DOCSLIB.ORG

ANONYMOUS PUBLISH-SUBSCRIBE OVERLAYS Jörg Daubert

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

ANONYMOUS PUBLISH-SUBSCRIBE OVERLAYS jörg daubert vom Fachbereich Informatik der Technischen Universität Darmstadt zur Erlangung des Grades eines Doktors der Naturwissenschaften (Dr. rer. nat.) genehmigte Dissertationsschrift in englischer Sprache von Jörg Daubert M.Sc aus Darmstadt geboren in Bad Soden-Salmünster Erstreferent: Prof. Dr. Max Mühlhäuser Korreferent: Prof. Dr. Thorsten Strufe Tag der Einreichung: 26. Januar 2016 Tag der Prüfung: 10. März 2016 Fachgebiet Telekooperation Fachbereich Informatik Technische Universität Darmstadt Hochschulkennziffer D-17 Darmstadt 2016 Jörg Daubert: Anonymous Publish-Subscribe Overlays, Anonymity in P2P Publish-Subscribe Overlay Networks, © January 26th, 2016 “I grew up with the understanding that the world I lived in was one where people enjoyed a sort of freedom to communicate with each other in privacy without it being monitored, without it being measured, or analyzed or sort of judged by these shadowy figures or systems anytime they mention anything that travels across public lines.” — Edward Snowden, excerpt from an interview with Glenn Greenwald, 2013 EXECUTIVE SUMMARY Freedom of speech is a core value of our society. While it can be exercised anonymously towards undesired observers in the physical world, the Internet is based on unique and nonanonymous identifiers (IDs) for every participant. Anonymity, however, is a crucial require- ment to exercise freedom of speech using the Internet without having to face political persecution. To achieve anonymity, messages must be unlinkable to senders an receivers. That means that messages cannot be linked to IDs and other identifying information of senders and re- ceivers. Anonymization services, such as Tor, re-establish anonymity within the Internet such that, for example, web content can be con- sumed anonymously. Nevertheless, this type of solution embodies two challenges: First, with the appearance of social media, the Internet usage behavior changed drastically from a one producer with many consumers to a many producers with many consumers of content paradigm. Second, a social media website that is used by many producers and many consumers constitutes a single point of failure (SPoF) regarding both availability and anonymity. Such a website may collect producer and consumer profiles, ultimately breaking anonymity. Publish/subscribe (pub/sub) is a message dissemination paradigm well suited to address the first challenge, the many-to-many exchange of content. peer-to-peer (P2P) Pub/Sub eliminates the need for an SPoF and, thus, partially addresses the second challenge as well. However, research addressing anonymity as a security requirement for Pub/Sub has merely scratched the surface. This thesis improves the state-of-the-art in anonymous Pub/Sub in several areas. In particular, the thesis addresses the following aspects of constructing anonymous Pub/Sub systems: (i.) Building blocks that reduce the complexity of constructing anonymous Pub/Sub systems are proposed; (ii.) methods for anonymously establishing Pub/Sub overlay networks are presented; (iii.) a method for inter-overlay opti- mization to distribute load is introduced; (iv.) methods for optimiz- ing overlays regarding anonymity are proposed, and (v.) anonymity attacks and countermeasures are presented. contributions This thesis contributes to the following research categories: anonymous overlay establishment An anonymous Pub/Sub system is presented along six self-containing building blocks with the goal of establishing overlay networks that transport no- tifications from publishers to subscribers. Each building block is discussed in detail with a focus on leveraging related work to realize the building block. For attribute localization, the build- ing block most relevant for establishing overlays, this thesis v proposes multiple contributions: the usage of hash chains as a privacy-preserving transaction pseudonym and distance metric; the adaptation of flooding as well as forest fires; and random walks to distribute attribute knowledge. anonymous overlay optimization The thesis proposes two op- timizations for anonymity and one optimization for balancing the load. The first anonymity optimization, probabilistic for- warding (PF), applies the concept of mimic traffic to the do- main of Pub/Sub. The second anonymity optimization, the shell game (SG), shuffles the overlay. Both optimizations prevent an exposure of information to attackers that can gain knowledge about the overlay topology. The load-balancing optimization uses a ring communication and Bloom filters to distribute load among nodes. anonymity attacks and countermeasures Several well-known anonymity attacks are adapted to the domain of anonymous Pub/Sub and evaluated in detail. Novel attacks, such as the re- quest/ response-attack and the corner attack, are proposed as well and complemented with countermeasures. evaluation The proposed mechanisms and attacks are evaluated using a qualitative approach, quantitatively with an extensive sim- ulation, and empirically with a proof of concept (POC) application. The qualitative approach indicates that the presented mechanisms are well-suited to protect anonymity against a malicious insider threat. The quantitative evaluation is performed with the event-based sim- ulation framework OMNeT++. The results show that the presented anonymous Pub/Sub system can protect anonymity, even in case ma- licious insiders are combined with a global observer of a very strong anonymity threat. The results also reveal in which situations PF or the SG provides the better anonymity protection. Furthermore, the results indicate which capabilities are favorable for an anonymity attacker. An anonymous micro-blogging application for Twitter shows that the presented system can be implemented for a real-world use case: With the application, users exchange tweets via hashtag-overlays, and cryptographic keys via quick response (QR)-codes and near field com- munication (NFC). vi ZUSAMMENFASSUNG Die Redefreiheit zählt zu den wichtigsten Werten unserer Gesellschaft. Während die Redefreiheit in der physischen Welt anonym gegenüber unerwünschten Fremden ausgeübt werden kann, basiert das Inter- net auf nicht-anonymen, sondern vielmehr eindeutigen, Identifikati- onsmerkmalen (IDs). Zur Ausübung der Redefreiheit ohne politische Verfolgung ist die Anonymität jedoch eine Kernanforderung. Anony- mity bedingt, dass eine Nachricht nicht mit Sender und Empfänger in Verbindung gebracht werden kann. Insbesondere darf eine Nachricht nicht mit IDs oder anderen Identifikationsmerkmalen in Beziehung gesetzt werden. Anonymisierungsdienste wie Tor können im Internet verwendet werden, um etwa Webinhalte anonym abzurufen. Mit einer solchen Lösung ergeben sich jedoch 2 Arten von Herausforderungen: Erstens hat sich die Internet-Nutzung mit dem Aufkommen sozialer Medien verändert; statt einem ein Produzent mit vielen Konsumenten von Inhal- ten Nutzungs-Paradigma nimmt nun das viele Produzenten mit vielen Konsumenten-Paradigma eine gewichtige Rolle ein. Zweitens stellt ei- ne Social-Media-Webseite mit vielen Nutzer eine zentrale Schwach- stelle da, sowohl in Bezug auf die Verfügbarkeit als auch auf die An- onymität. Eine solche Webseite kann Profildaten ihrer Nutzer sam- meln um schlussendlich deren Anonymität zu brechen. Publish/subscribe (pub/sub) ist ein Konzept zur Nachrichten- Verteilung, welches die erste Herausforderung sehr gut adressiert. P2P Pub/Sub kommt ohne zentrale Schwachstelle aus, und deckt da- mit auch die zweite Herausforderung teilweise ab. Jedoch steht For- schung, welche Anonymität als Sicherheitsanforderung für Pub/Sub berücksichtigt, erst am Anfang. Diese Dissertation erweitert den aktuellen Forschungsstand in meh- reren Bereichen. Die folgenden Aspekte der Konstruktion von anony- men Pub/Sub Systemen werden dabei angesprochen: (i.) Bausteine zur Erleichterung zukünftiger Entwicklung von anonymen Pub/Sub Syste- men werden vorgeschlagen; (ii.) Methoden zur anonymen Erzeugung von Overlay-Netzwerken werden vorgestellt; (iii.) eine anonyme Inter- Overlay-Optimierung zur Verteilung von Last wird präsentiert; (iv.) Methoden zur Optimierung der Anonymität in Overlay-Netzwerken werden eingebührt; (v.) Angriffe der Anonymität sowie Schutzmaß- nahmen werden vorgeschlagen. beiträge Die Beiträge dieser Dissertation lassen sich in folgende Forschungsschwerpunkte einteilen: anonyme overlay-erzeugung Es wird ein anonymes Pub/Sub Sys- tem anhand von sechs in sich geschlossenen Bausteinen vor- gestellt. Hierbei wird das Ziel verfolgt, Overlay-Netzwerke zu erzeugen, welche nachfolgend Nachrichten von Produzenten zu Konsumenten transportieren. Jeder Baustein wird im Detail vii und in Bezug auf relevante verwandte Arbeiten erläutert. Für einen der wichtigsten Bausteine, die Lokalisierung von Attri- buten (attribute localization), werden mehrere Beiträge geleistet: Hash-Ketten kombinieren Transaktions-Pseudonym und Distanz- Metrik unter Schutz der Privatsphäre; sogenanntes flooding, fo- rest fires, und doppelte random walks werden zum Verteilen von Attributs-Wissen verwendet. anonyme overlay-optimierung Die Dissertation stellt zwei Op- timierungen zur Verbesserung der Anonymität sowie eine Opti- mierung zur Verteilung von Last vor. Die erste Anonymitäts- Optimierung, probabilistic forwarding (PF), überträgt das Kon- zept von “mimi traffic” auf Pub/Sub. Die zweite Optimierung, das Hütchen-Spiel (shell game (SG)), zerwürfelt Overlay-Netz- werke. Beide Optimierungen verfolgen das Ziel, die Preisga- be von Information durch die Overlay-Topologie
Recommended publications
  • Anonsocialmix: Anonymous P2P File Sharing Over Social Networks

    Anonsocialmix: Anonymous P2P File Sharing Over Social Networks

    AnonSocialMix: Anonymous P2P File Sharing Over Social Networks Student Name: Rajdeep Mukherjee IIIT-D-MTech-CS-GEN-MT15051 July, 2017 Indraprastha Institute of Information Technology New Delhi Thesis Committee Dr. Sambuddho Chakravarty, IIIT Delhi (Advisor) Dr. Tanmoy Chakraborty, IIIT Delhi (Internal Examiner) Dr. Vinay Joseph Ribeiro, IIT Delhi (External Examiner) Submitted in partial fulfillment of the requirements for the Degree of M.Tech. in Computer Science, in Information Security Category ©2017 IIIT-D MTech-CS-GEN-17-MT15051 All rights reserved Certificate This is to certify that the thesis titled “AnonSocialMix: Anonymous P2P File Sharing Over Social Networks" submitted by Rajdeep Mukherjee for the partial fulfillment of the requirements for the degree of Master of Technology in Computer Science & Engineering is a record of the bonafide work carried out by him under my guidance and supervision in the Security and Privacy group at Indraprastha Institute of Information Technology, Delhi. This work has not been submitted anywhere else for the reward of any other degree. Dr.Sambuddho Chakravarty Indraprastha Institute of Information Technology, New Delhi 2 Abstract Peer-to-peer (P2P) file sharing accounts for one of the major sources of the Internet traffic. As privacy and anonymity issues continue to grow due to constant censorship and network surveil- lance, more and more Internet users are getting attracted towards the facilities for anonymous communication. Extensive research has been conducted over the years towards the design and development of several anonymous P2P file sharing protocols and systems. Size of the Anonymity Set plays a crucial role in determining the degree of anonymity being provided by such networks.
  • Social Network Based Anonymous Communication in Tor Peng Zhou, Xiapu Luo, Ang Chen, and Rocky K

    Social Network Based Anonymous Communication in Tor Peng Zhou, Xiapu Luo, Ang Chen, and Rocky K

    1 STor: Social Network based Anonymous Communication in Tor Peng Zhou, Xiapu Luo, Ang Chen, and Rocky K. C. Chang Department of Computing, The Hong Kong Polytechnic University, Hunghom, Hong Kong cspzhouroc,csxluo,csachen,csrchang @comp.polyu.edu.hk f g Abstract—Anonymity networks hide user identities with the help of relayed anonymity routers. However, the state-of-the-art anonymity networks do not provide an effective trust model. As a result, users cannot circumvent malicious or vulnerable routers, thus making them susceptible to malicious router based attacks (e.g., correlation attacks). In this paper, we propose a novel social network based trust model to help anonymity networks circumvent malicious routers and obtain secure anonymity. In particular, we design an input independent fuzzy model to determine trust relationships between friends based on qualitative and quantitative social attributes, both of which can be readily obtained from existing social networks. Moreover, we design an algorithm for propagating trust over an anonymity network. We integrate these two elements in STor, a novel social network based Tor. We have implemented STor by modifying the Tor’s source code and conducted experiments on PlanetLab to evaluate the effectiveness of STor. Both simulation and PlanetLab experiment results have demonstrated that STor can achieve secure anonymity by establishing trust-based circuits in a distributed way. Although the design of STor is based on Tor network, the social network based trust model can be adopted by other anonymity networks. Index Terms—Social Network, Anonymous Communication, Tor, Fuzzy Model F 1 INTRODUCTION alone can be easily bypassed by an attacker.
  • Technology Stack for Decentralized Mobile Services

    Technology Stack for Decentralized Mobile Services

    Technology Stack for Decentralized Mobile Services Matouš Skála Technology Stack for Decentralized Mobile Services by Matouš Skála to obtain the degree of Master of Science at the Delft University of Technology, to be defended publicly on Monday August 31, 2020 at 3:00 PM. Student number: 4893964 Project duration: November 15, 2019 – August 31, 2020 Thesis committee: Dr.ir. J.A. Pouwelse, TU Delft, supervisor Dr. J.S. Rellermeyer, TU Delft Dr. N. Yorke-Smith, TU Delft An electronic version of this thesis is available at http://repository.tudelft.nl/. Preface When I was choosing my thesis topic, I originally came up with an idea of designing a decen- tralized social network. After realizing how ambitious that goal was, I later decided to focus on more fundamental issues first and create a library that would allow for building any de- centralized applications, running purely on an overlay network consisting of smartphones. Rather than reinventing the wheel, I took inspiration from an existing networking library de- veloped at TU Delft over the last decade and created its wire-compatible implementation in Kotlin. Interestingly, in the end, I have even implemented a trivial social network to demon- strate the usage of the library, returning back to the original idea. I would like to thank my supervisor Johan Pouwelse for an endless stream of fresh ideas and valuable feedback, and to PhD students of the Delft Blockchain Lab for numerous coffee meetings and for serving me as a walking documentation of the existing codebase. Matouš Skála Prague,
  • Censorship-Resistant Collaboration with a Hybrid DTN/P2P Network

    Censorship-Resistant Collaboration with a Hybrid DTN/P2P Network

    Censorship-resistant Collaboration with a Hybrid DTN/P2P Network Masterarbeit von Philipp Hagemeister aus Braunschweig vorgelegt am Lehrstuhl fur¨ Rechnernetze und Kommunikationssysteme Prof. Dr. Martin Mauve Heinrich-Heine-Universitat¨ Dusseldorf¨ Marz¨ 2012 Acknowledgments My thanks go to Marc Fontaine for asking stupid questions that turned out to be quite clever, and for pointing out that correctness is essential both in the real and the physical world. I also thank Paul Baade for demanding impossible features which turned out to be the last piece in the puzzle. Julius Rommler¨ has notified me of orthographical, typographical, and (inadvertently) semantical er- rors. And told me to use fewer big words. Thanks! I wish to thank Denis Lutke-Wiesmann¨ for proofreading the thesis, and the footnotes. Sven Hager found lots of overly short, overly long, and overly wrong statements. Thanks! Thanks to Prof. Martin Mauve for coming up with the idea, shielding us from bureaucracy, asking for explanation and rationale at every step, and finding all the errors nobody else found. iii Contents List of Figures viii 1 Motivation 1 1.1 Distribution of Speech . .2 1.2 Threat Model . .2 1.2.1 Nontechnical Attacks . .2 1.2.2 Internet Access . .3 1.2.3 Control over the User’s Computer . .4 1.2.4 Total Shutoff . .4 1.2.5 Physical Attacks . .5 1.2.6 IP Blocking . .5 1.2.7 DNS censorship . .6 1.2.8 Deep Packet Inspection . .6 1.2.9 Active Attacks . .8 1.2.10 Conclusions . .9 1.3 Decentralization . 10 1.4 Collaboration . 10 1.5 Structure of this Thesis .
  • Unveiling the I2P Web Structure: a Connectivity Analysis

    Unveiling the I2P Web Structure: a Connectivity Analysis

    Unveiling the I2P web structure: a connectivity analysis Roberto Magan-Carri´ on,´ Alberto Abellan-Galera,´ Gabriel Macia-Fern´ andez´ and Pedro Garc´ıa-Teodoro Network Engineering & Security Group Dpt. of Signal Theory, Telematics and Communications - CITIC University of Granada - Spain Email: [email protected], [email protected], [email protected], [email protected] Abstract—Web is a primary and essential service to share the literature have analyzed the content and services offered information among users and organizations at present all over through this kind of technologies [6], [7], [2], as well as the world. Despite the current significance of such a kind of other relevant aspects like site popularity [8], topology and traffic on the Internet, the so-called Surface Web traffic has been estimated in just about 5% of the total. The rest of the dimensions [9], or classifying network traffic and darknet volume of this type of traffic corresponds to the portion of applications [10], [11], [12], [13], [14]. Web known as Deep Web. These contents are not accessible Two of the most popular darknets at present are The Onion by search engines because they are authentication protected Router (TOR; https://www.torproject.org/) and The Invisible contents or pages that are only reachable through the well Internet Project (I2P;https://geti2p.net/en/). This paper is fo- known as darknets. To browse through darknets websites special authorization or specific software and configurations are needed. cused on exploring and investigating the contents and structure Despite TOR is the most used darknet nowadays, there are of the websites in I2P, the so-called eepsites.
  • Privacy-Preserving P2P Data Sharing with Oneswarm

    Privacy-Preserving P2P Data Sharing with Oneswarm

    Privacy-Preserving P2P Data Sharing with OneSwarm Tomas Isdal Michael Piatek Arvind Krishnamurthy Thomas Anderson University of Washington ABSTRACT On one side, protocols like BitTorrent are high performance and Privacy—the protection of information from unauthorized disclo- robust, but participants are easily monitored by anyone who cares sure—is increasingly scarce on the Internet. The lack of privacy to look [33, 30, 29]. On the other, anonymization networks (e.g., is particularly true for popular peer-to-peer data sharing applica- Tor [14] and Freenet [12]) emphasize privacy, but offer compara- tions such as BitTorrent where user behavior is easily monitored by tively poor performance. third parties. Anonymizing overlays such as Tor and Freenet can In this paper, we explore a new design point in this tradeoff be- improve user privacy, but only at a cost of substantially reduced tween privacy and performance. We describe the design and imple- performance. Most users are caught in the middle, unwilling to mentation of a file-sharing protocol called OneSwarm, intended to sacrifice either privacy or performance. provide much better performance than Tor and Freenet, and much In this paper, we explore a new design point in this tradeoff be- better privacy than BitTorrent. Our goal is to provide good enough tween privacy and performance. We describe the design and imple- performance that users turn on privacy by default for all of their mentation of a new P2P data sharing protocol, called OneSwarm, non-public data sharing. To this end, data objects shared via One- that provides users much better privacy than BitTorrent and much Swarm are located and transferred using disposable, temporary ad- better performance than Tor or Freenet.
  • Achieving Optimal Capacity Partitioning in P2P Networks Using Game and Control Theoretic Approaches

    Achieving Optimal Capacity Partitioning in P2P Networks Using Game and Control Theoretic Approaches

    Achieving Optimal Capacity Partitioning in P2P Networks using Game and Control Theoretic Approaches A thesis submitted in fulfilment of the requirements for the degree of PhD by Nitin Singh Singha DEPARTMENT OF ELECTRICAL ENGINEERING INDIAN INSTITUTE OF TECHNOLOGY KANPUR March 2018 ii Synopsis Name of the student: Nitin Singh Singha Roll No: 13104180 Degree for which submitted: PhD Department: Electrical Engineering Thesis title: Achieving Optimal Capacity Partitioning in P2P Networks using Game and Control Theoretic Approaches Thesis supervisor: Dr. Yatindra Nath Singh Month and year of thesis submission: March 2018 Traditionally Peer-to-Peer (P2P) network users use wired network technology like LAN for accessing the Internet. However nowadays, wireless technology can pro- vide high speed data service at lower costs. This has led to widespread use of wireless technology in office, home and hotels to provide Internet connectivity. Further, wireless technology is also being used to provide Internet services in public places like airports, railway stations and restaurants etc. Therefore, many P2P users are now using wireless networks like WiFi, WLAN, LTE and WiMAX (in time division duplex (TDD) mode), where nodes are connected to the backbone network through an access link. The uplink and downlink data flows through the same access link. The access link capacity is fixed, but its partitioning between uplink and downlink can be varied by a user such that increasing upload capacity reduces download capacity and vice-versa. In a P2P network, since users act both as a server and a client, so they need to simultaneously utilize their upload and download capacities, optimally.
  • Key Management for Onion Routing in a True Peer to Peer Setting

    Key Management for Onion Routing in a True Peer to Peer Setting

    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by Bournemouth University Research Online Key Management for Onion Routing in a True Peer to Peer Setting Paolo Palmieri1 and Johan Pouwelse2 Parallel and Distributed Systems, Delft University of Technology Mekelweg 4, 2628 CD Delft, The Netherlands [email protected] [email protected] Abstract. Onion routing is a technique for anonymous and privacy pre- serving communication at the base of popular Internet anonymity tools such as Tor. In onion routing, traffic is relayed by a number of inter- mediary nodes (called relays) before it reaches the intended destination. To guarantee privacy and prevent tampering, each packet is encrypted multiple times in a layered manner, using the public keys of the relays. Therefore, this mechanism makes two important assumptions: first, that the relays are able to communicate with each other; second, that the user knows the list of available relays and their respective public keys. Tor implements therefore a distributed directory listing the relays and their keys. When a user is not able to communicate with relays directly, he has to use special bridge servers to connect to the onion network. This construction, however, does not work in a fully peer to peer setting, where each peer only knows a limited number of other peers and may not be able to communicate with some of them due, for instance, to NAT or firewalls. In this paper we propose a key management scheme for onion routing that overcomes these problems. The proposed solution does not need a directory system and does not imply knowledge of all active re- lays, while it guarantees the secure distribution of public keys.
  • Integrating Secure Mobile P2P Systems and Wireless Sensor Networks

    Integrating Secure Mobile P2P Systems and Wireless Sensor Networks

    OPEN UNIVERSITY OF CATALONIA DOCTORAL THESIS REPORT Integrating secure mobile P2P systems and Wireless Sensor Networks Author: Supervisor: Marc Domingo Prieto Dr. Joan Arnedo Moreno Dr. Xavier Vilajosana Guillen A thesis submitted in fulfillment of the requirements for the degree of Doctoral Programme on Network and Information Technologies in the IT, Multimedia and Telecommunications Department November 15, 2016 iii Declaration of Authorship I, Marc Domingo Prieto, declare that this thesis titled, “Integrating secure mobile P2P systems and Wireless Sensor Networks” and the work presented in it are my own. I confirm that: This work was done wholly or mainly while in candidature for a research degree • at this University. Where any part of this thesis has previously been submitted for a degree or any • other qualification at this University or any other institution, this has been clearly stated. Where I have consulted the published work of others, this is always clearly at- • tributed. Where I have quoted from the work of others, the source is always given. With • the exception of such quotations, this thesis is entirely my own work. I have acknowledged all main sources of help. • Where the thesis is based on work done by myself jointly with others, I have • made clear exactly what was done by others and what I have contributed myself. Signed: Date: v “Great things in business are never done by one person. They’re done by a team of people.” Steven Paul "Steve" Jobs (1955-2011) vii OPEN UNIVERSITY OF CATALONIA Abstract IT, Multimedia and Telecommunications Department Doctoral Programme on Network and Information Technologies Integrating secure mobile P2P systems and Wireless Sensor Networks by Marc Domingo Prieto Wireless Sensor Networks (WSNs) have become very important in the current net- worked society, since they can acquire and send useful and valuable information at low installation and maintenance costs when compared with their wired counterparts.
  • A Survey of Peer-To-Peer Network Security Issues

    A Survey of Peer-To-Peer Network Security Issues

    A Survey of Peer-to-Peer Network Security Issues http://www.cse.wustl.edu/~jain/cse571-07/ftp/p2p/index.html A Survey of Peer-to-Peer Network Security Issues James Li Abstract In recent years, peer-to-peer (P2P) networks have soared in popularity in the form of file sharing applications. With this popularity comes security implications and vulnerabilities. In this paper, we examining the framework on which most P2P networks are built, and from this, we examine how attacks on P2P networks leverage the very essence of the networks itself: decentralization of resources and of control. Additionally, we look at the privacy and usage attacks that arise in P2P networks as well as approaches that can be used address some of these issues. Table of Contents 1. Introduction 1.1 Definition of P2P 2. Background of P2P Networks 2.1 Applications of P2P Networks 2.2 Centralized Directory 2.3 Query Flooding 2.4 Distributed Hash Table 3. Attacks on P2P Networks 3.1 Distributed Denial-of-Service 3.2 Poisoning the Network 3.3 Privacy and Identity 3.4 Fairness in Sharing 3.5 Blocking of P2P Traffic 4. Securing P2P Networks 4.1 Encrypting P2P Traffic 4.1 Anonymous P2P 5. Summary 6. References 7. List of Acronyms 1. Introduction In a traditional computer network, one or more central servers typically provide all of the services available on the network. An example of this is the numerous FTP (File Transfer Protocol) and HTTP (HyperText Transfer Protocol) servers on the Internet that provide file resources for download from clients seeking these services.
  • Mass File Sharing Lawsuits: Legalized Extortion Or Valid Defense Of

    Mass File Sharing Lawsuits: Legalized Extortion Or Valid Defense Of

    [Vol. 3:2] JOURNAL OF LAW, TECHNOLOGY & THE INTERNET 330 MASS FILE SHARING LAWSUITS: LEGALIZED EXTORTION ORVALID DEFENSE OF COPYRIGHT? Tyler Tassone* Since the days ofNapster, peer to peer (P2P) file sharing has become ubiquitous and has ushered in an era of rampant digital piracy. 1 The most popular P2P file sharing protocol, BitTorrent, is the second-largest con­ sumer of bandwidth in North America, consuming 21.6 percent of all internet traffic over a twenty-four hour period. 2 It has been reported that BitTorrent has over 100 million monthly users from over 220 countries, surpassing the monthly usage of both Hulu and Netflix, estimated at 30 million and 16.9 million monthly users respectively. 3 Despite having various legal uses, P2P file sharing is commonly used to distribute copyrighted materials, movies, and music in particular, and is the basis of countless copyright infringement lawsuits. 4 Copyright * Villanova University School of Law, J.D. 2013; University of Virginia, B.S. 2010. 1 See Matthew Lasar, Sailors Beware: P2P Piracy Will Sink Your Jobs by 2015, A.Rs TECHNICA (Mar. 22, 2010, 11:10 AM), http://arstechnica.com/tech­ policy/news/2010/03/sailors-beware-p2p-piracy-will-sink-your-jobs-by-2015 .ars (identifying P2P file-sharing as primary avenue for piracy). 2 See Geoff Gasior, Netflix Unseats BitTorrent as Internet Traffic King, THE TECH REPORT (May 18, 2011, 10:27 AM), http://techreport.com/discussions.x/20969 (noting that BitTorrent is second only to Netflix in consumption of internet bandwidth over twenty-four hour periods, with Netflix ahead by only 0.6 percent).
  • I2P Forensic Analysis

    I2P Forensic Analysis

    International Journal of Recent Technology and Engineering (IJRTE) ISSN: 2277-3878, Volume-8 Issue-6, March 2020 I2P Forensic Analysis Sneha Soney, C. Balan, Priya P. Sajan, Elizabeth Rose Lalson Tor-based portal for selling illegal products, permanently Abstract: I2P is an anonymous P2P distributed communication abandoned the Tor network for I2P. Cryptowall 3.0 layer used to send messages to each other anonymously and ransomware and Dyre banking Trojan used I2P for their safely. It is built on top of the internet and can be considered as an communication. The malware named i2Ninja, was noticed internet within the internet. Even though I2P is developed with an intention to create censorship resistant environment for the free available at an underground Russian cyber-crime forum. For flow of information, it is misused for illegal activities now a days. all major browsers (Internet Explorer, Firefox and Chrome), The possible misuses are less known among law enforcement i2Ninja is capable of HTML injection and form grabbing. agencies and existing industry approved software programs have The malware toolkit uses I2P networking layer to mask no detection functionality for I2P. Because of the increased use of communications between infected machines and the botnet’s I2P in criminal purposes, there is a need for methods and tools to command-and-control server. acquire and analyze digital evidence related to I2P. We conducted a detailed live memory dump analysis in order to find out the I2P Because of increase in cyber-crimes using I2P there is a related artifacts from a host machine. Furthermore, we propose a need for methods and tools to acquire and analyse digital tool that will analyze the memory dump and system local files to evidence related to the same.