An economic perspective of message-dropping attacks in peer-to-peer overlays

Peer-to-peer networks have many advantageous security properties, including decentralization, natural load-balancing, and data replication. However, one disadvantage of decentralization is its exclusion of any central authority who can detect and evict malicious peers from the network. It is therefore relatively easy to sustain distributed denial-of-service attacks against these networks; malicious peers simply join the network and fail to forward messages.This article shows that peer-to-peer message-dropping attacks can be understood in terms of a well-established category of economic theory: the theory of the second best. In particular, peers who wish to continue service during an attack seek a second best solution to a utility optimization problem. This insight reveals useful connections between economic literature on the second best and computer science literature on peer-to-peer security. To illustrate, we derive and test an economics-inspired modification to the Chord peer-to-peer routing protocol that improves network reliability during message-dropping attacks. Under simulation, networks using the modified protocol achieve a 50% increase in message deliveries for certain realistic attack scenarios.

[1]  Edith Cohen,et al.  Search and replication in unstructured peer-to-peer networks , 2002, ICS '02.

[2]  Amos Fiat,et al.  Making Chord Robust to Byzantine Attacks , 2005, ESA.

[3]  K. Arrow A Difficulty in the Concept of Social Welfare , 1950, Journal of Political Economy.

[4]  Bhavani M. Thuraisingham,et al.  Centralized Security Labels in Decentralized P2P Networks , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[5]  George Danezis,et al.  Sybil-Resistant DHT Routing , 2005, ESORICS.

[6]  J. M. Henderson,et al.  Microeconomic Theory: A Mathematical Approach. , 1959 .

[7]  Tim Roughgarden,et al.  How bad is selfish routing? , 2002, JACM.

[8]  Domenico Talia,et al.  A Peer-to-Peer Framework for Supporting MapReduce Applications in Dynamic Cloud Environments , 2010, Cloud Computing.

[9]  G. Hardin,et al.  The Tragedy of the Commons , 1968, Green Planet Blues.

[10]  Bhavani M. Thuraisingham,et al.  Secure peer-to-peer networks for trusted collaboration , 2007, 2007 International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2007).

[11]  M. Friedman,et al.  Essays in Positive Economics , 1954 .

[12]  David R. Karger,et al.  Chord: a scalable peer-to-peer lookup protocol for internet applications , 2003, TNET.

[13]  Gaetano Borriello,et al.  The Chinook hardware/software co-synthesis system , 1995 .

[14]  P. Samuelson,et al.  Foundations of Economic Analysis. , 1948 .

[15]  Lee Gillam,et al.  Cloud Computing, Principles, Systems and Applications , 2010, Cloud Computing.

[16]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[17]  William Hamlen,et al.  Gleanings into the Second Best Debate , 2002 .

[18]  Emin Gün Sirer,et al.  Experience with an Object Reputation System for Peer-to-Peer Filesharing , 2006, NSDI.

[19]  Peter J. Alexander Peer-to-Peer File Sharing: The Case of the Music Recording Industry , 2002 .

[20]  Tim Moors,et al.  Survey of research towards robust peer-to-peer networks: Search methods , 2006, Comput. Networks.

[21]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[22]  R. C. Merton,et al.  Lifetime Portfolio Selection under Uncertainty: The Continuous-Time Case , 1969 .

[23]  Zizhuo Wang,et al.  A unified framework for dynamic pari-mutuel information market design , 2009, EC '09.

[24]  Dan S. Wallach,et al.  Enforcing Fair Sharing of Peer-to-Peer Resources , 2003, IPTPS.

[25]  Song Jiang,et al.  SAT-Match: a self-adaptive topology matching method to achieve low lookup latency in structured P2P overlay networks , 2004, 18th International Parallel and Distributed Processing Symposium, 2004. Proceedings..

[26]  Giuseppe Lo Re,et al.  Notice of Violation of IEEE Publication PrinciplesAn adaptive routing protocol for ad hoc peer-to-peer networks , 2005, Sixth IEEE International Symposium on a World of Wireless Mobile and Multimedia Networks.

[27]  K. Schittkowski,et al.  NONLINEAR PROGRAMMING , 2022 .

[28]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.

[29]  Alberto Blanc,et al.  Designing incentives for peer-to-peer routing , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[30]  Rahul Telang,et al.  The Economics of Peer-to-Peer Networks , 2003 .

[31]  John C. Panzar,et al.  Public utility pricing under risk: the case of self-rationing , 1978 .

[32]  Hector Garcia-Molina,et al.  Adaptive peer-to-peer topologies , 2004 .

[33]  Dimitri P. Bertsekas,et al.  Nonlinear Programming , 1997 .

[34]  R. Lipsey,et al.  The General Theory of Second Best , 1956 .

[35]  Andrew B. Whinston,et al.  Piecemeal Policy in the Theory of Second Best , 1967 .

[36]  Ben Y. Zhao,et al.  Tapestry: a resilient global-scale overlay for service deployment , 2004, IEEE Journal on Selected Areas in Communications.

[37]  Leah Epstein,et al.  Algorithms – ESA 2012 , 2012, Lecture Notes in Computer Science.

[38]  T. Negishi WELFARE ECONOMICS AND EXISTENCE OF AN EQUILIBRIUM FOR A COMPETITIVE ECONOMY , 1960 .

[39]  Dan S. Wallach,et al.  A Survey of Peer-to-Peer Security Issues , 2002, ISSS.

[40]  Richard Cole,et al.  Pricing network edges for heterogeneous selfish users , 2003, STOC '03.

[41]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[42]  Scott Shenker,et al.  Hidden-action in multi-hop routing , 2005, EC '05.

[43]  H. L. Le Roy,et al.  Proceedings of the Fifth Berkeley Symposium on Mathematical Statistics and Probability; Vol. IV , 1969 .

[44]  Kurt Maly,et al.  Freelib: peer-to-peer-based digital libraries , 2006, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06).

[45]  Angelos D. Keromytis,et al.  Pushback for Overlay Networks: Protecting Against Malicious Insiders , 2008, ACNS.

[46]  Antonio F. Gómez-Skarmeta,et al.  A novel methodology for constructing secure multipath overlays , 2005, IEEE Internet Computing.

[47]  Peter Druschel,et al.  Incentives-Compatible Peer-to-Peer Multicast , 2004 .

[48]  Mark Handley,et al.  A scalable content-addressable network , 2001, SIGCOMM '01.

[49]  Kevin W. Hamlen,et al.  A Closed System of Production Possibility and Social Welfare , 2006 .

[50]  Minglu Li,et al.  PChord: Improvement on Chord to Achieve Better Routing Efficiency by Exploiting Proximity , 2006, IEICE Trans. Inf. Syst..

[51]  Michal Feldman,et al.  Overcoming free-riding behavior in peer-to-peer systems , 2005, SECO.

[52]  Moni Naor,et al.  A Simple Fault Tolerant Distributed Hash Table , 2003, IPTPS.

[53]  J. Neumann,et al.  Theory of games and economic behavior , 1945, 100 Years of Math Milestones.

[54]  David E. Culler,et al.  Proceedings of the 5th Symposium on Operating Systems Design and Implementation , 2022 .

[55]  Sencun Zhu,et al.  Message Dropping Attacks in Overlay Networks: Attack Detection and Attacker Identification , 2006, SecureComm.

[56]  Hal R. Varian,et al.  Economic Mechanism Design for Computerized Agents , 1995, USENIX Workshop on Electronic Commerce.

[57]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.