Neil Daswani

Query-flood DoS attacks in gnutella

We describe a simple but effective traffic model that can be used to understand the effects of denial-of-service (DoS) attacks based on query floods in Gnutella networks. We run simulations based on the model to analyze how different choices of network topology and application level load balancing policies can minimize the effect of these types of DoS attacks. In addition, we also study how damage caused by query floods is distributed throughout the network, and how application-level policies can localize the damage.

Experimenting with Electronic Commerce on the PalmPilot

This paper describes our experience with implementing an electronic payment system for the PalmPilot. Although Palm OS lacks support for many desired security features, we are able to build a system suitable for small payments. We discuss the advantages and disadvantages of using a PDA to make secure payments as opposed to using a smartcard or a desktop PC. In addition, we describe the engineering of PDA-PayWord, our implementation of a commerce protocol that takes advantage of both elliptic curve and RSA public key cryptography to support payments efficiently on PDAs with limited processing capability.

Peer-to-peer research at Stanford

n this paper we present recent and ongoing research projects of the Peers research group at Stanford University.

Pong-cache poisoning in GUESS

This paper studies the problem of resource discovery in unstructured peer-to-peer (P2P) systems. We propose simple policies that make the discovery of resources resilient to coordinated attacks by malicious nodes. We focus on a novel P2P protocol called GUESS [8] that uses a pong cache, a set of currently known nodes, to discover new ones. We define a simple, abstract model of a GUESS network,and We describe how to limit pong cache poisoning, a condition in which the ids of malicious nodes appear in the pong caches of good nodes. We run simulations based on our model, and evaluate different options for the key decisions that nodes need to make.We propose an ID smearing algorithm (IDSA) and a dynamic network partitioning (DNP) scheme that can be used together to reduce the impact of malicious nodes. We also propose adding an introduction protocol (IP) as a basic mechanism to GUESS to ensure liveness. We suggest using a most-recently-used (MRU) cache replacement policy to slow down the rate of poisoning. Finally, we determine the marginal utility of using a malicious node detector (MND) to further limit poisoning, and the level of accuracy required of the detector.

Maximizing remote work in flooding-based peer-to-peer systems

In peer-to-peer (P2P) systems where individual peers must cooperate to process each others requests, a useful metric for evaluating the system is how many remote requests are serviced by each peer. In this paper, we apply this remote work metric to study the searching aspect of flooding-based P2P networks such as Gnutella. We study how to maximize the remote work (query) in the entire network by controlling the rate of query injection at each node. In particular, we provide a simple procedure for finding the optimal rate of query injection and prove its optimality. We also show that a simple prefer-high-TTL protocol in which each peer processes only queries with the highest time-to-live (TTL) is optimal.

Authenticity and availability in PIPE networks

We describe a system, which we call a peer-to-peer information preservation and exchange (PIPE) network, for protecting, digital data collections from failure. A significant challenge in such networks is ensuring that documents are replicated and accessible despite malicious sites which may delete data, refuse to serve data, or serve an altered version of the data. We enumerate the services of PIPE networks, discuss a threat model for malicious sites, and propose basic solutions for managing these malicious sites. The basic solutions are inefficient, but demonstrate that a secure system can be built. We also sketch ways to improve efficiency.

Maximizing Remote Work in Flooding-Based Peer-to-Peer Systems

In peer-to-peer (P2P) systems where individual peers must cooperate to process each other’s requests, a useful metric for evaluating the system is how many remote requests are serviced by each peer. In this paper we apply this remote work metric to flooding-based P2P search networks such as Gnutella. We study how to maximize the remote work in the entire network by controlling the rate of query injection at each node. In particular, we provide a simple procedure for finding the optimal rate of query injection and prove its optimality. We also show that a simple prefer-high-TTL protocol in which each peer processes only queries with the highest time-to-live (TTL) is optimal.