data management aspects of a decentralized infrastructure for the support of participatory sensing applications, leveraging the body of work on participatory sensing and related areas, such as wireless and internet-wide sensor networks, peer-to-peer data management and stream processing. It proposes a framework covering a common set of data management requirements - from data acquisition, to processing, storage and querying - with the goal of lowering the barrier for the development and deployment of applications. Alternative architectural approaches - RTree, QTree and NTree - are proposed and evaluated experimentally in the context of a case-study application - SpeedSense - supporting the monitoring and prediction of traffic conditions, through the collection of speed and location samples in an urban setting, using GPS equipped mobile phones