Professional Documents
Culture Documents
P2P network
1 Introduction
RELATED WORK.
2 A. Ruiz Calderon, C. Mex-Perera
3 Methodology
In this work we develop a set of simulations. Considering the following facts and
conditions:
1. All the messages are routed in the correct way without delays
2. There are no bottlenecks
3. A node receive a request and responds to it
4. The network does not have bad segments
Once generated the environment and their behavior, we consider the following
variables to analyze.
mp
Pf = (1)
n
where mp , is the amount of lost messages on the test and n is the amount
of used nodes.
2. The average of hops is defined by the amount of visits that a single message
do on a single node before it arrives to the final destiny
In this scenario, the attack is generated by a coalition of nodes (E1 , ..., EnC ).
These nodes begin the attack in a coordinated way. Besides, this attack is
considered selective. If the selected target node is denied in a DHT of a node,
the attack is completed. Otherwise, the routing process will follow the Pastry
rules. Performing this behavior, the malicious node can hide itself and it is more
difficult to find and discover the coalition of nodes.
The attack works in the following way:
Mitigation of a denial of existence attack in a P2P network 3
Coalitioned nodes
Target
4 Results
Table 1. The table shows the amount of lost messages based on the quantity of nodes
with coalition behaviour and the probability of routing fail N=50,000 and n=500
4 A. Ruiz Calderon, C. Mex-Perera
The table 1 shows that the percentage of lost messages is proportional to the
number of nodes with coalition behaviour. It can be seen on the figure 2, as a
result of a denial of existence attack and without ignoring Pastry rules.
2
10
Percentage of lost Messages
1
10
0
10
0 10 20 30 40 50 60 70 80 90 100
Number of Coalitionated Nodes
Fig. 2. Graphic that shows the percentage of lost messages, versus the number of nodes
with coalition behaviour
Once the routing failure probability was obtained, this probability was com-
pared with the theoretic routing failure probability given by the formulas
Enc
Ff = (2)
n
= (1 Ff )h1 (3)
Where
pf = (1 ) (5)
Considering:
These formulas were taken from [16]. We appreciate that the routing failure
with coalitioned nodes probability by using these formulas is less than the Pastry
theory.
For the tests it was used the modified algorithm. It is important to remark
that with this algorithm malicious activity (denial of existence) is considered.
In the original algorithm of Pastry, the nodes do not have malicious activities,
just fails. With this fact, the results shown that the modified algorithm routing
failure probability is lower compared to the original algorithm [16], as These
results are displayed on the figure 3.
2
10
Percentage of lost messages
1
10
0
10
Pastry
Selective Attack
0 5 10 15 20 25 30 35 40 45 50 55 60 65 70 75 80 85 90 95 100
Number of Coalitionated nodes
Fig. 3. The Graphic shows the comparison between the expected and observed routing
failure probability under a selective attack
The results from selective attack were compared with another attack called
brute forceThere are significative differences in the amount of lost messages.
This comparison was made to be able to observe the amount of lost messages
for each attack. These results are enlisted in the table 4.
The brute force attack always deny the existence of the target node without
care if the target node exists or not in the routing information. As consequence,
the nodes that performs this attack are easily discovered. The figure 4 shows the
comparison between both attacks.
The figure 4 shows the percentage of lost messages of both attacks.
To verify the randomness of the algorithms there is another test developed
with the following characteristics:
Coalitioned Nodes Selective Attack % Selective Attack Brute force % Brute force
0 0 0.00 % 0 0.00 %
1 91 0.182 % 460 0.92 %
2 174 0.348 % 923 1.846 %
5 508 1.02 % 2259 4.518 %
10 997 1.99 % 4435 8.87 %
20 1890 3.78 % 8415 16.83 %
50 4995 9.99 % 18702 37.404 %
100 10014 20.02 % 31402 62.80 %
Table 2. Difference of the quantity of lost messages between both kind of Attacks
2
10
Percentage of Lost Messages
1
10
0
10
Selective Attack
Brute Force Attack
0 10 20 30 40 50 60 70 80 90 100
Number of Coalitioned Nodes
Fig. 4. Graphic that shows the comparison of the lost messages with both attacks
5 Suggested Solution
As a result of the tests, it was observed that over 20% of the messages were lost
when the network had 100 nodes of 500 coalitionated, that represents 20% of
the total amount of nodes on the network.
The suggested solution is as follows:
The routing
B process conclude
satisfactory
5
Malicious Coalitioned
node
4
Verify if the target exists
The information of the Z in the information of Z
Ec2 and continue routing to
leaf set of F is used and
the message is routed to destiny B
Z
F Malicious Coalitioned
A Node
Ec1
The message arrives
Sends a message that to node F and sends 3
income to the network by it to Ec1 The EC1 deny the target
node A and returns the message
to F
Fig. 5. The figure shows the scheme of the proposed solution to the routing algorithm
Table 3. The table shows the quantity of lost messages applying the suggested solution
The figure 6 shows the percentage of lost messages with both attacks and
with the suggested solution.
To verify the helpfulness of the solution, there were counted the number of
hops with a selective attack and with the suggested solution, the results are
shown in table 4.
8 A. Ruiz Calderon, C. Mex-Perera
2
10
1
10
1
10
2
10
0 10 20 30 40 50 60 70 80 90 100
Number of Coalitioned Nodes
Fig. 6. Graphic that shows the percentage of lost messages, and the number of coali-
tionated nodes, with the brute force attack, selective attack and the suggested solution
Coalitionated Nodes Num. of Hops with attack Num of hops with the solution
0 2.83 2.83
1 2.8298 2.8513
2 2.8385 2.9127
5 2.8346 3.0192
10 2.8384 3.0802
20 2.8389 3.2438
50 2.8386 3.5274
100 2.84 3.7219
Table 4. The table shows the average of hops under a selective attack and with the
suggested solution
6 Conclusions
Based on the results of the test we can conclude that P2P networks, are valuable
alternative for storing, sharing and retrieving message applications.
The use of specialized overlays like Pastry for applications that store and
retrieve information, is a good alternative to solve storing problems, that the
Client-Server networks have, because P2P data manipulation is better than
the traditional model.
The balance of the network is good, the observed randomness is good, and it
can seem on the amount of lost messages is proportional to the coalitioned nodes.
The suggested solution is very efficient, because with the solution the amount
of lost messages with 100 coalitioned nodes is only 4.56%, comparing with the
Mitigation of a denial of existence attack in a P2P network 9
20% of lost messages with the selective attack; this reduction is significantly.
This kind of networks are useful to deploy wide distribution applications like
DNS, however it is important to establish the distribution of the information
that will be used, overall in applications where the resources are not uniform.
References
1. A. B.; Dreger, H.; Feldmann, A.; Predicting the DNSSEC overhead using DNS
traces;Information Sciences and Systems, 2006 40th Annual Conference on 22-24
March 2006 Page(s):1484 - 1489
2. A. Passarella, Franca Delmastro, Marco Conti; XScribe: a stateless, cross-layer
approach to P2P multicast in multi-hop ad hoc networks; Proceedings of the 1st
international workshop on Decentralized resource sharing in mobile computing and
networking MobiShare 06; September 2006
3. A. Rowstron and Peter Druschel; Storage management and caching in PAST, a
large scale, persistent peer to peer storage utility; In Proc ACM SOSP 1; Banff
Canada Oct 2001.
4. A. Rowstron and Peter Druschel; Pastry: Scalable, distributed object location and
routing for large-scale peer-to-peer systems; In Proc. IFIP/ACM Middleware 2001,
Heidelberg, Germany; November 2001.
5. A. Friedlander, Allison Mankin, W. Douglas Maughan, Stephen D. Crocker;
DNSSEC: a protocol toward securing the internet infrastructure; Communications
of the ACM, Volume 50 Issue 6; June 2007
6. Ben Y. Zhao, John D. Kubiatowicz, and Anthony D. Joseph.; Tapestry: An
infrastructure for fault-tolerant wide-area location and routing; Technical Report
UCB//CSD-01-1141, U. C. Berkeley, April 2001.
7. D. Ervin Khuth; The art of computer programming; Stanford University Addison
Wesley; Vol 3 sorting and searching; U.S.A. 1973.
8. E. Damiani, Stefano Paraboschi, Pierangela Samarati, Fabio Violante; Peer to peer
networks: A reputation-based approach for choosing reliable resources in peer-to-
peer networks; Proceedings of the 9th ACM conference on Computer and commu-
nications security CCS 02; November 2002
9. G. Alexis; DNSSEC Operational Impact and Performance;Computing in the Global
Information Technology, 2006. ICCGI 06. International Multi-Conference on Aug.
2006 Page(s)55 - 63
10. I. Stoica, R. Morris, D. Karger, M Frans H. Balakrishnan; Chord: a scalable
Peer-to-Peer lookup service for Internet applications; SIGCOMM 01 ; ACM; San
Diego California; 2001
11. J. Kyeong Kim a, Hyea Kyeong Kim a, Yoon Ho Cho; A user-oriented contents
recommendation system in peer-to-peer architecture; Expert Systems with Appli-
cations 34 (2008) 300-312.
12. K. Hui, John C.S. Lui, David K.Y. Yau; Small-world overlay P2P networks: Con-
struction, management and handling of dynamic flash crowds; computer networks
num 50 2006.
10 A. Ruiz Calderon, C. Mex-Perera