p2psp team mailing list archive

[Ilshat Shakirov <im.shakirov@xxxxxxxxx>]

Hello!,

Here is small status update.
I've implemented new types of attack for malicious peers:
-persistent attack
-on-off attack
-selective attack
-bad-mouth attacj (for strpe-ds only)

Also, I've added new option --checkall for STrPe trusted peers. If this
option is enablde, then TP sends every received chunk to splitter to check.

Here is some tests I performed for STrPe mechanism:
Persistent attack (with checkall option) :
https://docs.google.com/spreadsheets/d/1iNva1mvO9NETj8fJ9oZpy1VhAUYxJi4K7gUojqzSEqI/edit
On-off attack (40%) :
https://docs.google.com/spreadsheets/d/1-sLkrjdNQHx-jXxWeVYz4pmnd6qgC1D3MuVnbhQ4lYE/edit?usp=sharing

For each configuration Ive performed 5 experiments, on last tab the result
table is presented.

I've made next observations (for STrPe):
- there is need to increase splitter's buffer, since it have to check
chunks which can be deleted from its buffer. I've performed tests with
--buffer_size 1024 (256 by default). I think that buffer should smth like 4
* team_size.
- with check all option number of TP doesnt affect speed of expulsion mal.
peers (in case of persistent attack). Every mal. peer is excluding for 1
splitter round in average.
- in on-off attack number of TP affects on speed of excluding peers. So,
more TPs - more chances to send posioned chunks to TP.
- there is very small affect on buffer correctness for all the team.
Average for the team is between 0.95 and 1.

Also, here is my testing plan :
https://docs.google.com/document/d/13oSUgkRrmUh8nM3mMe5FEmwBlSfrxs0NXkei0JVubBo/edit?usp=sharing

Currently, Im performing tests for STrPe-DS mechanism (according to my test
plan).

Thanks.

2015-08-14 2:03 GMT+05:00 Ilshat Shakirov <im.shakirov@xxxxxxxxx>:

> Hello!,
>
> Here is two raw data sets with result data from experiments with STrPe and
> STrPe-DS:
>
> STrPe:
> https://docs.google.com/spreadsheets/d/13xzEwQKbB58p0K8VyQjvez2L-QABP_ouelbqmWMSE7w/edit#gid=1026220953
> STrPe-DS:
> https://docs.google.com/spreadsheets/d/1YZnLaWrjAJRgXZ2LQrHhgewOnzL1Fm073ix6dULmwpc/edit#gid=1531244678
>
> As you can see in STrPe number of TP affects on speed of expulsion mal.
> peers. It happens because TP selects next chunk to check randomly from its
> stream of chunks. Resp. if we have more TP then it will take less number of
> rounds to expel all TP.
> You can check it in code here:
> https://github.com/P2PSP/p2psp/blob/cis/src/trusted_peer.py#L55
>
> Also, you can see that in STrPe-DS if we have more mal. peers, we have
> more rounds to expel all mal. peers. It happens because including new mal.
> peers take 0.5 - 1 round, and resp. we have more rounds to include all mal.
> peers to the team. In the simple persistent attack mal. peers excluding
> almost at the same time they sended poisoned chunk to TP.
>
> Why a TP does not check every chunk?
>> In a persistent attack, peers will be detected directly.
>>
>
> Because it can reduce the performance of TP and the system (I think)
>
> Again, for persisten attack this is true, but not for the more
>> sophisticated ones.
>>
> What kinds of attack should I perform?
>
> Also, I think I know how to compromise Third Trusted Party (and resp.
> perform selective attack) for only log(n) time.
> Attacker should perform attack on the half of the team. If mal. peer was
> excluded, then in given half exists TP. Then this half divide to new 2
> halfs and so on. So, we can find all the TPs in O(log2(n)) time.
>
> Thanks!
>
>
> 2015-08-12 15:43 GMT+05:00 L.G.Casado <leo@xxxxxx>:
>
>> Hello,
>>
>>
>> El mié, 12-08-2015 a las 15:27 +0500, Ilshat Shakirov escribió:
>>
>> Hello,
>>
>> N-1, is set because there is one Trusted peer, does it?
>>
>>
>> Yes, because trusted peer doesnt check itself.
>>
>>
>> How is set X, random check yes/no?
>>
>> I think yes. In the first impl of STrPe trusted peers checked every 255
>> received chunk.
>>
>>
>> Why a TP does not check every chunk?
>> In a persistent attack, peers will be detected directly.
>>
>> The random check could be seen as malicious peer performing  a kind of
>> selective attack.
>>
>> About current progress:
>> I've found a small bug in the initialization of big teams (i.e. 100
>> peers) with enabled STrPe-DS. In 2-3% of cases peer hangs up and do nothing.
>>
>> Then, they should be expeled soon.
>>
>> Also, Ive prepared a raw data from STrPe experiments (Ive performed
>> experiments with 100 peers, 1-2-4-8 trusted, and 10-25 malicious). And
>> since trusted peers in STrPe checks chunks randomly from all the peers in
>> the team, it can take long time to expel all the malicious peers. It
>> happens because TP selects chunk to check from all stream, although it
>> should select chunks from each peer.
>>
>>
>> I think to check randomly has no sense if trusted peer is in system
>> without resources limitations, which should be the case.
>>
>> If we implement this, then Juan will be right and number of TPs in the
>> team won't have impact on mal. peer expulsion. Now, if we have more TP, we
>> have more chances, that TP will check chunk from mal. peers and will
>> exclude it.
>>
>> Yes, checking them all, just on TP is enough for persistent attack, but
>> it is not the case for other attacks.
>>
>> Also, STrPe-DS don't have such problem, because I've implemented next
>> logic:Every S seconds splitter selects new peer from all the team and TP
>> from trusted peers and do 2 requests to gather complains from the team.
>>
>> So, mal. peers will be excluded almost in the same time they ve sended
>> poisoned chunks to TP.
>>
>> Again, for persisten attack this is true, but not for the more
>> sophisticated ones.
>>
>> Thanks!
>>
>> Best,
>>
>> Leo
>>
>> 2015-08-12 15:08 GMT+05:00 L.G.Casado <leo@xxxxxx>:
>>
>> Dear Ilshat,
>>
>> El mié, 12-08-2015 a las 12:04 +0200, L.G.Casado escribió:
>>
>> BC = 1 - M / (N - 1 + 1) = 1 - M / N,
>>
>>
>> Sorry, the formula was fine:
>>
>> (N-M)/N= 1-M/N
>>
>> Please, answer the other questions.
>>
>> Thanks,
>>
>> Leo
>>
>>
>>
>