Please wait a minute...
 首页  期刊介绍 期刊订阅 联系我们 横山亮次奖 百年刊庆
 
最新录用  |  预出版  |  当期目录  |  过刊浏览  |  阅读排行  |  下载排行  |  引用排行  |  横山亮次奖  |  百年刊庆
清华大学学报(自然科学版)  2016, Vol. 56 Issue (1): 58-65    DOI: 10.16511/j.cnki.qhdxxb.2016.23.008
  信息安全 本期目录 | 过刊浏览 | 高级检索 |
针对P2P直播系统的Eclipse延迟攻击方法研究
韩心慧, 李晨, 肖祥全, 刘丙双, 叶佳奕
北京大学 计算机科学技术研究所, 北京 100871
Defense of P2P live video systems facing Eclipse-delay attack
HAN Xinhui, LI Chen, XIAO Xiangquan, LIU Bingshuang, YE Jiayi
Institute of Computer Science & Technology, Peking University, Beijing 100871, China
全文: PDF(1275 KB)  
输出: BibTeX | EndNote (RIS)      
摘要 P2P直播系统在当今互联网上的应用越来越广泛, 相对于P2P文件共享系统, 其对数据传输的实时性要求更高, 因此对该类系统实时性的破坏, 即延迟攻击, 产生的危害极大。通过分析相关理论模型, 该文指出P2P直播系统在实时性方面存在安全脆弱性, 基于Eclipse攻击提出了No-Offer、Delay-Chunk和No-Chunk延迟攻击方法, 并提出了基于信誉机制的路由表清洗防御策略。在PlanetLab平台上基于PeerStreamer实施了真实的互联网实验, 证明了Eclipse延迟攻击对当前系统的危害和该文防御策略的有效性。
服务
把本文推荐给朋友
加入引用管理器
E-mail Alert
RSS
作者相关文章
韩心慧
李晨
肖祥全
刘丙双
叶佳奕
关键词 Eclipse攻击P2P直播系统延迟攻击    
Abstract:P2P live video systems are widely used in today's Internet. Compared with eMule/BitTorrent and other traditional P2P file-sharing systems, a P2P live video system has higher requirements on real-time data, which becomes vulnerable weakness. Delay attack, with strong concealment, is potentially lethal for large P2P video broadcasting systems. Theoretical security threats of popular P2P live video systems were analyzed to propose three types of delay attack based on Eclipse attack, No-Offer attack, Delay-Chunk attack, and No-Chunk attack, with a high-availability defense strategy against delay attack being developed. Experiments were made on PlanetLab based on PeerStreamer, which proves the impact of delay attack and the effectiveness of the developed defense strategy.
Key wordsEclipse attack    P2P    live video system    delay attack
收稿日期: 2014-10-28      出版日期: 2016-01-29
ZTFLH:  TP309  
引用本文:   
韩心慧, 李晨, 肖祥全, 刘丙双, 叶佳奕. 针对P2P直播系统的Eclipse延迟攻击方法研究[J]. 清华大学学报(自然科学版), 2016, 56(1): 58-65.
HAN Xinhui, LI Chen, XIAO Xiangquan, LIU Bingshuang, YE Jiayi. Defense of P2P live video systems facing Eclipse-delay attack. Journal of Tsinghua University(Science and Technology), 2016, 56(1): 58-65.
链接本文:  
http://jst.tsinghuajournals.com/CN/10.16511/j.cnki.qhdxxb.2016.23.008  或          http://jst.tsinghuajournals.com/CN/Y2016/V56/I1/58
  图1 一个理想状况下的P2P直播系统
  图2 邻居间数据交换过程示意图
  图3 Eclipse攻击模型示意图
  图4 普通和受害节点路由表中恶意节点数量变化情况
  图5 No-Offer攻击中普通和受害节点播放率变化情况
  图6 Delay-Chunk攻击中普通和受害节点播放率变化情况
  图7 No-Chunk攻击对受害节点播放率影响情况
  图8 部署防御策略后节点路由表中攻击节点数量对比
  图9 部署防御策略后No-Offer攻击中节点播放率对比
  图10 部署防御策略后Delay-Chunk攻击中节点播放率对比
  图11 部署防御策略后No-Chunk攻击中节点播放率对比
[1] Deshpande H, Bawa M, Garcia-Molina H. Streaming live media over a peer-to-peer network [R]. 2001.
[2] Jannotti J, Gifford D K, Johnson K L, et al. Overcast: Reliable multicasting with on overlay network [C]//Proceedings of the 4th Conference on Symposium on Operating System Design & Implementation—Volume 4. Berkeley: USENIX Association, 2000: 14-14.
[3] Rejaie R, Ortega A. PALS: Peer-to-peer adaptive layered streaming [C]//Proceedings of the 13th International Workshop on Network and Operating Systems Support for Digital Audio and Video. New York: ACM, 2003: 153-161.
[4] Tran D A, Hua K A, Do T. Zigzag: An efficient peer-to-peer scheme for media streaming [C]//INFOCOM 2003. Twenty-Second Annual Joint Conference of the IEEE Computer and Communications. Piscataway: IEEE Societies, 2003, 2: 1283-1292.
[5] Castro M, Druschel P, Kermarrec A M, et al. SplitStream: High-bandwidth multicast in cooperative environments [J]. ACM SIGOPS Operating Systems Review, 2003, 37(5): 298-313.
[6] Horvath A, Telek M, Rossi D, et al. Dissecting pplive, sopcast, tvants [J]. submitted to ACM Conext, 2008.
[7] Vu L, Gupta I, Liang J, et al. Mapping the PPLive network: Studying the impacts of media streaming on P2P overlays [Z]. 2006.
[8] Jia J, Li C, Chen C. Characterizing PPStream across internet [C]//Network and Parallel Computing Workshops, IFIP International Conference on. Piscataway: IEEE, 2007: 413-418.
[9] Su X, Chang L. A measurement study of PPStream [C]//Communications and Networking in China, Third International Conference on. Piscataway: IEEE, 2008: 1162-1166.
[10] Douceur J R. The sybil attack [M]//Peer-to-Peer Systems. Springer Berlin Heidelberg, 2002: 251-260.
[11] Singh A. Eclipse attacks on overlay networks: Threats and defenses [C]//IEEE INFOCOM. Piscataway: IEEE, 2006.
[12] 邹维, 张缘, 张建宇, 等. DHT 网络 eclipse 攻击 [J]. 清华大学学报: 自然科学版, 2011, 51(10): 1306-1311.ZOU Wei, ZHANG Yuan, ZHANG Jianyu, et al. Survey of eclipse attacks on DHT networks [J]. J Tsinghua Univ: Sci & Technol, 2011, 51(10): 1306-1311. (in Chinese)
[13] Liang J, Kumar R, Xi Y, et al. Pollution in P2P file sharing systems [C]//INFOCOM 2005. 24th Annual Joint Conference of the IEEE Computer and Communications Societies. Piscataway: IEEE, 2005, 2: 1174-1185.
[14] Adar E, Huberman B A. Free riding on Gnutella[J/OL]. First Monday, 2000, 5(10): http://firstmonday.org/ojs/index.php/fm/article/view/792/701<%3B/Hu96.
[15] Feldman M, Papadimitriou C, Chuang J, et al. Free-riding and whitewashing in peer-to-peer systems [J]. Selected Areas in Communications, IEEE Journal on, 2006, 24(5): 1010-1019.
[16] Seedorf J. Security issues for p2p-based voice-and video-streaming applications [M]//iNetSec 2009–Open Research Problems in Network Security. Springer Berlin Heidelberg, 2009: 95-110.
[17] Dhungel P, Hei X, Ross K W, et al. The pollution attack in P2P live video streaming: Measurement results and defenses [C]//Proceedings of the 2007 Workshop on Peer-to-Peer Streaming and IP-TV. New York: ACM, 2007: 323-328.
[18] Meier R, Wattenhofer R. ALPS: Authenticating live peer-to-peer live streams [C]//Reliable Distributed Systems, IEEE Symposium on. Piscataway: IEEE, 2008: 45-52.
[19] Borges A, Almeida J, Campos S. Fighting pollution in p2p live streaming systems [C]//Multimedia and Expo, IEEE International Conference on. Piscataway: IEEE, 2008: 481-484.
[20] Yang S, Jin H, Li B, et al. The content pollution in peer-to-peer live streaming systems: Analysis and implications [C]//Parallel Processing, 37th International Conference on. Piscataway: IEEE, 2008: 652-659.
[21] Yang S, Jin H, Li B, et al. A modeling framework of content pollution in Peer-to-Peer video streaming systems [J]. Computer Networks, 2009, 53(15): 2703-2715.
[22] Li Y, Lui J. Stochastic analysis of a randomized detection algorithm for pollution attack in P2P live streaming systems [J]. Performance Evaluation, 2010, 67(11): 1273-1288.
[23] Li D, Wu J, Cui Y. Defending against buffer map cheating in DONet-like P2P streaming [J]. Multimedia, IEEE Transactions on, 2009, 11(3): 535-542.
[24] Gheorghe G, Cigno R L, Montresor A. Security and privacy issues in P2P streaming systems: A survey [J]. Peer-to-Peer Networking and Applications, 2011, 4(2): 75-91.
[25] Conrotto E, Leonardi E. NAPA-WINE Project[EB/OL]. (2014). http://www.napa-wine.eu.
[26] Kamvar S D, Schlosser M T, Garcia-Molina H. The eigentrust algorithm for reputation management in p2p networks [C]//Proceedings of the 12th International Conference on World Wide Web. New York: ACM, 2003: 640-651.
[27] Xiong L, Liu L. Peertrust: Supporting reputation-based trust for peer-to-peer electronic communities [J]. Knowledge and Data Engineering, IEEE Transactions on, 2004, 16(7): 843-857.
[28] Damiani E, di Vimercati D C, Paraboschi S, et al. A reputation-based approach for choosing reliable resources in peer-to-peer networks [C]//Proceedings of the 9th ACM Conference on Computer and Communications Security. New York: ACM, 2002: 207-216. null
[1] 韩心慧, 肖祥全, 张建宇, 刘丙双, 张缘. 基于社交关系的DHT网络Sybil攻击防御[J]. 清华大学学报(自然科学版), 2014, 54(1): 1-7.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
版权所有 © 《清华大学学报(自然科学版)》编辑部
本系统由北京玛格泰克科技发展有限公司设计开发 技术支持:support@magtech.com.cn