Article

Ensuring content integrity for untrusted peer-to-peer content distribution networks

Authors:

Nikolaos Michalakis,

Robert GrimmAuthors Info & Claims

NSDI'07: Proceedings of the 4th USENIX conference on Networked systems design & implementation

Page 11

Published: 11 April 2007 Publication History

Abstract

Many existing peer-to-peer content distribution networks (CDNs) such as Na Kika, CoralCDN, and CoDeeN are deployed on PlanetLab, a relatively trusted environment. But scaling them beyond this trusted boundary requires protecting against content corruption by untrusted replicas. This paper presents Repeat and Compare, a system for ensuring content integrity in untrusted peer-to-peer CDNs even when replicas dynamically generate content. Repeat and Compare detects misbehaving replicas through attestation records and sampled repeated execution. Attestation records, which are included in responses, cryptographically bind replicas to their code, inputs, and dynamically generated output. Clients then forward a fraction of these records to randomly selected replicas acting as verifiers. Verifiers, in turn, reliably identify misbehaving replicas by locally repeating response generation and comparing their results with the attestation records. We have implemented our system on top of Na Kika. We quantify its detection guarantees through probabilistic analysis and show through simulations that a small sample of forwarded records is sufficient to effectively and promptly cleanse a CDN, even if large fractions of replicas or verifiers are misbehaving.

References

[1]

A. Adelsbach, M. Rohe, and A.-R. Sadeghi. Towards multilaterally secure digital rights distribution infrastructures. In Proc. 5th ACM DRM, pp. 45-54, Nov. 2005.

Digital Library

[2]

A. S. Aiyer, L. Alvisi, A. Clement, M. Dahlin, J.-P. Martin, and C. Porth. BAR fault tolerance for cooperative services. In Proc. 20th SOSP, pp. 45-58, Oct. 2005.

Digital Library

[3]

S. S. Bakken, A. Aulbach, E. Schmid, J. Winstead, L. T. Wilson, R. Lefdorf, A. Zmievski, and J. Ahto. PHP Manual. PHP Documentation Group, Feb. 2004. http://www.php.net/ manual/.

[4]

R. J. Bayardo and J. Sorensen. Merkle tree authentication of HTTP responses. In Proc. 14th WWW, pp. 1182-1183, May 2005.

Digital Library

[5]

L. Bent, M. Rabinovich, G. M. Voelker, and Z. Xiao. Characterization of a large web site population with implications for content delivery. In Proc. 13th WWW, pp. 522-533, May 2004.

Digital Library

[6]

C. Canali, V. Cardellini, M. Colajanni, R. Lancellotti, and P. S. Yu. Cooperative archictectures and algorithms for discovery and transcoding of multi-version content. In Proc. 8th IWCW, Sept. 2003.

[7]

M. Castro and B. Liskov. Practical byzantine fault tolerance and proactive recovery. ACM TOCS, 20(4):398-461, Nov. 2002.

Digital Library

[8]

T. D. Chandra and S. Toueg. Unreliable failure detectors for reliable distributed systems. Journal of the ACM, 43(2):225-267, Mar. 1996.

Digital Library

[9]

C.-H. Chi and Y. Wu. An XML-based data integrity service model for web intermediaries. In Proc. 7th IWCW, 2002.

[10]

B. Chun, F. Dabek, A. Haeberlen, E. Sit, H. Weatherspoon, M. F. Kaashoek, J. Kubiatowicz, and R. Morris. Efficient replica maintenance for distributed storage systems. In Proc. 3rd NSDI, pp. 45-58, May 2006.

Digital Library

[11]

M. Costa, J. Crowcroft, M. Castro, A. Rowstron, L. Zhou, L. Zhang, and P. Barham. Vigilante: End-to-end containment of internet worms. In Proc. 20th SOSP, pp. 133-147, Oct. 2005.

Digital Library

[12]

F. Dabek, M. F. Kaashoek, D. Karger, R. Morris, and I. Stoica. Wide-area cooperative storage with CFS. In Proc. 18th SOSP, pp. 202-215, Oct. 2001.

Digital Library

[13]

ECMA International. Common language infrastructure (CLI), 4th edition, June 2006.

[14]

C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen. SPKI certificate theory. RFC 2693, IETF, Sept. 1999.

Digital Library

[15]

M. J. Freedman. Personal Communication, Oct. 2006.

[16]

M. J. Freedman, E. Freudenthal, and D. Mazières. Democratizing content publication with Coral. In Proc. 1st NSDI, pp. 239-252, Mar. 2004.

Digital Library

[17]

M. J. Freedman, K. Lakshminarayanan, and D. Mazières. OASIS: Anycast for any service. In Proc. 3rd NSDI, pp. 129-142, May 2006.

Digital Library

[18]

T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: A virtual machine-based platform for trusted computing. In Proc. 19th SOSP, pp. 193-206, Oct. 2003.

Digital Library

[19]

T. J. Giuli and M. Baker. Narses: A scalable, flow-based network simulator. Tech. Report arXiv:cs.PF/0211024, Stanford University, Nov. 2002.

[20]

R. Grimm, G. Lichtman, N. Michalakis, A. Elliston, A. Kravetz, J. Miller, and S. Raza. Na Kika: Secure service execution and composition in an open edge-side computing network. In Proc. 3rd NSDI, pp. 169-182, May 2006.

Digital Library

[21]

K. Gummadi, R. Gummadi, S. Gribble, S. Ratnasamy, S. Shenker, and I. Stoica. The impact of DHT routing geometry on resilience and proximity. In Proc. 2003 SIGCOMM, pp. 381-394, Aug. 2003.

Digital Library

[22]

I. Gupta, K. Birman, P. Linga, A. Demers, and R. van Renesse. Kelips: Building an efficient and stable P2P DHT through increased memory and background overhead. In Proc. 2nd IPTPS, pp. 160-169, Feb. 2003.

[23]

A. Haeberlen, P. Kouznetsov, and P. Druschel. The case for byzantine fault detection. In Proc. 2nd HotDep, Nov. 2006.

Digital Library

[24]

S. Iyer, A. Rowstron, and P. Druschel. Squirrel: A decentralized peer-to-peer web cache. In Proc. 21st PODC, pp. 213-222, July 2002.

Digital Library

[25]

S. D. Kamvar, M. T. Schlosser, and H. Garcia-Molina. The eigentrust algorithm for reputation management in P2P networks. In Proc. 12th WWW, pp. 640-651, May 2003.

Digital Library

[26]

J. Li, M. Krohn, D. Mazières, and D. Shasha. Secure untrusted data repository (SUNDR). In Proc. 6th OSDI, pp. 121-136, Dec. 2004.

Digital Library

[27]

J. Li, J. Stribling, R. Morris, and M. F. Kaashoek. Bandwidth-efficient management of DHT routing tables. In Proc. 2nd NSDI, pp. 99-114, May 2005.

Digital Library

[28]

P. Maniatis, D. S. H. Rosenthal, M. Roussopoulos, M. Baker, T. J. Giuli, and Y. Muliadi. Preserving peer replicas by rate-limited sampled voting. In Proc. 19th SOSP, pp. 44-59, Oct. 2003.

Digital Library

[29]

D. Mosberger and T. Jin. httperf: A tool for measuring web server performance. In Proc. 1st Workshop on Internet Server Performance, pp. 59-67, June 1998.

Digital Library

[30]

OpenSSL. http://www.openssl.org/. Accessed Feb. 2007.

[31]

H. K. Orman. Data integrity for mildly active content. Proc. 3rd Workshop on Active Middleware Services, p. 73, Aug. 2001.

Digital Library

[32]

S. Pearson, B. Balacheff, L. Chen, D. Plaquin, and G. Proudler. Trusted Computing Platforms: TCPA Technology In Context. Prentice Hall, July 2002.

Digital Library

[33]

Privoxy. http://www.privoxy.org/. Accessed Feb. 2007.

[34]

B. Przydatek, D. Song, and A. Perrig. Sia: Secure information aggregation in sensor networks. In Proc. 1st SenSys, pp. 255- 265, Nov. 2003.

Digital Library

[35]

F. Qin, J. Tucek, J. Sundaresan, and Y. Zhou. Rx: Treating bugs as allergies--a safe method to survive software failures. In Proc. 20th SOSP, pp. 235-248, Oct. 2005.

Digital Library

[36]

A. Rowstron and P. Druschel. Pastry: Scalable, distributed object location and routing for large-scale peer-to-peer systems. In Proc. Middleware '01, pp. 329-350, Nov. 2001.

Digital Library

[37]

J. H. Saltzer, D. P. Reed, and D. D. Clark. End-to-end arguments in system design. ACM TOCS, 2(4):277-288, Nov. 1984.

Digital Library

[38]

A. Seshadri, M. Luk, E. Shi, A. Perrig, L. van Doorn, and P. Khosla. Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. In Proc. 20th SOSP, pp. 1-16, Oct. 2005.

Digital Library

[39]

E. Shi, A. Perrig, and L. V. Doorn. BIND: A fine-grained attestation service for secure distributed systems. Proc. 2005 S&P, pp. 154-168, May 2005.

Digital Library

[40]

W. Shi, K. Shah, Y. Mao, and V. Chaudhary. Tuxedo: A peer-to-peer caching system. In Proc. 2003 PDPTA, pp. 981-987, June 2003.

[41]

A. Shieh, D. Williams, E. Sirer, and F. Schneider. Nexus: A new operating system for trustworthy computing. In 20th SOSP Workin-Progress Session, Oct. 2005.

Digital Library

[42]

E. G. Sirer. Meridian: Data Description, 2005. http: //www.cs.cornell.edu/People/egs/meridian/ data.php. Accessed Feb. 2007.

[43]

Y. J. Song, V. Ramasubramanian, and E. G. Sirer. Optimal resource utilization in content distribution networks. Tech. Report CIS TR2005-2004, Cornell University, Nov. 2005.

[44]

I. Stoica, R. Morris, D. Karger, M. F. Kaashoek, and H. Balakrishnan. Chord: A scalable peer-to-peer lookup service for Internet applications. In Proc. 2001 SIGCOMM, pp. 149-160, Aug. 2001.

Digital Library

[45]

K. Walsh and E. G. Sirer. Experience with a distributed object reputation system for peer-to-peer filesharing. In Proc. 3rd NSDI, pp. 1-14, May 2006.

Digital Library

[46]

L. Wang, V. Pai, and L. Peterson. The effectiveness of request redirection on CDN robustness. In Proc. 5th OSDI, pp. 345-360, Dec. 2002.

Digital Library

[47]

Washington Post. The botnet trackers, February 16 2006. http: //www.washingtonpost.com/wp-dyn/content/ article/2006/02/16/AR2006021601388.html. Accessed Feb. 2007.

[48]

B. Wong, A. Slivkins, and E. G. Sirer. Meridian: A lightweight network location service without virtual coordinates. In Proc. 2005 SIGCOMM, pp. 85-96, Aug. 2005.

Digital Library

[49]

A. Yumerefendi and J. Chase. The Role of Accountability in Dependable Distributed Systems. In Proc. 1st HotDep, June 2005.

Digital Library

[50]

A. R. Yumerefendi and J. S. Chase. Trust but verify: Accountability for network services. In Proc. 11th ACM SIGOPS European Workshop, p. 37, Sept. 2004.

Digital Library

[51]

M. Yurkewych, B. N. Levine, and A. L. Rosenberg. On the cost-ineffectiveness of redundancy in commercial P2P computing. In Proc. 12th CCS, pp. 280-288, Nov. 2005.

Digital Library

[52]

B. Y. Zhao, L. Huang, J. Stribling, S. C. Rhea, A. D. Joseph, and J. D. Kubiatowicz. Tapestry: A resilient global-scale overlay for service deployment. IEEE J-SAC, 22(1):41-53, Jan. 2004.

Digital Library

[53]

W. Zhao and H. Schulzrinne. DotSlash: Providing dynamic scalability to web applications with on-demand distributed query result caching. Tech. Report CUCS-035-05, Columbia University, Sept. 2005.

[54]

L. Zhou, F. B. Schneider, and R. V. Renesse. Coca: A secure distributed online certification authority. ACM TOCS, 20(4):329- 368, Nov. 2002.

Digital Library

Cited By

Coileáin DO'mahony D(2015)Accounting and Accountability in Content Distribution ArchitecturesACM Computing Surveys10.1145/272370147:4(1-35)Online publication date: 11-May-2015
https://dl.acm.org/doi/10.1145/2723701
Priebe CMuthukumaran DO' Keeffe DEyers DShand BKapitza RPietzuch PAhn GOprea ASafavi-Naini R(2014)CloudSafetyNetProceedings of the 6th edition of the ACM Workshop on Cloud Computing Security10.1145/2664168.2664174(117-128)Online publication date: 7-Nov-2014
https://dl.acm.org/doi/10.1145/2664168.2664174
Haeberlen AAditya PRodrigues RDruschel PArpaci-Dusseau RChen B(2010)Accountable virtual machinesProceedings of the 9th USENIX conference on Operating systems design and implementation10.5555/1924943.1924952(119-134)Online publication date: 4-Oct-2010
https://dl.acm.org/doi/10.5555/1924943.1924952
Show More Cited By

Ensuring content integrity for untrusted peer-to-peer content distribution networks

Recommendations

Bulk content distribution using peer-to-peer overlay: design and analysis
Collusion-resilient credit-based reputations for peer-to-peer content distribution
NetEcon '10: Proceedings of the 2010 Workshop on Economics of Networks, Systems, and Computation

With growing demand for high-quality multimedia content, content providers face enormous pressure to scale the serving capacity. Peer-to-peer content distribution is a natural low cost option to scale system capacity. In a P2P CDN model, content ...
Multimedia Content Distribution Using Peer-to-Peer Overlay Networks: The Design and Analysis of the Next Generation Peer-to-Peer Networks

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

NSDI'07: Proceedings of the 4th USENIX conference on Networked systems design & implementation

April 2007

27 pages

Sponsors

VMware
Google Inc.
Microsoft Research: Microsoft Research
Intel: Intel
CISCO

Publisher

USENIX Association

United States

Publication History

Published: 11 April 2007

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 11 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Coileáin DO'mahony D(2015)Accounting and Accountability in Content Distribution ArchitecturesACM Computing Surveys10.1145/272370147:4(1-35)Online publication date: 11-May-2015
https://dl.acm.org/doi/10.1145/2723701
Priebe CMuthukumaran DO' Keeffe DEyers DShand BKapitza RPietzuch PAhn GOprea ASafavi-Naini R(2014)CloudSafetyNetProceedings of the 6th edition of the ACM Workshop on Cloud Computing Security10.1145/2664168.2664174(117-128)Online publication date: 7-Nov-2014
https://dl.acm.org/doi/10.1145/2664168.2664174
Haeberlen AAditya PRodrigues RDruschel PArpaci-Dusseau RChen B(2010)Accountable virtual machinesProceedings of the 9th USENIX conference on Operating systems design and implementation10.5555/1924943.1924952(119-134)Online publication date: 4-Oct-2010
https://dl.acm.org/doi/10.5555/1924943.1924952
Kiciman ELivshits B(2010)AjaxScopeACM Transactions on the Web10.1145/1841909.18419104:4(1-52)Online publication date: 1-Sep-2010
https://dl.acm.org/doi/10.1145/1841909.1841910
Haeberlen A(2010)A case for the accountable cloudACM SIGOPS Operating Systems Review10.1145/1773912.177392644:2(52-57)Online publication date: 14-Apr-2010
https://dl.acm.org/doi/10.1145/1773912.1773926
Yu FGopalakrishnan VRamakrishnan KLee D(2009)Loss-tolerant real-time content integrity validation for P2P video streamingProceedings of the First international conference on COMmunication Systems And NETworks10.5555/1702135.1702165(208-217)Online publication date: 5-Jan-2009
https://dl.acm.org/doi/10.5555/1702135.1702165
Cai ZChen RFeng JTang CChen ZHu JShin SOssowski S(2009)A holistic mechanism against file pollution in peer-to-peer networksProceedings of the 2009 ACM symposium on Applied Computing10.1145/1529282.1529288(28-34)Online publication date: 8-Mar-2009
https://dl.acm.org/doi/10.1145/1529282.1529288
Belenkiy MChase MErway CJannotti JKüpçü ALysyanskaya ARachlin ENing PYu T(2007)Making p2p accountable without losing privacyProceedings of the 2007 ACM workshop on Privacy in electronic society10.1145/1314333.1314339(31-40)Online publication date: 29-Oct-2007
https://dl.acm.org/doi/10.1145/1314333.1314339

View Options

View options

Media

Figures

Other

Tables

View Table of Contents