One important problem in peer-to-peer (P2P) overlay distributed systems is to enforce the trust of the data stored in the system, and protect the security and privacy of the peers. However, current research addresses this problem in two directions with independent efforts: privacy and security. In the privacy direction, researchers focus on proposing anonymity protocols to hide peers' identities and on how to prevent the attackers from revealing peers' identities. In the security direction, one major research focus is to detect the identities of peers who are suspicious to disturb normal operations in P2P systems intentionally or unintentionally. If a peer can absolutely hide his/her identity, the anonymity protocol can be possibly abused to threat the Internet security. Increasing peers' privacy means increasing the difficulties to ensure security. In this project, the PI conducts research to understand and provide solutions on balancing the tradeoffs between privacy and security in P2P systems. Specifically, (1) the PI develops anonymity communication protocols to provide privacy protection for P2P users with security insurance; (2) taking overlay distributed denial-of-service and file integrity as case studies for security issues, the PI develops technical security solutions without conflict with privacy requirements; (3) the research investigates a wide range of security issues by developing security solutions to balance tradeoffs of privacy and security. This project is integrated to a Microsoft sponsored undergraduate course development, where important topics of networking security and privacy, design of decentralized P2P systems are being studied.
