Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare TOWARDS A SECURE...
-
Upload
shonda-underwood -
Category
Documents
-
view
223 -
download
0
Transcript of Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare TOWARDS A SECURE...
Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare
TOWARDS A SECURE DATA SHARING PEER-TO-PEER NETWORK BASED ON
GEOMETRIC AND SEMANTIC DISTANCES
Authors: Ana-Delia Sâmbotin, Mugurel Ionut Andreica
E-mail: [email protected], [email protected]
21.04.23 1
Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare
Outline
• Introduction
• Goals
• Design
• Architecture
• Experimental Evaluation
• Conclusion
21.04.23 2
Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare
Introduction
• P2P overlay topology in which nodes communicate one-to-one with their neighbors
• Resource (file) sharing
• Find a given resource (file)
• Find similar resources (files) to a given resource (file)
• Transfer a given resource (file) (hop-by-hop in the P2P topology)
• Security
– Data transfer encryption
– Anonymization
– Avoid traffic analysis
21.04.23 3
Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare
Goals
• Similarity search based on implicit user attributes (i.e. extracted automatically, not explicitly expressed by the users)
• Better chances of finding a given resource (similar resources) quickly when using bounded flooding for search)
• Good data transfer performance (e.g. data transfer speed)
• Security and privacy (encryption, anonymization, etc.)
21.04.23 4
Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare
Design
• Each peer computes a set of coordinates in a D-dimensional space, based on:
– Network round-trip time (RTT)
– Semantic distance (i.e. similarity of resources to other peers)
• In a distributed manner, each peer will select as neighbors in the topology other peers with small distances to it (based on the distance in the geometric space)
– Network RTT => good data transfer performance in hop-by-hop data transfers
– Semnatic closeness => good chance of finding a given resource (file) or similar resources (files) nearby (among its neighbors or at most a given distance R away from it)
21.04.23 5
Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare
Architecture
• Main modules related to:
– Network communication (low-level)
– P2P topology construction and maintenance
– Data transfer
– Resource (file) search
– Security
21.04.23 6
Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare
Architecture
• Two main roles: Bootstrap node and normal node
• The nodes will first contact the bootstrap nodes in order to find a set of nodes already in the system; afterwards, they organize themselves
• Different types of strategies for constructing the P2P overlay
21.04.23 7
Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare
Strategies for the P2P overlay
• A network of “supernodes”, that “hide” a group of peers
• A “supernode” can be considered to be a “proxy” node
• Geometric coordinates computed based on network abd semantic distances between a peer and a subset of other peers
• (Resource or Similarity) Search strategy – bounded (distance) flooding
21.04.23 8
Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare
Architecture - formulas
• Network distance metric
• Semantic distance (based on the common resources)
21.04.23 9
Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare
Security Module
• Anonymization: using mediators
• Avoiding traffic analysis
– Dummy search terms in a search query
– Dummy search queries
• Encryption of data transfers using public/private keys
Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare
Evaluation – Distance metrics
• Evaluation (through simulation) of
peer distribution in 2D when: (c)
– Using only the network distance (a)
– Using only the semantic distance (b)
– Using a combination of both metrics (c)
(a) (b)
Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare
Evaluation – Using Mediators
• Duration of a search query:
– Secure (encrypted messages) with mediator
– Secure (encrypted messages) without mediator
– Unsecure (without mediator)
• Encryption slows things down (up to 30%-35%)
• Using a mediator does not have a meaningful negative impact on performance
Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare
Conclusions
• Proposed a P2P-based data sharing system with:
– Enhanced security attributes (anonymization and encryption)
– A combination of network distance (RTT) and semantic distance for building the overlay
• Experimental results are promising
21.04.23 13
Universitatea Politehnica Bucureşti - Facultatea de Automatică şi Calculatoare
The end
• Thank you!
• Questions?
21.04.23 14