Peer-to-peer (P2P) systems are gaining popularity and importance for applications ranging from communications to content delivery over the Internet. Since such systems are inherently formed by a large collection of untrusted peers, their security and reliability can be adversely impacted by malicious peers in the system. In particular, P2P systems must provide a reliable decentralized directory service for locating peers with the desired content and services. If malicious peers are able to subvert directory lookups, the integrity of the system is greatly compromised.

This project advances the state of the art in P2P security and reliability by applying reputation information at the directory level for improved success of subsequent lookups. The new systems will use information from successful and failed lookups, as well as the structure of the peer-to-peer system, to derive reputation information for various peers and estimate the locations of malicious nodes in the system. The project will also include an investigation into mechanisms to limit Sybil attacks, in which attackers attempt to overwhelm the system with malicious peers. The mechanisms will combine the use of social network links and the structure of the P2P system to create a robust identifier space for nodes, thus constraining how many Sybils can be introduced into the system. Through a combination of such techniques, the project will make P2P systems more trustworthy and reliable, directly impacting the millions of users who already make use of such systems today.

Project Report

Peer-to-peer (P2P) systems such as Skype and BitTorrent are decentralized systems, which distribute major aspects of their functionality amongst multiple, networked machines called ‘peers’. P2P systems are used by millions of people today but are highly vulnerable to malicious activity. Attackers can introduce their own machines into the system, as there is little or no restriction to join such systems. These attackers (i.e., malicious peers) can then censor, remove, or falsify information sought by other peers in the system. This research makes an impact on P2P architectures in the real world by making such systems more trustworthy and reliable. This project developed techniques whereby individual peers can maintain ‘reputation’ information about other peers, i.e., a measure of how accurately other peers have answered search queries. Such reputation information can be then used effectively to avoid malicious peers in the system by inferring their locations based on observations from several search queries. This technique enhances popular P2P architectures such as Kademlia and Chord, thus offering to impact a large class of real-world deployments. Once the underlying P2P architecture for search queries is made resilient, P2P systems can enable far-reaching applications such as decentralized social networks. Over a billion people use centralized social networks, with great risk to their privacy; this research highlighted one possible harm whereby ‘anonymized’ social network datasets released by providers can be de-anonymized with high accuracy by leveraging their internal structure. In particular, social networks are naturally composed of ‘communities’ of interconnected people, e.g., based on common interest. Even if nodes corresponding to the people in the social network are anonymized, this research showed that the underlying community structure can be used to reveal the original identities of those people by comparing the anonymized network with a reference social network known to the attacker. To enable privacy enhanced decentralized social networks, this project developed a social caching technique to leverage trusted relationships in the P2P network to provide higher assurances of privacy while maintaining efficiency. This work shows that two of the major barriers for realizing decentralized social networks --- privacy and efficiency --- can be attained simultaneously, and offers the promise of impacting society by reducing people’s reliance on centralized services for their privacy. The project also sought to strengthen the interests of African American students in STEM fields (science, technology, engineering, and math) as well as graduate study in STEM fields. The PI hosted two African American summer interns, one from an HBCU institution, as part of this effort, with the goal of getting more underrepresented populations interested in computer science and network security and privacy.

Agency
National Science Foundation (NSF)
Institute
Division of Computer and Network Systems (CNS)
Type
Standard Grant (Standard)
Application #
1115693
Program Officer
Joseph Lyles
Project Start
Project End
Budget Start
2011-09-01
Budget End
2014-08-31
Support Year
Fiscal Year
2011
Total Cost
$150,000
Indirect Cost
Name
Indiana University
Department
Type
DUNS #
City
Bloomington
State
IN
Country
United States
Zip Code
47401