A Study on the novel tool to retort P2P security issues

보안공학연구논문지 (Journal of Security Engineering), 제 5권 제 2 호, 2008년 4월 A Study on the novel tool to retort P2P security issues Martin Drahansky 1) Abstract The term File Sharing is the sharing of computer data or space on a network. File-sharing allows multiple users to access the same file, giving the user the ability to read, modify, copy and/or print it. File sharing is a common practice since the introduction of computer networks. P2P applications or Peer-to-peer applications, such as those used to share multimedia files, are some of the most common forms of file-sharing technology. However, Peer-to-peer applications are vulnerable to security risks that may put your information or your computer in jeopardy. In this paper, we discuss the issues and solutions in P2P Sharing. A method in file sharing which include the splitting of the file into chunks before the sending process is suggested. This method's process and applicability is also discussed. Keywords : P2P Sharing, P2P Security, File Splitting, Encryption 1. Introduction Peer-to-peer (P2P) file-sharing allows users to share files online through an informal network of computers running the same software [1-2]. This paper presents P2P file sharing, common security issues regarding P2P sharing and suggests a more secure method in P2P file sharing. File-sharing can give you access to a wealth of information, but it also has a number of risks. You could download copyright-protected material, pornography, or viruses without meaning to. Or you could mistakenly allow other people to copy files you don't mean to share. This paper also explains the current security issues, the risks and vulnerabilities and also the effects of P2P technology, including risks that relate to data security, spyware, viruses, adware, copyright infringement and unwanted pornography. Also, we present the current solution and efforts to address these risks and issues including the newly developed technologies to counter these risks and problems. On the last part, we present a method in P2P file sharing that could help minimize and counter these problems in P2P file sharing [3-4]. 2. File Sharing File sharing is the public or private sharing of computer data or space in a network with various levels of Received(January, 08, 2008), Review request(january 09, 2008), Review Result(1st:January 29, 2008, 2nd:February 18, 2008) Accepted(April 30, 2008) 1 Assistant professor, Department of Intelligent Systems, DITS FIT BUT Bozetechova 2 612 66 Brno, CZ email: drahan@fit.vutbr.cz 133

A Study on the novel tool to retort P2P security issues access privilege. While files can easily be shared outside a network, the term file sharing almost always means sharing files in a network, even if in a small local area network. P2P file sharing is the most common way of sharing files specially over the internet. 2.1 P2p File Sharing Many People people use free P2P file sharing programs - software to swap music, video and other files over the Internet. Many free P2P file sharing programs exist. Some P2P software offers a larger user base and greater numbers of files to choose from. Some software better utilizes network resources and may be easier to use. Finally, some P2P file sharing programs are increasing in popularity while others are declining. Consider all of these factors when deciding which P2P network to join. Popular examples of P2P sharing programs are BitTorrent, Napster, FastTrack and WinMX [5-8]. BitTorrent is a file sharing protocol commonly used for the transfer of different types of files across the internet - a relatively slow, unreliable link. BitTorrent is unique in that it takes advantage of the upload speed of all end users or peers downloading a file. This is accomplished by breaking a file into chunk and distributing these chunks to peers. Once a peer receives a full chunk of the file, it can begin sharing that chunk with other peers. To initiate a BitTorrent transfer, a peer contacts a tracker, this is a computer responsible for managing the peers. The tracker responds to the contacting peer with a list of other peers interested in the same file. The contacting peer contacts its newfound neighboring peers to see which peers have any needed file chunks. If a neighboring peer has such a file chunk, our peer is said to be interested in that peer, and a file transfer begins between the two. Napster is the ultimate digital music service, offering MP3 downloads and unlimited on-demand streaming. Shawn Fanning developed Napster while he was attending Northeastern University in Boston. Napster was an online music file sharing service which operating between June 1999 and July 2001 [5]. Napster operated using a centralized directory or index of files available for sharing. The directory was located on a centralized server or set of servers, to which various individual user computers or peers could connect using an Internet connection. An individual user could download the Napster software, connect to the server, and then send a query for a particular file she wanted to obtain. Its technology allowed people to easily copy and distribute MP3 files among each other, bypassing the established market for such songs and thus leading to the music industry's accusations of massive copyright violations. Although the original service was shut down by court order, it paved the way for decentralized peer-to-peer file-distribution programs. After the Napster decision file-sharing programs largely moved away from the central-server model, many use the 134

보안공학연구논문지 (Journal of Security Engineering), 제 5권 제 2 호, 2008년 4월 fasttrack protocol [6]. FastTrack is a peer-to-peer (P2P) protocol, used by the Kazaa, Grokster and imesh file sharing programs. FastTrack uses a simplified version of HTTP to perform the actual downloads. This makes it possible for users to bypass the regulations set by the client on the maximum number of simultaneous downloads. Earlier versions of FastTrack clients even allowed a user to download files from it using a web browser and thereby fooling the reputation system to believe that the client had contributed a lot to the network. WinMX developed by Frontcode Technologies in 2001. WinMX is a freeware peer-to-peer file sharing program that runs on Microsoft Windows operating systems. In 2005, it was the number one source of online music with an estimated 2.1 million users [7]. The official WinMX website and WinMX servers have been offline since September 2005 due to a lawsuit though the application remains operable through third-party modifications. In 2006, it remained the most populat P2P client in Japan with an estimated 3 million users [8]. 2.2 Utilization of Instant Messenger Another file sharing tool that are utilized for file sharing are the Instant Messengers. Common Instant Messengers(Yahoo Messenger, MSN Messenger, Skype, AOL Messenger, etc) have File Sharing or File Transfer feature. It allows users to transfer up to 2 Gigabytes of files. Common processes in IM file transfer feature is that: it will transfer the file directly from the sender client to the receiver client or the file will be transferred to the IM network server before transferring it to the receiver client. [Fig. 1] File sending in instant messenger 3. Security Issues in P2p File-sharing can have a number of risks. For example, when you are connected to file-sharing programs, you may unknowingly allow others to copy private files even giving access to entire folders and subfolders 135

A Study on the novel tool to retort P2P security issues you never intended to share. You may download material that is protected by copyright laws and find yourself mired in legal issues. You may download a virus or facilitate a security breach. Or you may unwittingly download pornography labeled differently. By using P2P applications, it is difficult, if not impossible, to verify that the source of the files is trustworthy. Attackers usually use this to transmit malicious codes. They may attach viruses, spyware, trojan or worms into the files. When you receive files from these sources, your computer will also be infected. 3.1 Infection of malicious code By using P2P applications, it is difficult, if not impossible, to verify that the source of the files is trustworthy. Attackers usually use this to transmit malicious codes. They may attach viruses, spyware, trojan or worms into the files. When you receive files from these sources, your computer will also be infected. 3.2 Exposure of sensitive or personal information Using P2P applications may give other users access to personal information. It may be because certain directories are accessible or because you provide personal information to what you believe to be a trusted person or organization, unauthorized people may be able to access your financial or personal documents, medical data, other personal information or sensitive corporate information. If your information is exposed, many unauthorized people will know and have access to it. The availability of your information may increase your risk of identity theft. 3.3 Susceptibility to attack Using P2P applications ask you to open certain ports on your computer or ask you to disable your firewall. However, opening some of these ports may give attackers access to your computer or enable them to attack your computer by taking advantage of any vulnerabilities that may exist in the P2P application. Other P2P applications can modify and penetrate firewalls themselves, without your knowledge. 3.4 Denial of service (DoS) Downloading files causes a significant amount of traffic over the network. This may reduce the availability of certain programs on your computer or may limit your access to the internet. 136

보안공학연구논문지 (Journal of Security Engineering), 제 5권 제 2 호, 2008년 4월 3.5 Prosecution Files shared using P2P applications may include copyrighted material, pirated software, or pornographic material. Once you download these, you may be faced with fines or other legal action. If your computer is connected to a company network and exposes customer information, both you and your company may be liable. 4. Encrypt-Split Solution Since one may encounter many problems in P2P sharing, we propose a files sharing solution. This solution requires the splitting of files before sending it. This also includes only two clients, unlike Bittorent that includes other Peers. The proposed solution is shown in Figure 2. [Fig. 2]. The proposed solution. The file will be hashed and splitted before the transmission and will be marge in the receiving end. We propose to get the MD5 hash of the file before splitting it into chunks. This is for the integrity checking of the file. This MD5 hash code will be stored in a file and will be sent along with the chunks of files. The MD5 hash is the checksum for a file is a 128-bit value; it is like a fingerprint of the file. There is a very small possibility of getting two identical hashes of two different files. This feature can be useful both for comparing the files and their integrity contro [9]. After the hashing process, the file will be splitted into smaller chunks of file. This is for security proposes, if a hacker will try to intercept the file that is being sent, he can get only chunks which are unusable. The splited files will then be sent to the receiving client. Along with the chunks of files, the file containing the hash code of the original file will be transmitted. [Fig. 3] The processes in the proposed solution. 137

A Study on the novel tool to retort P2P security issues 5. Comparison of proposed solution to existing technologies IM File Transfer and BitTorrent are the most common P2P client that is used today [10], because of this we decided to compare these two to our proposed file transfer client. We evaluate the technologies based on the following aspect: Scalability, Availability, Download Performance, Pollution and Security. 5.1 Scalability Scalability is a desirable property of a system, a process, or a network, which indicates its ability to either handle growing amounts of work in a graceful manner, or to be readily enlarged [11]. With BitTorrent simultaneous downloads, that a tracker can cope with is limited, unless decentralized with tracker farms. Network bandwidth and processing power pose big bottlenecks for the tracker. In IM file transfer, simultaneous transfer is allowed but the speed depends on the internet/network speed. In our proposed tool the SFT, simultaneous downloads is not allowed, therefore files that are sent first are already usable while sending other files. 5.2 Security IM file transfer is prawn to viruses. Other IM's even have trojans that transfer to other clients by itself. Bittorrent is open to many clients for other clients may included viruses to the files being transferred. It is well known that viruses and/or malwares spead through bittorent clients. The integrity of the file that are downloaded is also questionable. Downloaders can only check the validity of the file based on the comments of other clients. 5.3 Availability In our proposed tool, files are only sent from a specific client to a specific receiver client, Therefore, a big percentage of succesful transfer. In BitTorrent the availability of the key components are unpredictable and BitTorrent is quite vulnerable to potential failures.bittorrent download won t be completed also, if there is no seed available in the swarm and some parts of the content is lost within that swarm. The availability of a complete file is largely determined by the popularity of the file. 5.4 Download Performance 138

보안공학연구논문지 (Journal of Security Engineering), 제 5권 제 2 호, 2008년 4월 Download performance is better with multi-source downloading [2]. A peer can more easily utilize its whole download capacity with that. BitTorrent is the leader in download performance due to its advanced download distribution protocol. BitTorrent is focused to the download process and there is no search functionality through the overlay network. In our tool, there is only one source and one destination. The download rate is constant. 5.5 Pollution Polluting P2P networks are mostly done by anti-p2p companies to discourage users with illegitimate file-sharing. Polluting can be also done against legitimate usage as denial-of-service attacks so it is important that P2P system is strong against these threats [12]. BitTorrent hashes of the pieces are calculated beforehand and put into the torrent file. Pollution is not a problem with BitTorrent as long as the torrent file is not corrupted in the first place. Since our proposed solution involve only two clients, Pollution is impossible. Referring to the next tables, we show the comparison of different P2P technologies including SFT, our proposed tool. [Table 1] Comparison of the proposed tool to BitTorrent and IM. [Table 2] Comparison of the different P2P softwares 6. Conclusion P2P file-sharing allows clients to share files online through an informal network of computers running the same software. File-sharing can give you access to a wealth of information, but it is also open to many security risks. There are many P2P technologies and softwares that are used today and most of them are absolutely free. You could download copyright-protected material, pornography, or viruses without meaning to. 139

A Study on the novel tool to retort P2P security issues Aside from these, there are other many security issues surrounding P2P. References [1] [Palisade Systems, Inc., (Mar. 2003) Peer-to-Peer Study Results. [2] A. Wai-Sing Loo, (Oct. 2007) "File-Sharing Peer-to-Peer System [3] P-Cube Technology (2003) (Whitepaper) Controlling Peer to Peer Bandwidth Consumption [4] The University of Texas, Information Technology Services (ITS) (July 2008) "What You Need to Know about Peer-to-Peer File-Sharing Applications" http://www.utexas.edu/its/about/ Retrieved: December 2008 [5] Businessweek (August 14, 2000) Napster's High and Low Notes http://www.businessweek.com/2000/00_33/b3694003.htm Retrieved: December 2008 [6] McAllister, N., (March 2002) Unfair Share - Morpheus hits a roadblock on the fast track http://fatalexception.org/sfgate/2002/20020307.html Retrieved: December 2008 [7] "Itunes more Popular than most P2P services." DMN Newswire. http://dmnnewswire.digitalmedianet.com/articles/viewarticle.jsp?id=32851 Retrieved: December 2008 [8] Summary and translation of 2006 Record Industry Association of Japan report on p2p client use http://www.riaj.or.jp/e/whatsnew/20060725.html Retrieved: December 2008 [9] FastSum Integrity Control "What is the MD5 hash?" http://www.fastsum.com/support/md5-checksum-utility-faq/md5-hash.php Retrieved: December 2008 [10] A. Saulter (2005) BitTorrent: Revolutionizing P2P [11] Wikipedia - Scalability http://en.wikipedia.org/wiki/scalability Retrieved: December 2008 [12] A. Jantunen, S. Peltotalo, J. Peltotalo (2006) Peer-to-Peer Analysis State-of-the-art Authors Martin Drahansky Ph.D. Branch Information Technology, FIT - Brno University of Technology, 2005 Ing. Branch Informatics and Computer Science, FEECS - Brno University of Technology, 2001 Dipl.-Ing. Faculty of Electrotechnics, FernUniversität Hagen, Germany, 2001 Research interests : Biometric Systems, Artificial Intelligence, Security and Cryptography, Sensoric Systems 140