Cope with selfish and malicious nodes

1
Cope with selfish and malicious nodes

• Jinyang Li

2
P2P requires cooperation

• Cooperation means nodes obey design
• However, P2P users control the nodes
• Modify the given software
• Shut down application
• Delete app files
• Rate limit application etc.
• P2P users are mostly selfish
• Avoid contributing resources as much as possible
• P2P nodes could be malicious
• Adversary can enroll (arbitrarily) many nodes

P2P nodes speak the right protocol, but might
not do the right things.
3
What if anyone can run Coral?
4
Design space for combating misbehaving nodes

• Enforce nodes to run desired software
• Obfuscate protocol/software
• Rely on hardware support to authenticate a
  running piece of software (Trusted computing)

5
Design space for combating misbehaving nodes

• 2. Encourage nodes not to be selfish
• Design protocols so it is in a nodes best
  interest to contribute
• 3. Choose trustworthy nodes for interaction
• If only a few trusted nodes turn out to be bad,
  it is okay since data/service is replicated

6
2 Encourage non-selfish behavior

• What do selfish users do in file-sharing?
• Download from others, but refuse to upload
• Why is it bad?
• If everybody behaves like this, system is useless

7
A laymans view of game theory
C
D
3,3 0,5
5,0 1,1
C
D

• Prisoners dilemma (PD)

8
Tit-for-tat

• What if boy and dog play the game over many
  iterations?
• Tit-for-tat
• Cooperate in the 1st round, mirror what your
  opponent did in the last round
• Tit-for-tat with forgiveness
• Occasionally cooperate to end a streak of
  retaliation and counter-retaliation

9
Tit-for-tat for file sharing

• Exchanging data between peers is like an iterated
  PD game
• Break data exchange in multiple rounds.
• If remote peer does not upload fast enough
  (defect), choke his download (play defect).

10
Bittorrent

• Group all peers interested in the same file into
  a swarm
• Each node has sth. the other wants
• A big file is broken into pieces
• Each node downloads pieces in random order
• Every 10 seconds, calculate a remote peers
  upload rate, if no good, choke it
• Tit-for-tat
• Periodically chooses one random peer to unchoke
• with forgiveness

11
How tit-for-tat helps BT

• Tit-for-tat in BT ensures fair exchange(?)
• Tit-for-tat prevents selfish behavior(?)
• All selfish behaviors are non-profitable(?)

12
Cautions in applying tit-for-tat in other
scenarios

• The game must be played over many rounds
• Each peer must have goods valued equally by the
  other
• Whats at stake?

13
Combating malicious nodes

• Malicious (Byzantine) nodes
• Their goal is to bring max harm to you
• May also behave randomly and unpredictably
• Basic strategy
• replicate data/functionalities
• Obtain data or votes of results from multiple
  replicas
• The impossibility results
• No availability when all nodes are Byzantine.
• No correct agreement when gt1/3 nodes are
  Byzantine.

14
Whats at stake?

• What does the system vote on?
• launch a nuclear missile
• Buyer or sellers reputation (eBay)
• Importance of a webpage (Google)
• Interesting news (digg)
• Authenticity of a shared file (Credence)

15
Who can vote?

• eBay, digg any registered users
• Can an adversary register millions of users?
• Must ensure votes come from independent parties
• Restrict voters to humans
• Restrict one identity per human
• Credence
• Central authority issues public key to nodes
• Limit how fast keys are issued to each node

16
What to vote on?

• Votes could be on subjective or objective matters
• (Digg) Interesting vs. boring news
• Credence insight
• Make votes objective, honest users ? similar
  votes
• Example votes
• ltabf3 britney ? name, mp3 typegtK
• ltba9f britney ? name, mp3 ? typegtK
• lt35e4 name ?gtK

17
How to cast votes?

• U1 downloads files abf3,ba9f,35e4 with search
  term britney mp3
• ltabf3 britney ? name, mp3 typegtK
• ltba9f britney ? name, mp3 ? typegtK
• lt35e4 name ?gtK

18
How to use votes?

• U2 obtains hash abf3,ba9f,35e4 from search
  britney mp3
• Goal Rank hashes according to votes
• Collect a list of votes for each hash from peers
• Weight peers using voting history correlation
• Compute weighted aggregate votes on each hash
• Sort

19
Weight peers based on vote correlation
My votes
U1s votes
abf3 britney ? name b234 britney ? name 4567
madonna ? name ff45 nina ? name 1234 britney ?
name
abcd britney ? name, b234 spears ? name, 4567
madonna ? name ff45 nina ? name 1234 britney ?
name
20
Weight peers based on vote correlation
My votes
U2s votes
abf3 britney ? name b234 britney ? name 4567
madonna ? name ff45 nina ? name 1234 britney ?
name
abcd britney ? name, b234 spears ? name, 4567
madonna ? name ff45 nina ? name 1234 britney ?
name
4 votes on same files 1 positive
agreements P0.25 2 positive votes from me, 3
positive votes from U1 a.5, b.75 Correlation
(p-ab)/sqrt(a(1-a)b(1-b)) -0.57
21
What if there are no overlapping files?

• Use transitive correlation
• If A has high correlation with B, B has high
  correlation with C, then A has high correlation
  with C

22
Summary on DHT and P2P

• What did you learn?