REPUTATION MANAGEMENT OF PEERS TO REDUCE THE SYBIL ATTACK IN PEER-TO-PEER NETWORK



Similar documents
Attacks Against Peer-to-peer Networks and Countermeasures

DoS: Attack and Defense

Survey on DDoS Attack Detection and Prevention in Cloud

Dual Mechanism to Detect DDOS Attack Priyanka Dembla, Chander Diwaker 2 1 Research Scholar, 2 Assistant Professor

The Reverse Firewall: Defeating DDOS Attacks Emanating from a Local Area Network

Survey on DDoS Attack in Cloud Environment

MODIFIED BITTORRENT PROTOCOL AND ITS APPLICATION IN CLOUD COMPUTING ENVIRONMENT

A Review of Anomaly Detection Techniques in Network Intrusion Detection System

Implementation of P2P Reputation Management Using Distributed Identities and Decentralized Recommendation Chains

DDOS WALL: AN INTERNET SERVICE PROVIDER PROTECTOR

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

A Novel Distributed Denial of Service (DDoS) Attacks Discriminating Detection in Flash Crowds

Keywords Attack model, DDoS, Host Scan, Port Scan

A TWO LEVEL ARCHITECTURE USING CONSENSUS METHOD FOR GLOBAL DECISION MAKING AGAINST DDoS ATTACKS

Seminar Computer Security

Peer-to-Peer Systems: "A Shared Social Network"

An Implementation of Secure Wireless Network for Avoiding Black hole Attack

Banking Security using Honeypot

Client Server Registration Protocol

Single Sign-On Secure Authentication Password Mechanism

Index Terms: DDOS, Flash Crowds, Flow Correlation Coefficient, Packet Arrival Patterns, Information Distance, Probability Metrics.

Analysis on Some Defences against SYN-Flood Based Denial-of-Service Attacks

V-ISA Reputation Mechanism, Enabling Precise Defense against New DDoS Attacks

Security Issues In Cloud Computing and Countermeasures

A Critical Investigation of Botnet

How To Detect Denial Of Service Attack On A Network With A Network Traffic Characterization Scheme

Denial of Service Resilience in Peer to Peer. D. Dumitriu, E. Knightly, A. Kuzmanovic, I. Stoica, W. Zwaenepoel Presented by: Ahmet Canik

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Denial of Service attacks: analysis and countermeasures. Marek Ostaszewski

Preventing DDOS attack in Mobile Ad-hoc Network using a Secure Intrusion Detection System

Flexible Deterministic Packet Marking: An IP Traceback Scheme Against DDOS Attacks

1 Introduction. Agenda Item: Work Item:

Chapter 8 Security Pt 2

Securing MANET Using Diffie Hellman Digital Signature Scheme

Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014

Efficient Detection of Ddos Attacks by Entropy Variation

Security Technology White Paper

Analysis of Automated Model against DDoS Attacks

The Hillstone and Trend Micro Joint Solution

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

Malicious Programs. CEN 448 Security and Internet Protocols Chapter 19 Malicious Software

Wireless Sensor Network Security. Seth A. Hellbusch CMPE 257

CMPT 471 Networking II

SPAM FILTER Service Data Sheet

A NOVEL APPROACH FOR PROTECTING EXPOSED INTRANET FROM INTRUSIONS

1 Introduction. Agenda Item: Work Item:

SECURING APACHE : DOS & DDOS ATTACKS - I

TELE 301 Network Management. Lecture 18: Network Security

Building A Secure Microsoft Exchange Continuity Appliance

Security and Privacy Issues in Wireless Ad Hoc, Mesh, and Sensor Networks

Content Teaching Academy at James Madison University

Name: 1. CSE331: Introduction to Networks and Security Fall 2003 Dec. 12, /14 2 /16 3 /16 4 /10 5 /14 6 /5 7 /5 8 /20 9 /35.

Optimistic way of Accessing Open Storage using Collaborative Approach


Sync Security and Privacy Brief

A Novel Packet Marketing Method in DDoS Attack Detection

TIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13

Lecture 02b Cloud Computing II

From Network Security To Content Filtering

The Role and uses of Peer-to-Peer in file-sharing. Computer Communication & Distributed Systems EDA 390

A reputation-based trust management in peer-to-peer network systems

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

Denial of Service. Tom Chen SMU

Chapter 10. Cloud Security Mechanisms

DDoS Vulnerability Analysis of Bittorrent Protocol

ARP Storm Detection and Prevention Measures

Network Security. Dr. Ihsan Ullah. Department of Computer Science & IT University of Balochistan, Quetta Pakistan. April 23, 2015

A Study on the novel tool to retort P2P security issues

Security vulnerabilities in the Internet and possible solutions

DOS ATTACKS IN INTRUSION DETECTION AND INHIBITION TECHNOLOGY FOR WIRELESS COMPUTER NETWORK

Domain 6.0: Network Security

11 NETWORK SECURITY PROJECTS. Project Understanding Key Concepts. Project Using Auditing and Event Logs. Project 11.3

ZNetLive Malware Monitoring

SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER

Secure Authentication of Distributed Networks by Single Sign-On Mechanism

The Algorithm of Sharing Incomplete Data in Decentralized P2P

Performance Analysis of Modified AODV Protocol in Context of Denial of Service (Dos) Attack in Wireless Sensor Networks

REVIEW ON RISING RISKS AND THREATS IN NETWORK SECURITY

An Efficient Strategy for Data Recovery in Wi-Fi Systems

A Hybrid Approach for Detecting, Preventing, and Traceback DDoS Attacks

SECURE DATA TRANSMISSION USING INDISCRIMINATE DATA PATHS FOR STAGNANT DESTINATION IN MANET

Secure Software Programming and Vulnerability Analysis

SECURITY FLAWS IN INTERNET VOTING SYSTEM

A Defense Security Approach against Hacking Using Trusted Graphs

Wireless Sensor Networks Chapter 14: Security in WSNs

Dr. Arjan Durresi Louisiana State University, Baton Rouge, LA DDoS and IP Traceback. Overview

Adaptive Discriminating Detection for DDoS Attacks from Flash Crowds Using Flow. Feedback

Security in Wireless Local Area Network

Detection of Distributed Denial of Service Attack with Hadoop on Live Network


Firewall and UTM Solutions Guide

Transcription:

REPUTATION MANAGEMENT OF PEERS TO REDUCE THE SYBIL ATTACK IN PEER-TO-PEER NETWORK Chirag R. Parmar, Chaita Jani Department of Computer Engineering, Kalol Institute of Technology & Research Center. Abstract This chapter provides detailed of attacks on Peer-to-Peer network with their suitable defensive technique or algorithm. We try to reduce the effect of Sybil attack from p2p network. In peer-to-peer (p2p) network is a way of structuring distributed applications such that the individual nodes have symmetric roles. Peer-to-peer network having no any hierarchy that means all peers are equal and no administrator responsible for the network. There are a several kinds of attacks in peer-to-peer network. Like, DOS Attack, DDOS attack, Rational attack, Sybil attack and Eclipse attack. In Sybil attack, Attacker create Fake Identities on p2p network either to gain better reputation or increase download capabilities or take entire control over network. A faulty node may present multiple identities to a peer-to-peer network and then after becoming part of the p2p network and act maliciously. By multiple identities, the faulty node can control the network substantially. By using Reputation ranking algorithm after efficient changing we can check the reputation rank of all the peers connected to that network. After checking the reputation rank we decide which nodes are real and which nodes are fake. That means aim of reducing Sybil attack is done from the following proposed flow and algorithm. from client-server architecture because in peer-topeer network, one specific peer acts as either client or server. Peer-to-Peer using a decentralized model in which each machine, referred to as a peer, functions as a client with his personal coat of server functionality. A couple plays the role of a client and a server simultaneously. Customers (pairs) will the necessary operations to keep it going rather than a central server network. In Sybil attack, attacker creates fake identity on to the network to take the control over part of the network and after that control over a whole network. The idea behind Sybil attack is that a single malicious identity can present multiple identities, and thus gain control over part of the network. Sybil attack can be seen in social network, structured p2p network and distributed p2p network. Effect in distributed p2p network of Sybil attack is more harmful than other network. This problem of Sybil attack is reducing by giving reputation ranking to all the peers in distributed peer-to-peer network. Index Terms Sybil Attack, Self-certification Algorithm, Peer-to-Peer Network, Reputation Management. I. INTRODUCTION To reducing the effect of Sybil Attack in Peer-to Peer network, we can do reputation management on peers and after applying simulations on the simulator to reducing the effect of Sybil attack. Peer-to-Peer network is a way of structuring the distributed applications such that individual node have symmetric roles. Peer-to-Peer network is also called a workgroup. Peer-to-peer network is different Peer-to-Peer Network IJIRT 102411 INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH IN TECHNOLOGY 127

II. ATTACKS ON PEER-TO-PEER NETWORK There are different types of attacks on peer-to-peer network. A. Denial of Service (DOS) Attack DoS attack is an attack on a computer or a network, trying to make a computer resource available to its users. In P2P networks, the most common form of DoS attack is an attempt to flood the network with dummy packets, thus preventing network traffic reasonable. The second method is to drown the victim demanding node to node becomes too busy to respond to other questions computation. Defense: Pricing technique is used for defending against this attack in peer to peer network. Where the host will submit the puzzles to the all its clients. When attacker want to attack on any victim then he has to solve a puzzle first, that s why difficult for attacker to attack on p2p network. B. Distributed Denial of Service (DDOS) Attack DDOS attack is the modified attack technique that uses DOS attack. The figure of the main attacker who controls the different partitions. The sub attackers are often personal computers with broadband connections that are committed with the Virus or Trojan. That means attackers sub attacks on the network and control the entire network for the main attacker. Distributed Denial of Service Attack Defense: Let the Internet traffic of the company Broker through Verizon Business, which will help customers to filter a range of information from harmful content. Then the security team provides monitoring, detection is constantly looking for incoming DDOS attack. Since then the runners have their blacklist and white list, allowing the runner to terminate traffic on the blacklist before reaching the site of the block. C. Man-in-the-Middle Attack Man-in-the-middle attack is an indirect interference, and the attacker inserts your computer undetected between two nodes. In the figure, Alice and Bob are regular users. Showing the attacker in the middle can intercept the data, modify data and send data without being detected by Alice and Bob. Man-in-the-Middle Attack [1] Defense: Authentication technique is used for solving this type of attack on p2p network. In this defense technique the information is encrypted by the user before transmitted to another user. After transmitting this information second user want to decrypt that information. Without knowing how to decrypt the message, second user can t get that message therefore attacker unable to intercept the message. D. Pollution Attack The network attacker is to replace a file on the network for any malicious file, and this file unusable polluted than customers. The attacker makes the target content unusable changing the content of it in content independently, and then makes this content available for sharing contaminated. In order to attract people to download the contaminated content, harmful content must disguise as the target content, such as having the same format and similar size. It is also necessary to maintain broadband connections. Defense: To ensure our system this attack; if the user learns the downloaded files are harmful, then the user should be to remove that file from the P2P system. E. Rational Attack For our selfish behavior at the expense of the system it can be termed as rational Attack. In the figure above, if the node A wants to transmit the content. To reduce the bandwidth load on node A, only a small number of node B and node F connected directly to A. The contents were then propagates from node B and node F to additional services such as the node pairs C, D and E. because of the behavior auto -interested in most P2P systems, a self-interested node may realize that you can IJIRT 102411 INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH IN TECHNOLOGY 128

save expensive bandwidth rise if not choose to share. In this case, enough nodes B and F become self-interest, so the system cannot guarantee a reasonable charge and discharge. G. Eclipse Attack In a fit of Eclipse, an attacker control over much of the good neighboring nodes. In this scenario, the collection of harmful nodes works together to fool a good node writing their addresses in the list of neighbors of a good node. Using Eclipse attack, an attacker can control on an important part of a network, even across the network. Thus, nodes cannot forward correctly and then the whole network can be managed message. Sybil attack can be simplified as a specific attack Eclipse, if the attacker generates lots of identifications to act as a good neighbor node. Rational Attack [1] F. Sybil Attack Attacker create fake identities on peer to peer network for gaining better reputation or increasing download speed and taking the entire control over the network. The idea behind Sybil attack is that a single malicious identity may have multiple identities, and thus gain control of part of the network. Sybil Attack [1] From the above figure of Sybil Attack, when a normal node makes redundant backup, select a group of entities as the node A, B, C and D have different identifiers. But in fact, the B, C and D node does not really exist, because the malicious nodes are created by the attacker, so the backup may not finish. A faulty node (Malicious Node) or an adversary may present multiple fake identities to a p2p network in order to appear and function as multiple distinct nodes. After becoming part of the peer-to-peer network, the adversary may act maliciously. By masquerading and presenting multiple identities, the adversary can control over the whole network. Eclipse Attack From the figure, the malicious network nodes separated into two subnets. There are not any of the methods used to communicate within two subnets, normal node cannot avoid the connection with one of the malicious node. That's why the entire network has been controlled by malicious node. These are the explanation of different kinds of attack and defenses on peer-to-peer network. III. SELF-CERTIFICATION ALGORITHM It is impossible to completely removal the threat of a Sybil attack from a P2P network. There are several effective methods of defend would be to slow the rate of how fast an attacker can generate enough nodes, similar to how one would defend against a DOS attack. P2P networks would have to apply some sort of node ID expiration to the network. There is one algorithm used to defend against Sybil Attack, Self-Registration Algorithm. Defense: Self-Certification Algorithm and Reputation Ranking Algorithms is used for defending against Sybil Attack. IJIRT 102411 INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH IN TECHNOLOGY 129

V. LITERATURE REVIEW 1. A Survey of Peer-to-Peer attacks & Counter Attacks In this survey paper, Author has given explanation about all the attacks and defense on peer-to-peer network. 2. The Sybil Attacks and Defense Self-Certification Algorithm [1] A new node hashes the IP address and port for the calculation of its identifier, and then recording its identifier in the already registered nodes, which are the whole process of registration of the new node. Then, later, the new node requests to join the P2P network. Other registered nodes have the ability and the responsibility to identify if the new node is real or not. If the new node is real, then it will be accepted by the P2P network. Registration Nodes: Registration procedure in the nodes, the nodes is verified that are not fake nodes. New nodes: In this procedure, a node checks your ID and record ID are mapping one by one. IV. ADVANTAGES & DISADVANTAGES OF P2P N/W Advantages of Peer-to-Peer Network Low Cost, Simple to Configure User has full accessibility to the Computer Flexible Structure ( Liquid Topology ) Almost Free, Fast Downloading Very Popular In this article we take a close look at the Sybil attack and advances in the defense against it, with special emphasis on recent work. We identified three large veins in the research literature that describes ways to defend against the attack: the use of trusted certificate, using the means test, and the use of social networks. Our study and analysis of the various schemes of the three veins in the literature show several deficiencies, which are several interesting directions and research questions worthy of investigation. 3. Defending against Sybil Attack in P2P Network In this paper, we present a novel system to defend against Sybil attacks. Our direct and indirect transaction protocols limit the number of service units that a node can obtain. Furthermore, we design a dynamic reputation ranking algorithm for the indirect transaction protocol. Combining these two, a node with a high priority has more probability of obtaining service. 4. Parental Control Algorithm for Sybil Detection in Peer-to-Peer Network Distributed social peer to peer network are most vulnerable to Sybil attack. It forms a small network within the P2P network and can give unwanted results to other nodes in network, thereby decreasing the interest of non-malicious nodes in the P2P network. We are proposing a Parental Control algorithm which is based on reputation scheme. It uses the false message concept for identifying and verifying the Sybil nodes in to the peer-to-per network. Disadvantage of Peer-to-Peer Network May have duplication in Resource Difficult to handle uneven loading Not safe against Viruses, Spam and Spyware IJIRT 102411 INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH IN TECHNOLOGY 130

VI. PROPOSED WORK In my Proposed Work, I have used two algorithms for detecting Sybil Attack in Peer-to-Peer Network. First is Self-Certification and second is Reputation Ranking Algorithm. Stepwise Proposed Work 1. First we give the certificate from third-party authority to the peers who want to participate in P2P network. 2. Requester (Peer) sends or broadcast the request in P2P network. 3. All Providers have those service or files reply to the requester. 4. Then Requester calculates the reputation rank of all providers who has responded to the request. 5. Requester accepts the service from maximum reputation rank service provider. 6. If Service completed successfully then increase the reputation rank of the provider & goto step 8; else decrease reputation rank of the provider. 7. If Reputation rank<=0 then delete that node & goto step 2; else repeat the procedure from Step 2. 8. End. Comparison of the results for existing and proposed scheme VII. CONCLUSION & FUTURE WORK The goal of Reputation Management of Peers is to reducing the fake node in peer-to-peer network and makes the network more secure. First we gave certification authority to the peers and after that requester broadcast request for files, after that providers those have that requested files reply to that requester. After that requester calculates the reputation rank of those providers. Then requester took files from highest reputation rank provider. This is the main aim of Reputation Ranking in peer-topeer network. As per the research, future work extends that we can calculates Reputation rank of the providers only that s why in future, If calculations of the reputation rank of both requester and provider then we can make it more efficient. ACKNOWLEDGMENT I would like to give thanks to Prof. Chaita Jani (Asst. Prof, Computer Department, KITRC, Kalol) and also Rahul Vaghela (ME Completed from L.D. College Engineering-2013). Without support of them this work cannot be completed. Their Motivational Supports and valuable guidance always encouraged me time to time. REFERENCES [1] Yu Yang and Lan Yang, A Survey of Peer-to-Peer Attacks and Counter Attacks, CSE Department, California State Polytechnic University, Pamona. [2] Aziz Mohaisen and Joongheon Kim, The Sybil Attacks and Defense : A Survey, Smart Computing Review, Vol 3, pp 480-489, VeriSign Labs and University of Southern California, USA-December 2013. [3] Xu Xiang, Lu Huijuan, and Chen Lianna, Defending against Sybil Attacks in Peer-to- Peer Networks, ISSN: 1738-9976 IJSIA, College of Information Engineering, China Jiliang University, 2014. [4] Guojun Wang, Song Guo and Muhammad Bashir Abdullahi, Neighbor Similarity Trust against Sybil Attack in P2P E-Commerce, IEEE, School of engineering and technology, Kenyatta City, Kenya. [5] Ankush Tehale, Amit Sadafule, Swapnil Shirsat, Rahul Jadav, Satish Umbarje, and Sandip Singhade, Parental Control Algorithm for Sybil Detection in Distributed P2P networks, ISSN 2250-3153 IJSRP, Vol 2, Issue 5, May 2012, IT, Veermata Jijabai Technological Institute, Mumbai. IJIRT 102411 INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH IN TECHNOLOGY 131

[6] Xiuqi Li and Jie Wu, Searching Techniques in Peer-to-Peer Network, Department of CSE, Florida Atlantic University, Boca Raton, 2006. [7] Geoffrey Fox, Peer-to-Peer Networks, Department of IT, Florida State University, June- 2011. [8] Dimitrios Tsoumakos and Nick Roussopoulos, A Comparison of Peer-to-Peer Search Methods, CS Department, University of Maryland. [9] B. Pourebrahimi, K. Bertels and S. Vassiliadis, A Survey of Peer-to-Peer Networks, Computer Engineering Lab, ITS, The Netherlands. [10] Dan S. Wallach, A Survey of Peer-to-Peer Security Issues, Rice University, April-2009. [11] Xiaoming Wang, A Secure Access Control Scheme Based on Group for Peer-to-Peer Networks, ICSAI, Department of Computer Science, Jinan University, Guangzhou, China- 2012. [12] Konstantin Miller and Adam Wolisz, Transport Optimization in Peer-to-Peer Networks, IEEE DOI 10.1109/PDP.2011.26, Technical University Berlin, Germany-2011. [13] Adarsh Agarwal, Nipun Bansal and Sudeep Gupta, Peer to Peer Networking and Applications, IJARCSSE, Volume 3, Issue 8, August-2013, IIT- Delhi, India. [14] Brian Neil Levine, Clay Shields, N. Boris Margolin, A Survey of Solutions to the Sybil Attack, Dept. of CSE, University of Massachusetts, Amherst. [15] K Haribabu Arindam Paul and Chittaranjan Hota, Detecting Sybil in Peer-to-Peer Overlays Using Psychometric Analysis Method, IEEE Computer Society, 2011, Computer Science and Information Systems, BirlaInstitute of Technology and Science, Pilani, Rajasthan, India. IJIRT 102411 INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH IN TECHNOLOGY 132

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information