collusion resilient credit based reputation for peer to
play

Collusion-resilient credit-based reputation for peer-to-peer - PowerPoint PPT Presentation

Collusion-resilient credit-based reputation for peer-to-peer content distribution Nguyen Tran, Jinyang Li, Lakshminarayanan Subramanian New York University NetEcon10 1 Incentive in P2P CDNs A solved problem? Yes BitTorrent


  1. Collusion-resilient credit-based reputation for peer-to-peer content distribution Nguyen Tran, Jinyang Li, Lakshminarayanan Subramanian New York University NetEcon’10 1

  2. Incentive in P2P CDNs A solved problem? • Yes – BitTorrent tit-for-tat provides incentives for nodes to upload during download nodes to upload during download • No – No incentives for nodes to act as seeders (seeder promotion problem) 2

  3. Incentive in P2P CDNs A solved problem? • Yes – BitTorrent tit-for-tat provides incentives for nodes to upload during download nodes to upload during download • No – No incentives for nodes to act as seeders (seeder promotion problem) 3

  4. Private vs public BitTorrent communities PirateBay TorrentLeech CDF Average download speed [Kbps] More seeders � better performance 4

  5. Robust reputations � seeder promotion • Private BitTorrent – Nodes report their contribution � vulnerable • Graph-based reputation (Page-rank, max-flow) • Graph-based reputation (Page-rank, max-flow) – not capture node contribution – vulnerable to collusion 5

  6. Credo: a credit-based reputation mechanism • capture node contribution correctly • resilient to attacks (Sybil attack and collusion) 6

  7. Credo’s system architecture central server 7

  8. Credo’s system architecture • Sybil-resilient node admission using social network ( SybilLimit [S&P’08], SumUp [NSDI’09], GateKeeper [PODC’10] ) � each adversary can bring in few Sybils central server 8

  9. Credo’s system architecture • Sybil-resilient node admission using social network ( SybilLimit [S&P’08], SumUp [NSDI’09], GateKeeper [PODC’10] ) � each adversary can bring in few Sybils A central server 9

  10. Credo’s system architecture • Sybil-resilient node admission using social network ( SybilLimit [S&P’08], SumUp [NSDI’09], GateKeeper [PODC’10] ) � each adversary can bring in few Sybils A seeder central server 10

  11. Credo’s system architecture • Sybil-resilient node admission using social network ( SybilLimit [S&P’08], SumUp [NSDI’09], GateKeeper [PODC’10] ) � each adversary can bring in few Sybils upload upload upload upload A seeder central server 11

  12. Credo’s system architecture • Sybil-resilient node admission using social network ( SybilLimit [S&P’08], SumUp [NSDI’09], GateKeeper [PODC’10] ) � each adversary can bring in few Sybils upload upload upload upload A seeder central server 12

  13. Credo’s system architecture • Sybil-resilient node admission using social network ( SybilLimit [S&P’08], SumUp [NSDI’09], GateKeeper [PODC’10] ) � each adversary can bring in few Sybils download download A leecher central server 13

  14. Credo’s system architecture • Sybil-resilient node admission using social network ( SybilLimit [S&P’08], SumUp [NSDI’09], GateKeeper [PODC’10] ) � each adversary can bring in few Sybils download download A leecher central server 14

  15. Credo’s system architecture • Sybil-resilient node admission using social network ( SybilLimit [S&P’08], SumUp [NSDI’09], GateKeeper [PODC’10] ) � each adversary can bring in few Sybils download download A leecher central server Rep (# uploads) (# downloads ) = − 15

  16. Credo’s system architecture • Sybil-resilient node admission using social network ( SybilLimit [S&P’08], SumUp [NSDI’09], GateKeeper [PODC’10] ) � each adversary can bring in few Sybils download download A leecher central server Rep (# uploads) (# downloads ) = − 16 Seeders choose the highest reputation leecher to serve

  17. Seeders collect credits in exchange for uploads C D A E credit pool B B signed token credit pool 17

  18. Nodes issue their own credits C D A B E credit pool B credit pool 18 18

  19. Nodes issue their own credits C D A B E credit pool B credit pool Rep (# credit earned ) (# issued credit ) = − 19 19

  20. Nodes issue their own credits C D A B E credit pool B credit pool − � Rep (# credit earned ) 2 (# issued credit ) = 20 20

  21. Nodes issue their own credits C D A B E credit pool B To encourage nodes to use credits in credit pool credit pools before issuing new credits − � Rep (# credit earned ) 2 (# issued credit ) = 21 21

  22. Sybil attack C D A E B X X 1 X 2 X 1 X 2 X 1 X 2 X 1 X 2 credit pool − � Rep (# credit earned ) 2 (# issued credit ) = 22

  23. Idea 1: Credit diversity C D A E B X X 1 X 2 X 1 X 2 X 1 X 2 X 1 X 2 credit pool − � Rep (# different issuers) 2 (# issued credit ) = 23

  24. Credit diversity is not enough C D A Y E Y 1 Y 2 B X X 1 X 2 − � Rep (# different issuers) 2 (# issued credit ) = 24

  25. Credit diversity is not enough C D colluders A Y E Y 1 Y 2 B X X 1 X 2 − � Rep (# different issuers) 2 (# issued credit ) = 25

  26. Credit diversity is not enough C D colluders A Y E Y 1 X X Y X 2 Y 1 X 1 Y 2 Y Y 2 X 1 X 2 Y 1 Y 2 B X 2 Y 1 X 1 Y 2 X X 1 X 1 X 2 Y 1 Y 2 X 2 X 2 Y 1 Y 2 X 1 Y 1 X 1 X 2 Y 2 − � Rep (# different issuers) 2 (# issued credit ) = 26

  27. Credit pool of attackers vs honest nodes C D A Y E Y 1 X X Y X 2 Y 1 X 1 Y Y 2 Y 2 X 1 X 2 Y 1 Y 2 B X 2 Y 1 X 1 Y 2 X X 1 X 1 X 2 Y 1 Y 2 X 2 X 2 Y 1 Y 2 X 1 Y 1 X 1 X 2 Y 2 Volume = 6 Volume(c) : # of credits issued by the issuer of c 27

  28. Credit pool of attackers vs honest nodes C D A Y E Y 1 X X Y X 2 Y 1 X 1 Y Y 2 Y 2 X 1 X 2 Y 1 Y 2 B X 2 Y 1 X 1 Y 2 X X 1 X 1 X 2 Y 1 Y 2 X 2 X 2 Y 1 Y 2 X 1 Y 1 X 1 X 2 Y 2 Volume(c) : # of credits issued by the issuer of c 28

  29. Credit pool of attackers vs honest nodes C D A Y E Y 1 X X Y X 2 Y 1 X 1 Y Y 2 Y 2 X 1 X 2 Y 1 Y 2 B 6 X 2 Y 1 X 1 Y 2 6 X X 1 X 1 X 2 Y 1 Y 2 X 2 X 2 Y 1 Y 2 X 1 Y 1 X 1 X 2 Y 2 6 6 Volume(c) : # of credits issued by the issuer of c 29

  30. Credit pool of attackers vs honest nodes C D A Y E Y 1 X X Y X 2 Y 1 X 1 Y Y 2 Y 2 X 1 X 2 Y 1 Y 2 B 6 X 2 Y 1 X 1 Y 2 6 X X 1 X 1 X 2 Y 1 Y 2 X 2 X 2 Y 1 Y 2 X 1 Y 1 X 1 X 2 Y 2 6 all are high volume credits 6 Volume(c) : # of credits issued by the issuer of c 30

  31. Credit pool of attackers vs honest nodes C D A 3 3 Y E Y 1 X X Y X 2 Y 1 X 1 Y Y 2 Y 2 X 1 X 2 Y 1 Y 2 3 B 6 X 2 Y 1 X 1 Y 2 6 X 6 X 1 X 1 X 2 Y 1 Y 2 X 2 X 2 Y 1 Y 2 X 1 Y 1 X 1 X 2 Y 2 6 all are high volume credits 6 Volume(c) : # of credits issued by the issuer of c 31

  32. Credit pool of attackers vs honest nodes C D A 3 3 Y C E E Y 1 D X X Y X 2 Y 1 X 1 Y Y 2 B B Y 2 X 1 X 2 Y 1 Y 2 3 B 6 X 2 Y 1 X 1 Y 2 6 X 6 X 1 X 1 X 2 Y 1 Y 2 X 2 X 2 Y 1 Y 2 X 1 Y 1 X 1 X 2 Y 2 6 all are high volume credits 6 Volume(c) : # of credits issued by the issuer of c 32

  33. Credit pool of attackers vs honest nodes C D low volume A 3 3 Y C E E Y 1 D X X Y X 2 Y 1 X 1 Y Y 2 B B Y 2 X 1 X 2 Y 1 Y 2 3 B 6 X 2 Y 1 X 1 Y 2 high volume 6 X 6 X 1 X 1 X 2 Y 1 Y 2 X 2 X 2 Y 1 Y 2 X 1 Y 1 X 1 X 2 Y 2 6 all are high volume credits 6 Volume(c) : # of credits issued by the issuer of c 33

  34. Distribution of credits’ volume 1 obability density 1013 3 313 Prob 0 3 6 Volume Expected volume distribution in a normal credit pool Volume distribution in an adversary’s credit pool 34

  35. Idea 2: Modeling good behavior obability density 1013 3 313 Prob 0 3 6 Volume Expected volume distribution in a normal credit pool 35

  36. Idea 2: Modeling good behavior Central server samples a obability density subset of peers and ask 1013 for # of issued credits 3 313 Prob 0 3 6 Volume Expected volume distribution in a normal credit pool 36

  37. Idea 2: Modeling good behavior obability density 1013 3 313 Prob 0 3 6 Volume Expected volume distribution in a normal credit pool 37

  38. Idea 2: Modeling good behavior obability density 1013 3 313 Prob 0 3 6 Volume Expected volume distribution in a normal credit pool Volume distribution in a credit pool 38

  39. Idea 2: Modeling good behavior filter credits obability density 1013 3 313 Prob 0 3 6 Volume Expected volume distribution in a normal credit pool Volume distribution in a credit pool 39

  40. Idea 2: Modeling good behavior filter credits obability density 1013 313 3 Prob 0 3 6 Volume Expected volume distribution in a normal credit pool Volume distribution in a credit pool − � Rep (diversity of filtered pool) 2 (# issued credit ) = 40

  41. Effect on attackers C D low volume A 3 3 Y C E E Y 1 D X X Y X 2 Y 1 X 1 Y 2 Y B B Y 2 X 1 X 2 Y 1 Y 2 3 B 6 Y 1 3 X 1 X 2 Y 2 high volume 3 6 X 6 X 1 X 1 X 2 Y 1 Y 2 X 2 X 2 Y 1 Y 2 X 1 X 1 X 2 Y 1 Y 2 6 3 6 6 Sybils issue similar amount of credits as honest nodes 41

  42. Credo’s security properties k • Suppose there are adversaries, each brings in Sybils. They form a collusion s � size of , and do not contribute. C k s = 42

Recommend


More recommend