Security and privacy issues in P2P streaming systems: A survey

  • Gabriela Gheorghe
  • Renato Lo Cigno
  • Alberto Montresor
Review

Abstract

Streaming applications over Peer-To-Peer (P2P) systems have gained an enormous popularity. Success always implies increased concerns about security, protection, privacy and all the other ‘side’ properties that transform an experimental application into a service. Research on security for P2P streaming started to flourish, but no comprehensive security analysis over the current P2P solutions has yet been attempted. There are no best practices in system design, no (widely) accepted attack models, no measurement-based studies on security threats to P2P streaming, nor even general surveys investigating specific security aspects for these systems. This paper addresses this last aspect. Starting from existing analyses and security models in the related literature, we give an overview on security and privacy considerations for P2P streaming systems. Our analysis emphasizes two major facts: (i) the Byzantine–Altruistic–Rational (BAR) model offers stronger security guarantees compared to other approaches, at the cost of higher complexity and overhead; and (ii) the general perception (not necessarily the truth, but a commonplace belief) that it is necessary to sacrifice accuracy or performance in order to tolerate faults or misbehaviors, is not always true.

Keywords

P2P streaming IPTV Security Privacy 

References

  1. 1.
    Slashdot (2007) Skype blames Microsoft patch Tuesday for outage. http://slashdot.org/articles/07/08/20/150258.shtml
  2. 2.
    Alvisi L, Doumen J, Guerraoui R, Koldehofe B, Li H, van Renesse R, Tredan G (2007) How robust are gossip-based communication protocols? SIGOPS Oper Syst Rev 41(5):14–18CrossRefGoogle Scholar
  3. 3.
    Bianchi G, Bonola M, Falletta V, Proto FS, Teofili S (2008) The sparta pseudonym and authorization system. Sci Comput Program 74(1–2):23–33MathSciNetGoogle Scholar
  4. 4.
    Camenisch J, Lysyanskaya A (2001) An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Proc of the int conference on the theory and application of cryptographic techniques (EUROCRYPT ’01). London, UK, Springer-Verlag, pp 93–118Google Scholar
  5. 5.
    Carra D, Lo Cigno R, Biersack EW (2007) Graph based analysis of mesh overlay streaming systems. IEEE J Sel Areas Commun 25:1667–1677CrossRefGoogle Scholar
  6. 6.
    Carra D, Lo Cigno R, Biersack EW (2008) Stochastic graph processes for performance evaluation of content delivery applications in overlay networks. IEEE Trans Parallel Distrib Syst 19:247–261CrossRefGoogle Scholar
  7. 7.
    Ciullo D, Mellia M, Meo M, Leonardi E (2008) Understanding P2P-TV systems through real measurements. In: Proc of the IEEE global telecommunications conference (GLOBECOM’08)Google Scholar
  8. 8.
    Conner W, Nahrstedt K (2007) Securing peer-to-peer media streaming systems from selfish and malicious behavior. In: MDS ’07: Proc of the 4th on Middleware doctoral symposium. ACM, New York, pp 1–6CrossRefGoogle Scholar
  9. 9.
    Conner W, Nahrstedt K, Gupta I (2006) Preventing DoS attacks in peer-to-peer media streaming systems. In: Proc of the 13th annual conference on multimedia computing and networking (MMCN’06), San JoseGoogle Scholar
  10. 10.
    Dabek F et al (2001) Building Peer-to-Peer Systems with Chord, a Distributed Lookup Service. In: Proc of the 8th workshop on hot topics in operating systems (HotOS), Schloss ElmauGoogle Scholar
  11. 11.
    Dhungel P, Hei X, Ross KW, Saxena N (2007) The pollution attack in P2P live video streaming: measurement results and defenses. In: Proc of the 2007 workshop on peer-to-peer streaming and IP-TV (P2P-TV’07). ACM, New York, pp 323–328CrossRefGoogle Scholar
  12. 12.
    Dolev D, Hoch EN, van Renesse R (2007) Self-stabilizing and byzantine-tolerant overlay network. In: Tovar E, Tsigas P, Fouchal H (eds) Proc of the 11th int conference on principles of distributed systems (OPODIS’07), LNCS, vol 4878. Guadeloupe, French West Indies. Springer, New York, pp 343–357Google Scholar
  13. 13.
    Han K, Pei G, Ravindran B, Jensen E (2008) Real-time, byzantine-tolerant information dissemination in unreliable and untrustworthy distributed systems. In: Proc of the IEEE int conference on communications (ICC’08). pp 1727–1731Google Scholar
  14. 14.
    Haridasan M, van Renesse R (2006) Defense against intrusion in a live streaming multicast system. In: Proc of the 6th IEEE int conference on peer-to-peer computing (P2P’06). IEEE Computer Society, Cambridge, pp 185–192CrossRefGoogle Scholar
  15. 15.
    Haridasan M, van Renesse R (2008) SecureStream: an intrusion-tolerant protocol for live-streaming dissemination. Comput Commun 31(3):563–575CrossRefGoogle Scholar
  16. 16.
    Jelasity M, Montresor A, Babaoglu O (2009) T-Man: gossip-based fast overlay topology construction. Elsevier Comput Networks 53:2321–2339CrossRefMATHGoogle Scholar
  17. 17.
    Jennings C, Lowekamp B, Rescorla E, Baset S, Schulzrinne H (2009) REsource LOcation And Discovery (RELOAD) v. 6, P2PSIP Internet-Draft, IETF. http://tools.ietf.org/html/draft-ietf-p2psip-base-06. Accessed 9 Nov 2009
  18. 18.
    Jesi G (2006) Secure Gossiping Techniques and Components. PhD thesis, University of Bologna, Dept of Computer ScienceGoogle Scholar
  19. 19.
    Kermarrec A-M, van Steen M (2007) Gossiping in distributed systems. SIGOPS Oper Syst Rev 41(5):2–7CrossRefGoogle Scholar
  20. 20.
    Leonardi E, Mellia M, Horvath A, Muscariello L, Niccolini S, Rossi D (2008) Building a cooperative P2P-TV application over a wise network: the approach of the European FP-7 strep NAPA-WINE. IEEE Commun Mag 46(4):20–22CrossRefGoogle Scholar
  21. 21.
    Li HC, Clement A, Wong EL, Napper J, Roy I, Alvisi L, Dahlin M (2006) BAR gossip. In: Proc of the 7th SIGOPS symposium on operating systems design and implementation (OSDI’06). USENIX Association, Seattle, WAGoogle Scholar
  22. 22.
    Liu Y, Guo Y, Liang C (2008) A survey on peer-to-peer video streaming systems. Peer-to-Peer Networking and Applications 11(1):18–28. http://www.springerlink.com/content/c62114g6g4863t32
  23. 23.
    Magharei N, Rejaie R (2007) PRIME: peer-to-peer receiver-driven mesh-based streaming. In: Proc of the 26th IEEE int conference on computer communications (INFOCOM’07). IEEE, pp 1415–1423Google Scholar
  24. 24.
    Magharei N, Rejaie R, Guo Y (2007) Mesh or multiple-tree: a comparative study of live P2P streaming approaches. In: Proc of the 26th IEEE int conference on computer communications (INFOCOM’07), pp 1424–1432Google Scholar
  25. 25.
    Martin J-P (2007) Leveraging altruism in cooperative services. Technical Report TR-2007-76, Microsoft Research, CambridgeGoogle Scholar
  26. 26.
    Rowstron A, Druschel P (2001) Pastry: scalable, decentralized object location and routing for large-scale peer-to-peer systems. In: Proc of the 18th int conf on distributed Systems Platforms, HeidelbergGoogle Scholar
  27. 27.
    Seedorf J, Burger E (2009) Application-layer traffic optimization (ALTO) problem statement. RFC 5693, IETFGoogle Scholar
  28. 28.
    Seibert J, Zage D, Fahmy S, Nita-Rotaru C (2007) Experimental comparison of peer-to-peer streaming overlays: an application perspective. Technical Report CSD TR 07-020, Purdue UniversityGoogle Scholar
  29. 29.
    Seibert J, Zage D, Nita-Rotaru C (2008) Won’t you be my neighbor? Neighbor selection attacks in mesh-based peer-to-peer streaming. Technical Report, Purdue UniversityGoogle Scholar
  30. 30.
    Shetty S, Galdames P, Tavanapong W, Cai Y (2006) Detecting malicious peers in overlay multicast streaming. In: Proc of the 31st IEEE conference on local computer networks (LCN’06), FloridaGoogle Scholar
  31. 31.
    Silverston T, Fourmaux O (2006) Source vs data-driven approach for live P2P streaming. In: Proc of the int conference on networking, int conference on systems and int conference on mobile communications and learning technologies (ICNICONSMCL ’06), IEEE Computer Society, Washington, DC, p 99CrossRefGoogle Scholar
  32. 32.
    Singh A, Castro M, Druschel P, Rowstron A (2004) Defending against eclipse attacks on overlay networks. In: Proc of the 11th workshop on ACM SIGOPS European workshop, p 21Google Scholar
  33. 33.
    Singh K, Schulzrinne H (2005) Peer-to-peer internet telephony using SIP. In: Proc of the int workshop on network and operating systems support for digital audio and video (NOSSDAV’05). ACM, Stevenson, pp 63–68CrossRefGoogle Scholar
  34. 34.
    Wallach DS (2003) A survey of peer-to-peer security issues. In: Okada M, Pierce BC, Scedrov A, Tokuda H, Yonezawa A (eds) Proc of the Mext-NSF-JSPS int symposium on software security—theories and systems (ISSS’02), LNCS, vol 2609. Springer, Tokyo, pp 42–57Google Scholar
  35. 35.
    Yang J, Li Y, Huang B, Ming J (2008) Preventing DDoS attacks based on credit model for P2P streaming system. In: ATC ’08: Proc of the 5th international conference on autonomic and trusted computing. Springer, Berlin, pp 13–20Google Scholar
  36. 36.
    Yang S, Jin H, Li B, Liao X (2009) A modeling framework of content pollution in Peer-to-Peer video streaming systems. Comput Networks 53(15):2703–2715CrossRefMATHGoogle Scholar
  37. 37.
    Zhang X, Liu J, Li B, Yum Y-S (2005) CoolStreaming/DONet: a data-driven overlay network for peer-to-peer live media streaming. In: Proc of the 24th IEEE int conference on computer communications (INFOCOM’05), vol 3, pp 2102–2111Google Scholar
  38. 38.
    Zhou M, Liu J (2005) A hybrid overlay network for video-on-demand. In: Proc of the IEEE int conference on communications (ICC’08), pp 1309–1311Google Scholar

Copyright information

© Springer Science + Business Media, LLC 2010

Authors and Affiliations

  • Gabriela Gheorghe
    • 1
  • Renato Lo Cigno
    • 1
  • Alberto Montresor
    • 1
  1. 1.Dipartimento di Ingegneria e Scienza dell’Informazione (DISI)Università degli Studi di TrentoPovoItaly

Personalised recommendations