Web3Recommend: Decentralised recommendations with trust and relevance

Web3Recommend is a decentralized Social Recommender System implementation that enables Web3 Platforms on Android to generate recommendations that balance trust and relevance. Generating recommendations in decentralized networks is a non-trivial problem because these networks lack a global perspective due to the absence of a central authority. Further, decentralized networks are prone to Sybil Attacks in which a single malicious user can generate multiple fake or Sybil identities. Web3Recommend relies on a novel graph-based content recommendation design inspired by GraphJet, a recommendation system used in Twitter enhanced with MeritRank, a decentralized reputation scheme that provides Sybil-resistance to the system. By adding MeritRank's decay parameters to the vanilla Social Recommender Systems' personalized SALSA graph algorithm, we can provide theoretical guarantees against Sybil Attacks in the generated recommendations. Similar to GraphJet, we focus on generating real-time recommendations by only acting on recent interactions in the social network, allowing us to cater temporally contextual recommendations while keeping a tight bound on the memory usage in resource-constrained devices, allowing for a seamless user experience. As a proof-of-concept, we integrate our system with MusicDAO, an open-source Web3 music-sharing platform, to generate personalized, real-time recommendations. Thus, we provide the first Sybil-resistant Social Recommender System, allowing real-time recommendations beyond classic user-based collaborative filtering. The system is also rigorously tested with extensive unit and integration tests. Further, our experiments demonstrate the trust-relevance balance of recommendations against multiple adversarial strategies in a test network generated using data from real music platforms

WARP: A ICN architecture for social data

Social network companies maintain complete visibility and ownership of the data they store. However users should be able to maintain full control over their content. For this purpose, we propose WARP, an architecture based upon Information-Centric Networking (ICN) designs, which expands the scope of the ICN architecture beyond media distribution, to provide data control in social networks. The benefit of our solution lies in the lightweight nature of the protocol and in its layered design. With WARP, data distribution and access policies are enforced on the user side. Data can still be replicated in an ICN fashion but we introduce control channels, named \textit{thread updates}, which ensures that the access to the data is always updated to the latest control policy. WARP decentralizes the social network but still offers APIs so that social network providers can build products and business models on top of WARP. Social applications run directly on the user's device and store their data on the user's \textit{butler} that takes care of encryption and distribution. Moreover, users can still rely on third parties to have high-availability without renouncing their privacy

Design and Management of Collaborative Intrusion Detection Networks

In recent years network intrusions have become a severe threat to the privacy and safety of computer users. Recent cyber attacks compromise a large number of hosts to form botnets. Hackers not only aim at harvesting private data and identity information from compromised nodes, but also use the compromised nodes to launch attacks such as distributed denial-of-service (DDoS) attacks. As a counter measure, Intrusion Detection Systems (IDS) are used to identify intrusions by comparing observable behavior against suspicious patterns. Traditional IDSs monitor computer activities on a single host or network traffic in a sub-network. They do not have a global view of intrusions and are not effective in detecting fast spreading attacks, unknown, or new threats. In turn, they can achieve better detection accuracy through collaboration. An Intrusion Detection Network (IDN) is such a collaboration network allowing IDSs to exchange information with each other and to benefit from the collective knowledge and experience shared by others. IDNs enhance the overall accuracy of intrusion assessment as well as the ability to detect new intrusion types. Building an effective IDN is however a challenging task. For example, adversaries may compromise some IDSs in the network and then leverage the compromised nodes to send false information, or even attack others in the network, which can compromise the efficiency of the IDN. It is, therefore, important for an IDN to detect and isolate malicious insiders. Another challenge is how to make efficient intrusion detection assessment based on the collective diagnosis from other IDSs. Appropriate selection of collaborators and incentive-compatible resource management in support of IDSs' interaction with others are also key challenges in IDN design. To achieve efficiency, robustness, and scalability, we propose an IDN architecture and especially focus on the design of four of its essential components, namely, trust management, acquaintance management, resource management, and feedback aggregation. We evaluate our proposals and compare them with prominent ones in the literature and show their superiority using several metrics, including efficiency, robustness, scalability, incentive-compatibility, and fairness. Our IDN design provides guidelines for the deployment of a secure and scalable IDN where effective collaboration can be established between IDSs

Security in DHT-based peer-to-peer networks

Questa tesi riguarda il problema dell’integrazione dei meccanismi per la gestione di reputazione e dei processi di lookup nelle reti peer-to-peer basate su DHT (Distributed Hash Table) e l’applicazione di tali tecniche a scenari di reti chiuse e gerarchiche con particolare riferimento al livello di sicurezza e efficienza dello storage e del backup delle risorse. La soluzione proposta rappresenta una combinazione delle tecniche per la valutazione di reputazione e degli strumenti per i sistemi di computer distribuiti come protezione dagli specifici attacchi causati dai peer maliziosi in sistemi P2P collaborativi. Inoltre, e’ stata proposta l’applicazione dei meccanismi DHT nell’ambito delle reti di computer gerarchiche, in particolare nelle reti aziendali. L’obiettivo di questo lavoro e’ quello di offrire una soluzione ai problemi derivanti dall’utilizzo di una architettura centralizzata tramite l’introduzione del sistema di organizzazione dei dati inerente all’ambito P2P basato sugli algoritmi DHT in una rete aziendale.This thesis addresses the problem of integration of reputation management mechanisms and other instruments used in distributed computing environment with lookup processes in DHT-based peer-to-peer networks in order to improve resilience of such systems to destructive actions of malevolent or faulty components. The goal of this integration is to obtain a more efficient, less expensive (in terms of data transferred, computational resources involved and time spent) and possibly simple solution to cope with the specific problems of DHT-based environment. A particular accent has been given to DHT-based environments with a collaborative nature. Another issue considered in this work regards the application of DHT mechanisms to lookup and data retrieval processes in hierarchical collaborative environments, in particular, in enterprise networks. This approach exploits advantages of the P2P data organization system based on DHTs to avoid some problems inherent in systems with centralized architectures

Managing the Internet of Things based on its Social Structure

Society is moving towards an “always connected” paradigm, where the Internet user is shifting from persons to things, leading to the so called Internet of Things (IoT) scenario. The IoT vision integrates a large number of technologies and foresees to embody a variety of smart objects around us (such as sensors, actuators, smartphones, RFID, etc.) that, through unique addressing schemes and standard communication protocols, are able to interact with each Others and cooperate with their neighbors to reach common goals [2, 3]. IoT is a hot research topic, as demonstrated by the increasing attention and the large worldwide investments devoted to it. It is believed that the IoT will be composed of trillions of elements interacting in an extremely heterogeneous way in terms of requirements, behavior and capabilities; according to [4], by 2015 the RIFD devices alone will reach hundreds of billions. Unquestionably, the IoT will pervade every aspect of our world and will have a huge impact in our everyday life: indeed, as stated by the US National Intelligence Council (NIC) [5], “by 2025 Internet nodes may reside in everyday things − food packages, furniture, paper documents, and more”. Then, communications will not only involve persons but also things thus bringing about the IoT environment in which objects will have virtual counterparts on the Internet. Such virtual entities will produce and consume services, collaborate toward common goals and should be integrated with all the other services. One of the biggest challenges that the research community is facing right now is to be able to organize such an ocean of devices so that the discovery of objects and services is performed efficiently and in a scalable way. Recently, several attempts have been made to apply concepts of social networking to the IoT. There are scientific evidences that a large number of individuals tied in a social network can provide far more accurate answers to complex problems than a single individual (or a small group of – even knowledgeable – individuals) [1]. The exploitation of such a principle, applied to smart objects, has been widely investigated in Internet-related researches. Indeed, several schemes have been proposed that use social networks to search Internet resources, to route traffic, or to select effective policies for content distribution. The idea that the convergence of the “Internet of Things” and the “Social Networks” worlds, which up to now were mostly kept separate by both scientific and industrial communities, is possible or even advisable is gaining momentum very quickly. This is due to the growing awareness that a “Social Internet of Things” (SIoT) paradigm carries with it many desirable implications in a future world populated by objects permeating the everyday life of human beings. Therefore, the goal of this thesis is to define a possible architecture for the SIoT, which includes the functionalities required to integrate things into a social network, and the needed strategies to help things to create their relationships in such a way that the resulting social network is navigable. Moreover, it focuses on the trustworthiness management, so that interaction among objects that are friends can be done in a more reliable way and proposes a possible implementation of a SIoT network. Since this thesis covers several aspects of the Social internet of Things, I will present the state of the art related to the specific research activities at the beginning of every Chapter. The rest of the thesis is structured as follows. In Chapter 1, I identify appropriate policies for the establishment and the management of social relationships between objects, describe a possible architecture for the IoT that includes the functionalities required to integrate things into a social network and analyze the characteristics of the SIoT network structure by means of simulations. Chapter 2 addresses the problem of the objects to manage a large number of friends, by analyzing possible strategies to drive the objects to select the appropriate links for the benefit of overall network navigability and to speed up the search of the services. In Chapter 3, I focus on the problem of understanding how the information provided by members of the social IoT has to be processed so as to build a reliable system on the basis of the behavior of the objects and define two models for trustworthiness management starting from the solutions proposed for P2P and social networks. Chapter 4 presents an implementation of a SIoT platform and its major functionalities: how to register a new social object to the platform, how the system manages the creation of new relationships, and how the devices create groups of members with similar characteristics. Finally, in Chapter 5, conclusions will be drawn regarding the effectiveness of the proposed Introduction 3 algorithms, and some possible future works will be sketche

Managing the Internet of Things based on its Social Structure

Society is moving towards an “always connected” paradigm, where the Internet user is shifting from persons to things, leading to the so called Internet of Things (IoT) scenario. The IoT vision integrates a large number of technologies and foresees to embody a variety of smart objects around us (such as sensors, actuators, smartphones, RFID, etc.) that, through unique addressing schemes and standard communication protocols, are able to interact with each Others and cooperate with their neighbors to reach common goals [2, 3]. IoT is a hot research topic, as demonstrated by the increasing attention and the large worldwide investments devoted to it. It is believed that the IoT will be composed of trillions of elements interacting in an extremely heterogeneous way in terms of requirements, behavior and capabilities; according to [4], by 2015 the RIFD devices alone will reach hundreds of billions. Unquestionably, the IoT will pervade every aspect of our world and will have a huge impact in our everyday life: indeed, as stated by the US National Intelligence Council (NIC) [5], “by 2025 Internet nodes may reside in everyday things − food packages, furniture, paper documents, and more”. Then, communications will not only involve persons but also things thus bringing about the IoT environment in which objects will have virtual counterparts on the Internet. Such virtual entities will produce and consume services, collaborate toward common goals and should be integrated with all the other services. One of the biggest challenges that the research community is facing right now is to be able to organize such an ocean of devices so that the discovery of objects and services is performed efficiently and in a scalable way. Recently, several attempts have been made to apply concepts of social networking to the IoT. There are scientific evidences that a large number of individuals tied in a social network can provide far more accurate answers to complex problems than a single individual (or a small group of – even knowledgeable – individuals) [1]. The exploitation of such a principle, applied to smart objects, has been widely investigated in Internet-related researches. Indeed, several schemes have been proposed that use social networks to search Internet resources, to route traffic, or to select effective policies for content distribution. The idea that the convergence of the “Internet of Things” and the “Social Networks” worlds, which up to now were mostly kept separate by both scientific and industrial communities, is possible or even advisable is gaining momentum very quickly. This is due to the growing awareness that a “Social Internet of Things” (SIoT) paradigm carries with it many desirable implications in a future world populated by objects permeating the everyday life of human beings. Therefore, the goal of this thesis is to define a possible architecture for the SIoT, which includes the functionalities required to integrate things into a social network, and the needed strategies to help things to create their relationships in such a way that the resulting social network is navigable. Moreover, it focuses on the trustworthiness management, so that interaction among objects that are friends can be done in a more reliable way and proposes a possible implementation of a SIoT network. Since this thesis covers several aspects of the Social internet of Things, I will present the state of the art related to the specific research activities at the beginning of every Chapter. The rest of the thesis is structured as follows. In Chapter 1, I identify appropriate policies for the establishment and the management of social relationships between objects, describe a possible architecture for the IoT that includes the functionalities required to integrate things into a social network and analyze the characteristics of the SIoT network structure by means of simulations. Chapter 2 addresses the problem of the objects to manage a large number of friends, by analyzing possible strategies to drive the objects to select the appropriate links for the benefit of overall network navigability and to speed up the search of the services. In Chapter 3, I focus on the problem of understanding how the information provided by members of the social IoT has to be processed so as to build a reliable system on the basis of the behavior of the objects and define two models for trustworthiness management starting from the solutions proposed for P2P and social networks. Chapter 4 presents an implementation of a SIoT platform and its major functionalities: how to register a new social object to the platform, how the system manages the creation of new relationships, and how the devices create groups of members with similar characteristics. Finally, in Chapter 5, conclusions will be drawn regarding the effectiveness of the proposed Introduction 3 algorithms, and some possible future works will be sketche

Secure, Efficient and Privacy-aware Framework for Unstructured Peer-to-Peer Networks

Recently, the advances in Ubiquitous Computing networks and the increased computational power of network devices have led designers to create more flexible distributed network models using decentralised network management systems. Security, resilience and privacy issues within such distributed systems become more complicated while important tasks such as routing, service access and state management become increasingly challenging. Low-level protocols over ubiquitous decentralised systems, which provide autonomy to network nodes, have replaced the traditional client-server arrangements in centralised systems. Small World networks represent a model that addresses many existing challenges within Ubiquitous Computing networks. Therefore, it is imperative to study the properties of Small World networks to help understanding, modelling and improving the performance, usability and resiliency of Ubiquitous Computing networks. Using the network infrastructure and trusted relationships in the Small World networks, this work proposes a framework to enhance security, resilience and trust within scalable Peer-to-Peer (P2P) networks. The proposed framework consists of three major components namely network-aware topology construction, anonymous global communication using community trust, and efficient search and broadcasting based on granularity and pro-active membership management. We utilise the clustering co-efficient and conditional preferential attachment to propose a novel topology construction scheme that organises nodes into groups of trusted users to improve scalability. Network nodes communicate locally without advertising node identity at a global scale, which ensures user anonymity. The global communication is organised and facilitated by Service Centres to maintain security, privacy and integrity of member nodes. Service Centres are allocated using a novel leader election mechanism within unstructured scalable P2P networks. This allows providing fair and equitable access for existing and new nodes without having to make complex changes to the network topology. Moreover, the scale-free and clustering co-efficient characteristics of Small World networks help organising the network layout to maintain its balance in terms of the nodes distribution. Simulation results show that the proposed framework ensures better scalability and membership management in unstructured P2P networks, and improves the performance of the search and broadcasting in terms of the average shortest path and control overhead while maintaining user anonymity and system resiliency

An Efficient Holistic Data Distribution and Storage Solution for Online Social Networks

In the past few years, Online Social Networks (OSNs) have dramatically spread over the world. Facebook [4], one of the largest worldwide OSNs, has 1.35 billion users, 82.2% of whom are outside the US [36]. The browsing and posting interactions (text content) between OSN users lead to user data reads (visits) and writes (updates) in OSN datacenters, and Facebook now serves a billion reads and tens of millions of writes per second [37]. Besides that, Facebook has become one of the top Internet traffic sources [36] by sharing tremendous number of large multimedia files including photos and videos. The servers in datacenters have limited resources (e.g. bandwidth) to supply latency efficient service for multimedia file sharing among the rapid growing users worldwide. Most online applications operate under soft real-time constraints (e.g., ≤ 300 ms latency) for good user experience, and its service latency is negatively proportional to its income. Thus, the service latency is a very important requirement for Quality of Service (QoS) to the OSN as a web service, since it is relevant to the OSN’s revenue and user experience. Also, to increase OSN revenue, OSN service providers need to constrain capital investment, operation costs, and the resource (bandwidth) usage costs. Therefore, it is critical for the OSN to supply a guaranteed QoS for both text and multimedia contents to users while minimizing its costs. To achieve this goal, in this dissertation, we address three problems. i) Data distribution among datacenters: how to allocate data (text contents) among data servers with low service latency and minimized inter-datacenter network load; ii) Efficient multimedia file sharing: how to facilitate the servers in datacenters to efficiently share multimedia files among users; iii) Cost minimized data allocation among cloud storages: how to save the infrastructure (datacenters) capital investment and operation costs by leveraging commercial cloud storage services. Data distribution among datacenters. To serve the text content, the new OSN model, which deploys datacenters globally, helps reduce service latency to worldwide distributed users and release the load of the existing datacenters. However, it causes higher inter-datacenter communica-tion load. In the OSN, each datacenter has a full copy of all data, and the master datacenter updates all other datacenters, generating tremendous load in this new model. The distributed data storage, which only stores a user’s data to his/her geographically closest datacenters, simply mitigates the problem. However, frequent interactions between distant users lead to frequent inter-datacenter com-munication and hence long service latencies. Therefore, the OSNs need a data allocation algorithm among datacenters with minimized network load and low service latency. Efficient multimedia file sharing. To serve multimedia file sharing with rapid growing user population, the file distribution method should be scalable and cost efficient, e.g. minimiza-tion of bandwidth usage of the centralized servers. The P2P networks have been widely used for file sharing among a large amount of users [58, 131], and meet both scalable and cost efficient re-quirements. However, without fully utilizing the altruism and trust among friends in the OSNs, current P2P assisted file sharing systems depend on strangers or anonymous users to distribute files that degrades their performance due to user selfish and malicious behaviors. Therefore, the OSNs need a cost efficient and trustworthy P2P-assisted file sharing system to serve multimedia content distribution. Cost minimized data allocation among cloud storages. The new trend of OSNs needs to build worldwide datacenters, which introduce a large amount of capital investment and maintenance costs. In order to save the capital expenditures to build and maintain the hardware infrastructures, the OSNs can leverage the storage services from multiple Cloud Service Providers (CSPs) with existing worldwide distributed datacenters [30, 125, 126]. These datacenters provide different Get/Put latencies and unit prices for resource utilization and reservation. Thus, when se-lecting different CSPs’ datacenters, an OSN as a cloud customer of a globally distributed application faces two challenges: i) how to allocate data to worldwide datacenters to satisfy application SLA (service level agreement) requirements including both data retrieval latency and availability, and ii) how to allocate data and reserve resources in datacenters belonging to different CSPs to minimize the payment cost. Therefore, the OSNs need a data allocation system distributing data among CSPs’ datacenters with cost minimization and SLA guarantee. In all, the OSN needs an efficient holistic data distribution and storage solution to minimize its network load and cost to supply a guaranteed QoS for both text and multimedia contents. In this dissertation, we propose methods to solve each of the aforementioned challenges in OSNs. Firstly, we verify the benefits of the new trend of OSNs and present OSN typical properties that lay the basis of our design. We then propose Selective Data replication mechanism in Distributed Datacenters (SD3) to allocate user data among geographical distributed datacenters. In SD3,a datacenter jointly considers update rate and visit rate to select user data for replication, and further atomizes a user’s different types of data (e.g., status update, friend post) for replication, making sure that a replica always reduces inter-datacenter communication. Secondly, we analyze a BitTorrent file sharing trace, which proves the necessity of proximity-and interest-aware clustering. Based on the trace study and OSN properties, to address the second problem, we propose a SoCial Network integrated P2P file sharing system for enhanced Efficiency and Trustworthiness (SOCNET) to fully and cooperatively leverage the common-interest, geographically-close and trust properties of OSN friends. SOCNET uses a hierarchical distributed hash table (DHT) to cluster common-interest nodes, and then further clusters geographically close nodes into a subcluster, and connects the nodes in a subcluster with social links. Thus, when queries travel along trustable social links, they also gain higher probability of being successfully resolved by proximity-close nodes, simultaneously enhancing efficiency and trustworthiness. Thirdly, to handle the third problem, we model the cost minimization problem under the SLA constraints using integer programming. According to the system model, we propose an Eco-nomical and SLA-guaranteed cloud Storage Service (ES3), which finds a data allocation and resource reservation schedule with cost minimization and SLA guarantee. ES3 incorporates (1) a data al-location and reservation algorithm, which allocates each data item to a datacenter and determines the reservation amount on datacenters by leveraging all the pricing policies; (2) a genetic algorithm based data allocation adjustment approach, which makes data Get/Put rates stable in each data-center to maximize the reservation benefit; and (3) a dynamic request redirection algorithm, which dynamically redirects a data request from an over-utilized datacenter to an under-utilized datacenter with sufficient reserved resource when the request rate varies greatly to further reduce the payment. Finally, we conducted trace driven experiments on a distributed testbed, PlanetLab, and real commercial cloud storage (Amazon S3, Windows Azure Storage and Google Cloud Storage) to demonstrate the efficiency and effectiveness of our proposed systems in comparison with other systems. The results show that our systems outperform others in the network savings and data distribution efficiency