Visible to the public Peer to Peer Security, 2014

SoS Newsletter- Advanced Book Block

SoS Logo

Peer to Peer Security, 2014


In a peer-to-peer (P2P) network, tasks such as searching for files or streaming audio or video are shared among multiple interconnected nodes--peers-- who share resources with other network participants without the need for centralized coordination by servers. Peer-to-peer systems pose considerable challenges for computer security. Like other forms of software, P2P applications can contain vulnerabilities, but what makes security particularly dangerous for P2P software is that peer-to-peer applications act as servers as well as clients, making them more vulnerable to remote exploits. The research articles in this bibliography address such topics as a large scale overlay network, unstructured networks, mobile streaming, bit torrent, and traffic identification.  The work cite here was presented in 2014.


Samuvelraj, G.; Nalini, N., "A Survey Of Self Organizing Trust Method To Avoid Malicious Peers From Peer To Peer Network," Green Computing Communication and Electrical Engineering (ICGCCEE), 2014 International Conference on, pp. 1, 4, 6-8 March 2014. doi: 10.1109/ICGCCEE.2014.6921379
Abstract: Networks are subject to attacks from malicious sources. Sending the data securely over the network is one of the most tedious processes. A peer-to-peer (P2P) network is a type of decentralized and distributed network architecture in which individual nodes in the network act as both servers and clients of resources. Peer to peer systems are incredibly flexible and can be used for wide range of functions and also a Peer to peer (P2P) system prone to malicious attacks. To provide a security over peer to peer system the self-organizing trust model has been proposed. Here the trustworthiness of the peers has been calculated based on past interactions and recommendations. The interactions and recommendations are evaluated based on importance, recentness, and satisfaction parameters. By this the good peers were able to form trust relationship in their proximity and avoids the malicious peers.
Keywords: client-server systems; computer network security; fault tolerant computing; peer-to-peer computing; recommender systems; trusted computing;P2P network; client-server resources; decentralized network architecture; distributed network architecture; malicious attacks; malicious peers; malicious sources; peer to peer network; peer to peer systems; peer trustworthiness; satisfaction parameters;self organizing trust method; self-organizing trust model; Computer science; History; Measurement; Organizing; Peer-to-peer computing; Security; Servers; Metrics; Network Security; Peer to Peer; SORT (ID#: 15-5276)


Jagadale, N.N.; Parvat, T.J., "A Secured Key Issuing Protocol For Peer-To-Peer Network," Wireless Computing and Networking (GCWCN), 2014 IEEE Global Conference on, pp. 213, 218, 22-24 Dec. 2014. doi: 10.1109/GCWCN.2014.7030881
Abstract: Identity-based cryptography (IBC) was introduced into peer-to-peer (P2P) networks for identity verification and authentication purposes. However, current IBC-based solutions are unable to solve the problem of secure private key issuing. In this paper, we propose a secure key issuing system by using an IBC for P2P networks. We present an IBC infrastructure setup phase, peer registration solution by using Shamir's (k, n) secret sharing, and secure key issuing the scheme, which accepts key privacy authorities (KPAs) and key generate centre (KGC) to securely issue private keys to the peers in order to enable the IBC systems to be applicable and more acceptable in real-world P2P networks. Moreover, for maintaining the security of KPAs, we are developing a system to authenticate KPAs using Byzantine fault tolerance protocol. The theoretical analysis and experimental results are shows that performance of SKIP is very efficiently and effectively, and it can support large scale systems.
Keywords: cryptographic protocols; peer-to-peer computing; Byzantine fault tolerance protocol; IBC infrastructure setup phase; IBC-based solutions;KGC;KPA;P2P networks; identity-based cryptography; key generate centre; key privacy authorities; peer registration solution; peer-to-peer network; secured key issuing protocol; Accuracy; Algorithm design and analysis; Encryption; Peer-to-peer computing; Protocols; Encryption; Key Generation; Peer to Peer Network (ID#: 15-5277)


Xianglin Wei; Ming Chen; Jianhua Fan; Guomin Zhang, "A General Framework for Detecting Malicious Peers in Reputation-Based Peer-to-Peer Systems," P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), 2014 Ninth International Conference on, pp. 463, 468, 8-10 Nov. 2014. doi: 10.1109/3PGCIC.2014.95
Abstract: Constructing an efficient and trustable content delivery community with low cost is the general target for the designers of the Peer-to-Peer (P2P) systems. To achieve this goal, many reputation mechanisms are introduced in recent years to alleviate the blindness during peer selection in distributed P2P environment where malicious peers coexist with honest ones. They indeed provide incentives for peers to contribute more resources to the system, and thus, promote the whole system performance. However, little attention has been paid on how to identify the malicious peers in this situation. In this paper, a general framework is presented for detecting malicious peers in Reputation-based P2P systems. Firstly, the malicious peers are divided into various categories and the problem is formulated. Secondly, the general framework is put forward which mainly contains four steps, i.e. Data collection, data processing, malicious peers detection and malicious peers clustering. Thirdly, an algorithm implementation of this general framework is shown. Finally, the framework's application and its performance evaluation are shown.
Keywords: peer-to-peer computing; security of data;P2P systems; distributed P2P environment; malicious peer detection; malicious peers clustering; peer selection; reputation-based peer-to-peer systems; Algorithm design and analysis; Clustering algorithms; Communities; Entropy; Peer-to-peer computing; Security; Topology; Framework; Malicious Peers; Peer-to-Peer; Reputation (ID#: 15-5278)


Sancho, R.; Lopes Pereira, R., "Hybrid Peer-to-Peer DNS," Computing, Networking and Communications (ICNC), 2014 International Conference on, pp. 977, 981, 3-6 Feb. 2014. doi: 10.1109/ICCNC.2014.6785470
Abstract: Domain censorship has escalated quickly over time, as have Distributed Denial of Service attacks on the Internet. The Domain Name System (DNS) currently in use has small number of root servers which have full control of the domains. By controlling these servers or access to these servers, one can censor or impersonate parts of the Internet. We propose an open DNS that uses a Peer-to-Peer (P2P) network to store and distribute the records. Anyone can join the network and use and provide Distributed Zone Files (DZFs). DZFs are signed with private keys, allowing for multiple Zone Files for each domain, and giving the end user the choice of which keys, if any, to trust. However building a DNS purely based on a P2P network, incurs some overhead. The response times for queries are in the order of 10 to 20 times greater than when using the current DNS, as such the system provides users with a way to circumvent around censored domains, while still being able to use current DNS, for domains that are not censored, keeping response times low for non censored domains, and acceptable for censored domains.
Keywords: Internet; computer network security; peer-to-peer computing;DZF;Internet;P2P network; distributed denial of service attacks; distributed zone files; domain censorship; domain name system ;hybrid peer-to-peer DNS; peer-to-peer networks; root servers; Computers; Domain Name System; Internet; Peer-to-peer computing; Public key; Servers; Time factors (ID#: 15-5279)


Arora, D.; Verigin, A.; Godkin, T.; Neville, S.W., "Statistical Assessment of Sybil-Placement Strategies within DHT-Structured Peer-to-Peer Botnets," Advanced Information Networking and Applications (AINA), 2014 IEEE 28th International Conference on, pp. 821, 828, 13-16 May 2014. doi: 10.1109/AINA.2014.100
Abstract: Botnets are a well recognized global cyber-security threat as they enable attack communities to command large collections of compromised computers (bots) on-demand. Peer to-peer (P2P) distributed hash tables (DHT) have become particularly attractive botnet command and control (C & C) solutions due to the high level resiliency gained via the diffused random graph overlays they produce. The injection of Sybils, computers pretending to be valid bots, remains a key defensive strategy against DHT-structured P2P botnets. This research uses packet level network simulations to explore the relative merits of random, informed, and partially informed Sybil placement strategies. It is shown that random placements perform nearly as effectively as the tested more informed strategies, which require higher levels of inter-defender co-ordination. Moreover, it is shown that aspects of the DHT-structured P2P botnets behave as statistically nonergodic processes, when viewed from the perspective of stochastic processes. This suggests that although optimal Sybil placement strategies appear to exist they would need carefully tuning to each specific P2P botnet instance.
Keywords: command and control systems; computer network security; invasive software; peer-to-peer computing; statistical analysis; stochastic processes; C&C solutions; DHT-structured P2P botnets; DHT-structured peer-to-peer botnets; Sybil placement strategy statistical assessment; botnet command and control solution; compromised computer on-demand collections; cyber security threat; diffused random graph; interdefender coordination; packet level network simulation; peer-to-peer distributed hash tables; stochastic process; Computational modeling; Computers; Internet; Network topology; Peer-to-peer computing; Routing; Topology (ID#: 15-5280)


Ekanayake, S.; Tennekoon, R.; Atukorale, A., "Decentralized Reputation Based Trust Model For Peer-To-Peer Content Distribution Networks," Information and Automation for Sustainability (ICIAfS), 2014 7th International Conference on, pp.1, 6, 22-24 Dec. 2014. doi: 10.1109/ICIAFS.2014.7069556
Abstract: Enormous content distribution systems improved broadly with the rapid growth of novel and innovative technologies. Peer-to-peer (P2P) content distribution network (CDN) technologies such innovative technological improvement which claims low cost, efficient high demand data distribution and it gradually involves to the next-generation CDNs. Communications among the nodes of such open network infrastructures commonly perceived as an environment offering both opportunities and threats, which are based on trust issues. Thus, a trust mechanism is required to establish secure communication between the content delivery nodes. This paper introduces a novel, decentralized, cooperative and self-organized reputation based trust algorithm to mitigate the security complications of CDNs. To illustrate the trust model, a novel P2P hybrid network infrastructure has been introduced. The key notion of the research is to validate trust of the target before send or accept the traffic. Furthermore, performance of the proposed trust algorithm is evaluated through the ns-2 simulator in order to analyze the trusted and untrusted behavior of the P2P content delivery nodes.
Keywords: peer-to-peer computing; trusted computing;P2P CDN technologies; novel P2P hybrid network infrastructure; novel decentralized cooperative self-organized reputation based trust algorithm; peer-to-peer content distribution network technology; secure communication; Indexes; Object oriented modeling; Peer-to-peer computing; Protocols; Security; Servers; Topology; Content Delivery Networks; Peer-to-Peer Content delivery; Reputation based trust;ns-2 (ID#: 15-5281)


Narang, P.; Ray, S.; Hota, C.; Venkatakrishnan, V., "PeerShark: Detecting Peer-to-Peer Botnets by Tracking Conversations," Security and Privacy Workshops (SPW), 2014 IEEE, pp. 108, 115, 17-18 May 2014. doi: 10.1109/SPW.2014.25
Abstract: The decentralized nature of Peer-to-Peer (P2P) botnets makes them difficult to detect. Their distributed nature also exhibits resilience against take-down attempts. Moreover, smarter bots are stealthy in their communication patterns, and elude the standard discovery techniques which look for anomalous network or communication behavior. In this paper, we propose PeerShark, a novel methodology to detect P2P botnet traffic and differentiate it from benign P2P traffic in a network. Instead of the traditional 5-tuple 'flow-based' detection approach, we use a 2-tuple 'conversation-based' approach which is port-oblivious, protocol-oblivious and does not require Deep Packet Inspection. PeerShark could also classify different P2P applications with an accuracy of more than 95%.
Keywords: computer network security; invasive software; peer-to-peer computing; telecommunication traffic;2-tuple conversation-based approach;P2P applications;P2P botnet traffic; PeerShark; anomalous network; communication behavior; communication patterns; conversations tracking; flow-based detection; peer-to-peer botnets detection; port-oblivious; protocol-oblivious; standard discovery techniques; Electronic mail; Feature extraction; Firewalls (computing); IP networks; Internet; Peer-to-peer computing; Ports (Computers);botnet; machine learning; peer-to-peer (ID#: 15-5282)


Lin Cai; Rojas-Cessa, R., "Containing Sybil Attacks On Trust Management Schemes For Peer-To-Peer Networks," Communications (ICC), 2014 IEEE International Conference on, pp. 841,846, 10-14 June 2014. doi: 10.1109/ICC.2014.6883424
Abstract: In this paper, we introduce a framework to detect possible sybil attacks against a trust management scheme of peer-to-peer (P2P) networks used for limiting the proliferation of malware. Sybil attacks may underscore the effectivity of such schemes as malicious peers may use bogus identities to artificially manipulate the reputation, and therefore, the levels of trust of several legitimate and honest peers. The framework includes a k-means clustering scheme, a method to verify the transactions reported by peers, and identification of possible collaborations between peers. We prove that as the amount of public information on peers increases, the effectivity of sybil attacks may decrease. We study the performance of each of these mechanisms, in terms of the number of infected peers in a P2P network, using computer simulation. We show the effect of each mechanism and their combinations. We show that the combination of these schemes is effective and efficient.
Keywords: computer network performance evaluation; computer network security; invasive software; pattern clustering; peer-to-peer computing; trusted computing;P2P network; artificial reputation manipulation; bogus identities; collaboration identification; computer simulation; honest peers;k-means clustering scheme; legitimate peers; malicious peers; malware proliferation; peer-to-peer networks; performance analysis; public information; sybil attacks; transaction verification; trust levels; trust management schemes; Clustering algorithms; Databases; Estimation; Information systems; Malware; Peer-to-peer computing; Distributed system; key mean clustering; malware proliferation;p2p network; sybil attack; transaction verification (ID#: 15-5283)


Qiyi Han; Hong Wen; Ting Ma; Bin Wu, "Self-Nominating Trust Model Based On Hierarchical Fuzzy Systems For Peer-To-Peer Networks," Communications in China (ICCC), 2014 IEEE/CIC International Conference on, pp.199,203, 13-15 Oct. 2014. doi: 10.1109/ICCChina.2014.7008271

Abstract: Security is one of the most critical constraints for the expansion of P2P networks. The autonomy, dynamic and distribution natures benefit both valid and malicious users. Exploiting a reputation-based trust model is a feasible solution in such an open environment to build trust relationship among peers. While most of the existing trust models focus on decreasing the abuse, intentions and sharing capabilities of peers are mostly ignored. In this paper, we present a self-nominating trust model based on Hierarchical Fuzzy Systems to quantify the activities of peers. We integrate the reputation based on eight factors. Three promising factors are provided by resource holder to demonstrate their desires. Four capability factors are recorded by requester to identify the provider's service capability. In addition, another security factor is adopted to evaluate the peers' trust on security. Experiments illustrate that our trust model improves the efficiency and security of P2P systems.
Keywords: computer network security; fuzzy set theory; peer-to-peer computing; trusted computing;P2P networks; hierarchical fuzzy system; peer trust relationship; peer-to-peer networks; reputation-based trust model; resource holder; security constraint; security factor; self-nominating trust model; Computational modeling; Fuzzy systems; Measurement; Peer-to-peer computing; Privacy; Quality of service; Security; Hierarchical fuzzy system; Promise; Reputation; Trust (ID#: 15-5284)


Basu, S.; Roy, S., "A Group-Based Multilayer Encryption Scheme For Secure Dissemination Of Post-Disaster Situational Data Using Peer-To-Peer Delay Tolerant Network," Advances in Computing, Communications and Informatics (ICACCI, 2014 International Conference on, pp. 1566, 1572, 24-27 Sept. 2014. doi: 10.1109/ICACCI.2014.6968358
Abstract: In the event of a disaster, the communication infrastructure can be partially or totally destroyed, or rendered unavailable due to high congestion. Today's smart-phones that can communicate directly via Bluetooth or WiFi without using any network infrastructure, can be used to create an opportunistic post disaster communication network where situational data can spread quickly, even in the harshest conditions. However, presence of malicious and unscrupulous entities that forward sensitive situational data in such a network may pose serious threats on accuracy and timeliness of the data. Therefore, providing basic security features, like authentication, confidentiality and integrity, to all communications occurring in this network becomes inevitable. But, in such an opportunistic network, that uses short range and sporadic wireless connections, no trusted third party can be used as it won't be accessible locally at the runtime. As a result, traditional security services like cryptographic signatures, certificates, authentication protocols and end-to-end encryption become inapplicable. Moreover, since disaster management is generally a group based activity; a forwarding entity may be better authenticated based on its group membership verification. In this paper, we propose a Group-based Distributed Authentication Mechanism that enables nodes to mutually authenticate each other as members of valid groups and also suggest a Multilayer Hashed Encryption Scheme in which rescue-groups collaboratively contribute towards preserving the confidentiality and integrity of sensitive situational information. The schemes provide authentication, confidentiality and integrity in a fully decentralized manner to suit the requirements of an opportunistic post disaster communication network. We emulate a post disaster scenario in the ONE simulator to show the effectiveness of our schemes in terms of delivery ratio, average delay and overhead ratio.
Keywords: computer network security; cryptography; data integrity; delay tolerant networks; disasters; emergency management; peer-to-peer computing; ONE simulator; average delay; communication infrastructure; data accuracy; data authentication; data confidentiality; data integrity; data timeliness; delivery ratio; disaster management; group membership verification; group-based distributed authentication mechanism; group-based multilayer hashed encryption scheme; malicious entities; mutual authentication; opportunistic postdisaster communication network; overhead ratio; peer-to-peer delay tolerant network; rescue-groups; secure postdisaster situational data dissemination; security features; sensitive situational data forwarding; short-range connections; sporadic wireless connections; unscrupulous entities; Authentication; Communication networks; Encryption; Nonhomogeneous media; Peer-to-peer computing; Delay Tolerant Network; Group-based Authentication; Group-pin; Hashing; Multilayer Encryption; Post Disaster Communication Network; Situational Analysis (ID#: 15-5285)


Chaumette, S.; Ouoba, J., "A Multilevel Platform For Secure Communications In A Fleet Of Mobile Phones," Mobile Computing, Applications and Services (MobiCASE), 2014 6th International Conference on, pp. 173, 174, 6-7 Nov. 2014. doi: 10.4108/icst.mobicase.2014.258028
Abstract: The work presented in this paper targets MANets composed of mobile phones which are possibly equipped with different wireless technologies. These nodes operate in a totally decentralized and unplanned manner by communicating with each other via peer-to-peer wireless technologies. In this particular context, the multi-technology capabilities of the mobile phones should be used efficiently to increase and diversify their peer-to-peer capacities. Therefore we have defined a dedicated multilevel platform that allows a set of mobile nodes to communicate securely in peer-to-peer mode by using the most appropriate approach depending on the context (costs and/or preferences of the entities). This paper is organized as follows. We first present the characteristics that we consider significant to build a proper model of the system. We then give an overview of the solutions that we have proposed for the main operations within our multilevel platform. Finally, we describe a mobile application that we have developed and present the performance analysis that we have conducted.
Keywords: mobile ad hoc networks; peer-to-peer computing; telecommunication security; MANET; mobile phones; multilevel platform; multitechnology capability; peer-to-peer wireless technology; secure communications; Ad hoc networks; Context; Mobile communication; Mobile computing; Mobile handsets; Peer-to-peer computing; Security; communication; efficiency; mobility; peer-to-peer; security; wireless (ID#: 15-5286)


Bioglio, V.; Gaeta, R.; Grangetto, M.; Sereno, M., "Rateless Codes and Random Walksfor P2P Resource Discovery in Grids," Parallel and Distributed Systems, IEEE Transactions on, vol. 25, no. 4, pp. 1014, 1023, April 2014. doi: 10.1109/TPDS.2013.141
Abstract: Peer-to-peer (P2P) resource location techniques in grid systems have been recently investigated to obtain scalability, reliability, efficiency, fault-tolerance, security, and robustness. Query resolution for locating resources and update information on their own resource status in these systems can be abstracted as the problem of allowing one peer to obtain a local view of global information defined on all peers of a P2P unstructured network. In this paper, the system is represented as a set of nodes connected to form a P2P network where each node holds a piece of information that is required to be communicated to all the participants. Moreover, we assume that the information can dynamically change and that each peer periodically requires to access the values of the data of all other peers. A novel approach based on a continuous flow of control packets exchanged among the nodes using the random walk principle and rateless coding is proposed. An innovative rateless decoding mechanism that is able to cope with asynchronous information updates is also proposed. The performance of the proposed system is evaluated both analytically and experimentally by simulation. The analytical results show that the proposed strategy guarantees quick diffusion of the information and scales well to large networks. Simulations show that the technique is effective also in presence of network and information dynamics.
Keywords: codes; decoding; grid computing; peer-to-peer computing; resource allocation; security of data; software fault tolerance;P2P resource discovery;P2P unstructured network; asynchronous information updates; continuous flow; control packets; fault-tolerance; grid systems; information dynamics; peer-to-peer resource location techniques; query resolution; random walks; rateless codes; rateless decoding mechanism; resource locating; security; Decoding; Encoding; Equations; Mathematical model; Peer-to-peer computing; Robustness; Vectors; Resource discovery; peer to peer; random walks; rateless codes (ID#: 15-5287)


Jin Zhou; Chen, C.L.P.; Long Chen; Han-Xiong Li, "A Collaborative Fuzzy Clustering Algorithm in Distributed Network Environments," Fuzzy Systems, IEEE Transactions on, vol. 22, no.6, pp. 1443, 1456, Dec. 2014. doi: 10.1109/TFUZZ.2013.2294205
Abstract: Due to privacy and security requirements or technical constraints, traditional centralized approaches to data clustering in a large dynamic distributed peer-to-peer network are difficult to perform. In this paper, a novel collaborative fuzzy clustering algorithm is proposed, in which the centralized clustering solution is approximated by performing distributed clustering at each peer with the collaboration of other peers. The required communication links are established at the level of cluster prototype and attribute weight. The information exchange only exists between topological neighboring peers. The attribute-weight-entropy regularization technique is applied in the distributed clustering method to achieve an ideal distribution of attribute weights, which ensures good clustering results. And the important features are successfully extracted for the high-dimensional data clustering. The kernelization of the proposed algorithm is also realized as a practical tool for clustering the data with “nonspherical”-shaped clusters. Experiments on synthetic and real-world datasets have demonstrated the efficiency and superiority of the proposed algorithms.
Keywords: computer network security; data privacy; pattern clustering; peer-to-peer computing; attribute weights; attribute-weight-entropy regularization technique; centralized clustering solution; collaborative fuzzy clustering algorithm; distributed network environment; distributed peer-to-peer network; nonspherical-shaped clusters; peer collaboration; privacy requirement; security requirement; Clustering algorithms; Clustering methods; Collaboration; Distributed databases; Niobium; Peer-to-peer computing; Prototypes; Collaborative clustering; distributed peer-to-peer network; kernel-based clustering; subspace clustering (ID#: 15-5288)


Safa, H.; El-Hajj, W.; Moutaweh, M., "Trust Aware System for P2P Routing Protocols," Advanced Information Networking and Applications (AINA), 2014 IEEE 28th International Conference on , vol., no., pp.829,836, 13-16 May 2014. doi: 10.1109/AINA.2014.101
Abstract: A peer-to-peer (P2P) system is known by its scalability and dynamic nature where nodes can join and leave the system easily and anytime. These networks are susceptible to malicious behaviors such as nodes dropping messages and misleading requesting nodes. P2P routing protocols are not immune against these misbehaviors. Therefore, detecting and dealing with malicious nodes will certainly lead to more reliable and secure system. In this paper, we propose a trust aware system for P2P routing protocols. The proposed system analyzes constantly the behaviors of all nodes to determine their trust-worthiness then classify them accordingly isolating the ones deemed malicious. It tracks the nodes' reputation based on evaluation reports from the nodes themselves. The credibility of nodes that are inaccurately evaluating other nodes is also monitored, thus, malicious evaluations would not affect other nodes' reputation. We have integrated the proposed approach with several P2P routing protocols and evaluated their performance through simulations measuring parameters such as request delivery ratio, malicious detection, and false negatives. Results show that the proposed approach improves significantly the performance of P2P routing protocols.
Keywords: peer-to-peer computing; routing protocols; telecommunication security;P2P routing protocol; false negatives; malicious detection; peer-to-peer system; request delivery ratio; trust aware system; Fingers; Peer-to-peer computing; Public key; Routing; Routing protocols; Vectors; Peer-to-peer networks; reputation; routing; trust-awareness (ID#: 15-5289)


Xiaolei Wang; Yuexiang Yang; Jie He, "Identifying P2P Network Activities on Encrypted Traffic," Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 IEEE 13th International Conference on, pp.893,899, 24-26 Sept. 2014. doi: 10.1109/TrustCom.2014.117
Abstract: Peer-to-Peer (P2P) traffic has always been a dominant portion of current Internet traffic and become more and more difficult to manage for Internet Service Producers (ISP) and network administrators. Although many methods have been proposed to classify different types of P2P applications and achieved satisfied performance, research on identifying network activities of a certain P2P application is still lacking to the best of our knowledge, which is urgently required in the context of forensic investigation for illegal P2P applications. In this paper, a novel approach based on Hidden Markov Model is proposed to identify network activities on the encrypted traffic, based on analysis of the time series characteristics and statistical properties of network traffic. After presenting a general model of network activities, Team Viewer is selected as a case study to verify the effectiveness of the approach to identify different activities. According to experiments using real network traces, our approach proves to be effective in identifying different activities of a P2P application with a high true positive 99.1% and low negligible false positive 3.6%.
Keywords: Internet; computer network security; cryptography; hidden Markov models; peer-to-peer computing; telecommunication traffic; time series; ISP; Internet service producers; Internet traffic;P2P network activities identification;P2P traffic; TeamViewer; encrypted traffic; forensic investigation context; hidden Markov model; illegal P2P applications; peer-to-peer traffic; statistical properties; time series characteristics; Analytical models; Computational modeling; Cryptography; Hidden Markov models; Probability; Time series analysis; Training; Baum-Welch algorithm; Hidden Markov Model (HMM); Peer-to-Peer; TeamViewer; Viterbi algorithm; statistical properties; time series characteristics (ID#: 15-5290)


Chandra, S.; Bhattacharyya, S.; Paira, S.; Alam, S.S., "A Study And Analysis On Symmetric Cryptography," Science Engineering and Management Research (ICSEMR), 2014 International Conference on, pp. 1, 8, 27-29 Nov. 2014. doi: 10.1109/ICSEMR.2014.7043664
Abstract: Technology is advancing day-to-day. For a better and faster technology, information security is a must. This requires data authentication at the execution levels. Cryptography is a useful tool through which secure data independency can be established. It uses two basic operations namely encryption and decryption for secure data communication. A large number of cryptographic techniques have been proposed and implemented so far. In this paper, we have surveyed some of the proposed mechanisms based on Symmetric Key Cryptography and have made a basic comparison study among them. The basic features, advantages, drawbacks and applications of various Symmetric Key Cryptography algorithms have been mentioned in this paper.
Keywords: cryptography; data communication; data authentication; data communication security; data independency security; decryption; encryption; execution levels; information security; symmetric key cryptography technique analysis; Algorithm design and analysis; Authentication; Encryption; Protocols; Public key; Asymmetric key cryptography; Blowfish; Cryptography; Peer-to-Peer; Public key certificate; Reed-Solomon codes; Symmetric key cryptography (ID#: 15-5291)


Soryal, J.; Perera, I.M.; Darwish, I.; Fazio, N.; Gennaro, R.; Saadawi, T., "Combating Insider Attacks in IEEE 802.11 Wireless Networks with Broadcast Encryption," Advanced Information Networking and Applications (AINA), 2014 IEEE 28th International Conference on, pp. 472, 479, 13-16 May 2014. doi: 10.1109/AINA.2014.58
Abstract: The IEEE 802.11 protocols are used by millions of smartphone and tablet devices to access the Internet via Wi-Fi wireless networks or communicate with one another directly in a peer-to-peer mode. Insider attacks are those originating from a trusted node that had initially passed all the authentication steps to access the network and then got compromised. A trusted node that has turned rogue can easily perform Denial-of-Service (DoS) attacks on the Media Access Control (MAC) layer by illegally capturing the channel and preventing other legitimate nodes from communicating with one another. Insider attackers can alter the implementation of the IEEE 802.11 Distributed Coordination Function (DCF) protocol residing in the Network Interface Card (NIC) to illegally increase the probability of successful packet transmissions into the channel at the expenses of nodes that follow the protocol standards. The attacker fools the NIC to upgrade its firmware and forces in a version containing the malicious code. In this paper, we present a distributed solution to detect and isolate the attacker in order to minimize the impact of the DoS attacks on the network. Our detection algorithm enhances the DCF firmware to enable honest nodes to monitor each other's traffic and compare their observations against honest communication patterns derived from a two-dimensional Markov chain. A channel hopping scheme is then used on the physical layer (PHY) to evade the attacker. To facilitate communication among the honest member stations and minimize network downtime, we introduce two isolation algorithms, one based on identity-based encryption and another based on broadcast encryption. Our simulation results show that the latter enjoys quicker recovery time and faster network convergence.
Keywords: Internet; Markov processes; access protocols; authorisation; computer network security; cryptographic protocols; firmware; network interfaces; notebook computers; peer-to-peer computing; smart phones; wireless LAN;2D Markov chain; DCF ;DoS attack impact minimization; IEEE 802.11 distributed coordination function protocol; IEEE 802.11 wireless networks; Internet; MAC; NIC; PHY; Wi-Fi wireless networks; attacker detection; attacker isolation; authentication steps; broadcast encryption; channel hopping scheme; denial-of-service attacks; firmware; honest member stations; identity-based encryption; insider attacks; legitimate node prevention; malicious code; media access control layer; network convergence; network downtime minimization; network interface card; peer-to-peer mode; physical layer; recovery time; smartphone; successful packet transmission probability; tablet devices; trusted node; Cryptography; Detection algorithms; IEEE 802.11 Standards; OFDM; Peer-to-peer computing; Spread spectrum communication; Throughput; Broadcast encryption; Byzantine attack; DoS attack; IEEE 802.11;Markov chain; identity-based encryption (ID#: 15-5292)


Saini, N.K.; Sihag, V.K.; Yadav, R.C., "A Reactive Approach For Detection Of Collusion Attacks In P2P Trust And Reputation Systems," Advance Computing Conference (IACC), 2014 IEEE International,  pp. 312, 317, 21-22 Feb. 2014. doi: 10.1109/IAdCC.2014.6779340
Abstract: Internet today is also a medium of sharing immeasurable amount of information for widespread Peer to Peer (P2P) environments. Various application domains such as file sharing, distributed computing and e community based applications adopted the P2P technology as underlying network structure. A fairly open structure of P2P network applications, also make peers exposed. Interaction with unfamiliar peer in the absence of a trusted third party makes them vulnerable to potential attacks. To enable a reliable communication among peers, trust and reputation mechanisms came into existence. Malicious behavior of peer itself within the network, make reputation system themselves as vulnerable to attacks. Malicious peers often collude to procure a collective objective. The paper reviews existing collusion attacks. It also proposes a reactive defense mechanism against such collusion attacks. The proposed mechanism, detects collusion based on underlying trust and reputation knowledge. It also provides a reduction mechanism to chastise colluded peers.
Keywords: Internet; peer-to-peer computing; security of data; trusted computing;Internet;P2P reputation systems;P2P trust systems; colluded peers; collusion attack detection; malicious peers; peer to peer environments; reactive defense mechanism; Computational modeling; Computer architecture; Conferences; Electronic mail; Peer-to-peer computing; Quality of service; Servers; Collusion; Identity; P2P; Peer; Reputation; Trust (ID#: 15-5293)


Wei Zhang; Yue-Ji Wang; Xiao-Lei WangWang, "A Survey of Defense against P2P Botnets," Dependable, Autonomic and Secure Computing (DASC), 2014 IEEE 12th International Conference on, pp. 97, 102, 24-27 Aug. 2014. doi: 10.1109/DASC.2014.26
Abstract: Botnet, a network of computers that are compromised and controlled by the attacker, is one of the most significant and serious threats to the Internet. Researchers have done plenty of research and made significant progress. As the extensive use and unique advantages of peer-to-peer (P2P) technology, the new advanced form of botnets with the P2P architecture have emerged and become more resilient to defense methods and countermeasures than traditional centralized botnets. Due to the underlying security limitation of current system and Internet architecture, and the complexity of P2P botnet itself, how to effectively counter the global threat of P2P botnets is still a very challenging issue. In this paper, we present an overall overview and analysis of the current defense methods against P2P botnets. We also separately analyse the challenges in botnets detection, measurement and mitigation in detail which introduced by the new form of P2P botnets and propose our suggestions to corresponding challenges.
Keywords: Internet; invasive software; peer-to-peer computing; Internet architecture; P2P architecture;P2P botnet complexity; P2P botnet threat;P2P technology; botnet detection; botnet measurement; botnet mitigation; countermeasures; defense method; peer-to-peer technology; security limitation; serious threat; Crawlers; Current measurement; Feature extraction; Monitoring; Peer-to-peer computing; Protocols; Topology; Botnets detection; Botnets measurement; Botnets mitigation; P2P botnet (ID#: 15-5294)


Karuppayah, S.; Fischer, M.; Rossow, C.; Muhlhauser, M., "On Advanced Monitoring In Resilient And Unstructured P2P Botnets," Communications (ICC), 2014 IEEE International Conference on, pp. 871, 877, 10-14 June 2014. doi: 10.1109/ICC.2014.6883429
Abstract: Botnets are a serious threat to Internet-based services and end users. The recent paradigm shift from centralized to more sophisticated Peer-to-Peer (P2P)-based botnets introduces new challenges for security researchers. Centralized botnets can be easily monitored, and once their command and control server is identified, easily be taken down. However, P2P-based botnets are much more resilient against such attempts. To make it worse, botnets like P2P Zeus include additional countermeasures to make monitoring and crawling more difficult for the defenders. In this paper, we discuss in detail the problems of P2P botnet monitoring. As our main contribution, we introduce the Less Invasive Crawling Algorithm (LICA) for efficiently crawling unstructured P2P botnets and utilize only local information. We compare the performance of LICA with other known crawling methods such as Depth-first and Breadth-first search. This is achieved by simulating these methods on not only a real-world botnet dataset, but also on an unstructured P2P file sharing network dataset. Our analysis results indicate that LICA significantly outperforms the other known crawling methods.
Keywords: Internet; invasive software; peer-to-peer computing; Internet-based services;LICA;P2P Zeus;P2P botnet monitoring; P2P-based botnets; centralized botnets; command and control server; less invasive crawling algorithm; peer-to-peer-based botnets; unstructured P2P botnet crawling; unstructured P2P botnets; unstructured P2P file sharing network dataset; Approximation algorithms; Approximation methods; Crawlers; Information systems; Monitoring; Peer-to-peer computing; Security (ID#: 15-5295)


Leontiadis, I.; Molva, R.; Onen, M., "A P2P Based Usage Control Enforcement Scheme Resilient To Re-Injection Attacks," A World of Wireless, Mobile and Multimedia Networks (WoWMoM), 2014 IEEE 15th International Symposium on, pp. 1, 8, 19-19 June 2014. doi: 10.1109/WoWMoM.2014.6918974
Abstract: Existing privacy controls based on access control techniques do not prevent massive dissemination of private data by unauthorized users. We suggest a usage control enforcement scheme that allows users to gain control over their data during its entire lifetime. The scheme is based on a peer-to-peer architecture whereby a different set of peers is randomly selected for data assignment. Usage control is achieved based on the assumption that at least t out of any set of n peers will not behave maliciously. Such a system would still suffer from re-injection attacks whereby attackers can gain ownership of data and the usage policy thereof by simply re-storing data after slight modification of the content. In order to cope with re-injection attacks the scheme relies on a similarity detection mechanism. The robustness of the scheme has been evaluated in an experimental setting using a variety of re-injection attacks.
Keywords: authorisation; data privacy; peer-to-peer computing;P2P based usage control enforcement scheme; access control techniques; data assignment; peer-to-peer architecture; privacy control; re-injection attacks; similarity detection mechanism; Access control; Cryptography; Distributed databases; Peer-to-peer computing; Protocols; Resistance (ID#: 15-5296)


Trifa, Z.; Khemakhem, M., "Analysis Of Malicious Peers In Structured P2P Overlay Networks," Computer Applications and Information Systems (WCCAIS), 2014 World Congress on, pp. 1, 6, 17-19 Jan. 2014. doi: 10.1109/WCCAIS.2014.6916552
Abstract: The malicious behavior peer has crucial impact on the efficiency and integrity of structured p2p systems. The increasing complexity found in such systems, helps in some part to explain the large scale of the challenge faced in dealing with such problem. In such systems, node trust is often essential. However, the destructive and malicious intent of misbehaving peers is often overlooked, despite being one of the most difficult troubles faced in such systems. In this paper we propose a study of these malicious peers. We use a monitoring process, which involves the placement of few instrumented peers within the network. The goal of the monitoring process is to gather a wide set of metrics on the behavior of a peer. To achieve this, we analyze a large trace of messages and operations in the overlay, which gives an insight on the proprieties and peer behaviors. We focus on the communication protocol between peers. Our measurement infrastructure consists in a set of fake peers called Sybils doted with specific controllers in different level of the system. These Sybils are connected to different zones in the network and controlled by a coordinator.
Keywords: computer network security; overlay networks; peer-to-peer computing; protocols; Sybils; communication protocol; instrumented peers; malicious peers analysis; monitoring process; node trust; structured P2P overlay networks; Atmospheric measurements; Lead; Monitoring; Particle measurements; Peer-to-peer computing; Pollution measurement; Routing; mitigation; monitoring; security; structured P2P systems (ID#: 15-5297)


Chunzhi Wang; Dongyang Yu; Hui Xu; Hongwei Chen, "A Bayesian Trust Sampling Method For P2P Traffic Inspection," Security, Pattern Analysis, and Cybernetics (SPAC), 2014 International Conference on,  pp. 454, 457, 18-19 Oct. 2014. doi: 10.1109/SPAC.2014.6982732
Abstract: A Peer-to-Peer (P2P) traffic identification method based on Bayesian trust sampling is presented in this paper, which predicts the fluctuation degree for next cycle of P2P traffic ratio, and optimizes for the used amount of historical proportion estimation. Simulation results show that, under the premise of using a fixed number of the estimated values for historical P2P ratio, this trust method makes a better forecast for the fluctuation degree of P2P traffic ratio, and reduces the amount of redundant samples.
Keywords: Bayes methods; peer-to-peer computing; sampling methods; telecommunication traffic; trusted computing; Bayesian trust sampling method; P2P traffic inspection; P2P traffic ratio; historical proportion estimation; peer-to-peer traffic identification method; Accuracy; Bayes methods; Data models; Fluctuations; Peer-to-peer computing; Predictive models; Bayesian Trust;P2P Traffic Identification; Two-stage Sampling (ID#: 15-5298)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.