1 collusive piracy prevention in p2p content delivery networks source: ieee transactions on...
Post on 18-Dec-2015
214 Views
Preview:
TRANSCRIPT
1
Collusive Piracy Prevention inP2P Content Delivery Networks
Source: IEEE Transactions on Computers, vol. 58, no. 7, pp. 970-983, 2009Authors: Xiaosong Lou, and Kai HwangSpeaker: Shu-Fen Chiou ( 邱淑芬 )
2
Introduction Distributed P2P network Application: File sharing Roles:
Peers: Normal users. Colluders: Pay but share files illegally. Pirates: Not pay and want to get files illegally. Transaction Server: Give the copyright when
users paying the money. Private Key Generator (PKG) Distribution agent (also called bootstrap
server): Peers ask several peers as their agent.
3
解決的問題 問題 : 在 P2P 檔案分享的環境中,會有不想付費的使
用者 (pirate) 想得到檔案。也會有已付費取得檔案的使用者 (colluder) 非法分享檔案。
本篇論文主要要解決 pirate 的問題,要使得當 pirate要取得檔案時一定不會拿到完整正確的檔案,另外也盡量偵測並避免 colluder 的問題。
4
Requirements
Peer endpoint address is forgery proof.
Authorization tokens cannot be shared by peers.
Pirates cannot poison legitimate clients.
Stolen private key are useless to pirates.
),,),,(( StTp s
5
Copyright-protected P2P Networks
6
Mechanisms for Copyright Protection
Mechanism Protocol Requirements
Secure file Indexing
File index format is modified to include token and IBS signature.
Peer Authorization Protocol (PAP)
Peer sends digital receipt to bootstrap agent and obtain an authorization token. The token must be refreshed periodically.
Proactive Content
Poisoning
The token and IBS signature check all download request and responses. Sending clean or poisoned content, accordingly.
Random Collusion
Prevention
Distribution agents randomly recruit decoys to probe for colluders. Collusion reports are weighted against client trust rates.
7
Secure file Indexing
signature sPeer':
Timestamp:
Token:
addressendpoint sPeer':
id File:
),,),,((),(
S
t
T
p
StTpp
s
s
8
Protected peer joining process
{Bootstrap address, Ek(digital_rceipt, Bootstrap_Agent_session_key)}
Ek(digital_rceipt)
Algorithm 1: Token Generation
9
Token GenerationCustomer peer
Bootstrap agent PKG
Check receiptλ= Decrypt(Receipt)p = Observe(requestor)
Token T = OwnerSign(f, p, ts)Reply = {k, p, ts, T}
Request private key
k
{Encrypt(Reply)}
Generate k
Decrypt(Reply)
10
Observe requester
Bootstrap server ask peer’s router to get its real endpoint to check whether correct with digital receipt.
11
Proactive Content Poisoning
Algorithm 2: Peer Authorization Protocol
12
Peer Authorization Protocol
Input: T = token, ts = timestamp, S = peer signature, and φ(λ, p) = file index for file at endpoint pOutput: Peer authorization statusTrue: authorization grantedFalse: authorization deniedProcedures :01: Parse (input) = {T, ts, S, φ(λ, p) }// Check all credentials from a input request02: p = Observe(requestor);// detect peer endpoint address p 03: if {Match (S, p) fails}, //Fake endpoint address p detected return false;04: endif05: if {Match(T, ts, K) fails}, return false; // Invalid or expired token detected 06: endif07: return true;
13
Random Collusion Prevention
ij
Collusion vector C={ci}Trust vector T={ti}/1 ii ct
ic0
j
ij
ijijj
cj
r
njirtcc
ifcolluder a is
ratecondition is
,1 allfor },min{ rateCollusion
2.51,2.5}1min{1.6
1 ratecondition get we, probe torecuir
6.1
1
0
5.2
j
ij
j
i
i
c
rji
c
t
c
e.g.
14
Security analysis Peer endpoint address is forgery proof
IP spoofing: Pirate will not receive file. Intercept the token: Observe().
Authorization tokens cannot be shared by peers
T = OwnerSign(f, p, ts) Pirates cannot poison legitimate clients
File index Stolen private key are useless to pirates
Endpoint address is public key. Observe().
),,),,(( StTp s
15
Experimental results•εis collusive rate•chunk poisoning rate δ as the probability of a pirate to receive a poisoned chunk.•1000 pirates
16
Conclusions
Our protection scheme gives higher priority to satisfy honest clients.
This system is fair to the majority of honest clients who enjoy P2P content delivery services.
17
本篇之優缺點及可能研究方向 優點 :
Pirates 在 P2P 檔案分享中是一個很重要的議題。沒有辦法完全杜絕 pirates 的情形下,利用檔案分享時是將檔案分割成很多小片段傳輸,而 pirates 是無法收到一份成功的檔案。
安全和模擬分析很完整。
18
本篇之優缺點及可能研究方向 缺點:
若 Bootstrap agents (Distributed agents)也是共謀者,那麼也有可能會讓 peers 認為此 pirate 是合法的。
Observe 這個方式是否真可實行,抱持著懷疑的態度。
19
本篇之優缺點及可能研究方向 可能研究方向:
針對 pirates 的問題進行研究,加入之前讀得 reputation 相關的論文,研究是否也能達到可以偵測出 pirates 及 colluders 並避免 pirates 不會得到正確的檔案。
top related