Post on 23-Mar-2016
description
BY: REBECCA NAVARRE& MICHAEL BAKER I I
Persea:Making Networks More Secure
Since Early 2013
Biography
Rebecca NavarreWesleyan CollegeApplied Mathematical Sciences
Michael Baker IITarrant County CollegeMechanical Engineering
Background
Peer-to-Peer NetworksDistributed Hash Tables (DHTs)Kad
Peer-to-Peer Networks
Purpose: file & resource sharing networkNodes capable of acting like client and serverAccessible to peers directly( for pure, no
central/intermediary entity)Workload is partitioned between peers.There is no central point of failure.Examples: Napster(centralized),
Freenet(Gnutella protocol), Gnutella2 and Kazaa (hybrid)
Peer-to-Peer cont.
Hybrid vs. Pure For Hybrid:
Allows for a central entity to provide network services or act as a security check.
For Pure All nodes are equal. When one node is removed,
the network continues without suffering a loss.
Distributed Hash Table
Purpose: System of Efficient Resource Discovery
Messages come into DHTs, retrieved by matching keys
Based on <key, value> pairs.If change occurs, minimal disruptionAllows for large scale data recoveryKEY VALUE
1 1002 2003 3004 400
Kad
Purpose: offers consistent search/find protocol
Figure 1
Kad Continued
Nodes know about neighborsK-buckets offer resistance to DOS attacks
Can’t flood out nodes with LIFOLookup
Source selects α # of closest nodes from its k-bucketSource sends look up request to each α node selectedEach α node returns β # of nodes from searching k-
bucketsSource then has α into β # of nodes in listFrom this, source selects selects α # of closest nodes
from its k-bucketProcess continues until it reaches target node
Persea Security
Initial Security Social Network & DHT Invitation Only
Kad Message entry
DHT
Social Network
New Node N
N
N
Hierarchical Node ID Distribution
Security
Bootstrap/Initiator Nodes
A B C D
a1 a2
q1
p2p1
d2d1
0
1
2
3
6364 127128 191192 255
1415 28
76 11
4
193 206207 221
Chunk factor: .65
Chunk Factor Calculation
64^(.65) = floor(14.929) = 14
Persea Look Up Effeciency
Replication
Node holding <key,value> pair
k=3, stored in k-closest nodes
KAD PERSEA
What Persea Is Up Against?
Sybil Attack
Advanced Attack Node Insertion Node ID Hijacking
The Roles of the Attackers
Silent
Active
Topologies
SOCIAL NETWORK NODES EDGES
Wiki-Vote 7115 103689
Soc-Epinions1 75879 508837
Silent vs. Active Sybil Attack
Social Network Data Set used: soc-Epinions1
Hop Count: Active Sybil Attack
Active Sybil Attack(wiki-Vote)
Social Network Data Set used: wiki-Vote
Advanced & Sybil Attack
Nodes per Attack Edge
Social Network Data Set used: soc-Epinions1
Active Sybil Attack (wiki-Vote)
Social Network Data Set used: wiki-Vote
Hop Count: Advanced & Sybil Attack
Social Network Data Set used: soc-Epinions1
Acknowledgements
Dr. Matthew WrightPh. D. Students: Mahdi Nasrullah Al-Ameen
& Charles GatzDr. YazdaniUniversity of Texas at ArlingtonNational Science Foundation
Questions?
Thank you for your time.