TRUST AND REPUTATION IN PEER-TO-PEER NETWORKS
|
|
- Roy Smith
- 8 years ago
- Views:
Transcription
1 TRUST AND REPUTATION IN PEER-TO-PEER NETWORKS A DISSERTATION SUBMITTED TO THE DEPARTMENT OF COMPUTER SCIENCE AND THE COMMITTEE ON GRADUATE STUDIES OF STANFORD UNIVERSITY IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF DOCTOR OF PHILOSOPHY Sergio Marti May 2005
2 c Copyright by Sergio Marti 2005 All Rights Reserved ii
3 I certify that I have read this dissertation and that, in my opinion, it is fully adequate in scope and quality as a dissertation for the degree of Doctor of Philosophy. Hector Garcia-Molina Principal Adviser I certify that I have read this dissertation and that, in my opinion, it is fully adequate in scope and quality as a dissertation for the degree of Doctor of Philosophy. Mary Baker I certify that I have read this dissertation and that, in my opinion, it is fully adequate in scope and quality as a dissertation for the degree of Doctor of Philosophy. Rajeev Motwani Approved for the University Committee on Graduate Studies. iii
4 iv
5 Abstract The increasing availability of high bandwidth Internet connections and low-cost, commodity computers in people s homes has stimulated the use of resource sharing peerto-peer networks. These systems employ scalable mechanisms that allow anyone to offer content and services to other system users. However, the open accessibility of these systems make them vulnerable to malicious users wishing to poison the system with corrupted data or harmful services and worms. Because of this danger, users must be wary of the quality or validity of the resources they access. To mitigate the adverse behavior of unreliable or malicious peers in a network, researchers have suggested using reputation systems. Yet our understanding of how to incorporate an effective reputation system into an autonomous network is limited. This thesis categorizes and evaluates the components and mechanisms necessary to build robust, effective reputation systems for use in decentralized autonomous networks. Borrowing techniques from game theory and economic analysis, we begin with high-level models in order to understand general trends and properties of reputation systems and their effect on a user s behavior and experience. We then closely examine the effects of limited reputation sharing through simulations based on largescale measurements from actual, operating P2P networks. Finally, we propose new mechanisms for improving message routing throughput in decentralized networks of untrusted peers: one geared towards structured DHTs (SPROUT) and two other complementary mechanisms for mobile ad hoc networks (Watchdog and Pathrater). v
6 Acknowledgements I would like to thank my advisor Hector Garcia-Molina for his unending patience and guidance. I appreciate his great passion for research that is only matched by his strong commitment to his students. I am always amazed that, regardless of his many duties and projects, Hector would make himself available provide feedback and insight on my work. Not only is Hector a wonderful advisor but also a caring friend. I am also deeply grateful for the opportunity to have had Mary Baker as my advisor when I first came to Stanford. Her professionalism and enthusiasm for research inspired me to pursue my Ph.D. Mary s devotion to excellence is exemplified in the work of her students. My experience at Stanford has been joyful and enlightening and I am grateful to the members of both the Mosquitonet and Database groups for their insights, constructive criticism and friendship. I would especially like to thank my co-authors TJ Giuli, Kevin Lai and Prasanna Ganesan. I also appreciate Rajeev Motwani for agreeing to be a member on my reading committee. Finally, I must thank my friends and family for their encouragement and support. In particular, I am grateful to my parents for their love and for instilling in me a deep sense of academic pride. And most of all, to my wife Wendy whose patience and love has kept me going, even when I doubted myself. From proofreading my papers to preparing tasty treats, Wendy is always there for me. vi
7 Contents Abstract v Acknowledgements vi 1 Introduction Research Contributions and Thesis Outline Taxonomy of Trust Taxonomy Overview Terms and Definitions Assumptions and Constraints User Behavior Threat Model Environmental Limitations Gathering Information System Identities Information Sharing Dealing with Strangers Reputation Scoring and Ranking Inputs vii
8 2.4.2 Outputs Peer Selection Taking Action Incentives Punishment Miscellaneous Resource Reputation Social Networks Conclusion Agent Strategies Under Reputation Definitions and Dimensions Game Setup and Rules Knowledge-space Player-space Price-space ebay Scenario Strategy Independent Analysis Single Transaction Payoff Social Optimum Selfish Analysis Zero Knowledge Perfect Knowledge Perfect History Basic Reputation-based Strategies Independent Decisions for MB-1S/VP Independent Decisions for 1B-MS/FP viii
9 3.5 Related Work Future Directions Variably-valuated goods Malicious Sellers Costly Signaling Conclusion Modeling Reputation and Incentives Assumptions and Definitions Utility Time Formal Model Incentive Schemes Currency Scenarios Trust Analysis Trust Over time Utility over Time Simulation Details Simulation Results Base Population NR and MTPP Trust vs Capacity Single-Peer Experiments Variations on the Model Profit Trust Factor Additional Trust Models ix
10 4.6.3 Tying Service to Reputation Generalized Model of Trust and Profit Discussion Credits and Economic Stimulation Related Work Conclusion P2P Reputation System Metrics System Model Authenticity Threat Models Document-based Threat Model Node-based Threat Model Reputation Systems Identity Metrics Efficiency Effectiveness Load Message Traffic Threat-Reputation Distance Simulation Details Results Local Reputation System Voting-System Node-based Threat Model Statistical Analysis of Reputation Systems x
11 5.8 Equations Empirical Estimations Long-Term Reputation System Performance Random base case Select-Best/Weighted ideal case with threshold Weighted ideal case without threshold Select-Best ideal case without threshold Select-Best/Weighted local reputation system with threshold Weighted local system without threshold Select-Best local system Comparison of Statistical Analysis to Simulation Results Related Work Conclusion SPROUT: P2P Routing with Social Networks Trust Model Trust Function Path Rating Social Path Routing Algorithm Optimizations Results Simulation Details Algorithm Evaluation Calculating Trust Number of Friends Comparison to Gnutella-like Networks Latency Comparisons xi
12 6.3.7 Message Load Related and Future Work Conclusion Mitigating MANET Misbehavior Assumptions and Background Definitions Physical Layer Characteristics Dynamic Source Routing (DSR) Watchdog and Pathrater Watchdog Pathrater Methodology Movement and Communication Patterns Misbehaving Nodes Metrics Simulation Results Network Throughput Routing Overhead Effects of False Detection Related Work Future Work Conclusion Conclusion and Future Work 257 A Proof Of Long-Term Reputation Damage 262 A.1 Error Bounds xii
13 A.2 Improved Approximation B Unique Maximum of Segregated Schedule 269 C Optimal Schedule 272 D Math. Deriv. of Econ. Model 274 D.1 Utility Over Time D.2 Generalized Trust Over Time (σ(t, p ) = 1) Bibliography 277 xiii
14 List of Tables 2.1 Breakdown of Reputation System Components Parameter descriptions with sample values General payoff matrix Payoff matrix for fixed $2 priced goods with valuation $3 and cost $ Payoff Matrix for variable priced p goods for default v = $3 and c = $ Payoff Matrix for fixed $2 priced goods with valuation $3, cost $1, and maliciousness factor $ Trust and Profit Parameters and Default Values Simulation Parameters and Default Values Definition of Generalized Model Terms Simulation statistics and metrics Configuration parameters, and default values Distributions and their parameters with default values SPROUT vs. Chord Evaluating lookahead and MHD Maximum and minimum network throughput obtained by any simulation at 40% misbehaving nodes with all features enabled xiv
15 7.2 Maximum and minimum overhead obtained by any simulation at 40% misbehaving nodes with all features enabled Comparison of the number of false positives between the 0 second and 60 second pause time simulations. Average taken from the simulations with all features enabled xv
16 List of Figures 2.1 Representation of primary identity scheme properties Number of transactions until gain from single defection equals loss from lowered reputation k Optimal number of cooperation/defections as a function of total sales Relative utility error between optimal schedule and ±1 C/D Relative utility error between optimal schedule using weak approximation and ±1 C/D Relationship between a peer s profit rate and the number of peers in the network Representation of a reputation system s role in a trading network. Transaction observations update peer reputations maintained in the trust vector. Reputation information is then used by peers in transactions to improve expected utility A peer s trust rating over time Convergence of T as t. Note the logscale x-axis. C B = 0 in both A peer s utility over time. Initial trust T(0) = Higher is better A peer s utility over time. Initial trust T(0) = xvi
17 4.7 Minimum capacity needed for a good peer to (eventually) generate positive profit (using default π gt, k v, and k c ) is approximately (for default parameters) Capacity distribution for base population Trust and utility values for default population after 200 turns Distribution of credits in base population at turn Trust and utility for base population after 1000 turns Trust and utility for NR=400 after 1000 turns Trust and utility for NR=1 after 1000 turns Trust and utility for MTPP=2 after 1000 turns Utility for MTPP=3 after 1000 turns Comparing the analytical and simulation results for the convergence of T as t as a function of C = C G. Note the logscale x-axis Comparing the analytical and simulation results of trust over time for new good peers Comparing the analytical and simulation results of trust over time. MTPP= Comparing utility over time for new good peer. MTPP= Comparing utility over time for new bad peer. MTPP= Effects of varying trust factor σ Comparison of ratio trust model to differential trust model. T (0) = π gt w.r.t T for various functions of T Effects of sample π gt w.r.t varying functions of T Steady-state trust as a function of C B. C = Steady-state profit as a function of C B. C = Effects of varying σ(t, p) xvii
18 5.1 Sample document and matching query Efficiency for varying ρ 0. Lower value is better. 1 is optimal Varying selection threshold values Efficiency comparison Relative message traffic of Friends-First and maximum Friend-Cache utilization w.r.t. cache size Efficiency of voting reputation system w.r.t. varying quorumweight Efficiency of the voting reputation system w.r.t. Friend-Cache size Effects of front nodes on efficiency Efficiency of two reputation systems with the random algorithm as a function of π B Average load on well-behaved nodes as a function of p B Distribution of load on good nodes (and their corresponding number of files shared) Efficiency comparison of local and ideal reputation systems under the node-based threat model Efficiency comparison of reputation systems with uniformly distributed node threat ratings Comparison of the local reputation system with ρ T of 0.0 and 0.15 and the base case over time Comparison of the local reputation system with both Weighted and Select-Best variants and a selection threshold of 0.0 and 0.15 and the base case over time Comparison of the efficiency of the reputation systems over time Expected steady-state system behavior Performance of SPROUT and AC in different size Small World networks.217 xviii
19 6.2 Performance of SPROUT and AC for different trust functions and varying f Performance of SPROUT and AC for varying r Performance as a function of a node s degree. Club Nexus data Performance of SPROUT and AC for different uniform networks with varying degrees Performance of SPROUT and AC versus unstructured flooding Latency measurements for SPROUT vs AC w.r.t. network size. Lower is better Distribution of load (in fraction of routes) for augmented Chord and SPROUT Example of a route request Watchdog in action Node A does not hear B forward packet 1 to C, because B s transmission collides at A with packet 2 from the source S Node A believes that B has forwarded packet 1 on to C, though C never received the packet due to a collision with packet Overall network throughput as a function of the fraction of misbehaving nodes in the network This figure shows routing overhead as a ratio of routing packet transmissions to data packet transmissions. This ratio is plotted against the fraction of misbehaving nodes Comparison of network throughput between the regular Watchdog and a Watchdog that reports no false positives xix
20 xx
21 Chapter 1 Introduction Previously, the ability to both send and receive large amounts of digital content and data was limited to large institutions with the funds and resources to install and manage high-speed networks and fast server machines. However, the increasing availability of high bandwidth Internet connections and low-cost, commodity computers in people s homes allows regular home users to quickly communicate and share data with each other. This spread of computing resources has stimulated the use of resource sharing peer-to-peer (P2P) networks. These systems employ a simple scalable mechanism that allows anyone to offer content and services to other users, as well as search for and request resources from the network. What distinguishes P2P systems from other distributed systems is their focus on full user autonomy. Typically, distributed systems consist of computers managed by a single organization or hierarchy. Devising an efficient architecture that spans many networked machines is much simpler when all machines can be monitored and controlled by a single operator. However, in pure P2P architectures there are no centralized services or control mechanisms dictating the actions of other nodes. Each user decides what computing resources he will contribute, as well as when and for how long. The architecture is 1
22 2 CHAPTER 1. INTRODUCTION designed to handle large numbers of nodes joining and abruptly leaving the network. In addition, these systems emphasize equality and balancing the load across nodes. This flexibility, self-determination and low participation cost encourages a much larger number of participants, which, in turn, greatly increases the number and value of the services provided by the system to all. The most important contribution of peer-to-peer system research is providing an architecture that allows a group of users spread throughout the Internet to cheaply and efficiently connect their commodity computing resources into one massive system, useable by all. The implications for rapid prototyping and deployment of new services by small teams of developers without large amounts of capital are astounding. Already we see P2P systems that handle a plethora of applications, ranging from grid computing to data storage to digital preservation. However, current media attention to peer-to-peer systems is concentrated on the legal issues of copyright infringement that plague popular file-sharing applications. Users have discovered P2P networks to be an efficient and cheap method of transmitting digital content. However, these transmissions are being done without the consent of the legal owners of the content. No legally acceptable solution to content distribution using P2P technology is deployed today. If such a solution existed both content owners/creators and consumers would benefit greatly. To understand the potential impact of P2P systems, we must step back and chronicle the evolution of media distribution. Currently, the cost of setting up and managing traditional media distribution channels is too great for individual content creators to overcome, resulting in a few large monopolistic companies that control all development and distribution of media, such as music, movies and books. These companies decide what media is produced based primarily on what can be marketed for maximum profit, not artistic merit. This filtering severely limits the public s access to new and diverse content and ideas.
23 3 The evolution of the World Wide Web has greatly helped independent artists and authors to reach a larger segment of the population. Artists can now distribute or sell their work in digital form from their websites, circumventing the packaging, transportation, and retail costs of CDs, DVDs and books. The Web has also enabled the sale of all kinds of material goods by ordinary people on a global scale. The best example of this is the auction site ebay [42], which allows any individual to advertise and auction items to people all over the world. Not only has the Web created new distribution channels for digital content, but it provides a cheap solution for global advertising of physical items. Although the Web has lowered the cost of distribution and marketing, it does impose costs that are still too great for many users. Websites that distribute songs or movies will require large amounts of bandwidth to serve all their customers, and bandwidth costs money. Running a commercial website with the necessary computing resources to handle sales and distribution for a vast number of customers is still beyond the capacity of most individuals. This need for technical capital has resulted in the emergence of large companies that specialize in digital content distribution. These new electronic distribution middlemen, such as ebay and Apple s itunes [8], are once again in a position of power over the content creators. They decide what is sold and what they charge for access to their service. Many ebay merchants are unhappy with the fees they must pay ebay to use its services. Every increase in fees results in sellers leaving ebay as they lose the already slim profit margins they maintained [86]. A new distribution revolution is needed. This revolution is coming in the form of P2P networks. When content can be transferred between customers without involving a single centralized server, the computational and bandwidth burdens on the content creator or owner are removed. The cost of distribution would be much lower for the content owner and the distribution channels could no longer be monopolized by a small group of middlemen. The result
24 4 CHAPTER 1. INTRODUCTION would mean lower prices for consumers and increased profits for the producers. Merchants who have left ebay (or never used it) due to the increasing fees may welcome a pure P2P-commerce solution where no fees are collected and all sellers participate equally. Unfortunately, both producers and consumers are reticent about using P2P networks for distribution. P2P technology is not sufficiently mature to support a secure and safe method for purchasing content through these systems. The primary hurdles are: providing an efficient, secure mechanism for purchasing content, a universally accepted method for verifying content authenticity and ownership, and ways to prevent or mitigate attacks on the system by malicious users. These attacks include: defrauding customers and stealing their money, intentionally modifying content to damage the owner and/or creator of the content, and using content distribution to infect computers with worms or viruses. Because of the lack of a secure payment system that prevents or punishes malicious attackers, P2P technology is not yet a viable distribution medium. These worries have appeared before whenever a new distribution channel emerged, most recently with e-commerce over the World Wide Web. Each time, methods and practices were developed to combat malicious activity and instill confidence in consumers and sellers alike. These mechanisms have proven successful. In 2004 Americans spent approximately $115 billion on online purchases, up over 25% from the previous year [66, 130, 134]. EBay alone, posted 2004 revenues of $3.3 billion [135]. The success of ebay is of special relevance because ebay is a hybrid peer-to-peer system. Although certain functions such as indexing and auction management are operated by a centralized server, distribution of goods and payment is handled directly between the buyers and sellers.
25 1.1. RESEARCH CONTRIBUTIONS AND THESIS OUTLINE 5 Now researchers are working fervently to develop the secure payment, digital rights management, auditing and enforcement mechanisms peer-to-peer systems need in order to allow users to confidently purchase and distribute all kinds of content. A major component in detecting and mitigating malicious attacks will be the reputation system. Online trading and auction systems, such as ebay, employ reputation systems as a means of distinguishing well-behaved productive users from the selfish or malicious peers. Reputation systems provide users with a summarized (perhaps imperfect) history of another peer s transactions. Users use this information to decide to what extent they should trust an unknown peer before they themselves have interacted with him/her. Scholars and researchers have adopted reputation systems as a useful mechanism for detecting, containing and discouraging misbehavior in P2P networks. Unfortunately, the lack of a centralized trusted entity capable of monitoring user behavior and enforcing rules, complicates the design of mechanisms for detecting and preventing malicious behavior in autonomous environments. However, it is this challenge that most inspires the work presented in this thesis, as well as the research field of security for peer-to-peer systems. Secure solutions will encourage more users to engage in larger-valued transactions through the flexible and efficient commercial medium of P2P systems. This growth will drive the burgeoning economy of digital goods and services. Reputation systems are necessary in order to revolutionize content and information distribution just as much, if not more, than the World Wide Web, as the cost of distribution is lowered once again. 1.1 Research Contributions and Thesis Outline This thesis presents a top-down exploration of designing reputation systems for autonomous, decentralized computer systems. After an introductory decomposition and
26 6 CHAPTER 1. INTRODUCTION survey of the research field, we present high-level models of the relationship between reputation and user behavior in typical trading systems. We then focus on P2P networks, using detailed simulations to investigate characteristics of basic system design decisions. Finally, we present two novel applications of trust and reputation for routing security in different autonomous networks. The following thesis outline describes the content of each chapter and touches on the major findings or research contributions discussed therein. Chapter 2 lays out an overview of the area of reputation system research geared towards peer-to-peer networks. We decompose peer-to-peer reputation systems into separate components. Each component must provide certain properties or capabilities in order for the whole system to function. Designing mechanisms that achieve these properties in an autonomous transient network, yields the most interesting research problems. In addition to defining terms used throughout the thesis, this chapter discusses in detail related work in this vast field of research. Further chapters briefly describe related research that is more closely tied to results presented in the chapter. The next two chapters study reputation in general systems where resources or commodity goods are exchanged. Although the examples used for illustration focus on online trade, the resulting conclusions are applicable to many economic systems. Chapters 3 and 4 present theoretical models for how reputation affects user behavior and utility, each applying a different approach at different granularity. These models provide a framework for evaluating reputation algorithms using economic metrics, which we then use to analyze high-level implementation issues. Based on these studies, we propose guidelines for reputation system designers. Chapter 3 applies elementary game theory to explore agent strategies on a microeconomic scale. Chapter 4 expands these ideas to a macroeconomic mathematical model for expected user performance in a large-scale online trading system. Our mathematical model is then compared to simulation results.
27 1.1. RESEARCH CONTRIBUTIONS AND THESIS OUTLINE 7 In Chapter 5, we look closely at using limited reputation sharing in unstructured peer-to-peer resource-sharing networks. We propose several performance metrics (such as message traffic, load and efficiency) that allow us to evaluate and compare reputation systems. Through detailed simulations of multiple variations on the basic reputation system, we quantify the effects of certain system properties and design choices. Our study demonstrates that even a small amount of reputation information collecting and sharing can vastly improve a peer s ability to locate and fetch valid resources, even when faced with large-scale whitewashing and collusion by malicious peers. In addition, certain methods for calculating reputation and ranking peers may perform equally well in terms of detecting and avoiding malicious peers, but have vastly differing effects on load balancing. The following two chapters each present specific protocols/mechanisms that exploit reputation information in order to improve message routing performance in two types of networks that vary both in their physical medium and their structure. Chapter 6 proposes the SPROUT protocol for incorporating existing social network information and services into a structured P2P network in order to improve the reliability of message transmission. Using our model of social trust we show that SPROUT can improve expected message delivery by 50%. Chapter 7 concentrates on the issue of trust in ad hoc wireless routing. The Watchdog mechanism uses the inherent broadcast nature of wireless transmission to detect when packets are not being forwarded correctly by eavesdropping on next-hop transmission. The reputation of nodes along a path is incremented or decremented based on the message throughput. These reputations are used when selecting new paths as nodes move around. Simulations show Watchdog improves routing throughput by up to 27% under high mobility when 40% of the nodes fail to route correctly. Finally, we give our concluding comments in Chapter 8.
28 Chapter 2 Taxonomy of Trust: Categorizing P2P Reputation Systems The development of any complex computer architecture can be a challenge. This is especially true of a complex distributed algorithm that is run by autonomous untrusted agents, yet is expected to be relatively reliable, efficient, and secure. Such is the task of designing a complete reputation system for use in peer-to-peer networks. To accomplish the task, it is necessary to break down the problem into separate simpler problems of constructing a mechanism that provides a specific set of functions or properties, allowing developers to divide and conquer the problem of reputation system design. Our primary goal in this chapter is to provide a useful taxonomy of the field of peer-to-peer reputation design. To accomplish this goal, we identify the three basic components of a reputation system, break them down into the necessary separate mechanisms, and categorize properties we feel the mechanisms need to provide in order for the reputation system to fulfill its function. For each mechanism we list possible design choices proposed by the research community. In the process, we give examples of research in the area of trust and reputation. A 8
29 9 Table 2.1: Breakdown of Reputation System Components Reputation Systems Information Gathering Scoring and Ranking Response Identity Scheme Good vs. Bad Behavior Incentives Info. Sources Quantity vs. Quality Punishment Info. Aggregation Stranger Policy Time-dependence Selection Threshold Peer Selection variety of research papers and implementations are referenced to illustrate ideas and provide the reader avenues for further investigation. We often draw on work done by the Peers research group [1] at Stanford University and do not pretend to produce a complete survey of the research area. We feel this overview will be of particular interest to those who are unfamiliar with the breadth of issues relating to reputation system design for peer-to-peer networks. Taxonomies related to trust and reputation systems (either in part or as a whole) have been proposed by others (e.g Daswani [33] and O Hara et al. [101]) and will be discussed in the text when appropriate Taxonomy Overview The following section defines terms we use throughout the thesis. We begin our taxonomy by classifying the common assumptions and constraints that guide reputation system design in Section 2.2. These assumptions include expected user behavior, as well as the goals of adversaries in the system and their capabilities. How effectively a reputation system can deal with adversaries may be constrained by the the technical limitations imposed on the implementation by the target system environment. These issues determine the necessary properties and powers of the reputation system. Next, we break down the functionality of a reputation system into the three components shown in Table 2.1. In general, a reputation system assists agents in choosing
30 10 CHAPTER 2. TAXONOMY OF TRUST a reliable peer (if possible) to transact with when one or more have offered the agent a service or resource. To provide this function, a reputation system collects information on the transactional behavior of each peer (information gathering), scores and ranks the peers based on expected reliability (scoring and ranking), and allows the system to take action against malicious peers while rewarding contributors (response). Each component requires separate system mechanisms (listed in Table 2.1). For each mechanism we study the possible desired properties and then discuss the implementation limitations and trade-offs that may prevent some of the properties from being met. In the discussion we will reference existing solutions or research to illustrate how different mechanism designs achieve certain properties within the given system constraints. The three functionalities, gathering, scoring and response are covered in turn in Sections 2.3, 2.4 and Terms and Definitions Before discussing the various taxonomies we would like to define certain terms we will be using throughout the thesis: Peer A single active entity in any system or network of autonomous entities. In general, a peer in a system is associated with a specific user and his/her representation in a network. However, in some systems it is possible for a single human user to control multiple network entities with different identities (as used in Sybil attacks [38]). Also, a user s computer may be compromised by a worm or trojan horse and consequently the computer may behave differently in the network than the user intended. The user may even be unaware the computer is misbehaving. Therefore, we distinguish between a user and user s representation(s) or node(s) in the network. At times, we will use the term node, agent
31 2.1. TERMS AND DEFINITIONS 11 or even user (when not considering compromised clients) synonymously with peer. For instance, in Chapter 3 we use the term agent out of the tradition of the field of game theory. Transactions Peer-to-peer systems are defined by interactions between autonomous agents or peers. These interactions may include swapping files, storing data, answering queries, or remote CPU usage. In addition, money may be exchanged when purchasing the desired resource. We refer to all interactions in general as transactions between two parties. Cooperate/Defect When well-behaved peers carry out transactions correctly, we say they cooperate. Bad peers, however, may at times attempt to cheat or defraud another peer, in which case they defect on the transaction. We will use these terms (when applicable) when discussing general system/peer behavior. Structured vs Unstructured P2P network architectures tend to be categorized as either structured or unstructured, depending on how the overlay topology is formed. Structured networks use a specific protocol to assign network IDs and establish links to new peers and are exemplified by the class of systems called Distributed Hash Tables (DHTs) (e.g. [127, 113, 118]). In purely unstructured topologies new users connect randomly to other peers. A hybrid approach is to assign certain peers as supernodes (or ultrapeers) that form an unstructured network and all peers connect to supernodes. Such organization is used in most popular file-sharing systems (e.g. [56, 74]). However, for simplicity, we will classify supernode networks as unstructured networks [139]. Strangers Peers that appear to be new to the system. They have not interacted with other peers and therefore no trust information is available. Adversary A general term we use to apply to agents that wish to harm other peers
32 12 CHAPTER 2. TAXONOMY OF TRUST or the system, or act in ways contrary to acceptable behavior. This may include accessing restricted information, corrupting data, maliciously attacking other nodes in the network, or attempting to take down the system services. 2.2 Assumptions and Constraints The driving force behind reputation system design is providing a service that severely mitigates misbehavior while imposing a minimal cost on the well-behaved users. To that end, it is important to understand the requirements imposed on system design by each of the following: the behavior and expectations of typical good users, the goals and attacks of adversaries, and the technical limitations resulting from the environment where the system is deployed. We discuss each of these here. The choices made here will impact the necessary mechanism properties discussed in Sections 2.3, 2.4, and User Behavior A system designer must build a system that is accessible to its intended users, provides the level of functionality they require and does not hinder or burden them to the point of driving them away. Therefore, it is important to anticipate any allowable user behavior and meet their needs, regardless of added system complexity. Examples of user behavior and requirements that affect distributed mechanism design include: Node churn The rate at which peers enter and leave the network, as well as how gracefully they disconnect, affects many areas from network routing to content availability. Higher levels of churn require increased data replication, redundant routing paths, and topology repair protocols [60]. The node lifetime in the system determines how much information can be collected for purpose of
33 2.2. ASSUMPTIONS AND CONSTRAINTS 13 computing its reputation, as well as how long that information is useful. Reliability For most applications, users require certain guarantees on the reliability or availability of system services. For example, a distributed data storage application would want to guarantee that data stored by a user will always be available to the user with high probability and that it will persist in the network (even if temporarily offline) with a much higher probability [81]. The situation is more difficult in peer-to-peer networks where adversaries are actively attempting to corrupt the content peers provide. Group auditing techniques may help detect or prevent data loss [87]. Privacy Along with reliability, users that store data in an untrusted distributed system would also want to protect the content from being accessed by unauthorized users. One solution is to encrypt all data before storing [81]. However, in some applications access to unencrypted data is necessary for processing. Separating sensitive data from subject identities, or using legally binding strict privacy policies may be sufficient [115, 6, 7]. Anonymity As a specific application of privacy, users may only be willing to participate if a certain amount of anonymity is guaranteed. This may vary from no anonymity requirements, to hiding real-world identity behind a pseudonym, to requiring that an agent s actions be completely disconnected from both his real-world identity and his other actions. Obviously, a reputation system would be infeasible under the last requirement Threat Model The two primary types of adversaries in peer-to-peer networks are selfish peers and malicious peers. They are distinguished primarily by their goals in the system. Selfish peers wish to use system services while contributing minimal or no resources
34 14 CHAPTER 2. TAXONOMY OF TRUST themselves. A well-known example of selfish peers are freeriders [5] in file-sharing networks, such as Kazaa and Gnutella. To minimize their cost in bandwidth and CPU utilization freeriders refuse to share files in the network. The goal of malicious peers, on the other hand, is to cause harm to either specific targeted members of the network or the system as a whole. To accomplish this goal, they are willing to spend any amount of resources (though we can consider malicious peers with constrained resources a subclass of malicious peers). Examples include distributing corrupted audio files on music-sharing networks to discourage piracy [98] or disseminating virus-infected files for notoriety [12]. Reputation system designers usually target a certain type of adversary. For instance, incentive schemes that encourage cooperation may work well against selfish peers but be ineffective against malicious peers. The number or fraction of peers that are adversaries also impact design. Byzantine protocols, for example, assume less than a third of the peers are misbehaving [21]. The work presented in this thesis tackles both selfish and malicious peers, although some sections may focus on a single type of adversary. Adversarial Powers Next, a designer must decide what techniques he expects the adversaries to employ against the system and build in mechanisms to combat those techniques. The following list briefly describes the more general techniques available to adversaries. Traitors Some malicious peers may behave properly for a period of time in order to build up a strongly positive reputation, then begin defecting. This technique is effective when increased reputation gives a peer additional privileges, thus allowing malicious peers to do extra damage to the system when they defect. An example of traitors are ebay merchants that participate in many small transactions in order to build up a high positive reputation, and then defraud
35 2.2. ASSUMPTIONS AND CONSTRAINTS 15 one or more buyers on a high-priced item. Traitors may also be the computers of well-behaved users that have been compromised through a virus or trojan horse. These machines will act to further the goals of the malicious user that subverted them. Collusion In many situations multiple malicious peers acting together can cause more damage than each acting independently. This is especially true in peerto-peer reputation systems, where covert affiliations are untraceable and the opinions of unknown peers impacts ones decisions. Most research devoted to defeating collusion assume that if a group of peers collude they act as a single unit, each peer being fully aware of the information and intent of every other colluding peer [87]. Front peers Also referred to as moles [45], these malicious colluding peers always cooperate with others in order to increase their reputation. They then provide misinformation to promote actively malicious peers. This form of attack is particularly difficult to prevent in an environment where there are no pre-existing trust relationships and peers have only the word and actions of others in guiding their interactions [93] (see Sec ). Whitewashers Peers that purposefully leave and rejoin the system with a new identity in an attempt to shed any bad reputation they have accumulated under their previous identity [83]. Whitewashers are discussed in depth in later sections and chapters (see Sec and Chp. 5). Denial of Service (DoS) Whether conducted at the application layer or network layer, Denial of Service attacks usually involve the adversary bringing to bear large amounts of resources to completely disrupt service usage. Using Internet worms however, malicious users are able to minimize their own personal
36 16 CHAPTER 2. TAXONOMY OF TRUST resource usage while amplifying the damage done through Distributed DoS attacks. Much work has been done on detecting, managing, and preventing DoS attacks. P2P-specific applications include [34, 35, 55] in unstructured networks and [21] in DHT networks. Not only would we like reputation systems to detect DoS attackers, but such attacks could be used against the reputation mechanism itself. As we discuss different mechanisms, we will reference these tactics and explain how certain system properties can help against them. Most of the existing research does not claim to handle malicious peers that bring to bear all these attacks at once. In fact, much of the work focuses solely on independent selfish peers. While Chapter 3 deals solely with the simplest case of selfish peers, the following chapters (and particularly Chapter 5) study at depth the issues surrounding malicious peers that use all these adversarial techniques Environmental Limitations The primary division among system component architectures is centralized versus decentralized. Implementing certain functionality at a single trusted entity can simplify mechanism design and provide a more efficient system. As we will see, some component properties can only be attained using the management and auditing capabilities afforded by a single point of trust. Of course centralization also has several drawbacks. It may be infeasible to have a single entity all agents trust. A centralized server becomes a single point of failure as well as a bottleneck. Providing performance and robustness requires the controlling entity to unilaterally invest large sums of money. It also makes for a single point of attack by adversaries, either by infiltration, subversion, or DoS attacks. Between purely centralized and purely decentralized is a spectrum of hybrid architectures. For simplicity, we will refer to proposed mechanisms as centralized if they
37 2.3. GATHERING INFORMATION 17 require one (or a small number) entity that is trusted by all users to handle some service for the entire system, even if they do not need to be always available, only intermittently. Otherwise, the mechanism is decentralized. 2.3 Gathering Information The first component of a reputation system is responsible for collecting information on the behavior of peers, which will be used to determine how trustworthy they are (either on an absolute scale or relative to the other peers) System Identities Associating a history of behavior with a particular agent requires a sufficiently persistent identifier. Therefore, our first concern is the type of identities employed by the peers in the system. There are several properties an identity scheme may have, not all of which can be met with a single design. In fact, some properties are in direct conflict of each other. The properties we focus on are: Anonymity As previously mentioned in Section 2.2.1, the level of anonymity offered by an identity scheme can vary from using real-world identities to preventing any correlation of actions as being from the same agent. Most peer-to-peer networks, such as Kazaa [74], use simple, user-generated pseudonyms. Since peers connect directly to one another, their IP addresses are public, providing the closest association between the agent s actions and their real-world identity. To hide their IP addresses users can employ redirection schemes, such as Onion routing [128]. A P2P-specific solution using anonymizing tunnels is Tarzan [47]. Frequently changing pseudonyms and routing tunnels disassociates the user s actions from each other.
CHAPTER 1 INTRODUCTION
21 CHAPTER 1 INTRODUCTION 1.1 PREAMBLE Wireless ad-hoc network is an autonomous system of wireless nodes connected by wireless links. Wireless ad-hoc network provides a communication over the shared wireless
More informationLIST OF FIGURES. Figure No. Caption Page No.
LIST OF FIGURES Figure No. Caption Page No. Figure 1.1 A Cellular Network.. 2 Figure 1.2 A Mobile Ad hoc Network... 2 Figure 1.3 Classifications of Threats. 10 Figure 1.4 Classification of Different QoS
More informationA Reputation Management System in Structured Peer-to-Peer Networks
A Reputation Management System in Structured Peer-to-Peer Networks So Young Lee, O-Hoon Kwon, Jong Kim and Sung Je Hong Dept. of Computer Science & Engineering, Pohang University of Science and Technology
More informationVulnerabilities of Intrusion Detection Systems in Mobile Ad-hoc Networks - The routing problem
Vulnerabilities of Intrusion Detection Systems in Mobile Ad-hoc Networks - The routing problem Ernesto Jiménez Caballero Helsinki University of Technology erjica@gmail.com Abstract intrusion detection
More informationAshok Kumar Gonela MTech Department of CSE Miracle Educational Group Of Institutions Bhogapuram.
Protection of Vulnerable Virtual machines from being compromised as zombies during DDoS attacks using a multi-phase distributed vulnerability detection & counter-attack framework Ashok Kumar Gonela MTech
More informationSECURITY ASPECTS IN MOBILE AD HOC NETWORK (MANETS)
SECURITY ASPECTS IN MOBILE AD HOC NETWORK (MANETS) Neha Maurya, ASM S IBMR ABSTRACT: Mobile Ad hoc networks (MANETs) are a new paradigm of wireless network, offering unrestricted mobility without any underlying
More informationMulticast vs. P2P for content distribution
Multicast vs. P2P for content distribution Abstract Many different service architectures, ranging from centralized client-server to fully distributed are available in today s world for Content Distribution
More informationIntrusion Detection for Mobile Ad Hoc Networks
Intrusion Detection for Mobile Ad Hoc Networks Tom Chen SMU, Dept of Electrical Engineering tchen@engr.smu.edu http://www.engr.smu.edu/~tchen TC/Rockwell/5-20-04 SMU Engineering p. 1 Outline Security problems
More informationThe Role and uses of Peer-to-Peer in file-sharing. Computer Communication & Distributed Systems EDA 390
The Role and uses of Peer-to-Peer in file-sharing Computer Communication & Distributed Systems EDA 390 Jenny Bengtsson Prarthanaa Khokar jenben@dtek.chalmers.se prarthan@dtek.chalmers.se Gothenburg, May
More informationONLINE REPUTATION SYSTEMS
ONLINE REPUTATION SYSTEMS YUYE WANG 1 CPSC 557: Sensitive Information in a Wired World Professor: Joan Feigenbaum Date: 12 Nov, 2013 Identity Reput ation Trust 2 TRUST SYSTEM Trust system, guide people
More informationSuper-Agent Based Reputation Management with a Practical Reward Mechanism in Decentralized Systems
Super-Agent Based Reputation Management with a Practical Reward Mechanism in Decentralized Systems Yao Wang, Jie Zhang, and Julita Vassileva Department of Computer Science, University of Saskatchewan,
More informationTrust and Reputation Management
Trust and Reputation Management Omer Rana School of Computer Science and Welsh escience Centre, Cardiff University, UK Omer Rana (CS, Cardiff, UK) CM0356/CMT606 1 / 28 Outline 1 Context Defining Trust
More information8 Conclusion and Future Work
8 Conclusion and Future Work This chapter concludes this thesis and provides an outlook on future work in the area of mobile ad hoc networks and peer-to-peer overlay networks 8.1 Conclusion Due to the
More informationCosts and Benefits of Reputation Management Systems
Costs and Benefits of Reputation Management Systems Roberto G. Cascella University of Trento Dipartimento di Ingegneria e Scienza dell Informazione Via Sommarive 14, I-381 Povo (TN), Italy cascella@disi.unitn.it
More informationA Reputation Management and Selection Advisor Schemes for Peer-to-Peer Systems
A Reputation Management and Selection Advisor Schemes for Peer-to-Peer Systems Loubna Mekouar, Youssef Iraqi, and Raouf Boutaba University of Waterloo, Waterloo, Canada {lmekouar, iraqi, rboutaba}@bbcr.uwaterloo.ca
More informationSANE: A Protection Architecture For Enterprise Networks
Fakultät IV Elektrotechnik und Informatik Intelligent Networks and Management of Distributed Systems Research Group Prof. Anja Feldmann, Ph.D. SANE: A Protection Architecture For Enterprise Networks WS
More informationPeer-to-peer Cooperative Backup System
Peer-to-peer Cooperative Backup System Sameh Elnikety Mark Lillibridge Mike Burrows Rice University Compaq SRC Microsoft Research Abstract This paper presents the design and implementation of a novel backup
More informationSecurity for Ad Hoc Networks. Hang Zhao
Security for Ad Hoc Networks Hang Zhao 1 Ad Hoc Networks Ad hoc -- a Latin phrase which means "for this [purpose]". An autonomous system of mobile hosts connected by wireless links, often called Mobile
More informationSimulating a File-Sharing P2P Network
Simulating a File-Sharing P2P Network Mario T. Schlosser, Tyson E. Condie, and Sepandar D. Kamvar Department of Computer Science Stanford University, Stanford, CA 94305, USA Abstract. Assessing the performance
More informationAdapting Distributed Hash Tables for Mobile Ad Hoc Networks
University of Tübingen Chair for Computer Networks and Internet Adapting Distributed Hash Tables for Mobile Ad Hoc Networks Tobias Heer, Stefan Götz, Simon Rieche, Klaus Wehrle Protocol Engineering and
More informationA Dynamic Reputation Management System for Mobile Ad Hoc Networks
A Dynamic Reputation Management System for Mobile Ad Hoc Networks Eric Chiejina School of Computer Science University of Hertfordshire Hatfield, UK e.chiejina@herts.ac.uk Hannan Xiao School of Computer
More informationDoS: Attack and Defense
DoS: Attack and Defense Vincent Tai Sayantan Sengupta COEN 233 Term Project Prof. M. Wang 1 Table of Contents 1. Introduction 4 1.1. Objective 1.2. Problem 1.3. Relation to the class 1.4. Other approaches
More informationNODES COOPERATION TRUST METHOD OVER AD HOC NETWORK. A Thesis by. Qi Jiang. Bachelor of Engineering, Jiangxi University of Science and Technology, 2005
NODES COOPERATION TRUST METHOD OVER AD HOC NETWORK A Thesis by Qi Jiang Bachelor of Engineering, Jiangxi University of Science and Technology, 2005 Submitted to the Department of Electrical Engineering
More informationCHAPTER 6. VOICE COMMUNICATION OVER HYBRID MANETs
CHAPTER 6 VOICE COMMUNICATION OVER HYBRID MANETs Multimedia real-time session services such as voice and videoconferencing with Quality of Service support is challenging task on Mobile Ad hoc Network (MANETs).
More informationSY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.
system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped
More informationDenial of Service Resilience in Peer to Peer. D. Dumitriu, E. Knightly, A. Kuzmanovic, I. Stoica, W. Zwaenepoel Presented by: Ahmet Canik
Denial of Service Resilience in Peer to Peer File Sharing Systems D. Dumitriu, E. Knightly, A. Kuzmanovic, I. Stoica, W. Zwaenepoel Presented by: Ahmet Canik Outline 1. Background on P2P systems 2. File
More informationA very short history of networking
A New vision for network architecture David Clark M.I.T. Laboratory for Computer Science September, 2002 V3.0 Abstract This is a proposal for a long-term program in network research, consistent with the
More informationComparison of Various Passive Distributed Denial of Service Attack in Mobile Adhoc Networks
Comparison of Various Passive Distributed Denial of Service in Mobile Adhoc Networks YOGESH CHABA #, YUDHVIR SINGH, PRABHA RANI Department of Computer Science & Engineering GJ University of Science & Technology,
More informationCROSS LAYER BASED MULTIPATH ROUTING FOR LOAD BALANCING
CHAPTER 6 CROSS LAYER BASED MULTIPATH ROUTING FOR LOAD BALANCING 6.1 INTRODUCTION The technical challenges in WMNs are load balancing, optimal routing, fairness, network auto-configuration and mobility
More informationPEER-TO-PEER NETWORK
PEER-TO-PEER NETWORK February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationSECURE DATA TRANSMISSION USING INDISCRIMINATE DATA PATHS FOR STAGNANT DESTINATION IN MANET
SECURE DATA TRANSMISSION USING INDISCRIMINATE DATA PATHS FOR STAGNANT DESTINATION IN MANET MR. ARVIND P. PANDE 1, PROF. UTTAM A. PATIL 2, PROF. B.S PATIL 3 Dept. Of Electronics Textile and Engineering
More informationAttacks Against Peer-to-peer Networks and Countermeasures
Attacks Against Peer-to-peer Networks and Countermeasures Lin Wang Helsinki University of Technology lwang@cc.hut.fi Abstract Peer-to-peer (P2P) networks have many distinct aspects that are different from
More informationPeer-to-Peer Networks. Chapter 6: P2P Content Distribution
Peer-to-Peer Networks Chapter 6: P2P Content Distribution Chapter Outline Content distribution overview Why P2P content distribution? Network coding Peer-to-peer multicast Kangasharju: Peer-to-Peer Networks
More informationThe Advantages of a Firewall Over an Interafer
FIREWALLS VIEWPOINT 02/2006 31 MARCH 2006 This paper was previously published by the National Infrastructure Security Co-ordination Centre (NISCC) a predecessor organisation to the Centre for the Protection
More informationPrediction of DDoS Attack Scheme
Chapter 5 Prediction of DDoS Attack Scheme Distributed denial of service attack can be launched by malicious nodes participating in the attack, exploit the lack of entry point in a wireless network, and
More informationReputation Management in P2P Networks: The EigenTrust Algorithm
Reputation Management in P2P Networks: The EigenTrust Algorithm by Adrian Alexa supervised by Anja Theobald 1 Introduction Peer-to-Peer networks is a fast developing branch of Computer Science and many
More informationDeploying Firewalls Throughout Your Organization
Deploying Firewalls Throughout Your Organization Avoiding break-ins requires firewall filtering at multiple external and internal network perimeters. Firewalls have long provided the first line of defense
More informationAbout the Authors Preface Acknowledgements List of Acronyms
Contents About the Authors Preface Acknowledgements List of Acronyms xiii xv xvii xix Part One Wireless Ad Hoc, Sensor and Mesh Networking 1 1 Introduction 3 1.1 Information Security 4 1.1.1 Computer Security
More informationWhy an Intelligent WAN Solution is Essential for Mission Critical Networks
Why an Intelligent WAN Solution is Essential for Mission Critical Networks White Paper Series WP100135 Charles Tucker Director of Marketing June 1, 2006 Abstract: Reliable Internet connectivity is now
More informationImplementation of P2P Reputation Management Using Distributed Identities and Decentralized Recommendation Chains
Implementation of P2P Reputation Management Using Distributed Identities and Decentralized Recommendation Chains P.Satheesh Associate professor Dept of Computer Science and Engineering MVGR college of
More informationTrust based Peer-to-Peer System for Secure Data Transmission ABSTRACT:
Trust based Peer-to-Peer System for Secure Data Transmission ABSTRACT: Open nature of peer-to-peer systems exposes them to malicious activity. Building trust relationships among peers can mitigate attacks
More informationFrom Network Security To Content Filtering
Computer Fraud & Security, May 2007 page 1/10 From Network Security To Content Filtering Network security has evolved dramatically in the last few years not only for what concerns the tools at our disposals
More informationTowards Trusted Semantic Service Computing
Towards Trusted Semantic Service Computing Michel Deriaz University of Geneva, Switzerland Abstract. This paper describes a new prototype of a semantic Service Oriented Architecture (SOA) called Spec Services.
More informationInternet Anonymity and the Design Process - A Practical Approach
anon.next: A Framework for Privacy in the Next Generation Internet Matthew Wright Department of Computer Science and Engineering, The University of Texas at Arlington, Arlington, TX, USA, mwright@uta.edu,
More informationAn Implementation of Secure Wireless Network for Avoiding Black hole Attack
An Implementation of Secure Wireless Network for Avoiding Black hole Attack Neelima Gupta Research Scholar, Department of Computer Science and Engineering Jagadguru Dattaray College of Technology Indore,
More informationSecurity in Structured P2P Systems
P2P Systems, Security and Overlays Presented by Vishal thanks to Dan Rubenstein Columbia University 1 Security in Structured P2P Systems Structured Systems assume all nodes behave Position themselves in
More informationConsiderations In Developing Firewall Selection Criteria. Adeptech Systems, Inc.
Considerations In Developing Firewall Selection Criteria Adeptech Systems, Inc. Table of Contents Introduction... 1 Firewall s Function...1 Firewall Selection Considerations... 1 Firewall Types... 2 Packet
More informationPAVING THE PATH TO THE ELIMINATION OF THE TRADITIONAL DMZ
PAVING THE PATH TO THE ELIMINATION A RSACCESS WHITE PAPER 1 The Traditional Role of DMZ 2 The Challenges of today s DMZ deployments 2.1 Ensuring the Security of Application and Data Located in the DMZ
More informationCHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS
137 CHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS 8.1 CONCLUSION In this thesis, efficient schemes have been designed and analyzed to control congestion and distribute the load in the routing process of
More informationWireless Sensor Networks Chapter 14: Security in WSNs
Wireless Sensor Networks Chapter 14: Security in WSNs António Grilo Courtesy: see reading list Goals of this chapter To give an understanding of the security vulnerabilities of Wireless Sensor Networks
More informationSolutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance
White Paper Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance Troy Herrera Sr. Field Solutions Manager Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA
More informationCS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module
CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human
More informationComplete Protection against Evolving DDoS Threats
Complete Protection against Evolving DDoS Threats AhnLab, Inc. Table of Contents Introduction... 2 The Evolution of DDoS Attacks... 2 Typical Protection against DDoS Attacks... 3 Firewalls... 3 Intrusion
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationDDOS WALL: AN INTERNET SERVICE PROVIDER PROTECTOR
Journal homepage: www.mjret.in DDOS WALL: AN INTERNET SERVICE PROVIDER PROTECTOR Maharudra V. Phalke, Atul D. Khude,Ganesh T. Bodkhe, Sudam A. Chole Information Technology, PVPIT Bhavdhan Pune,India maharudra90@gmail.com,
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationA NOVEL OVERLAY IDS FOR WIRELESS SENSOR NETWORKS
A NOVEL OVERLAY IDS FOR WIRELESS SENSOR NETWORKS Sumanta Saha, Md. Safiqul Islam, Md. Sakhawat Hossen School of Information and Communication Technology The Royal Institute of Technology (KTH) Stockholm,
More informationWireless Sensor Network Security. Seth A. Hellbusch CMPE 257
Wireless Sensor Network Security Seth A. Hellbusch CMPE 257 Wireless Sensor Networks (WSN) 2 The main characteristics of a WSN include: Power consumption constrains for nodes using batteries or energy
More informationTechnology White Paper Capacity Constrained Smart Grid Design
Capacity Constrained Smart Grid Design Smart Devices Smart Networks Smart Planning EDX Wireless Tel: +1-541-345-0019 I Fax: +1-541-345-8145 I info@edx.com I www.edx.com Mark Chapman and Greg Leon EDX Wireless
More informationA Model for Access Control Management in Distributed Networks
A Model for Access Control Management in Distributed Networks Master of Science Thesis Azadeh Bararsani Supervisor/Examiner: Dr. Johan Montelius Royal Institute of Technology (KTH), Stockholm, Sweden,
More informationPeer-to-Peer Systems: "A Shared Social Network"
Peer-to-Peer Systems: "A Shared Social Network" Nguyen Hoang Anh Helsinki University of Technology hanguyen@cc.hut.fi Abstract In the last few years, the success of the Napster online music sharing program
More informationIII. Our Proposal ASOP ROUTING ALGORITHM. A.Position Management
Secured On-Demand Position Based Private Routing Protocol for Ad-Hoc Networks Ramya.R, Shobana.K, Thangam.V.S ramya_88@yahoo.com, k shobsi@yahoo.co.in,thangam_85@yahoo.com Department of Computer Science,
More informationF5 and Oracle Database Solution Guide. Solutions to optimize the network for database operations, replication, scalability, and security
F5 and Oracle Database Solution Guide Solutions to optimize the network for database operations, replication, scalability, and security Features >> Improved operations and agility >> Global scaling Use
More informationNetwork Security Landscape
Cole p01.tex V3-07/28/2009 3:46pm Page 1 Network Security Landscape COPYRIGHTED MATERIAL IN THIS PART Chapter 1 State of Network Security Chapter 2 New Approaches to Cyber Security Chapter 3 Interfacing
More informationWhite paper. TrusGuard DPX: Complete Protection against Evolving DDoS Threats. AhnLab, Inc.
TrusGuard DPX: Complete Protection against Evolving DDoS Threats AhnLab, Inc. Table of Contents Introduction... 2 The Evolution of DDoS Attacks... 2 Typical Protection against DDoS Attacks... 3 Firewalls...
More informationPreventing DDOS attack in Mobile Ad-hoc Network using a Secure Intrusion Detection System
Preventing DDOS attack in Mobile Ad-hoc Network using a Secure Intrusion Detection System Shams Fathima M.Tech,Department of Computer Science Kakatiya Institute of Technology & Science, Warangal,India
More information4 Steps to Effective Mobile Application Security
Mobile Application Security Whitepaper 4 Steps to Effective Mobile Application Security Table of Contents Executive Summary 3 Mobile Security Risks in Enterprise Environments 4 The Shortcomings of Traditional
More information1. Comments on reviews a. Need to avoid just summarizing web page asks you for:
1. Comments on reviews a. Need to avoid just summarizing web page asks you for: i. A one or two sentence summary of the paper ii. A description of the problem they were trying to solve iii. A summary of
More informationTaxonomic Modeling of Security Threats in Software Defined Networking
Taxonomic Modeling of Security Threats in Software Defined Networking Recent advances in software defined networking (SDN) provide an opportunity to create flexible and secure next-generation networks.
More informationOnline music distribution Core-Edge Working Group Meeting, September 28-29, 2004 Natalie Klym Research Associate, MIT CFP nklym@comcast.
Online music distribution Core-Edge Working Group Meeting, September 28-29, 2004 Natalie Klym Research Associate, MIT CFP nklym@comcast.net 2. Introduction This case study examines the implications of
More informationDDoS Vulnerability Analysis of Bittorrent Protocol
DDoS Vulnerability Analysis of Bittorrent Protocol Ka Cheung Sia kcsia@cs.ucla.edu Abstract Bittorrent (BT) traffic had been reported to contribute to 3% of the Internet traffic nowadays and the number
More informationSecurity in Ad Hoc Network
Security in Ad Hoc Network Bingwen He Joakim Hägglund Qing Gu Abstract Security in wireless network is becoming more and more important while the using of mobile equipments such as cellular phones or laptops
More informationHow To Write A Transport Layer Protocol For Wireless Networks
Chapter 9: Transport Layer and Security Protocols for Ad Hoc Wireless Networks Introduction Issues Design Goals Classifications TCP Over Ad Hoc Wireless Networks Other Transport Layer Protocols Security
More informationTrust and Reputation Management in Distributed Systems
Trust and Reputation Management in Distributed Systems Máster en Investigación en Informática Facultad de Informática Universidad Complutense de Madrid Félix Gómez Mármol, Alemania (felix.gomez-marmol@neclab.eu)
More informationSecurity Threats in Mobile Ad Hoc Networks
Security Threats in Mobile Ad Hoc Networks Hande Bakiler, Aysel Şafak Department of Electrical & Electronics Engineering Baskent University Ankara, Turkey 21020013@baskent.edu.tr, asafak@baskent.edu.tr
More informationA Review on Zero Day Attack Safety Using Different Scenarios
Available online www.ejaet.com European Journal of Advances in Engineering and Technology, 2015, 2(1): 30-34 Review Article ISSN: 2394-658X A Review on Zero Day Attack Safety Using Different Scenarios
More information(MPLS) MultiProtocol Labling Switching. Software Engineering 4C03 Computer Network & Computer Security Dr. Kartik Krishnan Winter 2004.
(MPLS) MultiProtocol Labling Switching Software Engineering 4C03 Computer Network & Computer Security Dr. Kartik Krishnan Winter 2004 Final Copy Researcher: Paul Chan Student ID: 9914759 Last Revised:
More informationLecture 3: Scaling by Load Balancing 1. Comments on reviews i. 2. Topic 1: Scalability a. QUESTION: What are problems? i. These papers look at
Lecture 3: Scaling by Load Balancing 1. Comments on reviews i. 2. Topic 1: Scalability a. QUESTION: What are problems? i. These papers look at distributing load b. QUESTION: What is the context? i. How
More informationMobile Security Wireless Mesh Network Security. Sascha Alexander Jopen
Mobile Security Wireless Mesh Network Security Sascha Alexander Jopen Overview Introduction Wireless Ad-hoc Networks Wireless Mesh Networks Security in Wireless Networks Attacks on Wireless Mesh Networks
More informationNetwork Architecture and Topology
1. Introduction 2. Fundamentals and design principles 3. Network architecture and topology 4. Network control and signalling 5. Network components 5.1 links 5.2 switches and routers 6. End systems 7. End-to-end
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationDr. Arjan Durresi Louisiana State University, Baton Rouge, LA 70803 durresi@csc.lsu.edu. DDoS and IP Traceback. Overview
DDoS and IP Traceback Dr. Arjan Durresi Louisiana State University, Baton Rouge, LA 70803 durresi@csc.lsu.edu Louisiana State University DDoS and IP Traceback - 1 Overview Distributed Denial of Service
More informationAriadne A Secure On-Demand Routing Protocol for Ad-Hoc Networks
Ariadne A Secure On-Demand Routing Protocol for Ad-Hoc Networks Authors: Yih-Chun Hu, Adrian Perrig, David B Johnson Presenter: Sameer Korrapati Date: 4/21/2003 Overview of presentation Introduction :
More informationA Utility Based Incentive Scheme for P2P File Sharing in Mobile Ad Hoc Networks
A Utility Based Incentive Scheme for P2P File Sharing in Mobile Ad Hoc Networks Afzal Mawji and Hossam Hassanein Telecommunications Research Lab, School of Computing Queen s University Kingston, Ontario,
More informationAnonymous Communication in Peer-to-Peer Networks for Providing more Privacy and Security
Anonymous Communication in Peer-to-Peer Networks for Providing more Privacy and Security Ehsan Saboori and Shahriar Mohammadi Abstract One of the most important issues in peer-to-peer networks is anonymity.
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design Learning Objectives Identify common misconceptions about firewalls Explain why a firewall
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More informationSecure networks are crucial for IT systems and their
ISSA The Global Voice of Information Security Network Security Architecture By Mariusz Stawowski ISSA member, Poland Chapter Secure networks are crucial for IT systems and their proper operation. Essential
More informationINTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY
INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK AN OVERVIEW OF MOBILE ADHOC NETWORK: INTRUSION DETECTION, TYPES OF ATTACKS AND
More informationNear Sheltered and Loyal storage Space Navigating in Cloud
IOSR Journal of Engineering (IOSRJEN) e-issn: 2250-3021, p-issn: 2278-8719 Vol. 3, Issue 8 (August. 2013), V2 PP 01-05 Near Sheltered and Loyal storage Space Navigating in Cloud N.Venkata Krishna, M.Venkata
More informationUnit 3 - Advanced Internet Architectures
Unit 3 - Advanced Internet Architectures Carlos Borrego Iglesias, Sergi Robles Carlos.Borrego@uab.cat,Sergi.Robles@uab.cat Departament d Enginyeria de la Informació i de les Comunicacions Universitat Autònoma
More information20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7
20-CS-6053-00X Network Security Spring, 2014 An Introduction To Network Security Week 1 January 7 Attacks Criminal: fraud, scams, destruction; IP, ID, brand theft Privacy: surveillance, databases, traffic
More informationHow To Secure Your Store Data With Fortinet
Securing Wireless Networks for PCI Compliance Using Fortinet s Secure WLAN Solution to Meet Regulatory Requirements Introduction In the wake of many well-documented data breaches, standards such as the
More informationBalanced Reputation Detective System (BREDS): Proposed Algorithm
Balanced Reputation Detective System (BREDS): Proposed Algorithm Pallavi Bansal 1, Narender Singh 2 1,2Computer science &Engineering department, G.I.T.M, Bilaspur, Yamunanagar, Haryana ---------------------------------------------------------------------***---------------------------------------------------------------------
More informationSecurity vulnerabilities in the Internet and possible solutions
Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in
More informationDecoupling Service and Feedback Trust in a Peer-to-Peer Reputation System
Decoupling Service and Feedback Trust in a Peer-to-Peer Reputation System Gayatri Swamynathan, Ben Y. Zhao and Kevin C. Almeroth Department of Computer Science, UC Santa Barbara {gayatri, ravenben, almeroth}@cs.ucsb.edu
More informationIntroduction to Wireless Sensor Network Security
Smartening the Environment using Wireless Sensor Networks in a Developing Country Introduction to Wireless Sensor Network Security Presented By Al-Sakib Khan Pathan Department of Computer Science and Engineering
More informationDistributed Computing over Communication Networks: Topology. (with an excursion to P2P)
Distributed Computing over Communication Networks: Topology (with an excursion to P2P) Some administrative comments... There will be a Skript for this part of the lecture. (Same as slides, except for today...
More informationHow To Create A P2P Network
Peer-to-peer systems INF 5040 autumn 2007 lecturer: Roman Vitenberg INF5040, Frank Eliassen & Roman Vitenberg 1 Motivation for peer-to-peer Inherent restrictions of the standard client/server model Centralised
More information