Article

A survey of peer-to-peer security issues

Author:

Dan S. WallachAuthors Info & Claims

ISSS'02: Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems

Pages 42 - 57

Published: 08 November 2002 Publication History

Abstract

Peer-to-peer (p2p) networking technologies have gained popularity as a mechanism for users to share files without the need for centralized servers. A p2p network provides a scalable and fault-tolerant mechanism to locate nodes anywhere on a network without maintaining a large amount of routing state. This allows for a variety of applications beyond simple file sharing. Examples include multicast systems, anonymous communications systems, and web caches. We survey security issues that occur in the underlying p2p routing protocols, as well as fairness and trust issues that occur in file sharing and other p2p applications.We discuss how techniques, ranging from cryptography, to random network probing, to economic incentives, can be used to address these problems.

References

[1]

Ratnasamy, S., Francis, P., Handley, M., Karp, R., Shenker, S.: Ascalable content-addressable network. In: Proc. ACM SIGCOMM'01, San Diego, California (2001)

Digital Library

[2]

Stoica, I., Morris, R., Karger, D., Kaashoek, M.F., Balakrishnan, H.: Chord:A scalable peer-to-peer lookup service for Internet applications. In: Proc. ACM SIGCOMM'01, San Diego, California (2001)

Digital Library

[3]

Rowstron, A., Druschel, P.: Pastry: Scalable, distributed object location and routing for large-scale peer-to-peer systems. In: Proc. IFIP/ACM Middleware 2001, Heidelberg, Germany (2001)

Digital Library

[4]

Zhao, B. Y., Kubiatowicz, J. D., Joseph, A. D.: Tapestry: An infrastructure for fault-resilient wide-area location and routing. Technical Report UCB//CSD-01-1141, U. C. Berkeley (2001)

Digital Library

[5]

Castro, M., Druschel, P., Ganesh, A., Rowstron, A.,Wallach, D. S.: Secure routing for structured peer-to-peer overlay networks. In: Proc. OSDI 2002, Boston, Massachusetts (2002) To appear.

Digital Library

[6]

Sit, E., Morris, R.: Security considerations for peer-to-peer distributed hash tables. In: Proceedings for the 1st InternationalWorkshop on Peer-to-Peer Systems (IPTPS '02), Cambridge, Massachusetts (2002)

Digital Library

[7]

Saroiu, S., Gummadi, K. P., Dunn, R. J., Gribble, S. D., Levy, H. M.: An analysis of internet content delivery systems. In: Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), Boston, Massachusetts (2002)

Digital Library

[8]

Rowstron, A., Kermarrec, A. M., Druschel, P., Castro, M.: Scribe: The design of a large-scale event notification infrastructure. In: Proc. NGC'2001, London, UK (2001)

Digital Library

[9]

Castro, M., Druschel, P., Kermarrec, A. M., Rowstron, A.: SCRIBE:A large-scale and decentralized application-level mul ticast infrastructure. IEEE JSAC 20 (2002)

Digital Library

[10]

Castro, M., Liskov, B.: Practical byzantine fault tolerance. In: Proceedings of the Third Symposium on Operating Systems Design and Implementation (OSDI'99), New Orleans, Louisiana (1999)

Digital Library

[11]

Douceur, J. R.: The Sybil attack. In: Proceedings for the 1st International Workshop on Peer-to-Peer Systems (IPTPS '02), Cambridge, Massachusetts (2002)

Digital Library

[12]

Merkle, R. C.: Secure communications over insecure channels. Communications of the ACM 21 (1978) 294-299

Digital Library

[13]

Dabek, F., Kaashoek, M. F., Karger, D., Morris, R., Stoica, I.: Wide-area cooperative storage with CFS. In: Proc. ACM SOSP'01, Banff, Canada (2001)

Digital Library

[14]

Rowstron, A., Druschel, P.: Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility. In: Proc. ACM SOSP'01, Banff, Canada (2001)

Digital Library

[15]

Mazières, D., Kaminsky, M., Kaashoek, M. F.,Witchel, E.: Separating key management from file system security. In: Proc. SOSP'99, Kiawah Island, South Carolina (1999)

Digital Library

[16]

Bolosky, W. J., Douceur, J. R., Ely, D., Theimer, M.: Feasibility of a serverless distributed file system deployed on an existing set of desktop PCs. In: Proc. SIGMETRICS'2000, Santa Clara, California (2000)

Digital Library

[17]

Feigenbaum, J., Shenker, S.: Distributed algorithmic mechanism design: Recent results and future directions. In: Proceedings of the 6th InternationalWorkshop on Discrete Algorithms and Methods for Mobile Computing and Communications (DIAL-M 2002), Atlanta, Georgia (2002) 1-13

Digital Library

[18]

Reiter, M. K., Rubin, A. D.: AnonymousWeb transactions with Crowds. Communications of the ACM 42 (1999) 32-48

Digital Library

[19]

Fehr, E., Gachter, S.: Altruistic punishment in humans. Nature (2002) 137-140

[20]

Schwartz, J., Tedeschi, B.: New software quietly diverts sales commissions. NewYork Times (2002) http://www.nytimes.com/2002/09/27/technology/27FREE. html.

[21]

Spring, T.: KaZaA sneakware stirs inside PCs. PC World (2002) http://www.cnn. com/2002/TECH/internet/05/07/kazaa.software.idg/index. html.

[22]

Weatherall, D.: Active network vision and reality: lessons from a capsule-based system. In: Proceedings of the Seventeenth ACM Symposium on Operating System Principles, Kiawah Island, SC (1999) 64-79

Digital Library

[23]

Hicks, M., Kakkar, P., Moore, J. T., Gunter, C. A., Nettles, S.: PLAN: A Packet Language for Active Networks. In: Proceedings of the ThirdACM SIGPLAN International Conference on Functional Programming Languages, ACM (1998) 86-93

Digital Library

[24]

Wallach, D. S., Balfanz, D., Dean, D., Felten, E. W.: Extensible security architectures for Java. In: Proceedings of the Sixteenth ACM Symposium on Operating System Principles, Saint-Malo, France (1997) 116-128

Digital Library

[25]

Reed, M. G., Syverson, P. F., Goldschlag, D. M.: Anonymous connections and onion routing. IEEE Journal on Selected Areas in Communication: Special Issue on Copyright and Privacy Protection 16 (1998)

Digital Library

[26]

Waldman, M., Rubin, A. D., Cranor, L. F.: Publius: A robust, tamper-evident, censorship-resistant, web publishing system. In: Proc. 9th USENIX Security Symposium, Denver, Colorado (2000) 59-72

Digital Library

[27]

Waldman, M., Mazires, D.: Tangler: A censorship resistant publishing system based on document entanglements. In: 8thACMConference on Computer and Communcation Security (CCS-8), Philadelphia, Pennsylvania (2001)

Digital Library

[28]

Hazel, S., Wiley, B.: Achord: A variant of the Chord lookup service for use in censorship resistant peer-to-peer. In: Proceedings for the 1st International Workshop on Peer-to-Peer Systems (IPTPS '02), Cambridge, Massachusetts (2002)

[29]

Serjantov, A.: Anonymizing censorship resistant systems. In: Proceedings for the 1st International Workshop on Peer-to-Peer Systems (IPTPS '02), Cambridge, Massachusetts (2002)

Digital Library

[30]

Freedman, M. J., Sit, E., Cates, J., Morris, R.: Tarzan: A peer-to-peer anonymizing network layer. In: Proceedings for the 1st International Workshop on Peer-to-Peer Systems (IPTPS '02), Cambridge, Massachusetts (2002)

Digital Library

[31]

Dingledine, R., Freedman, M. J., Molnar, D.: Accountability measures for peer-to-peer systems. In: Peer-to-Peer: Harnessing the Power of Disruptive Technologies, O'Reilly and Associates (2000)

[32]

Bellovin, S.: Security aspects of Napster and Gnutella. In: 2001 Usenix Annual Technical Conference, Boston, Massachusetts (2001) Invited talk.

Cited By

Kryukov ADemichev A(2018)Decentralized Data StoragesProgramming and Computing Software10.1134/S036176881805006744:5(303-315)Online publication date: 1-Sep-2018
https://dl.acm.org/doi/10.1134/S0361768818050067
Kaur RSangal AKumar K(2016)A Persistent Structured Hierarchical Overlay Network to Counter Intentional Churn AttackJournal of Computer Networks and Communications10.1155/2016/51914052016(4)Online publication date: 1-Oct-2016
https://dl.acm.org/doi/10.1155/2016/5191405
Zuo XIamnitchi A(2016)A Survey of Socially Aware Peer-to-Peer SystemsACM Computing Surveys10.1145/289476149:1(1-28)Online publication date: 12-May-2016
https://dl.acm.org/doi/10.1145/2894761
Show More Cited By

Index Terms

A survey of peer-to-peer security issues

Recommendations

An efficient and secure overlay network for general peer-to-peer systems
An Efficient Hybrid Peer-to-Peer System for Distributed Data Sharing

Peer-to-peer overlay networks are widely used in distributed systems. Based on whether a regular topology is maintained among peers, peer-to-peer networks can be divided into two categories: structured peer-to-peer networks in which peers are connected ...
Ranking factors in peer-to-peer overlay networks

A large number of peer processes are distributed in a peer-to-peer (P2P) overlay network. It is difficult, maybe impossible for a peer to perceive the membership and location of every resource object due to the scalability and openness of a P2P network. ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

ISSS'02: Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems

November 2002

470 pages

ISBN:3540007083

Editors:
Mitsuhiro Okada
Keio University, Tokyo, Japan
,
Benjamin C. Pierce
University of Pennsylvania, Philadelphia, PA
,
Andre Scedrov
University of Pennsylvania, Philadelphia, PA
,
Hideyuki Tokuda
Keio University, Fujisawa, Japan
,
Akinori Yonezawa
University of Tokyo, Tokyo, Japan

Sponsors

NSF: National Science Foundation
JSPS: Japanese Society for the Promotion of Science
Keio University: Keio University
MEXT: Japanese Ministry of Education, Science and Culture

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 08 November 2002

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

42
Total Citations
View Citations
70
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 10 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Kryukov ADemichev A(2018)Decentralized Data StoragesProgramming and Computing Software10.1134/S036176881805006744:5(303-315)Online publication date: 1-Sep-2018
https://dl.acm.org/doi/10.1134/S0361768818050067
Kaur RSangal AKumar K(2016)A Persistent Structured Hierarchical Overlay Network to Counter Intentional Churn AttackJournal of Computer Networks and Communications10.1155/2016/51914052016(4)Online publication date: 1-Oct-2016
https://dl.acm.org/doi/10.1155/2016/5191405
Zuo XIamnitchi A(2016)A Survey of Socially Aware Peer-to-Peer SystemsACM Computing Surveys10.1145/289476149:1(1-28)Online publication date: 12-May-2016
https://dl.acm.org/doi/10.1145/2894761
Richardson SCox IGeva STrotman ABruza PClarke CJärvelin K(2014)Estimating global statistics for unstructured P2P search in the presence of adversarial peersProceedings of the 37th international ACM SIGIR conference on Research & development in information retrieval10.1145/2600428.2609567(203-212)Online publication date: 3-Jul-2014
https://dl.acm.org/doi/10.1145/2600428.2609567
Li YTan YDe P(2013)Self-Organized Formation and Evolution of Peer-to-Peer NetworksINFORMS Journal on Computing10.1287/ijoc.1120.051725:3(502-516)Online publication date: 1-Jul-2013
https://dl.acm.org/doi/10.1287/ijoc.1120.0517
Poh GMohd Nazir MGoi BTan SPhan RShamsudin MElçi AGaur MOrgun MMakarevich O(2013)An authentication framework for peer-to-peer cloudProceedings of the 6th International Conference on Security of Information and Networks10.1145/2523514.2523531(94-101)Online publication date: 26-Nov-2013
https://dl.acm.org/doi/10.1145/2523514.2523531
Jose JJs JThampi SGopalan KThampi S(2012)Sybil resilient identity distribution in P2P networksProceedings of the International Conference on Advances in Computing, Communications and Informatics10.1145/2345396.2345468(433-439)Online publication date: 3-Aug-2012
https://dl.acm.org/doi/10.1145/2345396.2345468
Mittal PBorisov N(2012)Information Leaks in Structured Peer-to-Peer Anonymous Communication SystemsACM Transactions on Information and System Security10.1145/2133375.213338015:1(1-28)Online publication date: 1-Mar-2012
https://dl.acm.org/doi/10.1145/2133375.2133380
Selvaraj CAnand S(2012)SurveyComputer Science Review10.1016/j.cosrev.2012.04.0016:4(145-160)Online publication date: 1-Jul-2012
https://dl.acm.org/doi/10.1016/j.cosrev.2012.04.001
Shahmehri NByers DHiran R(2011)TRAPProceedings of the 8th international conference on Trust, privacy and security in digital business10.5555/2035420.2035431(86-97)Online publication date: 29-Aug-2011
https://dl.acm.org/doi/10.5555/2035420.2035431
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents