MultiCluster : um modelo de integração baseado em rede peer-to-peer para a concepção de grades locais / MultiCluster: an integration model based on peer-to-peer protocols for the construction of local grids

Barreto, Marcos Ennes

January 2010

As grades computacionais e as redes peer-to-peer (P2P) surgiram como áreas distintas, com diferentes propósitos, modelos e ferramentas. No decorrer dos últimos anos, estas áreas foram convergindo, uma vez que a infraestrutura e o modelo de execução descentralizada das redes P2P provaram ser uma alternativa adequada para o tratamento de questões relacionadas à manutenção de grades de larga escala, tais como escalabilidade, descoberta, alocação e monitoramento de recursos. O modelo MultiCluster trata a convergência entre grades computacionais e redes peer-to-peer de uma forma mais restrita: os problemas de escalabilidade, de descoberta e alocação de recursos são minimizados considerando-se apenas recursos localmente disponíveis para a construção de uma grade, a qual pode ser usada para a execução de aplicações com diferentes características de acoplamento e comunicação. Esse trabalho apresenta a arquitetura do modelo e seus aspectos funcionais, bem como um primeira implementação do modelo, realizada através da adaptação da biblioteca de programação DECK sobre os protocolos do projeto JXTA. A avaliação do funcionamento dessa implementação é apresentada e discutida, com base em algumas aplicações com diferentes características. / Grid computing and peer-to-peer computing emerged as distinct areas with different purposes, models and tools. Over the last years, these areas has been converging since the infrastructure and the execution model used in peer-to-peer networks have proven to be a suitable way to treat some problems related to the maintenance of large scale grids, such as scalability, monitoring, and resource discovery and allocation. The MultiCluster model addresses the convergence of grids and peer-to-peer networks in a more restricted way: the problems related to scalability, resource allocation and discovery are minimized by considering only local resources for the conception of a small scale grid, which can be used to run applications with different characteristics of granularity and communication. This work presents the MultiCluster architecture and its functional aspects, as well as a first implementation carried out by adapting the DECK programming library to use JXTA protocols and its consequent evaluation, based on applications with different characteristics.

Cluster

Computação em grade

Programacao distribuida

Distributed programming

Grid computing

Peer-to-peer networks

MultiCluster : um modelo de integração baseado em rede peer-to-peer para a concepção de grades locais / MultiCluster: an integration model based on peer-to-peer protocols for the construction of local grids

Barreto, Marcos Ennes

January 2010

As grades computacionais e as redes peer-to-peer (P2P) surgiram como áreas distintas, com diferentes propósitos, modelos e ferramentas. No decorrer dos últimos anos, estas áreas foram convergindo, uma vez que a infraestrutura e o modelo de execução descentralizada das redes P2P provaram ser uma alternativa adequada para o tratamento de questões relacionadas à manutenção de grades de larga escala, tais como escalabilidade, descoberta, alocação e monitoramento de recursos. O modelo MultiCluster trata a convergência entre grades computacionais e redes peer-to-peer de uma forma mais restrita: os problemas de escalabilidade, de descoberta e alocação de recursos são minimizados considerando-se apenas recursos localmente disponíveis para a construção de uma grade, a qual pode ser usada para a execução de aplicações com diferentes características de acoplamento e comunicação. Esse trabalho apresenta a arquitetura do modelo e seus aspectos funcionais, bem como um primeira implementação do modelo, realizada através da adaptação da biblioteca de programação DECK sobre os protocolos do projeto JXTA. A avaliação do funcionamento dessa implementação é apresentada e discutida, com base em algumas aplicações com diferentes características. / Grid computing and peer-to-peer computing emerged as distinct areas with different purposes, models and tools. Over the last years, these areas has been converging since the infrastructure and the execution model used in peer-to-peer networks have proven to be a suitable way to treat some problems related to the maintenance of large scale grids, such as scalability, monitoring, and resource discovery and allocation. The MultiCluster model addresses the convergence of grids and peer-to-peer networks in a more restricted way: the problems related to scalability, resource allocation and discovery are minimized by considering only local resources for the conception of a small scale grid, which can be used to run applications with different characteristics of granularity and communication. This work presents the MultiCluster architecture and its functional aspects, as well as a first implementation carried out by adapting the DECK programming library to use JXTA protocols and its consequent evaluation, based on applications with different characteristics.

Cluster

Computação em grade

Programacao distribuida

Distributed programming

Grid computing

Peer-to-peer networks

Dois pesos, duas medidas : gerenciamento de identidades orientado a desafios adaptativos para contenção de Sybils. / TwoWeights and two measures: using adaptive puzzles in identity management for sybil contention

Mauch, Gustavo Huff

January 2010

O ataque Sybil consiste na criação indiscriminada de identidades forjadas por um usuário malicioso (atacante). Uma abordagem promissora para mitigar esse ataque consiste em conceder novas identidades mediante a resolução de desafios computacionais. Apesar de suas potencialidades, as soluções baseadas em tal abordagem não distinguem solicitações de usuários corretos das de atacantes, fazendo com que ambos paguem o mesmo preço por identidade solicitada. Por conta disso, essas soluções podem não ser efetivas quando os recursos computacionais dos atacantes são muito superiores aos que os usuários legítimos dispõem. Assumindo desafios de uma determinada dificuldade, atacantes com hardware de maior capacidade conseguiriam resolver um conjunto muito superior de desafios e, com isso, obter um número elevado de identidades. Aumentar uniformemente a dificuldade dos desafios poderia, no outro extremo, tornar proibitivo o ingresso de pares a rede. Para lidar com esse problema, nesta dissertação propi5e-se o use de desafios adaptativos como limitante a disseminação de Sybils. Estima-se um grau de confiança da fonte de onde partem as solicitações de identidade em relação as demais. Quanto maior a frequência de solicitação de identidades, menor o grau de confiança e, consequentemente, maior a complexidade do desafio a ser resolvido pelo(s) usuário(s) associado(s) Aquela fonte. Resultados obtidos por meio de experimentação mostram a capacidade da solução de atribuir desafios mais complexos a potenciais atacantes, penalizando minimamente usuários legítimos. / The Sybil attack consists on the indiscriminate creation of counterfeit identities by a malicious user (attacker). An effective approach to tackle such attack consists of establishing computational puzzles to be solved prior to granting new identities. Despite its potentialities, solutions based on such approach do not distinguish between identity requests from correct users and attackers, and thus require both to afford the same cost per identity requested. Therefore, those approaches may not be effective when the attacker's computational resources are superior than those used by correct users. Assuming any choice of puzzle hardness, attackers that have access to high-performance computing resources will be able to solve puzzles several order of magnitude faster than legitimate users and thus obtain a large amount of identities. On the other way, raising the cost to solve the puzzles could restrict legitimate users too much. To tackle this problem, in this paper we propose the use of adaptive computational puzzles to limit the spread of Sybils. We estimate a trust score of the source of identity requests in regard to the behavior of others. The higher the frequency a source requests identities, the lower its trust score and, consequently, the higher the complexity of the puzzle to be solved by the user(s) associated to that source. Results achieved by means of an experimental evaluation evidence our solution's ability to establish more complex puzzles to potential attackers, while minimally penalizing legitimate users.

Seguranca : Computadores

Redes : Computadores

Redes P2P

Criptografia : Comunicacao : Dados

Peer-to-peer networks

Authentication

Identity management

Dois pesos, duas medidas : gerenciamento de identidades orientado a desafios adaptativos para contenção de Sybils. / TwoWeights and two measures: using adaptive puzzles in identity management for sybil contention

Mauch, Gustavo Huff

January 2010

O ataque Sybil consiste na criação indiscriminada de identidades forjadas por um usuário malicioso (atacante). Uma abordagem promissora para mitigar esse ataque consiste em conceder novas identidades mediante a resolução de desafios computacionais. Apesar de suas potencialidades, as soluções baseadas em tal abordagem não distinguem solicitações de usuários corretos das de atacantes, fazendo com que ambos paguem o mesmo preço por identidade solicitada. Por conta disso, essas soluções podem não ser efetivas quando os recursos computacionais dos atacantes são muito superiores aos que os usuários legítimos dispõem. Assumindo desafios de uma determinada dificuldade, atacantes com hardware de maior capacidade conseguiriam resolver um conjunto muito superior de desafios e, com isso, obter um número elevado de identidades. Aumentar uniformemente a dificuldade dos desafios poderia, no outro extremo, tornar proibitivo o ingresso de pares a rede. Para lidar com esse problema, nesta dissertação propi5e-se o use de desafios adaptativos como limitante a disseminação de Sybils. Estima-se um grau de confiança da fonte de onde partem as solicitações de identidade em relação as demais. Quanto maior a frequência de solicitação de identidades, menor o grau de confiança e, consequentemente, maior a complexidade do desafio a ser resolvido pelo(s) usuário(s) associado(s) Aquela fonte. Resultados obtidos por meio de experimentação mostram a capacidade da solução de atribuir desafios mais complexos a potenciais atacantes, penalizando minimamente usuários legítimos. / The Sybil attack consists on the indiscriminate creation of counterfeit identities by a malicious user (attacker). An effective approach to tackle such attack consists of establishing computational puzzles to be solved prior to granting new identities. Despite its potentialities, solutions based on such approach do not distinguish between identity requests from correct users and attackers, and thus require both to afford the same cost per identity requested. Therefore, those approaches may not be effective when the attacker's computational resources are superior than those used by correct users. Assuming any choice of puzzle hardness, attackers that have access to high-performance computing resources will be able to solve puzzles several order of magnitude faster than legitimate users and thus obtain a large amount of identities. On the other way, raising the cost to solve the puzzles could restrict legitimate users too much. To tackle this problem, in this paper we propose the use of adaptive computational puzzles to limit the spread of Sybils. We estimate a trust score of the source of identity requests in regard to the behavior of others. The higher the frequency a source requests identities, the lower its trust score and, consequently, the higher the complexity of the puzzle to be solved by the user(s) associated to that source. Results achieved by means of an experimental evaluation evidence our solution's ability to establish more complex puzzles to potential attackers, while minimally penalizing legitimate users.

Seguranca : Computadores

Redes : Computadores

Redes P2P

Criptografia : Comunicacao : Dados

Peer-to-peer networks

Authentication

Identity management

A Framework for anonymous background data delivery and feedback

Timchenko, Maxim

28 October 2015

The current state of the industry’s methods of collecting background data reflecting diagnostic and usage information are often opaque and require users to place a lot of trust in the entity receiving the data. For vendors, having a centralized database of potentially sensitive data is a privacy protection headache and a potential liability should a breach of that database occur. Unfortunately, high profile privacy failures are not uncommon, so many individuals and companies are understandably skeptical and choose not to contribute any information. It is a shame, since the data could be used for improving reliability, or getting stronger security, or for valuable academic research into real-world usage patterns. We propose, implement and evaluate a framework for non-realtime anonymous data collection, aggregation for analysis, and feedback. Departing from the usual “trusted core” approach, we aim to maintain reporters’ anonymity even if the centralized part of the system is compromised. We design a peer-to-peer mix network and its protocol that are tuned to the properties of background diagnostic traffic. Our system delivers data to a centralized repository while maintaining (i) source anonymity, (ii) privacy in transit, and (iii) the ability to provide analysis feedback back to the source. By removing the core’s ability to identify the source of data and to track users over time, we drastically reduce its attractiveness as a potential attack target and allow vendors to make concrete and verifiable privacy and anonymity claims.

Computer engineering

Anonymity

Data collection

Peer-to-peer networks

Privacy-preserving systems

Secure information flow

Implementation and Evaluation of the Service Peer Discovery Protocol

Urdiales Delgado, Diego

January 2004

This document is the final report of the master's thesis "Implementation and Evuation of the Service Peer Discovery Protocol", carried out at the Center for Wireess Systems, KTH, Stockholm. This thesis addresses the problem of service discovery in peer-to-peer mobile networks by implementing and evaluating a previously designed protocl (the Service Peer Discovery Protocol). The main feature of peer-to-peer networks is that users connected to them can communicate directly with each other, without the necessity of interaction via a central point. However, in order for two networks users (ir peers) to communicate, they must have a means to locate and address each other, which is in gernal called a discovery protocol. There are many different solutions for discoverying protocols that work efficiently in fixed or slow-moving networks, but full mobility introduces a set of new difficulties for the discovery of peers and their services. The potential changes in location, which can occur very ofter, the changes in IP address that these changes cuase, and roaming between networks of different kinds are good examples of these difficulties. To solve these problems, a new Service Peer Discovery Protocol was designed and a test application built. The next step towards the introduction of this protocol was creating a working implementation, setting up a suitable test environment, performing experiments, and evaluating its performance. This evaluation could lead to improvments in the protoocl. The aim of this thesis is to implement and document the Service Peer Discovery Protocol, to carry out measurements of it, to evaluate the efficiency of the protocol, and to suggest ways in which it could be improved. The Service Peer Discovery Protocol was found to be well targeted to wireless, peer-to-peer networks, althgouh improvements in the protocol could make it more time and traffic-efficient while maintaining the same level of performance. / Detta är den slutliga rapporten för examensarbetet "Implementation och utvädering av Service Peer Discovery Protocol", utfört på Center for Wireless Systems, KTH, Stockholm.  Uppsatsen behandlar problemet med sökning efter tjänster i icke-hierarkiska (peer-to-peer) mobila nätverk genom att implementera och utvädera ett redan konstruerat protokoll (Service Peer Discovery Protocol). Den huvudsakliga fördelen med icke-hierarkiska nätverk är att anslutna anvndare (parter) kan kommunicera direkt med varandra, utan att behöva interagera med en central punkt.  Dock måste metoder för att lokalisera och adressera andra parter vara tillgängliga för att parterna skall kunna kommunicera, metoder som kalla sökprotokoll (discovery protocol). Det finns många olika sökprotokollösningar som fungerar effektivt i fasta eller långsamma mobila nätverk, men med full mobilitet introduceras ett antal nya svårigheter vid s kande efter parter och tjänster. Den potentiella förändringen av position (vilken kan inträffa ofta), byte av IP-address som dessa förändringar medför, och förflyttning mellan olika typer av nätverk, är exempel på sådana svårigheter. För att lösa dessa problem, konstruerades protokollet Service Peer Discovery Protocol och en testapplikation byggdes.  Nästa steg mot en introducering av detta protokoll var en fungerande implementation, en lämplig testmilö, utförandet av tester och en utvädering av prestandan.  Utväderingen syftade till att förbättra protokollet.  Syftet med detta examensar1ete är att implementera och dokumentera protokollet Service Peer Discovery Protocol, att göra mätningar, att utvädera effektiviteten samt att föreslå förbättringar av protokollet. Service Peer Discovery Protocol, fanns vara väl anpassat till icke-hierarkiska trådlösa nätverk.  Dock torde förbättringar av protokollet innebära tidseffektivare och trafikeffektivare beteende utan att kompromissa prestandanivån.

Discovery protocols

peer to peer networks

wireless networks

Session Initiation Protocol

evaluation

Communication Systems

Kommunikationssystem

Understanding Internet Naming: From the Modern DNS Ecosystem to New Directions in Naming

Callahan, Tom

16 August 2013

No description available.

Computer Science

internet measurement

internet naming

dns

bootstrapping

peer-to-peer networks

Mirror worlds, eclipse attacks and the security of Bitcoin and the RPKI

Heilman, Ethan

16 June 2022

While distributed databases offer great promise their decentralized nature poses a number of security and privacy issues. In what ways can parties misbehave? If a database is truly distributed can a malicious actor hide their misdeeds by presenting conflicting views of the database? Can we overcome such deceit and either prevent it by eliminating trust assumptions or detect such perfidy and hold the malicious party to account? We study these questions across two distributed databases: RPKI (Resource Public Key Infrastructure), which is used to authenticate the allocation and announcement of IP prefixes; and Bitcoin, a cryptocurrency that utilizes a permissionless database called a blockchain to track the transfer and ownership of bitcoins. The first part of this dissertation focuses on RPKI and the potential of RPKI authorities to misbehave. We consider the methods, motivations, and impact of this misbehavior and how an RPKI authority can present inconsistent views to hide this misbehavior. After studying the problem we propose solutions to detect and identify such misbehavior. Now we turn our attention to Bitcoin. We look at ways an attacker can manipulate Bitcoin's Peer-to-Peer network to cause members of the network to have inconsistent views of Bitcoin's blockchain and subvert Bitcoin's core security guarantees. We then propose countermeasures to harden Bitcoin against such attacks. The final part of this dissertation discusses the problem of privacy in Bitcoin. Many of the protocols developed to address Bitcoin's privacy limitations introduce trusted parties. We instead design privacy enhancing protocols that use an untrusted intermediary to mix \aka anonymize, bitcoin transactions via blind signatures. To do this we must invent a novel blind signature fair-exchange protocol that runs on Bitcoin's blockchain. This dissertation favors a dirty slate design process. We work to layer protections on existing protocols and when we must make changes to the underlying protocol we carefully weigh compatibility and deployment considerations. This philosophy has resulted in some of the research described in this dissertation influencing the design of deployed protocols. In the case of Bitcoin our research is currently used to harden a network controlling approximately a trillion dollars.

Computer science

Anonymity

Bitcoin

Cryptocurrency

Cryptography

Peer-to-peer networks

RPKI

Právní otázky internetu v mezinárodním a vnitrostátním právu / Legal issues of the internet in international and national law

Miroš, Petr

January 2010

Legal issues of the Internet from the scope of international and national law Global internet network has changed the social, political and business life of most people in the World. Communication is much faster, the flow of information all around the World takes a few seconds. Exchange of political opinions, personal and business information, works protected by copyright and other information has become unstoppable. Members of the international community are trying to tackle this new challenge to their legal and political systems. This diploma thesis is describing some arreas of private law where Internet plays the most important role and has changed the scope and interpretation of many legal rules. The work is dividend into two main parts. The first one deals with general aspects of the Internet such as its history, architecture, different regulatory layers, the copyright law on-line, general legal issues arising from the Yahoo! case and its impact on political systems. The second part describes more specific areas mainly focused on the protection of personality and personal data in the on-line environment. To be more specific, there are chapters dealing with communication software, social networks, direct business and usage of the Internet for business reasons. Specific chapter is dedicated to...

Abordagem de teoria dos jogos evolucionários para modelagem de aplicações de live streaming em redes peer-to-peer / Evolutionary game theory approach for modeling live streaming applications over peer-to-peer networks

Watanabe, Sandra Satyko Guimarães

January 2010

Existe um interesse crescente do mercado por aplicações de multimídia em streaming via rede. Particularmente, as aplicações de live streaming que utilizam a tecnologia de redes P2P para a disseminação de conteúdo têm sido alvo de grande atenção. Aplicações como PPLive e PPStream provam que as aplicações de live streaming em redes P2P são uma realidade com relação à tecnologia atual. Os sistemas de live streaming fornecem um serviço de multicast no nível de aplicação para transmissões ao vivo na Internet. Essas aplicações de live streaming, quando executadas em redes P2P, têm potencial para serem altamente robustas, escaláveis e adaptativas devido à redundância e não dependência de recursos particulares dentre os nodos participantes. Porém, para fazer uso de todas as vantagens disponíveis, a aplicação deve contornar alguns desafios: i) manter a qualidade de playback mesmo com a inerente dinamicidade das redes P2P; ii) impedir que nodos incorretos escondam ações maliciosas atrás do anonimato que existe em P2P; iii) manter a taxa de upload dos nodos participantes da aplicação em um nível aceitável. A taxa de upload dos nodos é muito importante porque a aplicação de live streaming em P2P é uma aplicação cooperativa. Desta forma, esperase que todo novo usuário ajude a aplicação retransmitindo pacotes para outros usuários, mantendo, desta forma, a capacidade global de upload do sistema. Infelizmente, manter a cooperação em live streaming não é uma tarefa trivial, visto que cada nodo enfrenta o dilema social do interesse próprio (individualmente é melhor explorar a cooperação dos outros usuários sem reciprocidade) versus a cooperação para com o grupo. A principal contribuição deste trabalho consiste na apresentação de um modelo matemático baseado em Teoria dos Jogos Evolucionários, cujo objetivo é ajudar a compreender as aplicações de live streaming em redes P2P e os fatores que influenciam o seu correto funcionamento. Como contribuição secundária, este trabalho fornece uma análise estatística do comportamento do download e upload observado nestas aplicações. A análise estatística mostra que existe um decaimento da variância temporal de download e upload nas aplicações de live streaming, e que tal decaimento segue uma lei de potência. Os resultados evolucionários do modelo indicam que, se a queda do índice de satisfação dos usuários com a taxa de download for suave, e se a redução da satisfação devido ao custo de upload for insignificante, então existe um ambiente propício para que a cooperação entre os nodos cresça. De forma inversa, se a queda do índice de satisfação dos usuários com a taxa de download for abrupta, e a redução da satisfação devido ao custo de upload for significativa, então existe um ambiente propício para proliferação de nodos oportunistas. A realização e descrição desta pesquisa é composta de quatro etapas principais: i) a delimitação do cenário de live streaming e a definição do jogo para modelagem; ii) a definição do conjunto de estratégias e da função de utilidade; iii) a criação do modelo; iv) a análise do modelo e a apresentação dos resultados de simulação. A análise do modelo abrange três fases: i) análise estatística e comparação das características de download e upload dos dois simuladores utilizados; ii) avaliação do modelo de Teoria dos Jogos Evolucionários através de simulações; e iii) análise dos resultados evolucionários gerados pelo simulador de Teoria dos Jogos Evolucionários. / There is a growing interest in the market for networked multimedia applications. Live streaming applications that use the technology of P2P networks for distribution of live content have specially been the subject of great attention. Applications such as PPLive and PPStrem demonstrate that P2P live streaming applications are already possible with our present technology. Live streaming systems provide a multicast service in the application level for live broadcasts to users through the Internet. These systems executing in P2P networks have the potential to be highly robust, scalable and adaptive due to the characteristics of these scenarios. However, to take advantage of these potential properties, they must overcome some challenges: i) to maintain the playback quality even with the inherent dynamics of P2P networks; ii) to prevent that incorrect peers hide malicious behavior behind their anonymity; iii) to maintain the upload contribution of peers at acceptable levels. The upload contribution of peers is highly important because live streaming applications are cooperative applications. Therefore, every new user must help the application forwarding packets to other users, thereby maintaining the global upload capacity of the system. Unfortunately, the maintenance of cooperation in live streaming system is not a trivial task, since each node faces the social dilemma of self-interest (individually is always better to explore the cooperation of other users without reciprocity) versus cooperation to the group. The main contribution of this dissertation is the presentation of a mathematical model based on Evolutionary Game Theory, whose goal is to help understanding live streaming P2P applications and the factors that influence their correct operation. As a secondary contribution, this work provides a statistical analysis of download and upload behaviors of peers in live streaming P2P systems. The statistical analysis indicates that there is a decay in the download and upload variances, and that this decay follows a power law. The evolutionary results of the model indicate that, if the satisfaction of users with the download rate is smooth, and the reduction of satisfaction due to the upload cost is negligible, then there is a favorable environment for the growth of cooperation. Conversely, if the satisfaction of users with the download rate is abrupt, and the reduction of satisfaction due to the upload cost is significant, then there is a favorable environment to the proliferation of opportunistic nodes. The realization and description of this research is composed of four main steps: i) the definition of the live streaming scenario and the definition of the game to model this scenario; ii) the definition of the strategy set and of the utility function; iii) the suggestion of a model; iv) the analysis of the proposed model and the presentation of obtained results. The model analysis comprehends three phases: i) the statistical analysis and the comparison of the characteristics of download and upload of the two simulators used in this work; ii) the evaluation of the Evolutionary Game Theory model through simulation; and iii) the analysis of the results generated by the Evolutionary Game Theory simulator.

Sistemas distribuidos

P2P

Teoria : Jogos

Tolerancia : Falhas

Peer-to-peer networks

Live streaming

Evolutionary game theory

Fault tolerance