1 The Pollution Attack in P2P Live Video Streaming: Measurement Results and Defenses Prithula Dhungel Xiaojun Hei Keith W. Ross Nitesh Saxena Polytechnic.

1

The Pollution Attack in P2P Live Video Streaming:

Measurement Results and Defenses

Prithula DhungelXiaojun Hei

Keith W. RossNitesh Saxena

Polytechnic University

2

The Pollution Attack

• Attacker joins an ongoing video channel

• Attacker advertises it has a large number of chunks

• When neighbors request chunks, attacker sends bogus chunks

• Receiver plays back bogus chunks • Each receiver may further forward

the polluted chunks

3

Peer

Peer

Peer

Peer

Peer

Peer

PeerPolluter

request

request

reques

t

4

Contributions

• Identified the pollution attack in P2P live video streaming applications

• Verify via experimental results (in PPLive) that pollution attack can be devastating

• Survey possible defenses against the attack

5

Pollution Experiment

Figure: PPLive pollution experiment setup

6

Measurement Results (1)

Figure: Number of peers viewing channel over experiment periods

7

Brooklyn Peer

Figure: Clean and polluted chunks to/from Brooklyn peer

8

Hong Kong Peer

Figure: Clean and polluted chunks to/from Hong Kong peer

9

Pollution Defense Mechanisms

• Blacklisting• Traffic Encryption• Chunk Signing

– Sign-All Approach– Signature-Amortization Approaches

• Star Chaining• Merkle Tree

– Sign-and-Correct Approach

10

Chunk Signing

• Use PKI

• Every video source has public-private key pair

• Source uses private key to sign the chunks

• Receiver uses public key of source to verify integrity of chunk

11

“Sign-All” (1)

• Source – Source signs each chunk – Sends signature (“authentication

information”) with corresponding chunk

• Receiver – Verifies each chunk individually using

authentication information and public key of source

12

“Sign-All” (2)

Chunk processing independence

Bandwidth overhead- For a stream of m chunks, m signaturesFor 372 kbps channel with chunk size of

4000 bytes, around 3%

Computation overhead- 1 (expensive) signature operation per

chunk

13

“Block Signing”

• Chunks organized into blocks– Each block contains n chunks

• After generating n chunks, hash concatenation of all hashes, and sign result

• Reduces computation• But can’t verify individual chunks

14

“Star Chaining”

• Chunks organized into blocks– Each block contains n chunks

• After generating n chunks, calculate authentication information for each chunk– Signed hash of concatenation of all chunk

hashes– Along with, all hashes of other n-1 chunks

• Receiver, chunk by chunk:– Applies public key to get hash of hashes– Verifies by concatenating hash of current chunk

with those of the n-1 chunks, and taking hash

15

“Star Chaining” Computation overhead –> 1 signature per

block

Loss –> If some chunks are lost in block, can still decode rest

Bandwidth overhead -> for block of n chunks, n-1 hashes + n signatures

For channel of bitrate 372 kbps and chunk size of 4000 bytes, n = 32, about 16%

16

“Merkle Tree” Computation overhead –> 1 signature per block

Loss –> If some chunks are lost in block, can still decode rest

Bandwidth overhead -> nlog2n hashes + n signatures (about 5%)

17

Conclusion

• The pollution attack can be devastating

• Defenses:– Signature Amortization (Merkle Tree) – less

computational overhead and delay at receiver but more bandwidth overhead

– Sign-and-Correct – less bandwidth requirement but higher processing delay and computational requirement

• Based on requirements of the application, either of the two could be used

18

References

[1] C. K.Wong and S. S. Lam. Digital signatures for flows and multicasts. IEEE/ACM Trans. Netw., 1999.

[2] A. Lysyanskaya, R. Tamassia, and N. Triandopoulos. Multicast authentication in fully adversarial networks. In IEEE Symposium on Security and Privacy, 2004.

Thank You!