View
128
Download
0
Tags:
Embed Size (px)
Citation preview
Framework for Preserving Security
and Privacy in Peer-to-Peer
Content Distribution Systems
Amna Qureshi, David Megías and Helena Rifà-Pous
KISON-IN3
1
11th February, 2015 UOC Research Showcase
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
• Introduction
• State-of-the-Art
• Secure and Privacy-Preserving Content Distribution Framework
• Experimental and Simulation Results
• Conclusions and Future Work
Outline
2
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
• Multimedia producers
o Protection of copyright
3
Introduction
Content Protection
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
• End users
o Protection of user-related information
Privacy Protection
Introduction
4
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
Copyright Infringement in P2P Content Distribution Systems
• Conflict between content providers and end users:
o Reconciliation of user privacy with content protection.
• Trade-off between watermarking properies:
o Robustness, transparency and capacity.
• Harmonization between accountability and anonymity:
o Revocable privacy for an end user.
• Merging collusion-resistant fingerprinting and secure embedding scheme.
• Computational and distribution efficiency:
o Low computational and communicational burdens for the content providers and the end
users.
5
Introduction
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
Research Challenges
6
State-of-the-Art
Security Properties for Content Providers
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
Copyright protection
Data privacy
Traceablity Data
integrity Copy
prevention
Resistance against attacks
User privacy
Protection of real identity
Unlinkability
Resistance against de-
anonymization attacks
Data privacy
Available to authorized users
only
Protection against
malicious attacks
Privacy Properties for End users
7
State-of-the-Art
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
P2P
Systems
Content
Protection
Privacy
Protection
Revocable
Privacy Copyright
Protection Traceability User Data
Megías
(2014) Yes Yes Yes Yes Yes
Megías & Domingo-Ferrer
(2014) Yes Yes Yes Yes Yes
Domingo-Ferrer & Megías
(2013) Yes Yes Yes Yes Yes
P2P
Systems
Robustness and Security against Attacks
Signal
Processing
Attacks
Collusion Attacks
Communication
Attacks Content Protection
Systems
Privacy
Protection
Systems
Megías
(2014) Yes Yes Yes Yes
Megías & Domingo-Ferrer
(2014) Yes Yes Yes Yes
Comparative Analysis of Secure and Privacy-Preserving P2P Content Distribution Systems
8
Security and Privacy-Preserving Content
Distribution Framework
Overview of the Framework
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
P2P network
Trust infrastructures
Building blocks
Hybrid P2P Public key support Embedding domain
Trusted third
parties with limited
services
Embedding algorithm
Collusion-resistant
fingerprinting codes
Public key
cryptosystem
PseudoTrust model
9
Security and Privacy-Preserving Content
Distribution Framework Overview of the Framework
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
Parties involved
Merchant General
assumptions
Security
assumptions
Assumptions Design
requirements Threat model
Buyer
Super peer
Monitor
Judge
Certification
authority
Security
requirements
Privacy
requirements
Watermarking
attacks
Collusion attacks
Framing attacks
Communication
attacks
10
Protocols of the Framework
File Partitioning Protocol
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
Merchant Multimedia
content DWT
Transform
Approximation coefficients
Detail coefficients
Monitor
Fingerprint
generation
Embed fingerprint into
approximation coefficients
Base file
Supplementary file
11
Protocols of the Framework
Base File Distribution Protocol
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
9. Buyer decrypts
EK*pBi(BF) using
secret key
Merchant
Monitor Buyer
4. fi Generation
5. fi Encryption with K*pBi
7. Embedding EK*pBi (f)
into EK*pBi (X)
EK*pBi (X)
EKpB(X)EKpB(f) => EK*pBi(BF)
EK*pBi (f)
10. Fingerprinted BF
12
Protocols of the Framework
Supplementary File Distribution Protocol
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
Merchant
Certification
Authority
P2P Network
Pseudonyms
and
signed
certificate
acquisation
13
Protocols of the Framework
Traitor-Tracing and Dispute Resolution Protocol
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
Merchant
Monitor
Judge
Certification
Authority
Multimedia
content
Collusion
attack
Set of
colluders
14
Security and Privacy-Preserving Content
Distribution Framework
Security Analysis of BF Distribution Protocol
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
• Buyer frameproofness
• Non-repudiation
• Revocable privacy
• Anonymity
• Traceability
• Collusion resistance
• Unlinkability
Security Analysis of SF Distribution Protocol
• Impersonation
• Man-in-the-middle attack
• Replay attack
• Leakage of a secret number
used in pseudo-idenity
generation
15
Security and Privacy-Preserving Content
Distribution Framework
Security against Collusion Attacks
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
No. of
Colluders
No. of Colluders Detected for Attacks in the
Framework for a Video File
U Average Minimum Maximum Median
2 2 2 2 2
3 3 3 3 3
4 4 4 4 4
5 5 4 4 5
16
Experimental and Simulation Results
Details of Audio Files
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
Loopy
Music
Huge
wav
Aasan
Nai
Yahan
Duration
(min:secs) 00:10 00:17 03:34
Original Size
(MB) 0.89 2.97 36.01
Base File
Size (MB) 0.52 0.88 9.80
Supplement-
ary File Size
(MB)
1.79 5.94 72.16
ODG Value -0.48 -0.98 -1.20
Details of Video Files
Traffic Dragon Breaking
Bad
Duration
(min:secs) 00:10 23:00 50:00
Original Size
(MB) 0.19 51.10 305.00
Base File
Size (MB) 0.08 9.21 11.80
Supplement-
ary File Size
(MB)
0.18 69.40 216.00
PSNR Value
(dB) 44.00 42.00 41.00
17
Experimental and Simulation Results
Robusntess of an Audio File
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
Robustness of a Video File
Attacks Parameters BER NC
Re-
quantization
16-8-16
bits 0.07 0.951
Re-sampling 44.1-22.05-
44.1 KHz 0.11 0.902
MP3
Compression 256 kbps 0.09 0.912
AWGN 18 dB 0.13 0.882
Attacks Parameters BER NC
Median
filter [3 x 3] 0.09 0.912
Re-sizing 320-640-320
pixels 0.06 0.972
H.264
Compression 768 kbps 0.09 0.912
AWGN 20 dB 0.14 0.856
18
Experimental and Simulation Results
Computational Time of Audio Files
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
Computational Time of Video Files
CPU Time in secs
Process
Loopy
Music
Huge
Wav
Aasan
Nai
Yahan
Fingerprint
generation 6.01 6.01 6.01
Base file
generation 14.08 31.15 181.39
Supplementary
file
generation
0.03 0.18 1.19
Total time 20.13 37.34 188.60
CPU Time in secs
Process
Traffic Dragon Breaking
Bad
Fingerprint
generation 6.01 6.01 6.01
Base file
generation 14.08 31.15 181.39
Supplementary
file
generation
0.03 0.18 1.19
Total time 20.13 37.34 188.60
19
Experimental and Simulation Results
CommunicationTime of an Audio File
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
Communication Time of a Video File
Communication time in secs
File
name
BF
delivery
SF
delivery
File
Recon-
struction
Total
time
Loopy
Music 8.01 10.00 3.89 21.90
Communication time in secs
File
name
BF
delivery
SF
delivery
File
Recon-
struction
Total
time
Break-
ing Bad 184.00 657.29 595.05 1436.34
Cryptographic Algorithms CPU time in
secs
Public-key cryptography 5.73
Anonymous key exchange 9.62
AES encryption/decryption 1.89
Total 17.24
Cryptographic Costs of an Audio File Cryptographic Costs of a Video File
Cryptographic Algorithms CPU time in
secs
Public-key cryptography 8.80
Anonymous key exchange 9.62
AES encryption/decryption 0.11
Total 18.53
20
Conclusions and Future Work
Conclusions
Future Work
• A P2P content distribution system which allows efficient distribution of large-sized
content while preserving the security and privacy of content providers and end
users.
• The security and performance analysis demonstrates the security and efficiency
of the proposed framework.
• The framework is able to resolve the problems of piracy tracing, buyer
frameproofness, collusion resistance, accountability, dispute resolution and
buyer’s privacy.
• Reduce the size of the base file through losless compression techniques.
• Develop a prototype of the proposed framework and test it in a real-world scenario.
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems
21
Thank you!
Framework for Preserving Security and Privacy in Peer-to-Peer Content Distribution
Systems