Transcript persea
Persea:
Making Networks More Secure
Since Early 2013
BY: REBECCA NAVARRE
& MICHAEL BAKER II
Biography
Rebecca Navarre
Wesleyan College
Applied Mathematical Sciences
Michael Baker II
Tarrant County College
Mechanical Engineering
Background
Peer-to-Peer Networks
Distributed Hash Tables (DHTs)
Kad
Peer-to-Peer Networks
Purpose: file & resource sharing network
Nodes capable of acting like client and server
Accessible to peers directly( for pure, no
central/intermediary entity)
Workload is partitioned between peers.
There is no central point of failure.
Examples: Napster(centralized), Freenet(Gnutella
protocol), Gnutella2 and Kazaa (hybrid)
Peer-to-Peer cont.
Hybrid vs. Pure
For Hybrid:
Allows for a central entity to
provide network services or act
as a security check.
For Pure
All nodes are equal.
When one node is removed, the
network continues without
suffering a loss.
Distributed Hash Table
Purpose: System of Efficient Resource Discovery
Messages come into DHTs, retrieved by matching
keys
Based on <key, value> pairs.
If change occurs, minimal disruption
Allows for large scale data recovery
KEY
VALUE
1
100
2
200
3
300
4
400
Kad
Purpose: offers consistent search/find protocol
Figure 1
Kad Continued
Nodes know about neighbors
K-buckets offer resistance to DOS attacks
Can’t flood out nodes with LIFO
Lookup
Source selects α # of closest nodes from its k-bucket
Source sends look up request to each α node selected
Each α node returns β # of nodes from searching k-
buckets
Source then has α into β # of nodes in list
From this, source selects selects α # of closest nodes
from its k-bucket
Process continues until it reaches target node
Persea Security
Initial Security
Social Network & DHT
Invitation Only
New Node N
DHT
Social Network
Kad
Message entry
Hierarchical Node ID Distribution
Security
Chunk factor: .65
Bootstrap/Initiator Nodes
0
1
A
63 64
B
127 128
C
191 192
2 6 7 11
q1
255
193 d1206207
d2 221
15
a114 a2 28
p1 p2
34
D
Chunk Factor
Calculation
64^(.65) =
floor(14.929) = 14
Persea Look Up Effeciency
Replication
KAD
k=3, stored
in k-closest
nodes
Node holding <key,value> pair
PERSEA
What Persea Is Up Against?
Sybil Attack
Advanced Attack
Node Insertion
Node ID Hijacking
The Roles of the Attackers
Silent
Active
Topologies
SOCIAL NETWORK
NODES
EDGES
Wiki-Vote
7115
103689
Soc-Epinions1
75879
508837
Silent vs. Active Sybil Attack
Social Network Data Set used: soc-Epinions1
Hop Count: Active Sybil Attack
Active Sybil Attack(wiki-Vote)
Social Network Data Set used: wiki-Vote
Advanced & Sybil Attack
Nodes per Attack Edge
Social Network Data Set used: soc-Epinions1
Active Sybil Attack (wiki-Vote)
Social Network Data Set used: wiki-Vote
Hop Count: Advanced & Sybil Attack
Social Network Data Set used: soc-Epinions1
Acknowledgements
Dr. Matthew Wright
Ph. D. Students: Mahdi Nasrullah Al-Ameen &
Charles Gatz
Dr. Yazdani
University of Texas at Arlington
National Science Foundation
Questions?
Thank you for your time.