Title: Cope with selfish and malicious nodes
1Cope with selfish and malicious nodes
2P2P requires cooperation
- Cooperation means nodes obey design
- However, P2P users control the nodes
- Modify the given software
- Shut down application
- Delete app files
- Rate limit application etc.
- P2P users are mostly selfish
- Avoid contributing resources as much as possible
- P2P nodes could be malicious
- Adversary can enroll (arbitrarily) many nodes
P2P nodes speak the right protocol, but might
not do the right things.
3What if anyone can run Coral?
4Design space for combating misbehaving nodes
- Enforce nodes to run desired software
- Obfuscate protocol/software
- Rely on hardware support to authenticate a
running piece of software (Trusted computing)
5Design space for combating misbehaving nodes
- 2. Encourage nodes not to be selfish
- Design protocols so it is in a nodes best
interest to contribute - 3. Choose trustworthy nodes for interaction
- If only a few trusted nodes turn out to be bad,
it is okay since data/service is replicated
62 Encourage non-selfish behavior
- What do selfish users do in file-sharing?
- Download from others, but refuse to upload
- Why is it bad?
- If everybody behaves like this, system is useless
7A laymans view of game theory
C
D
3,3 0,5
5,0 1,1
C
D
8Tit-for-tat
- What if boy and dog play the game over many
iterations? - Tit-for-tat
- Cooperate in the 1st round, mirror what your
opponent did in the last round - Tit-for-tat with forgiveness
- Occasionally cooperate to end a streak of
retaliation and counter-retaliation
9Tit-for-tat for file sharing
- Exchanging data between peers is like an iterated
PD game - Break data exchange in multiple rounds.
- If remote peer does not upload fast enough
(defect), choke his download (play defect).
10Bittorrent
- Group all peers interested in the same file into
a swarm - Each node has sth. the other wants
- A big file is broken into pieces
- Each node downloads pieces in random order
- Every 10 seconds, calculate a remote peers
upload rate, if no good, choke it - Tit-for-tat
- Periodically chooses one random peer to unchoke
- with forgiveness
11How tit-for-tat helps BT
- Tit-for-tat in BT ensures fair exchange(?)
- Tit-for-tat prevents selfish behavior(?)
- All selfish behaviors are non-profitable(?)
12Cautions in applying tit-for-tat in other
scenarios
- The game must be played over many rounds
- Each peer must have goods valued equally by the
other - Whats at stake?
13 Combating malicious nodes
- Malicious (Byzantine) nodes
- Their goal is to bring max harm to you
- May also behave randomly and unpredictably
- Basic strategy
- replicate data/functionalities
- Obtain data or votes of results from multiple
replicas - The impossibility results
- No availability when all nodes are Byzantine.
- No correct agreement when gt1/3 nodes are
Byzantine.
14Whats at stake?
- What does the system vote on?
- launch a nuclear missile
- Buyer or sellers reputation (eBay)
- Importance of a webpage (Google)
- Interesting news (digg)
- Authenticity of a shared file (Credence)
15Who can vote?
- eBay, digg any registered users
- Can an adversary register millions of users?
- Must ensure votes come from independent parties
- Restrict voters to humans
- Restrict one identity per human
- Credence
- Central authority issues public key to nodes
- Limit how fast keys are issued to each node
16What to vote on?
- Votes could be on subjective or objective matters
- (Digg) Interesting vs. boring news
- Credence insight
- Make votes objective, honest users ? similar
votes - Example votes
- ltabf3 britney ? name, mp3 typegtK
- ltba9f britney ? name, mp3 ? typegtK
- lt35e4 name ?gtK
17How to cast votes?
- U1 downloads files abf3,ba9f,35e4 with search
term britney mp3 - ltabf3 britney ? name, mp3 typegtK
- ltba9f britney ? name, mp3 ? typegtK
- lt35e4 name ?gtK
18How to use votes?
- U2 obtains hash abf3,ba9f,35e4 from search
britney mp3 - Goal Rank hashes according to votes
- Collect a list of votes for each hash from peers
- Weight peers using voting history correlation
- Compute weighted aggregate votes on each hash
- Sort
19Weight peers based on vote correlation
My votes
U1s votes
abf3 britney ? name b234 britney ? name 4567
madonna ? name ff45 nina ? name 1234 britney ?
name
abcd britney ? name, b234 spears ? name, 4567
madonna ? name ff45 nina ? name 1234 britney ?
name
20Weight peers based on vote correlation
My votes
U2s votes
abf3 britney ? name b234 britney ? name 4567
madonna ? name ff45 nina ? name 1234 britney ?
name
abcd britney ? name, b234 spears ? name, 4567
madonna ? name ff45 nina ? name 1234 britney ?
name
4 votes on same files 1 positive
agreements P0.25 2 positive votes from me, 3
positive votes from U1 a.5, b.75 Correlation
(p-ab)/sqrt(a(1-a)b(1-b)) -0.57
21What if there are no overlapping files?
- Use transitive correlation
- If A has high correlation with B, B has high
correlation with C, then A has high correlation
with C
22Summary on DHT and P2P