Challenging the feasibility of authentication mechanisms for P2P live streaming

Abstract: Peer-to-peer live streaming applications are becoming increasingly popular, and already reach millions of users worldwide. There are, however, many aspects in which these applications must evolve, among which video quality and security deserve particular attention. While the former is about to become a reality given recent advances in codecs and link bandwidth, the latter still presents great challenges. The decentralized nature of P2P live streaming systems makes them vulnerable to attacks, among which pollut… Show more

“…We also plan to investigate dynamic and self-adaptive monitoring intervals which could be increased or decreased in runtime based on the system load. presents a model and estimates content pollution propagation [11][12][13] ✓ employs band codes to construct black lists of polluters [47] ✓ network coding is employed to allow the identification of polluters and limit content pollution [32] ✓ proposes the application of black lists to live streaming [17,27] ✓ transmits hash-based signatures of all chunks; the challenge is to receive hashes in advance for live streaming [21,24] ✓ applies cryptography to every whole chunk and employs a distributed key management scheme [36] ✓ employs peer groups to ensure chunk integrity; the server publishes content information in that group; peers access the group to verify chunks integrity [34] ✓ Merkle-trees are employed that use hashes to guarantee the integrity of streams of chunks [35] presents an evaluation of black lists, cryptography, hash-based verification and digital signatures [38] presents an evaluation of the impact of pollution attacks; shows that the impact depends on the stability of the network, and on the bandwidth available at both malicious peers and the source [37] evaluates content authentication mechanisms to live streaming [39,40] ✓ employs reputation and ranking to file sharing P2P systems [22] ✓ employs reputation and ranking to live streaming; the reputation mechanisms are based on peer experience [23] shows that reputation-based approaches can suffer with the collusion of malicious peers, with false positives, and present a high delay to propagate conclusions [41] a confidence management strategy is proposed based on retransmissions of the polluted data; depending on the situation the number of retransmissions can be high [42] in order to prevent DDoS attacks on streming sources proposes a strategy to hide source identity; used in the context of P2P VoD [43] presents a through evaluation of SopCast reaches the conclusion that a single attacker can harm up to 50% of peers and consume up to 30% of the available bandwidth [44] a centralised (non-distributed) solution is proposed to detect polluters in live streaming networks employing comparasionbased system-level diagnosis [this work] ✓ presents a distributed strategy that employs comparison-based diagnosis to combat pollution in live streaming; each peer independently identifies and stops requesting chunks from its polluter neighbours…”

“…In [37] an evaluation of the authentication of content spread in P2P high resolution live streaming systems is presented. The conclusion is that the strategies that presented the best performance were not effective under pollution attacks.…”

Distributed mitigation of content pollution in peer‐to‐peer video streaming networks

“…We also plan to investigate dynamic and self-adaptive monitoring intervals which could be increased or decreased in runtime based on the system load. presents a model and estimates content pollution propagation [11][12][13] ✓ employs band codes to construct black lists of polluters [47] ✓ network coding is employed to allow the identification of polluters and limit content pollution [32] ✓ proposes the application of black lists to live streaming [17,27] ✓ transmits hash-based signatures of all chunks; the challenge is to receive hashes in advance for live streaming [21,24] ✓ applies cryptography to every whole chunk and employs a distributed key management scheme [36] ✓ employs peer groups to ensure chunk integrity; the server publishes content information in that group; peers access the group to verify chunks integrity [34] ✓ Merkle-trees are employed that use hashes to guarantee the integrity of streams of chunks [35] presents an evaluation of black lists, cryptography, hash-based verification and digital signatures [38] presents an evaluation of the impact of pollution attacks; shows that the impact depends on the stability of the network, and on the bandwidth available at both malicious peers and the source [37] evaluates content authentication mechanisms to live streaming [39,40] ✓ employs reputation and ranking to file sharing P2P systems [22] ✓ employs reputation and ranking to live streaming; the reputation mechanisms are based on peer experience [23] shows that reputation-based approaches can suffer with the collusion of malicious peers, with false positives, and present a high delay to propagate conclusions [41] a confidence management strategy is proposed based on retransmissions of the polluted data; depending on the situation the number of retransmissions can be high [42] in order to prevent DDoS attacks on streming sources proposes a strategy to hide source identity; used in the context of P2P VoD [43] presents a through evaluation of SopCast reaches the conclusion that a single attacker can harm up to 50% of peers and consume up to 30% of the available bandwidth [44] a centralised (non-distributed) solution is proposed to detect polluters in live streaming networks employing comparasionbased system-level diagnosis [this work] ✓ presents a distributed strategy that employs comparison-based diagnosis to combat pollution in live streaming; each peer independently identifies and stops requesting chunks from its polluter neighbours…”

“…In [37] an evaluation of the authentication of content spread in P2P high resolution live streaming systems is presented. The conclusion is that the strategies that presented the best performance were not effective under pollution attacks.…”

Distributed mitigation of content pollution in peer‐to‐peer video streaming networks

“…Recently in [5] the authors present an evaluation of content authentication mechanisms in P2P live streaming networks. They compare the overhead and the security of several techniques and show that for high resolution streaming, the mechanisms with acceptable overheads are not resilient under pollution attacks.…”

Diagnosis of Content Pollution in P2P Live Streaming Networks

Content pollution propagation in the overlay network of peer‐to‐peer live streaming systems: modelling and analysis