Securing Network Coding Architectures Against Pollution Attacks With Band Codes

Abstract: During a pollution attack, malicious nodes purposely transmit bogus data to the honest nodes to cripple the communication. Securing the communication requires identifying and isolating the malicious nodes. However, in Network Coding (NC) architectures, random recombinations at the nodes increase the probability that honest nodes relay polluted packets. So, discriminating between honest and malicious nodes to isolate the latter turns out to be challenging at best. Band Codes (BC) are a family of rateless codes … Show more

“…We also plan to investigate dynamic and self-adaptive monitoring intervals which could be increased or decreased in runtime based on the system load. presents a model and estimates content pollution propagation [11][12][13] ✓ employs band codes to construct black lists of polluters [47] ✓ network coding is employed to allow the identification of polluters and limit content pollution [32] ✓ proposes the application of black lists to live streaming [17,27] ✓ transmits hash-based signatures of all chunks; the challenge is to receive hashes in advance for live streaming [21,24] ✓ applies cryptography to every whole chunk and employs a distributed key management scheme [36] ✓ employs peer groups to ensure chunk integrity; the server publishes content information in that group; peers access the group to verify chunks integrity [34] ✓ Merkle-trees are employed that use hashes to guarantee the integrity of streams of chunks [35] presents an evaluation of black lists, cryptography, hash-based verification and digital signatures [38] presents an evaluation of the impact of pollution attacks; shows that the impact depends on the stability of the network, and on the bandwidth available at both malicious peers and the source [37] evaluates content authentication mechanisms to live streaming [39,40] ✓ employs reputation and ranking to file sharing P2P systems [22] ✓ employs reputation and ranking to live streaming; the reputation mechanisms are based on peer experience [23] shows that reputation-based approaches can suffer with the collusion of malicious peers, with false positives, and present a high delay to propagate conclusions [41] a confidence management strategy is proposed based on retransmissions of the polluted data; depending on the situation the number of retransmissions can be high [42] in order to prevent DDoS attacks on streming sources proposes a strategy to hide source identity; used in the context of P2P VoD [43] presents a through evaluation of SopCast reaches the conclusion that a single attacker can harm up to 50% of peers and consume up to 30% of the available bandwidth [44] a centralised (non-distributed) solution is proposed to detect polluters in live streaming networks employing comparasionbased system-level diagnosis [this work] ✓ presents a distributed strategy that employs comparison-based diagnosis to combat pollution in live streaming; each peer independently identifies and stops requesting chunks from its polluter neighbours…”

“…Recently proposed strategies to deal with content pollution in P2P video streaming networks include employing band codes [11,12]. The authors first highlight how hard it is to identify polluters, as besides malicious peers a potentially large number of other peers involuntarily relay the polluted chunks.…”

“…As the peers themselves transmit data, malicious peers represent a significant threat and a formidable challenge to identify and mitigate. A malicious peer can harm the system in different ways, one of which is content pollution [8][9][10][11], which we describe next.…”

Distributed mitigation of content pollution in peer‐to‐peer video streaming networks

“…We also plan to investigate dynamic and self-adaptive monitoring intervals which could be increased or decreased in runtime based on the system load. presents a model and estimates content pollution propagation [11][12][13] ✓ employs band codes to construct black lists of polluters [47] ✓ network coding is employed to allow the identification of polluters and limit content pollution [32] ✓ proposes the application of black lists to live streaming [17,27] ✓ transmits hash-based signatures of all chunks; the challenge is to receive hashes in advance for live streaming [21,24] ✓ applies cryptography to every whole chunk and employs a distributed key management scheme [36] ✓ employs peer groups to ensure chunk integrity; the server publishes content information in that group; peers access the group to verify chunks integrity [34] ✓ Merkle-trees are employed that use hashes to guarantee the integrity of streams of chunks [35] presents an evaluation of black lists, cryptography, hash-based verification and digital signatures [38] presents an evaluation of the impact of pollution attacks; shows that the impact depends on the stability of the network, and on the bandwidth available at both malicious peers and the source [37] evaluates content authentication mechanisms to live streaming [39,40] ✓ employs reputation and ranking to file sharing P2P systems [22] ✓ employs reputation and ranking to live streaming; the reputation mechanisms are based on peer experience [23] shows that reputation-based approaches can suffer with the collusion of malicious peers, with false positives, and present a high delay to propagate conclusions [41] a confidence management strategy is proposed based on retransmissions of the polluted data; depending on the situation the number of retransmissions can be high [42] in order to prevent DDoS attacks on streming sources proposes a strategy to hide source identity; used in the context of P2P VoD [43] presents a through evaluation of SopCast reaches the conclusion that a single attacker can harm up to 50% of peers and consume up to 30% of the available bandwidth [44] a centralised (non-distributed) solution is proposed to detect polluters in live streaming networks employing comparasionbased system-level diagnosis [this work] ✓ presents a distributed strategy that employs comparison-based diagnosis to combat pollution in live streaming; each peer independently identifies and stops requesting chunks from its polluter neighbours…”

“…Recently proposed strategies to deal with content pollution in P2P video streaming networks include employing band codes [11,12]. The authors first highlight how hard it is to identify polluters, as besides malicious peers a potentially large number of other peers involuntarily relay the polluted chunks.…”

“…As the peers themselves transmit data, malicious peers represent a significant threat and a formidable challenge to identify and mitigate. A malicious peer can harm the system in different ways, one of which is content pollution [8][9][10][11], which we describe next.…”

Distributed mitigation of content pollution in peer‐to‐peer video streaming networks

“…3) With the aim of avoiding tag pollution attacks, the L tags are swapped on the basis of the secret key (SV) that is shared between the DNs and SNs, as stated by (5). b i = Swap(b i ) SV (5) 4) A set of new keys are prodused by KDC center through the use of the swapping vector SV and according to the key set that was sent towards the SN during step 1 as stated in (6). Next, the keys are forwarded to the DNs the intermediate nodes for verifying the received coded packets.…”

On the Performance Analysis of IDLP and SpaceMac for Network Coding-Enabled Mobile Small Cells

“…Some of these papers also dealt with security issues. In particular, a line of research has focused on the analysis and containment of the so called pollution attack whereby a set of malicious peers intentionally randomly alter coded fragments to jam the communication and to avoid recovering of the original data unit at the receivers [8,21,23]. In these papers malicious peers launch their attack by randomly modifying the coded fragment of victim equations before forwarding them to their neighbor peers.…”

On the robustness of three classes of rateless codes against pollution attacks in P2P networks