Research On Availability And Security Technologies In Peer-to-Peer Networks

P2P (Peer-to-Peer) network, which is self-organized and distributed, unlike the traditional C/S model, can make full use of each node's individual resources to publish and search information on the purpose of effective sharing of resources. P2P network can also help to improve resource utilization and enhance system scalability. However, because of the random and spontaneous joining of the nodes and the lack of centralized system management in the distributed P2P system, some urgent problems regarding the availability and security of P2P network remain to be solved. This thesis presents in-depth study and discussion on availability of services (3 related aspects: trust management, topology stability and fairly incentives) and group key agreement in the field of P2P network security management.The main contribution of this thesis is as follows:Starting with research on how to build trust mechanism in structured P2P network and how to encourage users to provide credible service, we put forward a trust model in structured P2P network based on service feedback mechanism (TMS~2F). By taking both consideration of trust mechanism and incentive mechanism, we propose the concept of reputation value. The proposed trust model can encourage nodes to provide credible service on the basis of guaranteeing that services can be trusted and are credible. Different from existing trust models, the proposed model has the following characteristics: (1) By using structured P2P network as the basis platform, the feed-back information between nodes is maintained based on distributed strategy and hash chain. the maintenance approach can guarantee the safety, effectiveness and integrity of information maintenance. (2) Without using complex iterative calculation in computing reputation value, it can save computing overhead, and therefore easier to be physically realized. (3) In the proposed model we only store feedback information in the given benchmark time T and the feedback information is attenuation weighted with varying degrees based on different time interval of the benchmark time. Also two factors are weighted calculated in the formula of reputation value calculating: quantity of services and the reputation value of the node where the feedback information is from.We propose a new structured P2P network model with nodes' fractional steps joining to avoid the affection of Churn phenomenon (high dynamic) caused by frequent joining and leaving in structured P2P network. And we make a concrete realization based on Chord protocol (FS-Chord). Structured P2P network uses DHT to construct overlay layer topology. But in a high dynamic environment where nodes join and leave frequently, the maintenance of overlay topology has great communication and processing overhead. While high dynamic will also result in the loss of stored information, which will cause inconsistence of system information. The fractional steps joining scheme divides the joining process into two steps: At first, the new joining node implementing the first step is called Free Node and does not participate in maintenance of system topology and index information. After a certain time interval, the joining node will implement the second step and participate in the system as a full node alike nodes in Chord. The final simulation shows that, FS-Chord can cut the maintenance overhead and reduce the loss of system maintenance information and index information. And therefore the FS-Chord can ensure system availability. The method described in the proposed scheme has been applied into the China Next Generation Internet(CNGI) project "Resilient Overlay Network based on IPv6 and P2P" (No.CNGI-04-12-1D), and is proved to achieve good performance.We present an user incentive protocol: A New Smooth Incentive Protocol Based on 2 Hops Information Sharing (SIP2HIP) based on a basic game theory model-Hawk-Dove Game (HDG) for grouped P2P file sharing. In this protocol we use Altruism Degree to represent nodes contribution. And also we use two hops information sharing way in file-sharing group to achieve smooth incentives. Compared with the existing protocols, SIP2HIP innovates mainly in the following two points: (1) It changes the usual way of consuming nodes sending bandwidth request to service nodes which provide bandwidth services. And conversely the consuming nodes are selected from sharing group according to certain way by the serving node, which is in accordance with HDG model. (2) It proposes an effective weighted bandwidth allocation algorithm: STPF (sAD and TNB based Progressive Filling). On the one hand, STPF can give priority to the nodes with high altruism degree when providing bandwidth. And on the other hand, STPF first meets the needs of the nodes which request less bandwidth. Therefore the proposed algorithm STPF can enhance the overall system satisfaction. Simulation shows that: in comparison with The latest proposed Quantified Tit-for-Tat scheme and original Tit-for-Tat in Bittorrent protocol, SIP2HIP protocol is able to inspire more contributions of resource and bandwidth from nodes and promote overall system performance improvement.Along with the development of P2P network technology, application layer multicast based on P2P network and group application are more and more widespread used. Users with common interests can build applications group based on mutual trust, which is called group application. Further, how to guarantee the security of group applications is an important area of research. Security of group applications means that all group members use a common group session key to encrypt all group sessions. To ensure forward security and backward security, when there is user joining and leaving, the group key must be updated (called rekey process). Existing group key agreement protocols with credible third-party nodes or centralized server are not are suitable for P2P Group applications. Hence, the idea of distributed group key agreement are proposed. One important consideration of distributed group key agreement protocols used in P2P group applications is to control the overhead of the rekey process. We propose a hierarchical group key agreement scheme: Hierarchical IBD (H-IBD) based on IBD scheme which is adapted to P2P group communication by using a "like tree" hierarchy. H-IBD scheme further reduces the overhead of calculation and communication in rekey process compared to IBD scheme. Also, we present a novel group key agreement protocol :KAP-AOT (Key Agreement Protocol Based on considering Nodes' Average Online Time), which first takes nodes' average online time into consideration. Analysis shows that KAP-AOT scheme can effectively control the overhead of calculation in rekey process. KAP-AOT scheme is applicable to large-scale and dynamic P2P group applications.