BitTorrent Needs Psychiatric Guarantees: Quantifying How Vulnerable BitTorrent Swarms Are to Sybil Attacks<br />Felipe Pon...
Introduction<br />BitTorrent Protocol<br />Sybil Attacks<br />Sybil Attacks in BitTorrent Systems<br />Simulations<br />Co...
BitTorrent is one of the most popular content distribution protocols nowadays<br />In BitTorrent she who donates more earn...
BitTorrent has a completely autonomous identification generation scheme<br />Peers use a random mechanism to discover othe...
To evaluate the impact of sybil attacks in BitTorrent systems when an attacker is interested in increasing her utility<br ...
BitTorrentProtocol<br />Distribution cost shared between peers<br />Peers downloading a file (leechers) and peers that hav...
Based on a tit-for-tat strategy<br />Peers who have higher upload rates probably will have higher download rates<br />Conn...
A peer has not a whole system overview<br />The peer might be choked by potential good partners for not having uploaded to...
An attacker associates multiple identities to herself in an attempt to fool the other entities<br />Proper scenarios<br />...
Tracker flooded with sybil identities<br />Attacker increases her number of connections<br />Optimistic unchoking connecti...
General Peer-to-Peer Simulator (GPS)<br />BitTorrent swarms simulations<br />Changes in GPS to support sybil attacks simul...
12<br />Simulations<br />Unfeasible simulations execution using all torrents<br />GPS memory constraints<br />A representa...
Agglomerative Hierarchical Clustering process<br />Similar torrents are merged in clusters<br />Similarity measured as the...
14<br />TorrentsClustering<br />
TorrentsClustering<br />14 clusters<br />7 non-representative clusters (only 1 or 2 torrents each)<br />1 made up of a tor...
RepresentativeTorrents<br />For each cluster we selected one representative torrent<br />The torrent closest to the Euclid...
3 distinct attack times<br />Start of the torrent (t0)<br />An attacker wants the file as soon as it is published<br />Max...
3 versions of each torrent<br />All leechers act correctly<br />One leecher replaced by the sybil attacker<br />One leeche...
Results considering 95% of confidence level and 5% of error<br />Average download rates increase with the attack starting ...
Only a small number of identities is needed for an attack to be effective<br />In 4 out of the 5 representative torrents s...
Simulations’ Results<br />21<br />Download average rates to torrent of cluster 4<br />
Simulations’ Results<br />22<br />Download average rates for tenfold increase of identities of torrent of cluster 4<br />
It is possible to perform a sybil attack in BitTorrent<br />When there is high resource contention the attack was not succ...
To improve the mathematical model<br />To investigate probabilistic optimistic unchoking as a strategy to mitigate a sybil...
Thank You!<br />Felipe Pontes<br />felipep@lsd.ufcg.edu.br<br />This work was developed in collaboration with HP Brasil P&...
Upcoming SlideShare
Loading in …5
×

BitTorrent Needs Psychiatric Guarantees: Quantifying How Vulnerable BitTorrent Swarms Are to Sybil Attacks

1,101 views

Published on

Apresentação realizada por Felipe Pontes no LADC'09. Pesquisa desenvolvida no Laboratório de Sistemas Distribuídos (LSD) - Universidade Federal de Campina Grande (UFCG)

Published in: Health & Medicine, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,101
On SlideShare
0
From Embeds
0
Number of Embeds
38
Actions
Shares
0
Downloads
20
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

BitTorrent Needs Psychiatric Guarantees: Quantifying How Vulnerable BitTorrent Swarms Are to Sybil Attacks

  1. 1. BitTorrent Needs Psychiatric Guarantees: Quantifying How Vulnerable BitTorrent Swarms Are to Sybil Attacks<br />Felipe Pontes<br />Francisco Brasileiro<br />Nazareno Andrade<br />09/02/2009<br />
  2. 2. Introduction<br />BitTorrent Protocol<br />Sybil Attacks<br />Sybil Attacks in BitTorrent Systems<br />Simulations<br />Conclusions<br />2<br />Agenda<br />
  3. 3. BitTorrent is one of the most popular content distribution protocols nowadays<br />In BitTorrent she who donates more earns more<br />Is it possible for someone to have a better download time than that of a collaborator?<br />3<br />Introduction<br />
  4. 4. BitTorrent has a completely autonomous identification generation scheme<br />Peers use a random mechanism to discover other peers<br />Multiple identities to fool BitTorrent system sybil attack <br />4<br />Introduction<br />
  5. 5. To evaluate the impact of sybil attacks in BitTorrent systems when an attacker is interested in increasing her utility<br />5<br />Goal<br />
  6. 6. BitTorrentProtocol<br />Distribution cost shared between peers<br />Peers downloading a file (leechers) and peers that have already downloaded it (seeders) form a swarm<br />Trackers help peers to discover other peers<br />6<br />
  7. 7. Based on a tit-for-tat strategy<br />Peers who have higher upload rates probably will have higher download rates<br />Connections used to make upload are called unchoked connections<br />Periodically a peer chooses to whom she donates<br />7<br />BitTorrent Incentive Mechanism<br />
  8. 8. A peer has not a whole system overview<br />The peer might be choked by potential good partners for not having uploaded to them recently<br />BitTorrent implements a periodic optimistic unchoking<br />A leecher periodically unchokes randomly-choosen connections<br />8<br />BitTorrent Incentive Mechanism<br />
  9. 9. An attacker associates multiple identities to herself in an attempt to fool the other entities<br />Proper scenarios<br />Spam<br />Sensor networks<br />Router overlays<br />Online voting<br />Peer-to-peer grids<br />Resource sharing<br />9<br />SybilAttacks<br />
  10. 10. Tracker flooded with sybil identities<br />Attacker increases her number of connections<br />Optimistic unchoking connections<br />How many identities are needed?<br />Mathematical model to help us to estimate:<br />Number of identities<br />How rapidly an attacker downloads a file when compared to a collaborator<br />10<br />SybilAttacks in BitTorrent Systems<br />
  11. 11. General Peer-to-Peer Simulator (GPS)<br />BitTorrent swarms simulations<br />Changes in GPS to support sybil attacks simulations<br />Each peer is online for a contiguous period<br />Torrents from traces of BitTorrent usage derived from a community that shares files for free distribution<br />11<br />Simulations<br />
  12. 12. 12<br />Simulations<br />Unfeasible simulations execution using all torrents<br />GPS memory constraints<br />A representative sample of torrents to be analyzed in depth<br />Main parameters<br />Seeders leaving rate ( )<br />Leechers leaving rate ( )<br />File size<br />Download and upload peers bandwidth<br />
  13. 13. Agglomerative Hierarchical Clustering process<br />Similar torrents are merged in clusters<br />Similarity measured as the average Euclidian distance of all torrents<br />Clusters’ heterogeneity increases<br />A rule of thumb to stop the merge:<br />To follow the average level of cluster heterogeneity on every step<br />To stop the process just before the merges start increasing heterogeneity too rapidly<br />13<br />TorrentsClustering<br />
  14. 14. 14<br />TorrentsClustering<br />
  15. 15. TorrentsClustering<br />14 clusters<br />7 non-representative clusters (only 1 or 2 torrents each)<br />1 made up of a torrent too similar to other clusters<br />1 made up of a torrent on which peers stay online for very little time<br />5 clusters selected<br />15<br />
  16. 16. RepresentativeTorrents<br />For each cluster we selected one representative torrent<br />The torrent closest to the Euclidian center of cluster<br />16<br />Characteristics of torrents<br />
  17. 17. 3 distinct attack times<br />Start of the torrent (t0)<br />An attacker wants the file as soon as it is published<br />Maximum number of leechers (tc)<br />High resource contention<br />Number of seeders overlaps the number of leechers (ts)<br />Low resource contention<br />17<br />ScenariosofSimulations<br />
  18. 18. 3 versions of each torrent<br />All leechers act correctly<br />One leecher replaced by the sybil attacker<br />One leecher replaced by a free rider<br />Sybil attack is effective if the attacker download average rate is equal to or higher than leecher rate<br />The attacker is not incurring in the cost of uploading to the system<br />18<br />ScenariosofSimulations<br />
  19. 19. Results considering 95% of confidence level and 5% of error<br />Average download rates increase with the attack starting time<br />Being a correct leecher was better than being a free rider<br />Performing a sybil attack was better than being a free rider<br />19<br />Simulations’ Results<br />
  20. 20. Only a small number of identities is needed for an attack to be effective<br />In 4 out of the 5 representative torrents simulated the attacker needed only 8 identities<br />In all torrents simulated the attacker could succeed with at most 130 identities<br />Mathematical model is considerably accurate<br />Only for 4 scenarios the attack was not effective<br />Large populations of peers at the time of the attack<br />20<br />Simulations’ Results<br />
  21. 21. Simulations’ Results<br />21<br />Download average rates to torrent of cluster 4<br />
  22. 22. Simulations’ Results<br />22<br />Download average rates for tenfold increase of identities of torrent of cluster 4<br />
  23. 23. It is possible to perform a sybil attack in BitTorrent<br />When there is high resource contention the attack was not successful in some scenarios<br />To increase the number of identities can change the attack result<br />Greedy attackers might cause the death of torrents<br />Mechanisms to address sybil attacks in BitTorrent<br />23<br />Conclusions<br />
  24. 24. To improve the mathematical model<br />To investigate probabilistic optimistic unchoking as a strategy to mitigate a sybil attack<br />To validate results presented in this work experimentally using real torrents<br />To consider the evolutionary dynamics of sybil attack strategies<br />24<br />Future Works<br />
  25. 25. Thank You!<br />Felipe Pontes<br />felipep@lsd.ufcg.edu.br<br />This work was developed in collaboration with HP Brasil P&D<br />

×