Peer-to-peer (P2P) systems are gaining popularity and importance for applications ranging from communications to content delivery over the Internet. Since such systems are inherently formed by a large collection of untrusted peers, their security and reliability can be adversely impacted by malicious peers in the system. In particular, P2P systems must provide a reliable decentralized directory service for locating peers with the desired content and services. If malicious peers are able to subvert directory lookups, the integrity of the system is greatly compromised.
This project advances the state of the art in P2P security and reliability by applying reputation information at the directory level for improved success of subsequent lookups. The new systems will use information from successful and failed lookups, as well as the structure of the peer-to-peer system, to derive reputation information for various peers and estimate the locations of malicious nodes in the system. The project will also include an investigation into mechanisms to limit Sybil attacks, in which attackers attempt to overwhelm the system with malicious peers. The mechanisms will combine the use of social network links and the structure of the P2P system to create a robust identifier space for nodes, thus constraining how many Sybils can be introduced into the system. Through a combination of such techniques, the project will make P2P systems more trustworthy and reliable, directly impacting the millions of users who already make use of such systems today.
This project examined trust in highly distributed and open computing systems, such as peer-to-peer (P2P) file-sharing services, anonymous communication systems, and opportunistic networks. Such systems face major security challenges due to their open nature, and they thus require carefully designed security solutions. In this project, we examined four such solutions. ReDS: Reputation for Directory Services. P2P systems have enormous potential for widespread transmission and storage of information. The directory services that allow this information to be found in the P2P system, however, can be severely undermined by a determined attacker with moderate resources. We studied the design of reputation schemes that enable peers to correctly find what they are looking for. Persea: Secure P2P Against Sybil Attacks. P2P systems, even when protected by ReDS, are vulnerable to the injection of many malicious peers controlled by a single attacker. These so-called Sybil attacks are challenging to detect and stop. We proposed and evaluated a novel system design called Persea that has users build up a social network from invitations to join the system and leverages this network to ensure robust directory services even against powerful Sybil attackers. CRISP: Secure, Collusion-Resistant Incentives for Routing. Opportunistic networks are formed from people moving around with smartphones and exchanging messages. Passing these messages around costs battery power, so incentives are needed to ensure participation. Unfortunately, malicious actors could undermine these incentives and break routing in the network. We studied the design of CRISP, a novel scheme that ensures honest participation and prevents attacks. Pisces: Secure P2P Anonymity. Anonymity systems like the popular Tor system are vulnerable to compromise of a small set of trusted servers. P2P approaches are promising to address this, but they are vulnerable to attackers who can control many malicious peers. With Pisces, we designed and evaluated a novel approach to increasing the resilience of a secure P2P approach by leveraging the trust relationships between users. With these four research directions, we substantially advanced our understanding of how to secure these open networks. This work will lead to designers of distributed systems building on these advances and incorporating them into their systems for improved security. Furthermore, we developed new educational modules to teach students about research in security, privacy, and distributed systems.