Talk Slides
Sorcery: Could We Make P2P Content Sharing Systems Robust to Deceivers? Ennan Zhai, Ruichuan Chen, Zhuhua Cai, Long Zhang, Eng Keong Lua*, Huiping Sun, Sihan Qing, Liyong Tang, and Zhong Chen (Email: [email protected])
Peking University & *Carnegie Mellon University
Background
I
What is the deceptive behavior in P2P content sharing systems ?
II
What are the existing solutions on this problem ?
III
IEEE P2P 2009
Our approach ?
Ennan Zhai
1
Background
I
What is the deceptive behavior in P2P content sharing systems ?
II
What are the existing solutions on this problem ?
III
IEEE P2P 2009
Our approach ?
Ennan Zhai
1
Deceptive Behavior
Individual or collusive attackers (deceivers) publish some polluted content items, and cast incorrect votes on them … …
IEEE P2P 2009
Ennan Zhai
2
Deceptive Behavior
Individual or collusive attackers (deceivers) publish some polluted content items, and cast incorrect votes on them … …
Normal users are deceived by votes and download these polluted content items.
IEEE P2P 2009
Ennan Zhai
2
Deceptive Behavior Alice’s Content items
1
3
I would like to download File 4.
4
Alice’s Votes 1
4
Bob 7
IEEE P2P 2009
10
15
Ennan Zhai
3
Deceptive Behavior
4
However, after downloading content 4, Bob finds this content item is polluted. We say Bob is deceived by Alice’s vote.
IEEE P2P 2009
Ennan Zhai
Bob
3
Background
I
What is the deceptive behavior in P2P content sharing systems ?
II
What are the existing solutions on this problem ?
III
IEEE P2P 2009
Our approach ?
Ennan Zhai
4
Existing Solutions • Reputation Models: 9 Peer-based: EigenTrust, PeerTrust, Scrubber … 9 Object-based: Credence, FileTrust … 9 Hybrid: XRep, X2Rep, Extended Scrubber…
• Micropayment Techniques: MojoNation. • Exchange Protocol …………
IEEE P2P 2009
Ennan Zhai
5
Existing Solutions • Reputation Models: 9 Peer-based: EigenTrust, PeerTrust, Scrubber … 9 Object-based: Credence, FileTrust … 9 Hybrid: XRep, X2Rep, Extended Scrubber…
• Micropayment Techniques: MojoNation. • Exchange Protocol …………
IEEE P2P 2009
Some Problems! Ennan Zhai
5
Analysis
The above situation can be explained the attackers sit on the dominant position, and the solution is we need to achieve the conversion of the dominant position through constructing our own dominant information.
IEEE P2P 2009
Ennan Zhai
6
Analysis The fundamental insight driving our work is social network can help the users construct the confidential and reliable friend-relationships, and we treat the confidential information of friends as the dominant information.
IEEE P2P 2009
Ennan Zhai
7
Background
I
What is the deceptive behavior in P2P content sharing systems ?
II
What are the existing solutions on this problem ?
III
IEEE P2P 2009
Our approach ?
Ennan Zhai
8
Sorcery 1
Introducing Social Network
2
Challenge-response Mechanism
3
Punishment Mechanism
4
Practical Issues
IEEE P2P 2009
Ennan Zhai
9
Sorcery 1
Introducing Social Network
2
Challenge-response Mechanism
3
Punishment Mechanism
4
Practical Issues
IEEE P2P 2009
Ennan Zhai
9
Introducing Social Network
Sorcery client stores friends’ information in his friend list. This friend list is confidential to other users in the system … …
IEEE P2P 2009
Ennan Zhai
10
Introducing Social Network
Sorcery client stores friends’ information in his friend list. This friend list is confidential to other users in the system … …
This is the dominant information for the client
IEEE P2P 2009
Ennan Zhai
10
Introducing Social Network Eve
Alice
2
8
1
1
2
1
4
8
14
7
9
Bob
6 6
1
2
3
2
3
5
11 20
Eve is Alice’s friend, but Bob cannot know the friend-relationship between Alice and Eve. IEEE P2P 2009
Ennan Zhai
11
Introducing Social Network Because friends’ experiences can be used, social network can address cold start problem which cannot be solved by the existing reputation models … …
IEEE P2P 2009
Ennan Zhai
12
Introducing Social Network Because friends’ experiences can be used, social network can address cold start problem which cannot be solved by the existing reputation models … …
New user joins in the system, he is easily to be deceived due to lack of experiences.
IEEE P2P 2009
Ennan Zhai
12
Sorcery 1
Introducing Social Network
2
Challenge-response Mechanism
3
Punishment Mechanism
4
Practical Issues
IEEE P2P 2009
Ennan Zhai
13
Challenge-response File 3 ?
Alice’s Friend list Friend1 5
1 2 3 4
Friend2
8
Bob
5
2 3 5 Alice
Friend3 1
2
Friend4
Eve 2 3 5 7
4 8
1 2 4 5 8
IEEE P2P 2009
Ennan Zhai
14
Challenge-response ChallengeMessage
Alice’s Friend list Friend1 5
Step 1
(File5,?),(File3,?),(File2,?)
1 2 3 4
Friend2
8
Bob
5
2 3 5 Alice
Friend3 1
2
Friend4 4 8
Eve
Step 1
2 3 5 7 ChallengeMessage (File3,?),(File8,?),(File4,?)
IEEE P2P 2009
Ennan Zhai
1 2 4 5 8
14
Challenge-response ChallengeMessage
Alice’s Friend list Friend1 5
Step 2 (File5,-1),(File3,+1),(File2,+1)
1 2 3 4
Friend2
8
Bob
5
2 3 5 Alice
Friend3 1
2
Friend4 4 8
Eve 2 3 5 7
Step 2 ChallengeMessage (File3,-1),(File8,-1),(File4,-1)
IEEE P2P 2009
Ennan Zhai
1 2 4 5 8
14
Sorcery 1
Introducing Social Network
2
Challenge-response Mechanism
3
Punishment Mechanism
4
Practical Issues
IEEE P2P 2009
Ennan Zhai
15
Punishment Mechanism
Sorcery introduces reliability degree to punish deceivers, thus reducing the possibility of impact brought by them … …
IEEE P2P 2009
Ennan Zhai
16
Punishment Mechanism max(-1, RDi(j) - pn2) RDi(j)= min(1, RDi(j) + r) RDi(j): the reliability of i with respect to j; p: the penalty factor; r: the recompense factor; n: the number of i being deceived by j. IEEE P2P 2009
Ennan Zhai
17
Punishment Mechanism max(-1, RDi(j) - pn2) RDi(j)= min(1, RDi(j) + r)
If j is a deceiver … …
IEEE P2P 2009
Ennan Zhai
17
Punishment Mechanism max(-1, RDi(j) - pn2) RDi(j)= min(1, RDi(j) + r) If j is not a deceiver, and i would like to upgrade RDi(j) … …
IEEE P2P 2009
Ennan Zhai
17
Sorcery 1
Introducing Social Network
2
Challenge-response Mechanism
3
Punishment Mechanism
4
Practical Issues
IEEE P2P 2009
Ennan Zhai
18
Practical Issues
• Lack of the Overlapping Votes • Unreliable Friends
IEEE P2P 2009
Ennan Zhai
19
Practical Issues
• Lack of the Overlapping Votes • Unreliable Friends
IEEE P2P 2009
Ennan Zhai
19
Non-overlapping Voting Histories
The studies in [J. Liang, INFOCOM’05] and [K. Walsh, NSDI’06] indicated it’s a high probability that most peers have overlapping votes with the voters of any content item … …
IEEE P2P 2009
Ennan Zhai
20
Non-overlapping Voting Histories
The studies in [J. Liang, INFOCOM’05] and [K. Walsh, NSDI’06] indicated it’s a high probability that most peers have overlapping votes with the voters of any content item … … The client should challenge some of voters of the target content item (Details see paper please).
IEEE P2P 2009
Ennan Zhai
20
Practical Issues
• Lack of the Overlapping Votes • Unreliable Friends
IEEE P2P 2009
Ennan Zhai
21
Unreliable Friends
In the practical applications, some friends may be online deceivers or compromised, Sorcery utilizes similarity based on cosine technique to filter those unreliable friends (The concrete equation see paper please) … …
IEEE P2P 2009
Ennan Zhai
22
Evaluation
IEEE P2P 2009
I
Simulation Setup
II
Experimental Results
Ennan Zhai
23
Evaluation
IEEE P2P 2009
I
Simulation Setup
II
Experimental Results
Ennan Zhai
23
Simulation Setup • Network Model: Gnutella Prototype • Peer Model: 5, 000 Peers • Social Model: Kleinberg Model • Content Model: ¾ 1,000 (Titles) X 500 (Versions) (50 good) ¾ Zipf Distribution a=0.8
IEEE P2P 2009
Ennan Zhai
24
Evaluation
IEEE P2P 2009
I
Simulation Setup
II
Experimental Results
Ennan Zhai
25
Normal Deceivers
IEEE P2P 2009
Ennan Zhai
26
Normal Deceivers
Rate of Deceivers
IEEE P2P 2009
Ennan Zhai
26
Normal Deceivers
Rate of Deceivers
IEEE P2P 2009
Ennan Zhai
26
Normal Deceivers
Rate of Deceivers
IEEE P2P 2009
Ennan Zhai
26
Tricky Deceivers
IEEE P2P 2009
Ennan Zhai
27
Tricky Deceivers Rate that Tricky Deceivers Vote Correctly
IEEE P2P 2009
Ennan Zhai
27
Tricky Deceivers Rate that Tricky Deceivers Vote Correctly
IEEE P2P 2009
Ennan Zhai
27
Conclusion and Discussion
• How to resist three types of attacks? ¾ Man-in-the-Middle (MITM) Attack ¾ Sybil Attack ¾ Denial-of-Service (DoS) Attack
IEEE P2P 2009
Ennan Zhai
28
Q&A
Thank you !
IEEE P2P 2009
Ennan Zhai
29
Peking University & *Carnegie Mellon University
Background
I
What is the deceptive behavior in P2P content sharing systems ?
II
What are the existing solutions on this problem ?
III
IEEE P2P 2009
Our approach ?
Ennan Zhai
1
Background
I
What is the deceptive behavior in P2P content sharing systems ?
II
What are the existing solutions on this problem ?
III
IEEE P2P 2009
Our approach ?
Ennan Zhai
1
Deceptive Behavior
Individual or collusive attackers (deceivers) publish some polluted content items, and cast incorrect votes on them … …
IEEE P2P 2009
Ennan Zhai
2
Deceptive Behavior
Individual or collusive attackers (deceivers) publish some polluted content items, and cast incorrect votes on them … …
Normal users are deceived by votes and download these polluted content items.
IEEE P2P 2009
Ennan Zhai
2
Deceptive Behavior Alice’s Content items
1
3
I would like to download File 4.
4
Alice’s Votes 1
4
Bob 7
IEEE P2P 2009
10
15
Ennan Zhai
3
Deceptive Behavior
4
However, after downloading content 4, Bob finds this content item is polluted. We say Bob is deceived by Alice’s vote.
IEEE P2P 2009
Ennan Zhai
Bob
3
Background
I
What is the deceptive behavior in P2P content sharing systems ?
II
What are the existing solutions on this problem ?
III
IEEE P2P 2009
Our approach ?
Ennan Zhai
4
Existing Solutions • Reputation Models: 9 Peer-based: EigenTrust, PeerTrust, Scrubber … 9 Object-based: Credence, FileTrust … 9 Hybrid: XRep, X2Rep, Extended Scrubber…
• Micropayment Techniques: MojoNation. • Exchange Protocol …………
IEEE P2P 2009
Ennan Zhai
5
Existing Solutions • Reputation Models: 9 Peer-based: EigenTrust, PeerTrust, Scrubber … 9 Object-based: Credence, FileTrust … 9 Hybrid: XRep, X2Rep, Extended Scrubber…
• Micropayment Techniques: MojoNation. • Exchange Protocol …………
IEEE P2P 2009
Some Problems! Ennan Zhai
5
Analysis
The above situation can be explained the attackers sit on the dominant position, and the solution is we need to achieve the conversion of the dominant position through constructing our own dominant information.
IEEE P2P 2009
Ennan Zhai
6
Analysis The fundamental insight driving our work is social network can help the users construct the confidential and reliable friend-relationships, and we treat the confidential information of friends as the dominant information.
IEEE P2P 2009
Ennan Zhai
7
Background
I
What is the deceptive behavior in P2P content sharing systems ?
II
What are the existing solutions on this problem ?
III
IEEE P2P 2009
Our approach ?
Ennan Zhai
8
Sorcery 1
Introducing Social Network
2
Challenge-response Mechanism
3
Punishment Mechanism
4
Practical Issues
IEEE P2P 2009
Ennan Zhai
9
Sorcery 1
Introducing Social Network
2
Challenge-response Mechanism
3
Punishment Mechanism
4
Practical Issues
IEEE P2P 2009
Ennan Zhai
9
Introducing Social Network
Sorcery client stores friends’ information in his friend list. This friend list is confidential to other users in the system … …
IEEE P2P 2009
Ennan Zhai
10
Introducing Social Network
Sorcery client stores friends’ information in his friend list. This friend list is confidential to other users in the system … …
This is the dominant information for the client
IEEE P2P 2009
Ennan Zhai
10
Introducing Social Network Eve
Alice
2
8
1
1
2
1
4
8
14
7
9
Bob
6 6
1
2
3
2
3
5
11 20
Eve is Alice’s friend, but Bob cannot know the friend-relationship between Alice and Eve. IEEE P2P 2009
Ennan Zhai
11
Introducing Social Network Because friends’ experiences can be used, social network can address cold start problem which cannot be solved by the existing reputation models … …
IEEE P2P 2009
Ennan Zhai
12
Introducing Social Network Because friends’ experiences can be used, social network can address cold start problem which cannot be solved by the existing reputation models … …
New user joins in the system, he is easily to be deceived due to lack of experiences.
IEEE P2P 2009
Ennan Zhai
12
Sorcery 1
Introducing Social Network
2
Challenge-response Mechanism
3
Punishment Mechanism
4
Practical Issues
IEEE P2P 2009
Ennan Zhai
13
Challenge-response File 3 ?
Alice’s Friend list Friend1 5
1 2 3 4
Friend2
8
Bob
5
2 3 5 Alice
Friend3 1
2
Friend4
Eve 2 3 5 7
4 8
1 2 4 5 8
IEEE P2P 2009
Ennan Zhai
14
Challenge-response ChallengeMessage
Alice’s Friend list Friend1 5
Step 1
(File5,?),(File3,?),(File2,?)
1 2 3 4
Friend2
8
Bob
5
2 3 5 Alice
Friend3 1
2
Friend4 4 8
Eve
Step 1
2 3 5 7 ChallengeMessage (File3,?),(File8,?),(File4,?)
IEEE P2P 2009
Ennan Zhai
1 2 4 5 8
14
Challenge-response ChallengeMessage
Alice’s Friend list Friend1 5
Step 2 (File5,-1),(File3,+1),(File2,+1)
1 2 3 4
Friend2
8
Bob
5
2 3 5 Alice
Friend3 1
2
Friend4 4 8
Eve 2 3 5 7
Step 2 ChallengeMessage (File3,-1),(File8,-1),(File4,-1)
IEEE P2P 2009
Ennan Zhai
1 2 4 5 8
14
Sorcery 1
Introducing Social Network
2
Challenge-response Mechanism
3
Punishment Mechanism
4
Practical Issues
IEEE P2P 2009
Ennan Zhai
15
Punishment Mechanism
Sorcery introduces reliability degree to punish deceivers, thus reducing the possibility of impact brought by them … …
IEEE P2P 2009
Ennan Zhai
16
Punishment Mechanism max(-1, RDi(j) - pn2) RDi(j)= min(1, RDi(j) + r) RDi(j): the reliability of i with respect to j; p: the penalty factor; r: the recompense factor; n: the number of i being deceived by j. IEEE P2P 2009
Ennan Zhai
17
Punishment Mechanism max(-1, RDi(j) - pn2) RDi(j)= min(1, RDi(j) + r)
If j is a deceiver … …
IEEE P2P 2009
Ennan Zhai
17
Punishment Mechanism max(-1, RDi(j) - pn2) RDi(j)= min(1, RDi(j) + r) If j is not a deceiver, and i would like to upgrade RDi(j) … …
IEEE P2P 2009
Ennan Zhai
17
Sorcery 1
Introducing Social Network
2
Challenge-response Mechanism
3
Punishment Mechanism
4
Practical Issues
IEEE P2P 2009
Ennan Zhai
18
Practical Issues
• Lack of the Overlapping Votes • Unreliable Friends
IEEE P2P 2009
Ennan Zhai
19
Practical Issues
• Lack of the Overlapping Votes • Unreliable Friends
IEEE P2P 2009
Ennan Zhai
19
Non-overlapping Voting Histories
The studies in [J. Liang, INFOCOM’05] and [K. Walsh, NSDI’06] indicated it’s a high probability that most peers have overlapping votes with the voters of any content item … …
IEEE P2P 2009
Ennan Zhai
20
Non-overlapping Voting Histories
The studies in [J. Liang, INFOCOM’05] and [K. Walsh, NSDI’06] indicated it’s a high probability that most peers have overlapping votes with the voters of any content item … … The client should challenge some of voters of the target content item (Details see paper please).
IEEE P2P 2009
Ennan Zhai
20
Practical Issues
• Lack of the Overlapping Votes • Unreliable Friends
IEEE P2P 2009
Ennan Zhai
21
Unreliable Friends
In the practical applications, some friends may be online deceivers or compromised, Sorcery utilizes similarity based on cosine technique to filter those unreliable friends (The concrete equation see paper please) … …
IEEE P2P 2009
Ennan Zhai
22
Evaluation
IEEE P2P 2009
I
Simulation Setup
II
Experimental Results
Ennan Zhai
23
Evaluation
IEEE P2P 2009
I
Simulation Setup
II
Experimental Results
Ennan Zhai
23
Simulation Setup • Network Model: Gnutella Prototype • Peer Model: 5, 000 Peers • Social Model: Kleinberg Model • Content Model: ¾ 1,000 (Titles) X 500 (Versions) (50 good) ¾ Zipf Distribution a=0.8
IEEE P2P 2009
Ennan Zhai
24
Evaluation
IEEE P2P 2009
I
Simulation Setup
II
Experimental Results
Ennan Zhai
25
Normal Deceivers
IEEE P2P 2009
Ennan Zhai
26
Normal Deceivers
Rate of Deceivers
IEEE P2P 2009
Ennan Zhai
26
Normal Deceivers
Rate of Deceivers
IEEE P2P 2009
Ennan Zhai
26
Normal Deceivers
Rate of Deceivers
IEEE P2P 2009
Ennan Zhai
26
Tricky Deceivers
IEEE P2P 2009
Ennan Zhai
27
Tricky Deceivers Rate that Tricky Deceivers Vote Correctly
IEEE P2P 2009
Ennan Zhai
27
Tricky Deceivers Rate that Tricky Deceivers Vote Correctly
IEEE P2P 2009
Ennan Zhai
27
Conclusion and Discussion
• How to resist three types of attacks? ¾ Man-in-the-Middle (MITM) Attack ¾ Sybil Attack ¾ Denial-of-Service (DoS) Attack
IEEE P2P 2009
Ennan Zhai
28
Q&A
Thank you !
IEEE P2P 2009
Ennan Zhai
29
