Yingjie Xia,Guanghua Song,Yao Zheng,Jun Ni,Mingzhe Zhu

DOI: https://doi.org/10.1109/ICICSE.2008.7

2008-01-01

Abstract:This paper introduces a small world overlay Peer- to-peer (P2P) transfer system with role based and reputation based access control policies, through which we are able to solve several serious problems existed in traditional P2P systems, like resource piracy, user privacy and network jam. The role based access control policy is implemented by the certificate based cryptography, e.g. X509. The reputation based access control policy consists of artificial scoring and automatic scoring components, corresponding to the quality and quantity evaluation of the transfer resources respectively. This system, upon the two policies and the adaptive small world overlay P2P topology, can restrict the peer's role and select a more credible peer to upload and download without any loss of performance, for the reason of the dramatic topology. Indeed it provides a secure, controllable and efficient resource transfer community.

Yingjie Xia,Guanghua Song,Yao Zheng,Mingzhe Zhu

DOI: https://doi.org/10.1109/wkdd.2008.28

2007-01-01

Abstract:This paper introduces R2P, a Peer-to-Peer (P2P) transfer system with role based and reputation based access control policies. With the combination of user authentication, organization authorization and scoring system, we solve the problem of resource piracy, user privacy and network jam, which exist in traditional P2P systems. The R2P system takes advantage of the X509 certificate to implement the role based access control policy. By assembling the artificial scoring and the automatic scoring components, the system evaluates the quantity and quality of the transfer resources, putting forward the reputation based access control policy. Upon the two policies and the adaptive P2P transfer model, the R2P system provides a secure, controllable and efficient resource transfer community.

Yu Zhang,Xianxian Li,Jinpeng Huai,Yunhao Liu

DOI: https://doi.org/10.1109/ICDCSW.2005.29

2005-01-01

Abstract:As an emerging model of communication and computation, peer-to-peer networking represents a fully distributed, cooperative network design, and has recently gained significant acceptance. Peer groups share the properties of peer-to-peer overlay network, including full decentralization, symmetric abilities, and dynamism, which make security problems more complicated. In this paper, we propose a fine-grained and attribute-based access control framework forpeer-to-peer systems. This design employs a novel policy model which extends role-based trust management language RT to satisfy security requirements of peer groups. Intend for a pure decentralized model without centralized server, our framework presents distributed delegation authorization mechanism which could avoid single point of failure. We also introduce our implementation experience.

Zude Li,Guoqiang Zhan,Xiaojun Ye

DOI: https://doi.org/10.1007/11775300_17

2006-01-01

Abstract:Peer-to-peer (P2P) resource dissemination has raised some security concerns for privacy protection and intellectual property rights protection along resource dissemination over the network. To solve these challenges, we propose the Role-Based P2P model, in which the role notion is functioned as the bridge component between users and resources to enforce secure resource dissemination together with relative constraints. The property rights attached to resource and user's private identity information are both protected as promise by taking each local role as a permission set in local centralized network and each global role as a user's pseudonym in global decentralized network. Furthermore, we propose the access control algorithm to describe how to handle access requests by the role policy in the role-based hybrid P2P model. In addition, we illustrate the intra and inter access schemas as two kinds of access processes. The model is feasible as its role structure and the connection with user and resource in open environment are consistent with the application objectives. The model is extensible, as the role structure can be also available for Purpose-Based Privacy Protection technologies.

Jaydip Sen

DOI: https://doi.org/10.1007/978-3-642-28879-1_6

2011-10-02

Abstract:The existing peer-to-peer networks have several problems such as fake content distribution, free riding, white-washing and poor search scalability, lack of a robust trust model and absence of user privacy protection mechanism. Although, several trust management and semantic community-based mechanisms for combating free riding and distribution of malicious contents have been proposed by some researchers, most of these schemes lack scalability due to their high computational, communication and storage overhead. This paper presents a robust trust management scheme for P2P networks that utilizes topology adaptation by constructing an overlay of trusted peers where the neighbors are selected based on their trust ratings and content similarities. While increasing the search efficiency by intelligently exploiting the formation of semantic community structures by topology adaptation among the trustworthy peers, the scheme provides the users a very high level of privacy protection of their usage and consumption patterns of network resources. Simulation results demonstrate that the proposed scheme provides efficient searching to good peers while penalizing the malicious peers by increasing their search times as the network topology stabilizes.

Cryptography and Security,Networking and Internet Architecture

Yang Zhen-hui

Abstract:P2P network technology offers information resource for people, it increases availability and robustness of P2P network, but brings new security problems of network too. First, this paper introduces security advantage of P2P network, then analyses security threatening of P2P network facing, finally introduces how to design prevention model of P2P network, and provides some prospect of P2P network technology about P2P network security.

Engineering,Computer Science

Kui Ren,Shucheng Yu,Wenjing Lou,Yanchao Zhang

DOI: https://doi.org/10.1109/tpds.2009.59

IF: 5.3

2009-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Recently, multihop wireless mesh networks (WMNs) have attracted increasing attention and deployment as a low-cost approach to provide broadband Internet access at metropolitan scale. Security and privacy issues are of most concern in pushing the success of WMNs for their wide deployment and for supporting service-oriented applications. Despite the necessity, limited security research has been conducted toward privacy preservation in WMNs. This motivates us to develop PEACE, a novel Privacy-Enhanced yet Accountable seCurity framEwork, tailored for WMNs. On one hand, PEACE enforces strict user access control to cope with both free riders and malicious users. On the other hand, PEACE offers sophisticated user privacy protection against both adversaries and various other network entities. PEACE is presented as a suite of authentication and key agreement protocols built upon our proposed short group signature variation. Our analysis shows that PEACE is resilient to a number of security and privacy related attacks. Additional techniques were also discussed to further enhance scheme efficiency.

Ruichuan Chen,Eng Keong Lua,Jon Crowcroft,Wenjia Guo,Liyong Tang,Zhong Chen

DOI: https://doi.org/10.1109/p2p.2008.31

2008-01-01

Abstract:Poisoning attacks in the Peer-to-Peer (P2P) content sharing service have become a serious security problem on the global Internet due to the features of P2P systems such as self-organization, self-maintenance, etc. In this paper, we propose a novel poisoning-resistant security framework based on the notion that the content providers would be the only trusted sources to verify the integrity of the requested content. To provide the mechanisms of availability and scalability, a content provider publishes the information of his shared contents to a group of content maintainers self-organized in a security overlay, so that a content requestor can verify the integrity of the requested content from the associated content maintainers. Two defense functions are first carried out --- filtering out malicious activities and selecting the authentic content version. Then, the content requestor can perform the content integrity verification while downloading and take prompt protection actions to handle content poisoning attacks. To further enhance the system performance, we devise a scalable probabilistic verification scheme. The evaluation results illustrate that our framework can effectively and efficiently defend against content poisoning in various scenarios.

Yunhao Liu,Jinsong Han

DOI: https://doi.org/10.14711/thesis-b987542

2007-01-01

Abstract:Peer-to-Peer (P2P) model has become the mainstream of the applications in current and future Internet. Being effective in utilizing and managing globally distributed information over Internet, however, most current P2P systems do not provide protection to their users against the increasing threat from selfish peers or malicious adversaries. Anonymous and trustworthy computing hereby has continuously gained importance because it meets the users’ demands of privacy, fairness, trust, and reliability. In order to construct anonymous and trustworthy P2P systems, we must address several crucial challenges including (1) reliably and efficiently anonymizing the P2P network; (2) authenticating users’ identities; (3) enabling trust management in anonymous environments. Most existing approaches achieve anonymity via fixed paths, which are unreliable and inefficient in dynamic P2P systems. We propose two non-path based protocols to anonymize P2P systems. The results of trace driven simulations show that our proposed protocols are reliable, scalable and effective, and significantly reduce cryptographic overhead. The second issue is that the current authentication approaches face a dilemma in anonymous environments: authenticating other users needs their real identities; while the anonymity requires those users to hide their real identities. We propose a Zero-knowledge based protocol to allow users authenticate with each other without exposing their real identities. We show the effectiveness of our proposed protocol by simulation studies and prototype implementation. We solve the third issue by constructing a reputation based trust management architecture. We particularly focus on the feedback quality problem. In shorting of trusted authority centers in P2P systems, the feedback quality are easily wrecked by the dishonest feedback from malicious peers, which further degrades the computation accuracy of users’ reputation. Our proposed architecture effectively alleviates the damage on computing reputation caused by the feedback cheating. We believe that widely employing above proposed approaches will make P2P systems more secure and reliable. We also extend our study to other distributed systems and propose a privacy-preserving authentication protocol for RFID systems. Keywords: Peer-to-Peer, Anonymity, Privacy-Preserving, Authentication, Key Updating, Secret Sharing, Random Walk, Selected Flooding, Trustworthy Computing, Feedback Quality, Trust Management, Trace Driven Simulation, Zero-Knowledge Proof, Man-in-middle-attack

S. Udhaya Shree,Dr. M. S. Saleem Basha

DOI: https://doi.org/10.5121/ijwsc.2014.5301

2014-10-14

Abstract:Most of the peers accessing the services are under the assumption that the service accessed in a P2P network is utmost secured. By means of prevailing hard security mechanisms, security goals like authentication, authorization, privacy, non repudiation of services and other hard security issues are resolved. But these mechanisms fail to provide soft security. An exhaustive survey of existing trust and reputation models in P2P network regarding service provisioning is presented and challenges are listed.p2p Trust issues like trust bootstrapping, trust evidence procurement, trust assessment, trust interaction outcome evaluation and other trust based classification of peers behaviour into trusted, inconsistent, un trusted, malicious, betraying, redemptive are discussed.

Cryptography and Security,Networking and Internet Architecture

Mansoor Ebrahim,Shujaat Khan,UmerBin Khalid

DOI: https://doi.org/10.48550/arXiv.1404.5123

2018-01-01

Abstract:P2P networking has become a promising technology and has achieved popularity as a mechanism for users to share files without the need for centralized servers. The rapid growth of P2P networks beginning with Kaza, Lime wire, Napsters, E-donkey, Gnutella etc makes them an attractive target to the creators of viruses and other security threats. This paper describes the major security issues on P2P networks (Viruses and worms) and presents the study of propagation mechanisms. In particular, the paper explores different P2P viruses and worms, their propagation methodology, outlines the challenges, and evaluates how P2P worms affect the network. The experimental results obtained will provide new direction in surmounting the security concerns in P2P Networks

Cryptography and Security

An'an Luo,LiQin Tian,Chuang Lin

DOI: https://doi.org/10.1109/ITAPP.2010.5566399

2010-01-01

Abstract:Being a new Internet application, social-based P2P network, which merges P2P file sharing technology and social network, is drawn more and more attention. However, it also brings in new challenges when facing the problems of trust management and personal privacy protection. In this paper, we aim at social-based P2P, and design a set of trust management mechanisms with peer uncertain risk evaluation and personal privacy preserving, which is able to encourage peers cooperation and defend Bad-Mouth attack from malicious peers. Another advantage of our solution is that it is very flexible for users to define fine-grit access control policy.

Chunrui ZHANG,Fan JIANG,Ke XU

DOI: https://doi.org/10.3321/j.issn:1000-0054.2005.10.037

2005-01-01

Abstract:The P2P(peer to peer) technique is now used in many areas,but no good solutions have yet been developed to set up trust among peers.This paper presents a model,called P2Ptrust,which combines a local trust table and a global reputation table.Each peer endows a trust value to other peers respectively whose trades are trustworthy.And the values construct a local trust table.Each peer must save several global reputation tables which belong to other peers.This model uses the friend mechanism and unites the virtue of the local trust table and the global reputation table.This paper also introduces a solution for the sybil attack,the malicious collectives attack,and other such attacks.Simulation results show that the P2Ptrust model reduces communication overhead and is more robust with security and has better extensibility.

Ji Zheng,Xin Wang,Xiangyang Xue,C. K. Toh

DOI: https://doi.org/10.1109/cit.2005.18

2005-01-01

Abstract:A general or agent-based security system is usually constructed hierarchically and has a central manager acting as head of the whole system. However, the manager becomes a bottleneck for being connected by each client. It can even overload when too many clients request service simultaneously. The whole system may collapse when the central manager is attacked. And these systems are passive to detect and deal with the secure problem. Hereby we present a mobile agent-based P2P Autonomous Security Hole Discovery system (PASHD). It can detect infection and network intrusion based on knowledge of the local host. Viruses will be removed and connection will be refused after identification. In case of a suspicious activity, PASHD initiates a voting approach to make a collective decision and take further action. This system acts self-learning when encountering intrusion or infection with new patterns. And it has the capability of autonomous discovery the security hole of hosts in network. The integration of peer-to-peer behavior with mobile agents reduces latency and load; however, flexibility, effectivity, security and cooperation of the system are enhanced.

Ruichuan Chen,Wenjia Guo,Liyong Tang,Jianbin Hu,Zhong Chen

DOI: https://doi.org/10.1007/978-3-540-85451-7_64

2008-01-01

Abstract:Peer-to-Peer (P2P) communication model has the potential to harness huge amounts of resources. However, due to the self-organizing and self-maintaining nature, current P2P networks suffer from various kinds of attacks. Public key authentication can provide a fundamental building block for P2P communication security. In this paper, we propose a scalable Byzantine fault tolerant public key authentication scheme for P2P networks, in which each participating peer dynamically maintains a trusted group to perform distributed challenge-response authentication without centralized infrastructure. To guarantee the authentication correctness, we additionally present a complementary trusted group maintenance scheme. The experimental results demonstrate that our authentication scheme can work in various different P2P scenarios effectively and efficiently.

Bulat Nasrulin,Rowdy Chotkan,Johan Pouwelse

DOI: https://doi.org/10.48550/arXiv.2308.07148

2023-08-14

Distributed, Parallel, and Cluster Computing

Abstract:Traditionally, peer-to-peer systems have relied on altruism and reciprocity. Although incentive-based models have gained prominence in new-generation peer-to-peer systems, it is essential to recognize the continued importance of cooperative principles in achieving performance, fairness, and correctness. The lack of this acknowledgment has paved the way for selfish peers to gain unfair advantages in these systems. As such, we address the challenge of selfish peers by devising a mechanism to reward sustained cooperation. Instead of relying on global accountability mechanisms, we propose a protocol that naturally aggregates local evaluations of cooperation. Traditional mechanisms are often vulnerable to Sybil and misreporting attacks. However, our approach overcomes these issues by limiting the benefits selfish peers can gain without incurring any cost. The viability of our algorithm is proven with a deployment to 27,259 Internet users and a realistic simulation of a blockchain gossip protocol. We show that our protocol sustains cooperation even in the presence of a majority of selfish peers while incurring only negligible overhead.

Gabriela Gheorghe,Renato Lo Cigno,Alberto Montresor

DOI: https://doi.org/10.1007/s12083-010-0070-6

2010-04-23

Abstract:Streaming applications over Peer-To-Peer (P2P) systems have gained an enormous popularity. Success always implies increased concerns about security, protection, privacy and all the other ‘side’ properties that transform an experimental application into a service. Research on security for P2P streaming started to flourish, but no comprehensive security analysis over the current P2P solutions has yet been attempted. There are no best practices in system design, no (widely) accepted attack models, no measurement-based studies on security threats to P2P streaming, nor even general surveys investigating specific security aspects for these systems. This paper addresses this last aspect. Starting from existing analyses and security models in the related literature, we give an overview on security and privacy considerations for P2P streaming systems. Our analysis emphasizes two major facts: (i) the Byzantine–Altruistic–Rational (BAR) model offers stronger security guarantees compared to other approaches, at the cost of higher complexity and overhead; and (ii) the general perception (not necessarily the truth, but a commonplace belief) that it is necessary to sacrifice accuracy or performance in order to tolerate faults or misbehaviors, is not always true.

computer science, information systems,telecommunications

Saurav Ghosh,Reshmi Mitra,Indranil Roy,Bidyut Gupta

2024-12-05

Abstract:Ensuring security for highly dynamic peer-to-peer (P2P) networks has always been a challenge, especially for services like online transactions and smart devices. These networks experience high churn rates, making it difficult to maintain appropriate access control. Traditional systems, particularly Role-Based Access Control (RBAC), often fail to meet the needs of a P2P environment. This paper presents a blockchain-based access control framework that uses Ethereum smart contracts to address these challenges. Our framework aims to close the gaps in existing access control systems by providing flexible, transparent, and decentralized security solutions. The proposed framework includes access control contracts (ACC) that manage access based on static and dynamic policies, a Judge Contract (JC) to handle misbehavior, and a Register Contract (RC) to record and manage the interactions between ACCs and JC. The security model combines impact and severity-based threat assessments using the CIA (Confidentiality, Integrity, Availability) and STRIDE principles, ensuring responses are tailored to different threat levels. This system not only stabilizes the fundamental issues of peer membership but also offers a scalable solution, particularly valuable in areas such as the Internet of Things (IoT) and Web 3.0 technologies.

Cryptography and Security,Distributed, Parallel, and Cluster Computing,Networking and Internet Architecture,Systems and Control

Sonia Jahid,Shirin Nilizadeh,Prateek Mittal,Nikita Borisov,Apu Kapadia

DOI: https://doi.org/10.48550/arXiv.1111.5377

2011-12-16

Abstract:A multitude of privacy breaches, both accidental and malicious, have prompted users to distrust centralized providers of online social networks (OSNs) and investigate decentralized solutions. We examine the design of a fully decentralized (peer-to-peer) OSN, with a special focus on privacy and security. In particular, we wish to protect the confidentiality, integrity, and availability of user content and the privacy of user relationships. We propose DECENT, an architecture for OSNs that uses a distributed hash table to store user data, and features cryptographic protections for confidentiality and integrity, as well as support for flexible attribute policies and fast revocation. DECENT ensures that neither data nor social relationships are visible to unauthorized users and provides availability through replication and authentication of updates. We evaluate DECENT through simulation and experiments on the PlanetLab network and show that DECENT is able to replicate the main functionality of current centralized OSNs with manageable overhead.

Cryptography and Security,Networking and Internet Architecture,Social and Information Networks

Samaneh Berenjian,Saeed Hajizadeh,Reza Ebrahimi Atani

DOI: https://doi.org/10.1109/ains47559.2019.8968699

2019-11-01

Abstract:Peer-to-Peer networks are designed to rely on the resources of their own users. Therefore, resource management plays an important role in P2P protocols. Early P2P networks did not use proper mechanisms to manage fairness. However, after seeing difficulties and rise of freeloaders in networks like Gnutella, the importance of providing fairness for users have become apparent. In this paper, we propose an incentive-based security model which leads to a network infrastructure that lightens the work of Seeders and makes Leechers to contribute more. This method is able to prevent betrayals in Leecher-to-Leecher transactions and helps Seeders to be treated more fairly. This is what other incentive methods such as Bittorrent are incapable of doing. Additionally, by getting help from cryptography and combining it with our method, it is also possible to achieve secure channels, immune to spying, next to a fair network. This is the first protocol designed for P2P networks which has separated Leechers and Seeders without the need to a central server. The simulation results clearly show how our proposed approach can overcome free-riding issue. In addition, our findings revealed that our approach is able to provide an appropriate level of fairness for the users and can decrease the download time.