Dissertations / Theses on the topic 'Peer-to-Peer Network Security'

Orientador: Paulo Licio de Geus<br>Dissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Computação<br>Made available in DSpace on 2018-08-13T11:26:28Z (GMT). No. of bitstreams: 1 Quinellato_DouglasGielo_M.pdf: 2170090 bytes, checksum: 70af102166738a9e7bd99af678848faf (MD5) Previous issue date: 2009<br>Resumo: As redes P2P ganharam bastante popularidade na ultima decada, consolidando-se como um dos serviços mais populares da internet, provendo uma arquitetura distribuída para o fornecimento de servi¸cos sem a necessidade de um host assumir o papel de servidor. A popularidade trouxe, entretanto, a necessidade de se desenvolver mecanismos para garantir o funcionamento perante os crescentes ataques 'a rede. Com a estabilidade dos algoritmos relacionados ao funcionamento das redes P2P foi possível um aumento no desenvolvimento destes mecanismos de segurança. Nesta dissertação e proposto um sistema de reputação para redes P2P de compartilhamento de arquivos, um mecanismo de seguran¸ca que visa impedir a proliferação de arquivos corrompidos. Tais sistemas funcionam gerenciando as opiniões emitidas pelos nós participantes da rede sobre os serviços prestados pelos outros nós. Estas opiniões podem ser sobre o nó que prestou o serviço ou sobre a qualidade do serviço prestado. As opiniões sobre um mesmo nó ou serviço avaliado são armazenadas e posteriormente agregadas atraves de uma função, formando a reputação destes. O mecanismo proposto baseia-se nas opiniões emitidas sobre a autenticidade os arquivos, utilizando a reputação dos nós para indicar a qualidade da opinião sendo emitida por eles. Essa verificação da qualidade da opinião visa aumentar a confiança na opinião utilizada com a adicão de um nível de verificação por motivos de eficiência, visto que implementar uma rede de confiança inteira é custosa. Foram realizadas simulaçõs para a verificação da eficácia da rede, realizando comparações tanto com uma rede sem nenhum sistema de reputação quanto com outros sistemas de reputação.<br>Abstract: P2P networks have earned a great deal of popularity over the last decade, consolidating itself as one of the most popular internet service, providing a distributed architecture for the furnishing of services without the need of a centralized server host. However, such popularity brought the necessity for security mechanisms in order to assure the network availability in spite of the attacks on the network. Stability in the algorithms related to the basic operation of the P2P networks made possible the rise on the development of security systems. In this dissertation it's proposed a reputation system for file sharing P2P networks, a security mechanism aimed at lowering the spread of corrupted files in the network. Such systems work by managing the opinions issued by the participants of the network about the received services from the other nodes. These opinions can be about the nodes, or about the quality of the services themselves. Opinions about the same service or node are them joined through the use of a mathematical model (function), calculating their reputation. The proposed reputation system is based on the reputation of the files, using the node reputation as a means to assess the quality of the opinion being issued. This check is made with the purpose of improving trust in the used opinion by adding one level of opinion checking. Only one level is used for efficiency, since implementing a full trust network is expensive. Simulations were used in order to assess the effectiveness of the proposed reputation system. The results are used in comparisons with the same simulation without the use of any reputation system, and with the results of other reputation systems found in the literature.<br>Mestrado<br>Segurança de Redes<br>Mestre em Ciência da Computação

Distributed virtual environments (DVEs) have been an active area of research and engineering for more than 20 years. The most widely deployed DVEs are network games such as Quake, Halo, and World of Warcraft (WoW), with millions of users and billions of dollars in annual revenue. Deployed DVEs remain expensive centralized implementations despite significant research outlining ways to distribute DVE workloads. This dissertation shows previous DVE research evaluations are inconsistent with deployed DVE needs. Assumptions about avatar movement and proximity - fundamental scale factors - do not match WoW's workload, and likely the workload of other deployed DVEs. Alternate workload models are explored and preliminary conclusions presented. Using realistic workloads it is shown that a fully decentralized DVE cannot be deployed to today's consumers, regardless of its overhead. Residential broadband speeds are improving, and this limitation will eventually disappear. When it does, appropriate security mechanisms will be a fundamental requirement for technology adoption. A trusted auditing system ('Carbon') is presented which has good security, scalability, and resource characteristics for decentralized DVEs. When performing exhaustive auditing, Carbon adds 27% network overhead to a decentralized DVE with a WoW-like workload. This resource consumption can be reduced significantly, depending upon the DVE's risk tolerance. Finally, the Pairwise Random Protocol (PRP) is described. PRP enables adversaries to fairly resolve probabilistic activities, an ability missing from most decentralized DVE security proposals. Thus, this dissertations contribution is to address two of the obstacles for deploying research on decentralized DVE architectures. First, lack of evidence that research results apply to existing DVEs. Second, the lack of security systems combining appropriate security guarantees with acceptable overhead.

The main purpose of this project is to build a bank system that offers a friendly and simple interface to let users easily manage their lightweight currencies. The Lightweight Currency Protocol (LCP) was originally proposed to solve the problem of fairness in resource cooperatives. However, there are other possible applications of the protocol, including the control of spam and as a general purpose medium of exchange for low value transactions. This project investigates the implementation issues of the LCP, and also investigates LCP bank services to provide human interface to currency operations.

Avec l’omniprésence au quotidien du numérique et de l’informatique, de plus en plus d’utilisateurs souhaitent avoir accès à Internet et à leurs applications via n’importe quel périphérique, de n’importe où et n’importe quand. Les appareils domestiques intelligents se développant, les besoins d’échanger des données au domicile même se font de plus en plus sentir. C’est dans ce contexte, celui des services à domicile avec besoin d’interconnexion que se situe notre étude. Ce type de service est qualifié de Home Service (HS) alors que le réseau à domicile est nommé Home Network (HN). La problématique pour les opérateurs est alors de concevoir des architectures appropriées à l’interconnexion des HN de manière sécurisée tout en permettant un déploiement facile et à grande échelle. Dans la première étape, nous considérons la livraison de services sécurisés à travers un réseau de nouvelle génération (NGN) : IMS (IP Multimedia Subsystem). IMS étant l’architecture de référence pour son caractère réseau NGN des opérateurs, diverses architectures peuvent être développées comme support aux HS. Nous avons choisi d'analyser et de mettre en place une architecture P2P centralisée et de le comparer à l’architecture de référence. Plusieurs mécanismes d'authentification sont mis en place autour du P2P centralisé afin de sécuriser la prestation de services. La modélisation et l’évaluation de notre proposition ont permis d’identifier sa relation à l’IMS mais aussi des problèmes inhérents aux solutions centralisées : la protection des données personnelles, l’impact de la taille sur réseau sur les performances, l’existence d’un point de faiblesse unique face aux attaques et la congestion au niveau du serveur centralisé. Par conséquent, nous nous sommes tournés vers les solutions distribuées pour résoudre ces problèmes. Dans la deuxième étape, nous considérons l’architecture P2P non-structurée, qualifiée de pur P2P. La cryptographie basée sur l'identité (IBC) est ajoutée au P2P pur afin d’authentifier les utilisateurs et de protéger leurs communications. Pour chacune des solutions une analyse du coût de signalisation est effectuée révélant une faiblesse en ce qui concerne l’étape de recherche. Dans un déploiement à grande échelle, le coût de cette phase est trop élevé. Aussi, nous examinons le P2P structuré basé sur les Dynamic Hash Tables, une autre solution distribuée. Cette architecture est étudiée par l'IETF en tant qu’une des dernières générations de P2P: REsource LOcation And Discovery (RELOAD) Base Protocol. Nous proposons son utilisation dans le cadre des HSs. Comme preuve du concept, cette solution a été implantée et déployée sur un petit réseau en utilisant TLS/SSL comme mécanisme de sécurité. Cette plateforme nous a permis d’étudier les délais et les coûts de cette solution. Pour terminer, un bilan est établi sur toutes les solutions proposées En outre, nous introduisons d’autres types de HS et leurs possibilités de déploiement futur<br>With digital life enhancement, more users would like to get seamless Internet and information with any devices, at any time and from anywhere. More and more home devices need to exchange data or to control other devices. The type of services is labelled Home Service (HS) and it is deployed though a Home Network (HN). Some users need to use their HS outside their HN, some others need to interconnect other HN. Operators have to provide suitable network architectures to ensure this interconnection and to provide at the same time, scalability, remote access, easy deployment and security. Here is the topic of our work. In the fist step, we consider a practical illustration around the Next-Generation Network (NGN) and the secured services. It is the IMS (IP Multimedia Subsystem) approach for the management of services that is generally supported by the NGN network operators. However, various network operator architectures can be developed to support these services. An alternative way is the P2P architectures. We choose to analyze and implement a centralized P2P and we compare it with the IMS solution. Several authentication mechanisms are introduced to secure the centralized P2P. An evaluation of these architectures is conducted. Since the previous solutions present some issues due to their centralized feature, we consider distributed solutions in a second step. The non-structured P2P, called pure P2P, can also support HS. Identity Based Crytography (IBC) is added to these architectures in order to offer authentication and protection to user communications. The different solutions are compared through their signaling and transmission cost. The study shows that searching step in this architecture is really costly, facing a scalability problem. Thus, we propose to use a structured P2P (called Dynamic Hash Table) for delivering HS between HN. This type of architecture is studied by IETF with the REsource Location And Discovery (RELOAD) Base Protocol. This solution is implanted and deployed here to be a proof of the concept. This test-bed enables the study of delay and security overhead in a real system. Eventually, the presented solutions are recaptured in order to see their advantages/ disadvantages. In addition, we introduce other perspectives in terms of HSs and network interconnection

Computer networks security is a topic which has been extensively researched. This research is fully justified when one notices the dimensions of the problem faced. One can easily identify different kinds of networks, a large quantity of network protocols, and an overwhelming amount of user applications that make extensive use of networks for the purposes those applications were built. This conforms a vast research field, where it is possible for a researcher to set his or her interests over a set of threats, vulnerabilities, or types of attacks, and devise a mechanism to prevent the attack, mitigate its effects or repair the final damages, based upon the specific characteristics of the scenario. Our research group on Computer Networks has been researching on certain kinds of computer networks security risks, specially those affecting wireless networks. In previous doctoral works [13], detection and exclusion methods for dealing with malicious nodes in mobile ad hoc networks (MANETs) had been proposed, from the point of view of every individual network node, using a technique called Intrusion Detection Systems (IDS) based on Watchdog methods. In this scope, we pretend to optimize network throughput removing misbehaved nodes from the network communication processes, a task performed specifically by the Watchdog systems. When isolated security techniques obtain good results on dealing with one type of attacks, a way to improve the whole network performance could be establishing mechanisms for cooperatively sharing information between well-behaved nodes to speed up misbehaved node detection and increase accuracy. Obviously, these mechanisms will have a cost in terms of network transmission overhead and also a small computing time overhead needed to analize the received data and to obtain an opinion about a suspect node. The key issue here it to adequately balance the costs and the benefits related to these cooperation techniques to ensure that the overall network performance is increased if compared with a non-collaborative one.<br>Serrat Olmos, MD. (2013). Cooperation techniques to improve peer-to-peer wireless networks security [Tesis doctoral]. Editorial Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/32831<br>Alfresco

This Master thesis is a contribution to develope Multimedia security mechanisms for various P2P file sharing environments. Objective of this research thesis is to design a software tool for Multimedia business environments to fight against the copyright infringement in various P2P file sharing networks. In order to fulfil this objective, a combined implementation of two independent mechanisms designed at Fraunhofer IPSI is required. So far, the combined implementation does not yet exist for any P2P network. So, the first objective is to design a most comprehensive architecture for their implementation and the second objective is to validate that implementation built on top of the architecture. To do so, we have chosen BitTorrent network for implementation and validation.<br>The main objective of this research thesis work is to design a software tool for identifying copyright violated works in various P2P networks. In fact, P2P networks are the prominent networks for such copyright violations. To do so, a combined implementation of two independent mechanisms described in chapter 2 is required. This combined implementation prior to this thesis work had not existed in the form of a concrete software tool. So, the first objective is to design a most comprehensive architecture for their implementation and the second objective is to validate that implementation built on our architecture. Hence we have chosen BitTorrent network for implementation and validation. The mechanisms we addressed in our implementation are: Passive Mechanism: Digital Watermarking is the passive mechanism which is used to add information to multimedia files to be protected. This active part is just used to achieve our goal but not focused in validation because of the reason mentioned in the 1.4 section Active Search Mechanism: In order to fight against illegal copies an active search mechanism scanning for potential copyright violations is needed. Any P2P network implementation must maintain this framework extendable to other P2P networks. This is the area focused in validation phase.<br>gansudkum@gmail.com

In the last twenty years P2P technology has begun to spread, mainly because of the increasing need of sharing a large quantity of files. Critical operations such as the exchanging of messages or the search of a file are governed by specific routing mechanisms, that depend on the different P2P structures which are involved. In this thesis we will first present different types of routing protocols, and we will highlight the structure and the mechanisms by which they carry out the update of the contacts and the transfer of files over a network. We will then present some of the weaknesses of which these protocols are suffering, showing how their routing mechanisms can be used in a wrong way to produce unexpected behaviors by the hosts. We will then show some of the countermeasures adopted in order to mitigate the effects of these attacks. In the last part of the thesis we will first use the Peersim simulator to simulate some of the known routing attacks to the Pastry protocol, we will then simulate some new attacks, and we will finally discuss some possible countermeasures.

Approved for public release, distribution is unlimited<br>This thesis analyzes the potential impact of incorporating wireless technologies, specifically an 802.11 mesh layer architecture and 802.16 Orthogonal Frequency Division Multiplexing, in order to effectively and more efficiently transmit data and create a symbiotic operational picture between Coast Guard Cutters, their boarding teams, Coast Guard Operation Centers, and various external agencies. Two distinct collaborative software programs, Groove Virtual Office and the Naval Postgraduate School's Situational Awareness Agent, are utilized over the Tactical Mesh and OFDM network configurations to improve the Common Operating Picture of involved units within a marine environment to evaluate their potential impact for the Coast Guard. This is being done to increase the effectiveness and efficiency of Coast Guard units while they carry out their Law Enforcement and Homeland Security Missions. Through multiple field experiments, including Tactical Network Topology and nuclear component sensing with Lawrence Livermore National Laboratory, we utilize commercial off the shelf (COTS) equipment and software to evaluate their impact on these missions.<br>Lieutenant Commander, United States Coast Guard<br>Lieutenant, United States Coast Guard

Thesis (MScEng)--Stellenbosch University, 2013.<br>ENGLISH ABSTRACT: The way in which people consume video is changing with the adoption of new technologies such as tablet computers and smart televisions. These new technologies, along with the Internet, are moving video distribution away from satellite and terrestrial broadcast to distribution over the Internet. Services online now offer the same content that originally was only available on satellite broadcast television. However, these services are only viable in countries with high speed, inexpensive Internet bandwidth. The need therefore exists for alternative services to deliver content in countries where bandwidth is still expensive and slow. These include many of the developing nations of Africa. In this thesis we design and develop a video distribution platform that relies on peer-to-peer networking to deliver high quality video content. We use an existing video streaming peer-to-peer protocol as the primary distribution mechanism, but allow users to share video over other protocols and services. These can include BitTorrent, DC++ and users sharing hard drives with one another. In order to protect the video content, we design and implement a security scheme that prevents users from pirating video content, while allowing easy distribution of video data. The core of the security scheme requires a low bandwidth Internet connection to a server that streams keys to unlock the video content. The project also includes the development of a custom video player application to integrate with the security scheme. The platform is not limited to, but is aimed at high speed local area networks where bandwidth is free. In order for the platform to support feasible business models, we provision additional services, such as video cataloging and search, video usage monitoring and platform administration. The thesis includes a literature study on techniques and solutions to secure video entertainment, specifically in a peer-to-peer environment.<br>AFRIKAANSE OPSOMMING: Die wyse waarvolgens mense video verbruik is aan die verander met die ingebruikneming van nuwe tegnologie soos tabletrekenaars en slim televisiestelle. Hierdie nuwe tegnologie tesame met die Internet maak dat die verspreiding van video al hoe minder plaasvind deur middel van satellietuitsendings en al hoe meer versprei word deur die Internet. Aanlyn-Internetdienste bied deesdae dieselfde inhoud aan as wat voorheen slegs deur beeldsending versprei is. Hierdie dienste is egter slegs lewensvatbaar in lande met hoëspoed- en goedkoop Internetbandwydte. Daar is dus ’n behoefte aan alternatiewe tot hierdie dienste in lande waar bandwydte steeds duur en stadig is. Baie lande in Afrika kan in hierdie kategorie ingesluit word. In hierdie tesis word ’n videoverspreidingsplatform ontwerp en ontwikkel, wat van portuurnetwerke gebruik maak om hoëkwaliteit-beeldmateriaal te versprei. Die stelsel gebruik ’n bestaande portuurnetwerk-datavloeiprotokol as die premêre verspreidingsmeganisme, maar laat gebruikers ook toe om videoinhoud direk met ander gebruikers en dienste te deel. BitTorrent, DC++ en gebruikers wat hardeskywe met mekaar deel word hierby ingesluit. Ten einde die videoinhoud te beskerm ontwerp en implimenteer ons ’n sekuriteitstelsel wat verhoed dat gebruikers die videoinhoud onregmatig kan toe-eien, maar wat terselfdertyd die verspreiding van die data vergemaklik. Hierdie sluit die ontwikkeling van ’n pasgemaakte videospeler in. Die kern van die sekuriteitstelsel benodig ’n lae-bandwydte-Internetverbinding na ’n bediener wat sleutels uitsaai om die videoinhoud te ontsluit. Alhoewel nie daartoe beperk nie, is die platform gemik op hoëspoed-plaaslikegebiedsnetwerke met gratis bandwydte. Om die platvorm aan ’n haalbare sakemodel te laat voldoen het ons vir addisionele dienste soos videokatalogisering met soekfunksies, videoverbruikersmonitering en platvormadministrasie voorsiening gemaak. Die tesis sluit ’n literatuurstudie oor tegnieke en oplossings vir die beskerming van video data, spesifiek in die portuurnetwerke omgeving, in.

The use of peer-to-peer (P2P) networks for multimedia distribution has spread out globally in recent years. This mass popularity is primarily driven by the efficient distribution of content, also giving rise to piracy and copyright infringement as well as privacy concerns. An end user (buyer) of a P2P content distribution system does not want to reveal his/her identity during a transaction with a content owner (merchant), whereas the merchant does not want the buyer to further redistribute the content illegally. Therefore, there is a strong need for content distribution mechanisms over P2P networks that do not pose security and privacy threats to copyright holders and end users, respectively. However, the current systems being developed to provide copyright and privacy protection to merchants and end users employ cryptographic mechanisms, which incur high computational and communication costs, making these systems impractical for the distribution of big files, such as music albums or movies.<br>El uso de soluciones de igual a igual (peer-to-peer, P2P) para la distribución multimedia se ha extendido mundialmente en los últimos años. La amplia popularidad de este paradigma se debe, principalmente, a la distribución eficiente de los contenidos, pero también da lugar a la piratería, a la violación del copyright y a problemas de privacidad. Un usuario final (comprador) de un sistema de distribución de contenidos P2P no quiere revelar su identidad durante una transacción con un propietario de contenidos (comerciante), mientras que el comerciante no quiere que el comprador pueda redistribuir ilegalmente el contenido más adelante. Por lo tanto, existe una fuerte necesidad de mecanismos de distribución de contenidos por medio de redes P2P que no supongan un riesgo de seguridad y privacidad a los titulares de derechos y los usuarios finales, respectivamente. Sin embargo, los sistemas actuales que se desarrollan con el propósito de proteger el copyright y la privacidad de los comerciantes y los usuarios finales emplean mecanismos de cifrado que implican unas cargas computacionales y de comunicaciones muy elevadas que convierten a estos sistemas en poco prácticos para distribuir archivos de gran tamaño, tales como álbumes de música o películas.<br>L'ús de solucions d'igual a igual (peer-to-peer, P2P) per a la distribució multimèdia s'ha estès mundialment els darrers anys. L'àmplia popularitat d'aquest paradigma es deu, principalment, a la distribució eficient dels continguts, però també dóna lloc a la pirateria, a la violació del copyright i a problemes de privadesa. Un usuari final (comprador) d'un sistema de distribució de continguts P2P no vol revelar la seva identitat durant una transacció amb un propietari de continguts (comerciant), mentre que el comerciant no vol que el comprador pugui redistribuir il·legalment el contingut més endavant. Per tant, hi ha una gran necessitat de mecanismes de distribució de continguts per mitjà de xarxes P2P que no comportin un risc de seguretat i privadesa als titulars de drets i els usuaris finals, respectivament. Tanmateix, els sistemes actuals que es desenvolupen amb el propòsit de protegir el copyright i la privadesa dels comerciants i els usuaris finals fan servir mecanismes d'encriptació que impliquen unes càrregues computacionals i de comunicacions molt elevades que fan aquests sistemes poc pràctics per a distribuir arxius de grans dimensions, com ara àlbums de música o pel·lícules.

Millions of users world-wide are sharing content using Peer-to-Peer (P2P) networks, such as Skype and Bit Torrent. While such new innovations undoubtedly bring benefits, there are nevertheless some associated threats. One of the main hazards is that P2P worms can penetrate the network, even from a single node and then spread rapidly. Understanding the propagation process of such worms has always been a challenge for researchers. Different techniques, such as simulations and analytical models, have been adopted in the literature. While simulations provide results for specific input parameter values, analytical models are rather more general and potentially cover the whole spectrum of given parameter values. Many attempts have been made to model the worm propagation process in P2P networks. However, the reported analytical models to-date have failed to cover the whole spectrum of all relevant parameters and have therefore resulted in high false-positives. This consequently affects the immunization and mitigation strategies that are adopted to cope with an outbreak of worms. The first key contribution of this thesis is the development of a susceptible, exposed, infectious, and Recovered (SEIR) analytical model for the worm propagation process in a P2P network, taking into account different factors such as the configuration diversity of nodes, user behaviour and the infection time-lag. These factors have not been considered in an integrated form previously and have been either ignored or partially addressed in state-of-the-art analytical models. Our proposed SEIR analytical model holistically integrates, for the first time, these key factors in order to capture a more realistic representation of the whole worm propagation process. The second key contribution is the extension of the proposed SEIR model to the mobile M-SEIR model by investigating and incorporating the role of node mobility, the size of the worm and the bandwidth of wireless links in the worm propagation process in mobile P2P networks. The model was designed to be flexible and applicable to both wired and wireless nodes. The third contribution is the exploitation of a promising modelling paradigm, Agent-based Modelling (ABM), in the P2P worm modelling context. Specifically, to exploit the synergies between ABM and P2P, an integrated ABM-Based worm propagation model has been built and trialled in this research for the first time. The introduced model combines the implementation of common, complex P2P protocols, such as Gnutella and GIA, along with the aforementioned analytical models. Moreover, a comparative evaluation between ABM and conventional modelling tools has been carried out, to demonstrate the key benefits of ease of real-time analysis and visualisation. As a fourth contribution, the research was further extended by utilizing the proposed SEIR model to examine and evaluate a real-world data set on one of the most recent worms, namely, the Conficker worm. Verification of the model was achieved using ABM and conventional tools and by then comparing the results on the same data set with those derived from developed benchmark models. Finally, the research concludes that the worm propagation process is to a great extent affected by different factors such as configuration diversity, user-behaviour, the infection time lag and the mobility of nodes. It was found that the infection propagation values derived from state-of-the-art mathematical models are hypothetical and do not actually reflect real-world values. In summary, our comparative research study has shown that infection propagation can be reduced due to the natural immunity against worms that can be provided by a holistic exploitation of the range of factors proposed in this work.

This document provides information about Cisco NetFlow technology and its usage to protect networks from different types of attacks. Part of the document is a summary of common security risks in term of their detection on network and transport layer. There are specified characteristics of NetFlow data containing samples of security risks. On the basis of these characteristics, an application for detection these risks is designed and implemented.

Dans cette thèse, nous nous sommes intéressés aux protocoles pair-à-pair (P2P), qui représentent une solution prometteuse pour la diffusion et le partage de données à faible coût sur Internet. Nous avons mené, dans un premier temps, une étude comportementale de différents protocoles P2P pour le partage de fichier (distribution de contenus sans contrainte de temps) puis le live. Dans la première étude centréesur le partage de fichier, nous avons montré l’impact d’Hadopi sur le comportement des utilisateurs et discuté l’efficacité des protocoles en fonction du contenu et l’efficacité protocolaire, en se basant sur les choix des utilisateurs. BitTorrent s’est nettement démarqué au cours de cette étude, notamment pour les grands contenus. En ce qui concerne le live, nous nous sommes intéressés à la qualité de servicedu réseau de distribution live Sopcast, car plus de 60% des événements live diffusés en P2P le sont sur ce réseau. Notre analyse approfondie de ces deux modes de distribution nous a fait nous recentrer sur BitTorrent, qui est à la base de tous les protocoles P2P Live, et est efficace en partage de fichier et complètement open source. Dans la seconde partie de la thèse, nous avons proposé et implémenté dansun environnement contrôlé un nouveau protocole sur la base de BitTorrent avec des mécanismes protocolaires impliquant tous les pairs dans la gestion du réseau. Ces nouveaux mécanismes permettent d’augmenter l’efficacité du protocole via une meilleure diffusion, tant pour le live que le partage de fichier, de métadonnées (la pièce la plus rare) et via une méthode dite de push, par laquelle un client va envoyer du contenu aux pairs les plus dans le besoin<br>In this study, we focused on peer-to-peer protocols (P2P), which represent a promising solution for data dissemination and content delivery at low-cost in the Internet. We performed, initially, a behavioral study of various P2P protocols for file sharing (content distribution without time constraint) and live streaming. Concerning file sharing, we have shown the impact of Hadopi on users’ behavior and discussed the effectiveness of protocols according to content type, based on users’ choice. BitTorrent appeared as the most efficient approach during our study, especially when it comes to large content. As for streaming, we studied the quality of service of Sopcast, a live distribution network that accounts for more than 60% of P2P broadcast live events. Our in-depth analysis of these two distributionmodes led us to focus on the BitTorrent protocol because of its proven efficiency in file sharing and the fact that it is open source. In the second part of the thesis, we proposed and implemented a new protocol based on BitTorrent, in a controlled environment. The modifications that we proposed allow to increase the efficiency of the protocol through improved dissemination of metadata (the rarest piece), both for live and file sharing. An enhanced version is introduced with a push method, where nodes that lag behind receive an extra service so as to improve the overall performance

Thesis (M. Phil.)--Hong Kong University of Science and Technology, 2002.<br>Includes bibliographical references (leaves 55-58). Also available in electronic version. Access restricted to campus users.

Les réseaux P2P représentent aujourd’hui une partie considérable des échanges sur Internet, principalement parce qu’ils offrent aux utilisateurs du monde entier un moyen rapide et efficace pour partager des ressources. Les réseaux P2P offrent plusieurs avantages tels qu’un meilleur passage à l’échelle et une meilleure résistance aux pannes et par conséquent un meilleur rendement et une meilleure qualité de service. Ces apports ont largement favorisés l’apparition de nouvelles applications qui offrent des services divers et variés. Cependant, les réseaux P2P sont vulnérables à certaines attaques de sécurité. La sécurité des réseaux P2P a reçu beaucoup d’attention dans la recherche. De nombreuses solutions ont été proposées pour renforcer la sécurité dans les réseaux P2P. Dans cette thèse, nous nous sommes notamment intéressés au problème de la propagation de vers et aux systèmes de prévention et de détection d’échanges illégaux de fichiers sur les réseaux P2P. Nous présentons une analyse détaillée du problème tout en mettant en évidence les problèmes et les caractéristiques inhérents aux réseaux P2P. Ensuite, nous exposons les solutions de sécurité existantes dans la littérature scientifique. Ensuite, nous identifions une faille de sécurité dans le réseau BitTorrent qui peut être exploitée par les vers actifs et qui leur permet de se propager, une propagation trois fois plus vite que les autres vers connus. Ensuite, nous proposons un système de détection et de confinement de vers dans le réseau BitTorrent. Notre étude analytique montre que l’intervention de notre solution permet une réduction de 98,9 pour cent du taux d’infection global. En outre, nous présentons un simulateur que nous avons développé pour analyser et étudier les solutions que nous avons proposées. Enfin, nous exposons une proposition originale pour détecter les téléchargements illégaux de fichiers protégés par des droits d’auteur<br>Peer-to-peer (p2p) networking technology has gained popularity as an efficient mechanism for users to obtain free services without the need for centralized servers. P2P networks offer several advantages such as scalability, fault tolerance, and performance. These properties have led to the proliferation of variety of applications. However, P2P raises some security concerns. Indeed, P2P networks are open systems that apply no restriction whatsoever on the joining process of users. As a result, malicious user scan actively join a P2P system and initiate attacks within the network. Moreover, in P2P networks topology information is exposed to the systems peers to allow cooperation between them. Attackers can leverage this information to compromise P2P networks. P2P security has received a lot of attention in research. A host of research has proposed a number of solutions to reinforce security in P2P networks. In this thesis, we primarily deal with worm propagation and traffic throttling in P2P networks. We present a detailed analysis of the problem while highlighting special features and issues inherent to P2P computing. Then, we review existing security solutions in the literature and analyze their advantages and shortcomings. Next, we identify security vulnerabilities in BitTorrent that can be exploited by active worms. The latter could then propagate much faster than other worms. Then, we propose a worm detection and containment system in BitTorrent that detects active worm propagation. Our analysis shows that our solution can stop worm attacks before 1. 1 percent of the vulnerable hosts are infected. We also present a simulator that we developed to further analyze and study our proposed solutions. Finally, we provide a novel approach to detect BitTorrent illegal download of copyright protected files. Our analyses show that in worst case scenarios, our solution could reduce the download success rate of copyright protected contents to 49 percent

A "botnet" is a network of compromised computers (bots) that are controlled by an attacker (botmasters). Botnets are one of the most serious threats to today's Internet; they are the root cause of many current Internet attacks, such as email spam, distributed denial of service (DDoS) attacks, click fraud, etc. There have been many researches on how to detect, monitor, and defend against botnets that have appeared and their attack techniques. However, it is equally important for us to investigate possible attack techniques that could be used by the next generation botnets, and develop effective defense techniques accordingly in order to be well prepared for future botnet attacks. In this dissertation, we focus on two areas of the next generation botnet attacks and defenses: the peer-to-peer (P2P) structured botnets and the possible honeypot detection techniques used by future botnets. Currently, most botnets have centralized command and control (C&C) architecture. However, P2P structured botnets have gradually emerged as a new advanced form of botnets. Without C&C servers, P2P botnets are more resilient to defense countermeasures than traditional centralized botnets. Therefore, we first systematically study P2P botnets along multiple dimensions: bot candidate selection, network construction and C&C mechanisms and communication protocols. As a further illustration of P2P botnets, we then present the design of an advanced hybrid P2P botnet, which could be developed by botmasters in the near future. Compared with current botnets, the proposed botnet is harder to be shut down, monitored, and hijacked. It provides robust network connectivity, individualized encryption and control traffic dispersion, limited botnet exposure by each bot, and easy monitoring and recovery by its botmaster. We suggest and analyze several possible defenses against this advanced botnet. Upon our understanding of P2P botnets, we turn our focus to P2P botnet countermeasures.; We provide mathematical analysis of two P2P botnet mitigation approaches--index poisoning defense and Sybil defense, and one monitoring technique--passive monitoring. We are able to give analytical results to evaluate their performance. And simulation-based experiments show that our analysis is accurate. Besides P2P botnets, we investigate honeypot-aware botnets as well. This is because honeypot techniques have been widely used in botnet defense systems, botmasters will have to find ways to detect honeypots in order to protect and secure their botnets. We point out a general honeypot-aware principle, that is security professionals deploying honeypots have liability constraint such that they cannot allow their honeypots to participate in real attacks that could cause damage to others, while attackers do not need to follow this constraint. Based on this principle, a hardware- and software- independent honeypot detection methodology is proposed. We present possible honeypot detection techniques that can be used in both centralized botnets and P2P botnets. Our experiments show that current standard honeypot and honeynet programs are vulnerable to the proposed honeypot detection techniques. In the meantime, we discuss some guidelines for defending against general honeypot-aware botnet attacks.<br>ID: 029050015; System requirements: World Wide Web browser and PDF reader.; Mode of access: World Wide Web.; Thesis (Ph.D.)--University of Central Florida, 2010.; Includes bibliographical references (p. 117-131).<br>Ph.D.<br>Doctorate<br>Department of Electrical Engineering and Computer Science<br>Engineering and Computer Science

Le principe de l'Internet des objets (IdO) est d'interconnecter non seulement les capteurs, les appareils mobiles et les ordinateurs, mais aussi les particuliers, les maisons, les bâtiments intelligents et les villes, ainsi que les réseaux électriques, les automobiles et les avions, pour n'en citer que quelques-uns. Toutefois, la réalisation de la connectivité étendue de l'IdO tout en assurant la sécurité et la confidentialité des utilisateurs reste un défi. Les systèmes IdO présentent de nombreuses caractéristiques non conventionnelles, telles que l'évolutivité, l'hétérogénéité, la mobilité et les ressources limitées, qui rendent les solutions de sécurité Internet existantes inadaptées aux systèmes basés sur IdO. En outre, l'IdO préconise des réseaux peer-to-peer où les utilisateurs, en tant que propriétaires, ont l'intention d'établir des politiques de sécurité pour contrôler leurs dispositifs ou services au lieu de s'en remettre à des tiers centralisés. En nous concentrant sur les défis scientifiques liés aux caractéristiques non conventionnelles de l'IdO et à la sécurité centrée sur l'utilisateur, nous proposons une infrastructure sécurisée de l'IdO activée par la technologie de la chaîne de blocs et pilotée par des réseaux peer-to-peer sans confiance. Notre infrastructure sécurisée IoT permet non seulement l'identification des individus et des collectifs, mais aussi l'identification fiable des objets IoT par leurs propriétaires en se référant à la chaîne de blocage des réseaux peer-to-peer sans confiance. La chaîne de blocs fournit à notre infrastructure sécurisée de l'IdO une base de données fiable, immuable et publique qui enregistre les identités individuelles et collectives, ce qui facilite la conception du protocole d'authentification simplifié de l'IdO sans dépendre des fournisseurs d'identité tiers. En outre, notre infrastructure sécurisée pour l'IdO adopte un paradigme d'IdO socialisé qui permet à toutes les entités de l'IdO (à savoir les individus, les collectifs, les choses) d'établir des relations et rend l'IdO extensible et omniprésent les réseaux où les propriétaires peuvent profiter des relations pour définir des politiques d'accès pour leurs appareils ou services. En outre, afin de protéger les opérations de notre infrastructure sécurisée de l'IdO contre les menaces de sécurité, nous introduisons également un mécanisme autonome de détection des menaces en complément de notre cadre de contrôle d'accès, qui peut surveiller en permanence le comportement anormal des opérations des dispositifs ou services<br>The premise of the Internet of Things (IoT) is to interconnect not only sensors, mobile devices, and computers but also individuals, homes, smart buildings, and cities, as well as electrical grids, automobiles, and airplanes, to mention a few. However, realizing the extensive connectivity of IoT while ensuring user security and privacy still remains a challenge. There are many unconventional characteristics in IoT systems such as scalability, heterogeneity, mobility, and limited resources, which render existing Internet security solutions inadequate to IoT-based systems. Besides, the IoT advocates for peer-to-peer networks where users as owners intend to set security policies to control their devices or services instead of relying on some centralized third parties. By focusing on scientific challenges related to the IoT unconventional characteristics and user-centric security, we propose an IoT secure infrastructure enabled by the blockchain technology and driven by trustless peer-to-peer networks. Our IoT secure infrastructure allows not only the identification of individuals and collectives but also the trusted identification of IoT things through their owners by referring to the blockchain in trustless peer-to-peer networks. The blockchain provides our IoT secure infrastructure with a trustless, immutable and public ledger that records individuals and collectives identities, which facilitates the design of the simplified authentication protocol for IoT without relying on third-party identity providers. Besides, our IoT secure infrastructure adopts socialized IoT paradigm which allows all IoT entities (namely, individuals, collectives, things) to establish relationships and makes the IoT extensible and ubiquitous networks where owners can take advantage of relationships to set access policies for their devices or services. Furthermore, in order to protect operations of our IoT secure infrastructure against security threats, we also introduce an autonomic threat detection mechanism as the complementary of our access control framework, which can continuously monitor anomaly behavior of device or service operations

De nos jours, nous attendons des systèmes de systèmes d'être plus que simplement fonctionnel, mais aussi fiable, de préserver leurs performances, de mener les actions requises et, surtout, d'anticiper d'éventuelles défaillances. La résilience fait partie des nombreuses approches d'évaluation de la fiabilité. Elle est directement liée aux conséquences de perturbations et incertitudes. Il s'agit des conséquences en cas de perturbations et des incertitudes associées. La résilience est définie comme la capacité des systèmes à résister à une perturbation majeure selon paramètres de dégradation et à récupérer dans un délai, des coûts et des risques acceptables. Dans cette thèse, deux approches complémentaires sont proposées pour tenter d'analyser la résilience structurelle des systèmes de systèmes. La première est liée à l'extensibilité qui est une caractéristique des systèmes de systèmes puisqu'ils sont en continuelle évolution. L'un des principaux objectifs est d'évaluer la résilience structurelle en tenant compte de l'aspect dynamique et moyennant une évaluation de l'interopérabilité. D'autre part, un examen de la structure d'un système de systèmes et des flux internes représente la deuxième approche. Cela conduit à une évaluation de la résilience structurelle grâce à un ensemble d'indicateurs. Les deux approches proposées sont déterministes et peuvent être utilisées pour évaluer l'état courant de la structure du système de systèmes ou pour anticiper sa résilience dans des scénarios futurs. Un démonstrateur a été développé pour l'évaluation de la résilience structurelle. Dans la considération de territoires, il a servi à l'évaluation d'infrastructures industrielles réelles selon une approche systèmes de systèmes<br>Nowadays, we expect of SoS (systems-of-systems) more than just to be functional, but also to be reliable, to preserve their performance, to complete the required fonctions and rnost importantly to anticipate potential defects. The relationship with resilience is among the numerous perspectives tackling reliability in the context of SoS. It is about the consequences in case of disturbances and associated uncertainties. Resilience is defined as the ability of systems to withstand a major disruption within acceptable degradation parameters and to recover within an acceptable time, composite costs and risks. In this thesis, two complementary approaches are proposed in an attempt to analyze SoS structural resilience. First is related to extensibility which is a specific characteristic of SoS as they are in continuous evolvement and change. A major focus is to evaluate SoS structural resilience with regards to its dynamic aspect and through interoperability assessment. On the other hand, a consideration of the SoS structure and inner workflow pathways represents the second approach. This perspective leads to structural resilience assessment through a set of indicators. Both proposed approaches are deterministic and can be used to evaluate the current state of SoS structure or to anticipate its resilience in future scenarios. Futhermore, a prototype is designed in order to process the structural resilience assessment. Considering spatial objects, it has been used to conduct experiments on real-based industrial infrastructures approached as SoS

Malicious users in data networks may form social interactions to create communities in abnormal fashions that deviate from the communication standards of a network. As a community, these users may perform many illegal tasks such as spamming, denial-of-service attacks, spreading confidential information, or sharing illegal contents. They may use different methods to evade existing security systems such as session splicing, polymorphic shell code, changing port numbers, and basic string manipulation. One way to masquerade the traffic is by changing the data rate patterns or use very low (trickle) data rates for communication purposes, the latter is focus of this research. Network administrators consider these communities of users as a serious threat. In this research, we propose a framework that not only detects the abnormal data rate patterns in a stream of traffic by using a type of neural network, Self-organizing Maps (SOM), but also detect and reveal the community structure of these users for further decisions. Through a set of comprehensive simulations, it is shown in this research that the suggested framework is able to detect these malicious user communities with a low false negative rate and false positive rate. We further discuss ways of improving the performance of the neural network by studying the size of SOM's.

Finally, for improving the security of P2P-based CDNs against peer misbehaviors, we present a stochastic analytical model for understanding the performance of the P2P rating systems, which are widely engaged for safeguarding P2P-based CDNs. We study two representative designs, namely the unstructured self-managing rating (UMR) system and the structured supervising rating (SSR) system with the model under various network environments and adversary attacks. We also propose a configurable loosely supervising rating (LSR) system, and show that the system works inexpensively, and could make tradeoffs between the features of the UMR and the SSR system, thus providing a better overall performance according to the application context.<br>Peer-to-Peer (P2P) networks, especially P2P-based content distribution networks (CDN), have enabled large-scale content distribution without major infrastructure support in recent years. However, P2P-based CDNs suffer from performance issues such as stability and scalability, as well as security threats due to their decentralized nature. In this thesis, we address the performance and security issues in P2P-based CDNs.<br>We first consider a BitTorrent-like file swarming system. A simple mathematical model is presented for understanding its performance. With the model we find that under the stable state the peer distribution follows an asymmetric U-shaped curve, which is determined and influenced by various factors. We also analyze the content availability in the system and study its dying process, in which the integrity of the content is endangered. An innovative "tit-for-tat" unchoking strategy enabling more peers to finish their download jobs and prolong the system's lifetime is proposed. We then consider an application-layer tree-like overlay for the synchronous live media multicasting system. In particular we address the instability issue of the multicast overlay caused by nodes' abrupt departures. A set of algorithms are proposed to improve the overlay's stability based on actively estimating the nodes' lifetime model. To support our solution, we have studied the lifetime model via real-world measurements, and have formally proved the effectiveness of the algorithms. The experimental performance evaluation indicates that our algorithms work inexpensively, and could improve the overlay's stability considerably. We also consider the asynchronous on-demand media (MoD) streaming using P2P networks. In particular, we aim to improve the scalability of the system by proposing a novel probabilistic caching mechanism. Theoretical analysis is presented to show that by engaging the proposed mechanism with a flexible system parameter, better scalability could be achieved by a MoD system with less workload imposed on the server. Moreover, we show by simulation that our proposed caching mechanism could improve the streaming service conceived by peers under various conditions of server capacities and network environments.<br>Tian, Ye.<br>"July 2007."<br>Adviser: Kam-Wing Ng.<br>Source: Dissertation Abstracts International, Volume: 69-02, Section: B, page: 1119.<br>Thesis (Ph.D.)--Chinese University of Hong Kong, 2007.<br>Includes bibliographical references (p. 180-193).<br>Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web.<br>Electronic reproduction. [Ann Arbor, MI] : ProQuest Information and Learning, [200-] System requirements: Adobe Acrobat Reader. Available via World Wide Web.<br>Abstract in English and Chinese.<br>School code: 1307.

Lu, Mengwei.<br>Thesis (M.Phil.)--Chinese University of Hong Kong, 2010.<br>Includes bibliographical references (p. 52-54).<br>Abstracts in English and Chinese.<br>Chapter 1 --- Introduction --- p.1<br>Chapter 2 --- Introduction of P2P-VoD Systems --- p.5<br>Chapter 2.1 --- Major Components of the System --- p.5<br>Chapter 2.2 --- Peer Join and Content Discovery --- p.6<br>Chapter 2.3 --- Segment Sizes and Replication Strategy --- p.7<br>Chapter 2.4 --- Piece Selection --- p.8<br>Chapter 2.5 --- Transmission Strategy --- p.9<br>Chapter 3 --- Detection Methodology --- p.10<br>Chapter 3.1 --- Capturing Technique --- p.11<br>Chapter 3.2 --- Analytical Framework --- p.15<br>Chapter 3.3 --- Results of our Detection Methodology --- p.24<br>Chapter 4 --- Protective Architecture --- p.25<br>Chapter 4.1 --- Architecture Overview --- p.25<br>Chapter 4.2 --- Content Servers --- p.27<br>Chapter 4.3 --- Shield Nodes --- p.28<br>Chapter 4.4 --- Tracker --- p.29<br>Chapter 4.5 --- A Randomized Assignment Algorithm --- p.30<br>Chapter 4.6 --- Seeding Algorithm --- p.31<br>Chapter 4.7 --- Connection Management Algorithm --- p.33<br>Chapter 4.8 --- Advantages of the Shield Nodes Architecture --- p.33<br>Chapter 4.9 --- Markov Model for Shield Nodes Architecture Against Single Track Anonymity Attack --- p.35<br>Chapter 5 --- Experiment Result --- p.40<br>Chapter 5.1 --- Shield Node architecture against anonymity attack --- p.40<br>Chapter 5.1.1 --- Performance Analysis for Single Track Anonymity Attack --- p.41<br>Chapter 5.1.2 --- Experiment Result on PlanetLab for Single Track Anonymity Attack --- p.42<br>Chapter 5.1.3 --- Parallel Anonymity Attack --- p.44<br>Chapter 5.2 --- Shield Nodes architecture-against DoS attack --- p.45<br>Chapter 6 --- Related Work --- p.48<br>Chapter 7 --- Future Work --- p.49<br>Chapter 8 --- Conclusion --- p.50

<p>Online Social Network (OSN) services such as Facebook and Google+ are fun and useful. Hundreds of millions of users rely on these services and third-party applications to process and share personal data such as friends lists, photos, and geographic location histories. The primary drawback of today's popular OSNs is that users must fully trust a centralized service provider to properly handle their data.</p><p>This dissertation explores the feasibility of building feature-rich, privacy-preserving OSNs by shifting the bases for trust away from centralized service providers and third-party application developers and toward infrastructure providers and OSN users themselves.</p><p>We propose limiting the trust users place in service providers through two decentralized OSNs: Vis-a-Vis and Confidant. In Vis-a-Vis, privacy-sensitive data is only accessed by user-controlled code executing on ``infrastructure as a service" platforms such as EC2. In Confidant this data may only be accessed by code running on desktop PCs controlled by a user's close friends. To reduce</p><p>the risks posed by third-party OSN applications, we also developed a Multi-User Taint Tracker (MUTT). MUTT is a secure ``platform as a service" that ensures that third-party applications adhere to access policies defined by service providers and users. </p><p>Vis-a-Vis is a decentralized framework for location-based OSN services based on the</p><p>privacy-preserving notion of a Virtual Individual Server (VIS). A VIS is a personal virtual machine running within a paid compute utility. In Vis-a-Vis, a person stores her data on her own VIS, which arbitrates access to that data by others. VISs self-organize into overlay networks corresponding to social groups with whom their owners wish to share location information. Vis-a-Vis uses distributed location trees to provide efficient and scalable operations for creating, joining, leaving, searching, and publishing location data to these groups.</p><p>Confidant is a decentralized OSN platform designed to support a scalable application framework for OSN data without compromising users' privacy. Confidant replicates a user's data on servers controlled by her friends. Because data is stored on trusted servers, Confidant allows application code to run directly on these storage servers. To manage access-control policies under weakly-consistent replication, Confidant eliminates write conflicts through a lightweight cloud-based state manager and through a simple mechanism for updating the bindings between access policies and replicated data.</p><p>For securing risks from third-party OSN applications, this thesis proposes a Multi-User Taint Tracker (MUTT) -- a secure ``platform as a service'' designed to ensure that third-party applications adhere to access policies defined by service providers and users. Mutt's design is informed by a careful analysis of 170 Facebook apps, which allows us to characterize the requirements and risks posed by several classes of apps. Our MUTT prototype has been integrated into the AppScale cloud system, and experiments show that the additional data-confidentiality guarantees of running an app on MUTT come at a reasonable performance cost.</p><br>Dissertation

A covert communications network (CCN) is a connected, overlay peer-to-peer network used to support communications within a group in which the survival of the group depends on the confidentiality and anonymity of communications, on concealment of participation in the network to both other members of the group and external eavesdroppers, and finally on resilience against disconnection. In this dissertation, we describe the challenges and requirements for such a system. We consider the topologies of resilient covert communications networks that: (1) minimize the impact on the network in the event of a subverted node; and (2) maximize the connectivity of the survivor network with the removal of the subverted node and its closed neighborhood. We analyze the properties of resilient covert networks, propose measurements for determining the suitability of a topology for use in a covert communication network, and determine the properties of an optimal covert network topology. We analyze multiple topologies and identify two constructions that are capable of generating optimal topologies. We then extend these constructions to produce near-optimal topologies that can “grow” as new nodes join the network. We also address protocols for membership management and routing. Finally, we describe the architecture of a prototype system for instantiating a CCN.

由於在線社交網絡的龐大用戶群和口碑效應的病毒式傳播特點，使用少量用戶吸引大量用戶的定向廣告策略在病毒營銷中是非常有效的。公司可以先提供免費商品給在線社交網絡上的小部份用戶，然後依靠這些用戶推薦此產品給他們的好友，從而達到提升產品整體銷售額的目的。在本文中，我們考慮如下在線社交網絡中廣告投放的問題:給定廣告投放資本，比如固定數目的免費產品，公司需要決定在線社交網絡中用戶會最終購買的概率。為了研究此問題，我們把在線社交網絡模擬成擁有或者沒有高聚合係數的無標度圖。我們使用多個影響機制來刻畫如此大規模網絡中的影響傳播，并且使用本地平均場技術來分析這些節點狀態會被影響機制所改變的網絡。我們運行了大量的仿真實驗來驗證我們的理論模型。這些模型能夠為設計在線社交網絡中的有效廣告投放策略提供認識和指導。<br>雖然口碑效應的病毒式傳播能有效地促進產品銷售，但是它同時也為惡意行為提供了機會:不誠實用戶會故意給他們的好友提供錯誤的推薦從而擾亂正常的市場份額分配。為了解決這個問題，我們提出了一個通用的檢測框架，并基於此檢測框架制定了一系列完全分佈式的檢測算法來識別在線社交網絡中的不誠實用戶。我們考慮了不誠實用戶採取基本策略和智能策略兩種情況。我們通過計算假陽性概率，假陰性概率和檢測不誠實用戶所需要的時間的分佈來度量檢測算法的性能。大量的仿真實驗不僅說明了不誠實推薦所造成的影響，也驗證了檢測算法的有效性。我們還應用前面提到的通用檢測框架來解決無線網格網絡(wireless mesh network)和點對點視頻直播網絡(peer-to-peer live streaming network)中的污染攻擊問題。在應用了網絡編碼的無線網格網絡中，污染攻擊是一個很嚴重的安全問題。惡意節點能夠輕易地發動污染攻擊，從而造成污染數據包的病毒式傳播進而消耗網絡資源。前面提到的通用檢測框架也能被用來解決此安全問題。明確地說，我們使用基於時間的校驗碼和批量驗證機制來決定污染數據包的存在與否，然後提出一系列完全分佈式的檢測算法。即使智能攻擊者存在時，此檢測算法仍然有效。這裡智能攻擊者指的是那些為了降低被檢測到的概率從而假裝合法節點傳輸有效數據包的節點。並且，為了解決攻擊者合作注入污染數據包的情形并加速檢測，我們還提出了一個增強的檢測算法。我們也給出了規範的分析來度量檢測算法的性能。最後，仿真實驗和系統原型驗證了我們的理論分析以及檢測算法的有效性。<br>污染攻擊還會對點對點視頻直播網絡基礎設施造成嚴重影響，比如說，它能夠減少網絡中的攻擊問題，我們仍然基於前面提到的通用檢測框架提出了分佈式的檢測算法來識別污染攻擊者。我們也提供了理論分析來度量檢測算法的性能從而證明了算法的有效性。<br>Due to the large population in online social networks and the epidemic spreading of word-of-mouth effect, targeted advertisement which use a small fraction of buyers to attract a large population of buyers is very efficient in viral marketing, for example, companies can provide incentives (e.g., via free samples of a product) to a small group of users in an online social network, and these users can provide recommendations to their friends so as to increase the overall sales of the product. In particular, we consider the following advertisement problem in online social networks: given a fixed advertisement investment, e.g., a number of free samples, a company needs to determine the probability that users in the online social network will eventually purchase the product. To address this problem, we model online social networks as scale-free graphs with/without high clustering coefficient. We employ various influence mechanisms that govern the influence spreading in such large scale networks and use the local mean field technique to analyze them wherein states of nodes can be changed by various influence mechanisms. We carry out extensive simulations to validate our models which can provide insight on designing efficient advertising strategies in online social networks.<br>Although epidemic spreading of word-of-mouth effect can increase the sales of a product efficiently in viral marketing, it also opens doors for “malicious behaviors: dishonest users may intentionally give wrong recommendations to their friends so as to distort the normal sales distribution. To address this problem, we propose a general detection framework and develop a set of fully distributed detection algorithms to discover dishonest users in online social networks by applying the general detection framework. We consider both cases when dishonest users adopt (1) baseline strategy, and (2) intelligent strategy. We quantify the performance of the detection algorithms by deriving probability of false positive, probability of false negative and distribution function of time needed to detect dishonest users. Extensive simulations are carried out to illustrate the impact of dishonest recommendations and the effectiveness of the detection algorithms.<br>We also apply the general detection framework to address the problem of pollution attack in wireless mesh networks (WMNs) and peer-to-peer (P2P) streaming networks. Epidemic attack is a severe security problem in network-coding enabled wireless mesh networks, and malicious nodes can easily launch such form of attack to create an epidemic spreading of polluted packets and deplete network resources. The general detection framework can also be applied to address such security problem. Specifically, we employ the time-based checksum and batch verification to determine the existence of polluted packets, then propose a set of fully distributed detection algorithms. We also allow the presence of “smart attackers, i.e., they can pretend to be legitimate nodes to probabilistically transmit valid packets so as to reduce the chance of being detected. To address the case when attackers cooperatively inject polluted packets and speed up the detection, an enhanced detection algorithm is also developed. Furthermore, we provide formal analysis to quantify the performance of the detection algorithms. At last, simulations and system prototyping are also carried out to validate the theoretic analysis and show the effectiveness and efficiency of the detection algorithms.<br>To address the problem of pollution attack in P2P streaming networks, which is known to have a disastrous effect on existing P2P infrastructures, e.g., it can reduce the number of legitimate users by as much as 85%, we also propose distributed detection algorithms to identify pollution attackers by applying the general framework. Moreover, we provide theoretical analysis to quantify the performance of the detection algorithms so as to show their effectiveness and efficiency.<br>Detailed summary in vernacular field only.<br>Detailed summary in vernacular field only.<br>Detailed summary in vernacular field only.<br>Li, Yongkun.<br>Thesis (Ph.D.)--Chinese University of Hong Kong, 2012.<br>Includes bibliographical references (leaves 148-157).<br>Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web.<br>Abstract also in Chinese.<br>Chapter 1 --- Introduction --- p.1<br>Chapter 2 --- Influence Modeling in Online Social Networks --- p.7<br>Chapter 2.1 --- Scale-free Graphs without High Clustering Coefficient --- p.8<br>Chapter 2.1.1 --- Modeling Online Social Networks --- p.8<br>Chapter 2.1.2 --- q-influence Model --- p.11<br>Chapter 2.1.3 --- m-threshold Influence Model --- p.14<br>Chapter 2.1.4 --- Majority Rule Influence Model --- p.16<br>Chapter 2.2 --- Scale-free Graphs with High Clustering Coefficient --- p.19<br>Chapter 2.3 --- Generalized Influence Models --- p.21<br>Chapter 2.3.1 --- Deterministic Influence Model --- p.21<br>Chapter 2.3.2 --- Probabilistic Influence Model --- p.25<br>Chapter 2.4 --- Multi-state Model --- p.27<br>Chapter 2.4.1 --- Example of 3-State Majority Rule --- p.32<br>Chapter 3 --- Identifying Dishonest Recommenders in Online Social Networks --- p.35<br>Chapter 3.1 --- General Detection Framework --- p.37<br>Chapter 3.2 --- Modeling the Behaviors of Users --- p.41<br>Chapter 3.2.1 --- Products and Recommendations --- p.41<br>Chapter 3.2.2 --- Behaviors of Users --- p.43<br>Chapter 3.3 --- Distributed Detection Algorithms --- p.45<br>Chapter 3.3.1 --- Identifying Dishonest Recommenders when Baseline Strategy is Adopted --- p.46<br>Chapter 3.3.2 --- Identifying Dishonest Recommenders when Intelligent Strategy is Adopted --- p.53<br>Chapter 3.3.3 --- Complete Detection Algorithm --- p.57<br>Chapter 3.4 --- Cooperative Algorithm to Speed up the Detection --- p.58<br>Chapter 3.5 --- Algorithm Dealing with User Churn --- p.61<br>Chapter 4 --- Identifying Pollution Attackers in Network Coding Enabled Wireless Mesh Networks --- p.64<br>Chapter 4.1 --- Introduction on Wireless Mesh Networks and Pollution Attack --- p.64<br>Chapter 4.2 --- Network Coding and Time-based Checksum Batch Verification --- p.66<br>Chapter 4.3 --- Basic Detection Algorithms --- p.70<br>Chapter 4.3.1 --- Core Idea of the Detection Algorithms --- p.71<br>Chapter 4.3.2 --- Attackers with Imitation Probability δ = 0 --- p.74<br>Chapter 4.3.3 --- Attackers with Imitation Probability δ > 0 --- p.78<br>Chapter 4.3.4 --- Improvement on Probability of False Negative --- p.81<br>Chapter 4.4 --- Enhanced Detection Algorithm --- p.82<br>Chapter 4.4.1 --- Detection Algorithm --- p.82<br>Chapter 4.4.2 --- Performance Analysis --- p.87<br>Chapter 4.4.3 --- Detection Acceleration --- p.91<br>Chapter 4.5 --- Alternative Detection Algorithms --- p.92<br>Chapter 5 --- Identifying Pollution Attackers in Peer-to-Peer Live Streaming Systems --- p.95<br>Chapter 5.1 --- Introduction on Peer-to-Peer Streaming Systems and the Problem of Pollution Attack --- p.95<br>Chapter 5.2 --- Detection Algorithms --- p.97<br>Chapter 5.2.1 --- Imitation Probability δ = 0 --- p.99<br>Chapter 5.2.2 --- Imitation Probability δ > 0 --- p.102<br>Chapter 5.2.3 --- Improvement on Probability of False Negative --- p.104<br>Chapter 6 --- Performance Evaluation --- p.106<br>Chapter 6.1 --- Influence Modeling in Online Social Networks --- p.107<br>Chapter 6.1.1 --- Online Social Networks without High Clustering Coefficient --- p.107<br>Chapter 6.1.2 --- Online Social Networks with High Clustering Coefficient --- p.113<br>Chapter 6.1.3 --- Performance Evaluation of the Multi-state Model --- p.116<br>Chapter 6.2 --- Performance Evaluation of the Detection Algorithms in Online Social Networks --- p.118<br>Chapter 6.2.1 --- Synthesizing Dynamically Evolving Online Social Networks --- p.118<br>Chapter 6.2.2 --- Impact of Wrong Recommendations --- p.120<br>Chapter 6.2.3 --- Performance Evaluation of the Detection Algorithms --- p.121<br>Chapter 6.3 --- Performance Evaluation of the Detection Algorithms in Wireless Mesh Networks --- p.126<br>Chapter 6.3.1 --- Performance of the Basic Detection Algorithms --- p.126<br>Chapter 6.3.2 --- Results from System Prototype --- p.131<br>Chapter 6.3.3 --- Performance of the Enhanced Detection Algorithm --- p.132<br>Chapter 6.4 --- Performance Evaluation of the Detection Algorithms in Peer-topeer Streaming Networks --- p.136<br>Chapter 6.4.1 --- Performance of the Baseline Algorithm --- p.136<br>Chapter 6.4.2 --- Performance of the Randomized Algorithm --- p.138<br>Chapter 6.4.3 --- Derive Optimal Uploading Probability --- p.141<br>Chapter 7 --- RelatedWork and Conclusion --- p.143

On the Internet, one of the essential characteristics of electronic commerce is the integration of large-scale computer networks and business practices. Commercial servers are connected through open and complex communication technologies, and online consumers access the services with virtually unpredictable behavior. Both of them as well as the e-Commerce infrastructure are vulnerable to cyber attacks. Among the various network security problems, the Distributed Denial-of-Service (DDoS) attack is a unique example to illustrate the risk of commercial network applications. Using a massive junk traffic, literally anyone on the Internet can launch a DDoS attack to flood and shutdown an eCommerce website. Cooperative technological solutions for Distributed Denial-of-Service (DDoS) attacks are already available, yet organizations in the best position to implement them lack incentive to do so, and the victims of DDoS attacks cannot find effective methods to motivate the organizations. Chapter 1 discusses two components of the technological solutions to DDoS attacks: cooperative filtering and cooperative traffic smoothing by caching, and then analyzes the broken incentive chain in each of these technological solutions. As a remedy, I propose usage-based pricing and Capacity Provision Networks, which enable victims to disseminate enough incentive along attack paths to stimulate cooperation against DDoS attacks. Chapter 2 addresses possible Distributed Denial-of-Service (DDoS) attacks toward the wireless Internet including the Wireless Extended Internet, the Wireless Portal Network, and the Wireless Ad Hoc network. I propose a conceptual model for defending against DDoS attacks on the wireless Internet, which incorporates both cooperative technological solutions and economic incentive mechanisms built on usage-based fees. Cost-effectiveness is also addressed through an illustrative implementation scheme using Policy Based Networking (PBN). By investigating both technological and economic difficulties in defense of DDoS attacks which have plagued the wired Internet, our aim here is to foster further development of wireless Internet infrastructure as a more secure and efficient platform for mobile commerce. To avoid centralized resources and performance bottlenecks, online peer-to-peer communities and online social network have become increasingly popular. In particular, the recent boost of online peer-to-peer communities has led to exponential growth in sharing of user-contributed content which has brought profound changes to business and economic practices. Understanding the dynamics and sustainability of such peer-to-peer communities has important implications for business managers. In Chapter 3, I explore the structure of online sharing communities from a dynamic process perspective. I build an evolutionary game model to capture the dynamics of online peer-to-peer communities. Using online music sharing data collected from one of the IRC Channels for over five years, I empirically investigate the model which underlies the dynamics of the music sharing community. Our empirical results show strong support for the evolutionary process of the community. I find that the two major parties in the community, namely sharers and downloaders, are influencing each other in their dynamics of evolvement in the community. These dynamics reveal the mechanism through which peer-to-peer communities sustain and thrive in a constant changing environment.<br>text