Analyzing the Vulnerability of Superpeer Networks Against Attack
B. Mitra (Dept. of CSE, IIT Kharagpur, India), F. Peruani(ZIH, Technical University of Dresden, Germany),
S. Ghose, N. Ganguly(Dept. of CSE, IIT Kharagpur, India)
Junction
Outline
• Problem Definition• Environment Definition• Development of the analytical framework• Stability of Superpeer Networks against Attack
Outline
• Problem Definition• Environment Definition• Development of the analytical framework• Stability of Superpeer Networks against Attack
Problem Definition• P2P network architecture
– All peers act as both clients and servers– No centralized data source– File sharing and other applications like IP telephony,
distributed storage, publish subscribe system etc
NodeNode
Node Node
NodeInternet
Problem Definition• Overlay network
– An overlay network is built on top of physical network – Nodes are connected by virtual or logical links– Underlying physical network becomes unimportant – Interested in the complex graph structure of overlay
Problem Definition• Dynamicity of overlay networks
– Peers in the p2p system leave network randomly without any central coordination
– Important peers are targeted for attack• DoS attack drown important nodes in fastidious
computation– Fail to provide services to other peers
• Importance of a node is defined by centrality measures– Like degree centrality, betweenness centraltiy etc
• Makes overlay structures highly dynamic in nature • Frequently it partitions the network into smaller
fragments• Communication between peers become impossible
Problem Definition• Investigating stability of the networks against the churn and
attackNetwork Topology + Attack = How (long) stable
• Developing an analytical framework• Examining the impact of different structural parameters upon
stability– Peer contribution – degree of peers, superpeers – their individual fractions
• Modeling of– Overlay topologies (pure p2p networks, superpeer networks, hybrid networks)– Various kinds of attacks
• Defining stability metric• Validation through simulation
Outline
• Problem Definition• Environment Definition
– Modeling superpeer network– Different kind of attack models– Stability metric
• Development of the analytical framework• Stability of Superpeer Networks against Attack
Environment Definition
• Modeling superpeer networks– Simple model : strict bimodal structure
• A large fraction (r) of peer nodes with small degree kl
• Few superpeer nodes (1-r) with high degree km
if k = kl, km
otherwise
pkl = r and pkm = 1-r
,0,0
k
k
pp
Environment Definition• Different kinds of attack models
– Deterministic attack• Nodes having high degrees are progressively removed• qk : the probability that a node of degree k survives after attack• qk = 0, when k > kmax
0 < qk < 1, when k = kmax
qk = 1, when k < kmax
– Degree dependent attack• Nodes having higher degrees are more likely to be removed• Probability of removal of a node having degree k is proportional to kr where r
> 0 is a real number• With proper normalization , C is a normalizing constant• The fraction of nodes having degree k which survives after this kind of attack is
Ckfr
k
Ckfqr
kk 11
Environment Definition• Stability metric
– Percolation threshold : • disintegrates the network into large number of small,
disconnected components by removing certain fraction of nodes (fc)
• Higher values indicate greater stability against attack
Stability Matric
• Percolation Threshold
Nodes in the network are connected and form a single component
Initially all the nodes in the network are connected Forms a single giant componentSize of the giant component is the order of the network sizeGiant component carries the structural properties of the entire network
Stability Matric
• Percolation Threshold
f fraction of nodes removed
Initial single connected component Giant
component still exists
Stability Metric
• Percolation Threshold
Initial single connected component
f fraction of nodes removed
Giant component still exists
fc fraction of nodes removed
The entire graph breaks into smaller fragments Therefore fc =1-qc becomes the percolation
threshold
Percolation Threshold• Remove a fraction of nodes ft from the network in step t and
check whether reach the percolation point•
– s : size of the components formed– ns : number of componets of size s – CSt(s) : the normalized component size distribution at step t
s sst snsnsCS /)(
Initial : only single giant component of size 500
Intermediate:Bimodal character (a large component along with a set of small components)
Percolation point(tn)percolation threshold (ftn)monotonically decreasing function
Outline
• Problem Definition• Environment Definition• Development of the analytical framework
– Generating function• Stability of Superpeer Networks against Attack
Development of the analytical framework• Generating Function:
– Formal power series whose coefficients encode information
Here encode information about a sequence– Used to understand different properties of the graph– generates probability distribution of the
vertex degrees.– Average degree
0
33
2210 .........)(
k
kk xaxaxaxaaxP
,.....),,( 210 aaa
0
0 )(k
kk xpxG
)1('0Gkz
Vertex
Edge
Degree = 5
Development of the analytical framework– specifies the probability of a node having degree k
to be present in the network after (1-qk) fraction of nodes removed.
– becomes the corresponding generating
function.
– Distribution of the outgoing edges of first neighbor of a randomly chosen node
kk qp .
0
0 )(k
kkk xqpxF
(1-qk) fraction of nodes removed
zxF
kp
xqkpxF
kk
k
kkk )()( 0
1
1
Random node
First neighbor
Development of the analytical framework
– H1(x) generates the distribution of the size of the components that are reached through random edge
– H1(x) satisfies the following condition
F1(x) : the probability of finding a node following a random edge=> 1 - F1(x) : the probability of following a randomly chosen edge that leads to a zero size component.
The rest condition reached through random edge, which satisfies a Self-consistency condition.
Development of the analytical framework
– generates distribution for the component size to which a randomly selected node belongs to
– Average size of the components
– Average component size becomes infinity when– theoretically ‘infinite’ size graph reduces to the ‘finite’ size
components
)(0 xH
)1(1
)1()1()1()1(1
1000
F
FFFH
0)1(1 1 F
Development of the analytical framework– Average component size becomes infinity when– With the help of generating function, we derive the
following critical condition for the stability of giant component
– The critical condition is applicable• For any kind of topology (modeled by pk) • Undergoing any kind of dynamics (modeled by 1-qk)
0)1(1 1 F
0
0)1(k
kkk qkqkp
Degree distribution Peer dynamics
Outline
• Problem Definition• Environment Definition• Development of the analytical framework• Stability of Superpeer Networks against Attack
– Simulation result
Stability of Superpeer Networks against Attack
• Theoretically derived results & simulation– Deterministic attack– Degree dependent attack
• Network Generation– Represented by a simple undirected graph– Bimodal degree distribution– Graphs with 5000 nodes
An undirected arc is an edge that has no arrow. Both ends of an undirected arc are equivalent--there is no head or tail. Undirected
graphDirected
graph
Deterministic Attack• Two cases may arise in the deterministic attack
– 1. The removal of a fraction of superpeers is sufficient to disintegrate the network
– 2. The removal of all the superpeers is not sufficient to disintegrate the network. Therefore we need to remove some of the peer nodes along with the superpeers.
Recall : when , the critical condition for the stability
ml kkk
kk kqpkk,
)1(
1)1('1 F
l mkk kk
kkkk kqpkkqpkk )1()1(
Deterministic Attack• Case 1:
– fsp : the critical fraction of superpeer nodes, removal of which disintegrates the giant component
– qk = 1 for k = kl
qk = 1 – fsp for k = km
• Case 2:– fp : fraction of peer to be removed along with all the superpeers to
breack down the betwork– qk = 1 - fp for k = kl
qk = 0 for k = km sptar
kmm
kllsp
kk kkspkk
kk kkkkkk
frf
pkkpkkk
f
kfpkkpkk
kqpkkqpkk
m
l
l m
l m
)1(
)1()1(
1
)1()1()1(
)1()1(
)1(
)1(1
)1()1(
)1()1(
rrff
pkkk
f
kfpkk
kqpkkqpkk
ptar
kllp
kkpk
kk kkkkkk
l
l
l m
Deterministic Attack
• Parameter– Average degree <k> = 10– Superpeer degree km = 50
– Increase the peer degree kl gradually (the peer fraction changes accordingly) and observe the change in the percolation threshold ftar
Peer degree kl=1,2,3, the removal of only a fraction of superpeers causes breakdown of the network
The increase of peer degree from 1 to 2 and 3 further reduces the fraction of superpeers in the network It is not large enough to form effective connections within themselves
A fraction of peers is reqired to be removed.
The high degree peers connect among themselves and they are not entirely dependent on superpeers for connectivity.
The steep increase of stability with peer degree > 5
Deterministic Attack
• Peer contribution: – controls the total bandwidth contributed by the peers which
determines the amount of influence superpeer nodes exerts on the network
– two factors: peer degree & fraction of peers in the network
mll
r krrkkwherekrKP
C)1(,
Peer degree kl=1 can be disintegrated without attacking peers at all
Prc<0.2 does not have any impact upon the stability of the network no mater what peer degree is.
For kl=5, at Prc=0.3, a fraction of peers is required to be removed to disintegrate the networks.
The impact of high degree peers upon the stability of the network becomes more eminent as peer contribution Prc > 0.5.
For kl=1, 3, ftar gradually reduces, since increase in peer contribution decreases superpeer contribution, it decreases stability of these networks also.
For kl =5, peers are strongly connected among themselves, hence stability is more dependent on peer contribution.
Degree Dependent Attack• Probability of a node of degree k is directly proportional to kγ where γ > 0
is a real number.– Probability of survival of a node having degree k after a degree
dependent attack is – Critical condition for the stability of the giant component :
Ckfq kk
11
)2)(()1()1()1(
1,:
)1(
11
,
kkkkkCkkrkrk
kkkk
rpkkkk
rpapply
kqpkk
mlmmmll
lm
lk
lm
mk
kkkkk
ml
ml
Degree Dependent Attack• Probability of removal of a node is directly proportional to its
degree, hence • Minimum value • This yields an inequality
– The solution set of the above inequality can be• either bounded • either bounded
mkC
Ckfk
)2)(()1()1()1( 11 kkkkkkkkrkrk mlmmmmll
)0( bdcc
)0( c
Degree Dependent Attack
– Obtaining minimum value of C, each γc results in the corresponding normalizing constant
percolation threshold becomes
c
c
c
ccc
Ckr
Ckrfrrff ml
sppc
)1()1(
kkkkkkkrkrkC
mlm
mmllcc
c 2)()1()1()1( 1
)2)(()1()1()1( 11 kkkkkCkkrkrk mlmmmll
Degree Dependent Attack• The breakdown of the network can be due to one of the three
situations and reasons noted below:– 1: The removal of all the superpeers along with a fraction of peers.
• Networks having a bounded solution set Src where exhibit this kind of behavior at the maximum value of the solution .
• Here the fraction of superpeers removed becomes = 1• and fraction of peers removed
– 2: The removal of only a fraction of superpeers.• Some networks have an open solution set Src where • At converges to 0 and converges to some x where
0<x<1.– 3: The removal of some fraction of both superpeers and peers.
• Intermediate critical exponents signifies the fractional removal of both peers and superpeers.
bdcc 0
bdcc
bdc
spf
bdc
bdcbd
c
Ckf l
p
c0cpc f , c
spf
cSc
Case 2 of deterministic attack
Degree Dependent Attack• Two superpeer degrees km=25, 50
fixed average degree <k> = 10• Behavior of peer contribution Prc due to the change in peer
degree kl
In order to keep the average degree and peer constant, the network with higher superpeer degree results higher fraction of peer which increases the peer contribution.
Degree Depend Attack• Behavior of boundary critical exponent due to the change in
peer degree
Γcbd remains unbounded :
peer degree kl < 3 with superpeer degree km = 50
Γcbd remains ubounded :
peer degree kl < 4 with superpeer degree km = 25
Removal of only a fraction of superpeers disintegrate these networks: the low peer degree -> low peer contribution -> high superpeer contribution
Case 1 of deterministic attack
Degree Depend Attack• Fraction of peers and superpeers required to be removed to
breakdown the network and its impact upon percolation threshold fc.
The gradual increase in peer degree increases the peer contribution -> the higher peer contribution ensures the necessity to remove a fraction of them to breakdown the network.
Peer contribution has profound impact on the stability of the network specially with the networks having high peer degree kl.
Degree Depend Attack• Case study 1: The removal of all the superpeers along with a
fraction of peers.
(a) Behavior of γcbd with respect to
the change in superpeer fraction (b) Fraction of peers and superpeers required to be removed to breakdown the network and its impact upon percolation threshold fc
Peer degrees kl =3,4; Average degree <k>=5
Kl=3, spth=1.9
Kl=4, spth=4.1
1. Impact upon the fraction of peers removed:*The increase of superpeer fraction slowly increases γc
bd *Which in turn gradually decreases the fraction of peers removed fp γcbd
*higher degree peers -> higher values of fp γcbd to removed
2. Impact upon the fraction of peers removed:*recall : two factors
Depending upon the weightage of influence, fp γcbd either decreases or increases slowly when the fraction of superpeers is lass than spth.
)1()(
)1()1(
)1(
2121
)2(11
21
)2(1)2()2(1
rrf
rrfrfrf
rff
bdc
bdc
bdc
bdc
bdc
bdc
p
ppc
pc
Degree Depend Attack• Case study 2: The removal of only a fraction of superpeers.
– Superpeers degree km = 25, average degree <k> = 5, peer degree kl =2– Initially remove a fraction of superpeers fsp
rc and then start removing peers gradually
γ
*The fraction of peers removed gradually decreases with the increase of critical exponent γc which in turn decreases the value of fc
rc.
*As , with where(0<x<1) and eventually reach some steady value.
c 0cpf xf c
sp
*removal of only a fraction of superpeers is sufficient to any network with peer degree kl =1, 2, irrespective of superpeer degree and its fraction since the solution set Src becomes unbounded.
Degree Depend Attack• Case study 3: The removal of some fraction of both superpeers
and peers.– Superpeer degree km=5, average degree <k>=5, peer degree kl=3
Removal of any combination of (fp
rc, fsprc) where 0<rc<rc
bd, results in the breakdown of the network.
γcbd = 1.171
Tea Time coming soon