Measurement And Security Research On P2P File Sharing System

During the last decades, as one of the most influential Internet technologies, P2PTechnology causes a revolution in the system architecture and user behavior of Internetapplications: changing from pure centralized C/S architecture to various distributed P2Parchitectures, from sharing by servers to sharing directly among users. This increases theservice capability of the system and brings good scalability, hence a variety of P2P-basedapplications have been designed, attracting enormous users. The rapid development ofP2P technologies bring lots of promotions to P2P systems and improve the performanceHowever, these improvements also make the system more complex, and it is more difcultto get a comprehensive understanding and evaluation to the P2P systems. Moreover, dueto characteristics such as anonymous, openness and dynamic, new features and extensionsused to improve performance of P2P systems may also lead to new security problems.The privacy issue has also become an important factor in restricting the development andwidely use of P2P technologies. This dissertation takes the BitTorrent, the most widelyused P2P file sharing system, as an example, gives more understandings to current P2Psystems by the measurement approach, discovers security issues and presents appropriatesolutions. The main work and contributions in this dissertation include:We perform a rapid and comprehensive measurement on the BitTorrent system bydesigning a new measurement system combing active and passive approaches. By themeasurement results, we analyze the resource distributions and user behaviors. We findthat the resources in BitTorrent system appear obvious unbalanced distribution and hot-spot phenomenon. Most of the shared files are unauthorized video and audio content.Wealso analyze the BT swarm evolution in diferent time scales, and improve existing peerarrival model and peer leaving model. We find user interest and diurnal periodicity are themain factors influencing swarm evolution. These measurement results provide a founda-tion for subsequent analysis and designing simulator to evaluate our proposed methods.We study the BitTorrent network topology and its performance-related character-istics (peer degree, peer distance, clustering coefcient, peer download speed and peerdownload percentage, etc.) by measurement, and analyze the results from the protocoldesign and client software implementation perspective. We find the BT network is robustto the peer departure and has short peer distances. The network in the steady stage is not fully connected. BT network is closed to a random network other than a scale-freenetwork, and it does not exhibit the small-work character. There is no strong correlationbetween peer connection degree and download speed.Considering the possibility of exploiting the BitTorrent Peer Exchange (PEX) proto-col to launch DDoS attacks, we analyze the vulnerabilities of PEX from protocol designand user behavior, and confirm that these vulnerabilities can be used to launch a persis-tent connection-exhaustive DDoS attack by controlled-experiments. To enhance the sys-tem security, we proposed a score-based reputation mechanism, referred to as ReputationExchange, REX. We take resource completeness, data validation, transmission efciency,recommend reputation and historical reputation as main factors, and use the PEX mes-sage to efectively distribute reputation score. Theoretical analysis and experiment resultsshow REX can efectively mitigate the efect of the attack. This mechanism can be usedin other P2P file-sharing systems.In order to take the advantage of P2P to efectively distribute copyrighted contentand resist privacy, we propose a stochastic-encryption-based copyrighted content deliv-ery scheme for P2P networks. By analyzing existing copyright protection system, in thispaper, we use encryption to avoid accessing plaintext content without authorization, ap-ply the random character of P2P system to enlarge key space to resist collusion attacks,and modify existing piece hash scheme to prevent content poisoning attacks. Theoreticalanalysis and simulation experiments show the security of the scheme. It is easy to deployand its overhead is acceptable.