View
229
Download
0
Category
Tags:
Preview:
Citation preview
1
The Pollution Attack in P2P Live Video Streaming:
Measurement Results and Defenses
Prithula DhungelXiaojun Hei
Keith W. RossNitesh Saxena
Polytechnic University
2
The Pollution Attack
• Attacker joins an ongoing video channel
• Attacker advertises it has a large number of chunks
• When neighbors request chunks, attacker sends bogus chunks
• Receiver plays back bogus chunks • Each receiver may further forward
the polluted chunks
3
Peer
Peer
Peer
Peer
Peer
Peer
PeerPolluter
request
request
reques
t
4
Contributions
• Identified the pollution attack in P2P live video streaming applications
• Verify via experimental results (in PPLive) that pollution attack can be devastating
• Survey possible defenses against the attack
5
Pollution Experiment
Figure: PPLive pollution experiment setup
6
Measurement Results (1)
Figure: Number of peers viewing channel over experiment periods
7
Brooklyn Peer
Figure: Clean and polluted chunks to/from Brooklyn peer
8
Hong Kong Peer
Figure: Clean and polluted chunks to/from Hong Kong peer
9
Pollution Defense Mechanisms
• Blacklisting• Traffic Encryption• Chunk Signing
– Sign-All Approach– Signature-Amortization Approaches
• Star Chaining• Merkle Tree
– Sign-and-Correct Approach
10
Chunk Signing
• Use PKI
• Every video source has public-private key pair
• Source uses private key to sign the chunks
• Receiver uses public key of source to verify integrity of chunk
11
“Sign-All” (1)
• Source – Source signs each chunk – Sends signature (“authentication
information”) with corresponding chunk
• Receiver – Verifies each chunk individually using
authentication information and public key of source
12
“Sign-All” (2)
Chunk processing independence
Bandwidth overhead- For a stream of m chunks, m signaturesFor 372 kbps channel with chunk size of
4000 bytes, around 3%
Computation overhead- 1 (expensive) signature operation per
chunk
13
“Block Signing”
• Chunks organized into blocks– Each block contains n chunks
• After generating n chunks, hash concatenation of all hashes, and sign result
• Reduces computation• But can’t verify individual chunks
14
“Star Chaining”
• Chunks organized into blocks– Each block contains n chunks
• After generating n chunks, calculate authentication information for each chunk– Signed hash of concatenation of all chunk
hashes– Along with, all hashes of other n-1 chunks
• Receiver, chunk by chunk:– Applies public key to get hash of hashes– Verifies by concatenating hash of current chunk
with those of the n-1 chunks, and taking hash
15
“Star Chaining” Computation overhead –> 1 signature per
block
Loss –> If some chunks are lost in block, can still decode rest
Bandwidth overhead -> for block of n chunks, n-1 hashes + n signatures
For channel of bitrate 372 kbps and chunk size of 4000 bytes, n = 32, about 16%
16
“Merkle Tree” Computation overhead –> 1 signature per block
Loss –> If some chunks are lost in block, can still decode rest
Bandwidth overhead -> nlog2n hashes + n signatures (about 5%)
17
Conclusion
• The pollution attack can be devastating
• Defenses:– Signature Amortization (Merkle Tree) – less
computational overhead and delay at receiver but more bandwidth overhead
– Sign-and-Correct – less bandwidth requirement but higher processing delay and computational requirement
• Based on requirements of the application, either of the two could be used
18
References
[1] C. K.Wong and S. S. Lam. Digital signatures for flows and multicasts. IEEE/ACM Trans. Netw., 1999.
[2] A. Lysyanskaya, R. Tamassia, and N. Triandopoulos. Multicast authentication in fully adversarial networks. In IEEE Symposium on Security and Privacy, 2004.
Thank You!
Recommended