PhD Thesis

Efficiency and Security in Peer-to-Peer Streaming Protocols

ual

Doctorado en Informática (RD99/11)

Department of Informatics
University of Almería
Spain

Author

Cristóbal Medina López

Supervisors

Dr. Leocadio González Casado
Dr. Vicente González Ruiz

November 11, 2019

Internet has changed the way we communicate

internet speed

Source: https://www.speedtest.net/reports/

High quality Streaming to the largest number of users

with lowest cost in the shortest possible time

one to many streaming

Outline

  • Introduction

    • Background
    • Research Questions
  • Peer to Peer Straighforward Protocol

    • An application-layer protocol that provides real-time broadcasting on the Internet
  • Security

    • Pollution Attacks
    • Strategies applied to Traditional Networks
    • Strategies applied to Software Defined Networks
  • Deployment Issues

    • NAT Traversal using Collaborative Port Prediction
    • Runing P2PSP on low resources devices
  • Conclusions

    • Key Results
Introduction P2PSP Security Deployment Conclusions Publications

Outline

  • Introduction

    • Background
    • Research Questions
  • Peer to Peer Straighforward Protocol

    • An application-layer protocol that provides real-time broadcasting on the Internet
  • Security

    • Pollution Attacks
    • Strategies applied to Traditional Networks
    • Strategies applied to Software Defined Networks
  • Deployment Issues

    • NAT Traversal using Collaborative Port Prediction
    • Runing P2PSP on low resources devices
  • Conclusions

    • Key Results
Introduction P2PSP Security Deployment Conclusions Publications

Most Popular Solutions

Client-Server Model

one to many streaming

It is not scalable without replication

Introduction P2PSP Security Deployment Conclusions Publications

Most Popular Solutions

Content Delivery Networks

cdn streaming

Increase in the cost of the infrastructure

Introduction P2PSP Security Deployment Conclusions Publications

Alternative Solution

Peer-to-Peer Networks

P2P Streaming

Latency, Security, Network Limitations, Client Resources

Introduction P2PSP Security Deployment Conclusions Publications

Peer-to-Peer Networks

Problems: Latency

P2P Latency problems

Because of its distributed approach, sometimes there is a considerable delay from when the content is generated until users play it.

Introduction P2PSP Security Deployment Conclusions Publications

Peer-to-Peer Networks

Problems: Security

P2P Security problems

The anonymity provided by most P2P networks leads to malicious peers attacking in different ways: denial of service attacks, poisoning of content, avoiding sharing their resources, etc.

Introduction P2PSP Security Deployment Conclusions Publications

Peer-to-Peer Networks

Problems: Network Limitations

P2P Network limitation problems

Limitations in networks caused by peers behind NATs and firewalls.

Introduction P2PSP Security Deployment Conclusions Publications

Peer-to-Peer Networks

Problems: Client Resources

P2P client resources problems

The complexity of most of the P2P applications, result in they can not be executed on some types of devices. Especially in those with low resources.

Introduction P2PSP Security Deployment Conclusions Publications

Research Questions

Is it possible to design a P2P protocol which reduce the communication cost to the maximum?
How could we detect and expel (or force to contribute) to Malicious Peers?
How could we increase the chances two peers perform a successful communication?
Would our protocol be straighforward enough to be run on low-resource devices?
Introduction P2PSP Security Deployment Conclusions Publications

Outline

  • Introduction

    • Background
    • Research Questions
  • Peer to Peer Straighforward Protocol

    • An application-layer protocol that provides real-time broadcasting on the Internet
  • Security

    • Pollution Attacks
    • Strategies applied to Traditional Networks
    • Strategies applied to Software Defined Networks
  • Deployment Issues

    • NAT Traversal using Collaborative Port Prediction
    • Runing P2PSP on low resources devices
  • Conclusions

    • Key Results
Introduction P2PSP Security Deployment Conclusions Publications

Pull-Model vs Push-Model

Goal: Reduce latency by keeping it as simple as possible

Pull vs Push
Introduction P2PSP Security Deployment Conclusions Publications
P2PSP protocol
  • P2PSP (Peer to Peer Straightforward Protocol) is an open application-layer protocol for the real-time streaming of media content over a peer-to-peer overlay.

  • P2PSP is based on a push-based fully connected mesh scheme where every peer is connected with each other.

  • An open-source (GNU GPL v3) implementation is available on GitHub.

    2015 - 2016 - 2017 - 2018

How does a P2PSP system work?

An open-source implementation is available on GitHub

A P2PSP Team

A P2PSP Team
Introduction P2PSP Security Deployment Conclusions Publications

How does a P2PSP system work?

An open-source implementation is available on GitHub

A P2PSP Team

A P2PSP Team

1. The video is sent in real time to the Splitter.

Introduction P2PSP Security Deployment Conclusions Publications

How does a P2PSP system work?

An open-source implementation is available on GitHub

A P2PSP Team

A P2PSP Team

1. The video is sent in real time to the Splitter.

2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.

Introduction P2PSP Security Deployment Conclusions Publications

How does a P2PSP system work?

An open-source implementation is available on GitHub

A P2PSP Team

A P2PSP Team

1. The video is sent in real time to the Splitter.

2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.

Introduction P2PSP Security Deployment Conclusions Publications

How does a P2PSP system work?

An open-source implementation is available on GitHub

A P2PSP Team

A P2PSP Team

1. The video is sent in real time to the Splitter.

2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.

Introduction P2PSP Security Deployment Conclusions Publications

How does a P2PSP system work?

An open-source implementation is available on GitHub

A P2PSP Team

A P2PSP Team

1. The video is sent in real time to the Splitter.

2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.

Introduction P2PSP Security Deployment Conclusions Publications

How does a P2PSP system work?

An open-source implementation is available on GitHub

A P2PSP Team

A P2PSP Team

1. The video is sent in real time to the Splitter.

2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.

3. Each peer sends its chunks to each other in order to ensure that everyone has the whole stream.

Introduction P2PSP Security Deployment Conclusions Publications

How does a P2PSP system work?

An open-source implementation is available on GitHub

A P2PSP Team

A P2PSP Team

1. The video is sent in real time to the Splitter.

2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.

3. Each peer sends its chunks to each other in order to ensure that everyone has the whole stream.

4. Peers send the stream to the player.

Introduction P2PSP Security Deployment Conclusions Publications

Modular Design

LBS (Load Balancing Set): P2PSP supposes that there is a collection of channels that are broadcasted in parallel.

DBS (Data Broadcasting Set): Designed to be efficient in transmitting a data-stream from a splitter node to peers.

IMS (IP Multicast Set): Peers in the same local network communicate using IPM group address and port, if available.

CIS (Content Integrity Set): The main goal of this set of rules is to face pollution attacks.

MRS (Massively-lost chunk Recovery Set): A massively-lost chunk occurs when a chunk is lost in its way from the splitter to a peer.

ACS (Adaptive Capacity Set): It relaxes the peer’s upload requirements imposed by DBS.

NTS (NAT Traversal Set): It provides peer connectivity for some NAT configurations where DBS can not establish a direct peer communication.

MCS (Multi-Channel Set): Scalable Video Coding compatibility.

Introduction P2PSP Security Deployment Conclusions Publications

Outline

  • Introduction

    • Background
    • Research Questions
  • Peer to Peer Straighforward Protocol

    • An application-layer protocol that provides real-time broadcasting on the Internet
  • Security

    • Pollution Attacks
    • Strategies applied to Traditional Networks
    • Strategies applied to Software Defined Networks
  • Deployment Issue

    • NAT Traversal using Collaborative Port Prediction
    • Runing P2PSP on low resources devices
  • Conclusions

    • Key Results
Introduction P2PSP Security Deployment Conclusions Publications

Pollution Attacks

Pollution attacks consist of a peer or a set of peers modifying the content of the stream.

Can be done in different ways

Pollution Attacks

Persistent attack: an attacker poisons every chunk received from the splitter and sends them to the entire team.

Persistent Attack

Pollution Attacks

On-Off attack: the attacker only poisons some chunks but not others.

On-Off Attack

Pollution Attacks

Selective attack: poisoning chunks intended for only one peer or a small subset of peers.

Selective Attack

Pollution Attacks

Collaborative attack: several attackers may collaborate to produce Selective and On-off attacks on a large set of peers.

Collaborative Attack

Pollution Attacks

Hand-wash attack: leaving the team and returning to continue the attack with another alias.

Hand-wash Attack

Pollution Attacks

Bad-mouth attack: blaming other regular peers of sending poisoned chunks or not sending chunks.

Bad-mouth Attack

It produces false-positives and false-negatives on reputation systems

Outline

  • Introduction

    • Background
    • Research Questions
  • Peer to Peer Straighforward Protocol

    • An application-layer protocol that provides real-time broadcasting on the Internet
  • Security

    • Pollution Attacks
    • Strategies applied to Traditional Networks
    • Strategies applied to Software Defined Networks
  • Deployment Issues

    • NAT Traversal using Collaborative Port Prediction
    • Runing P2PSP on low resources devices
  • Conclusions

    • Key Results
Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers

How does it work?

STrPe
Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers

How does it work?

STrPe

1. Only the splitter knows who the TPs in the team are.

Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers

How does it work?

STrPe

1. Only the splitter knows who the TPs in the team are.

2. Each TP creates a hash for each chunk, including the chunk number and the endpoint of the source and sends it to the splitter.

Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers

How does it work?

STrPe

1. Only the splitter knows who the TPs in the team are.

2. Each TP creates a hash for each chunk, including the chunk number and the endpoint of the source and sends it to the splitter.

3. The Splitter checks whether the chunks have been altered.

Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers

How does it work?

STrPe

1. Only the splitter knows who the TPs in the team are.

2. Each TP creates a hash for each chunk, including the chunk number and the endpoint of the source and sends it to the splitter.

3. The Splitter checks whether the chunks have been altered.

4. The splitter knows the peer in charge of relaying a given chunk.

Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers

How does it work?

STrPe

1. Only the splitter knows who the TPs in the team are.

2. Each TP creates a hash for each chunk, including the chunk number and the endpoint of the source and sends it to the splitter.

3. The Splitter checks whether the chunks have been altered.

4. The splitter knows the peer in charge of relaying a given chunk.

5. The attacker is expelled from the team.

Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers

Problems:

  • Peers don't know if they are being attacked.

  • If an attacker knows who the trusted peers are the system is completely vulnerable to Selective Attacks.

Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers and Digital Signatures

It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:

STrPe-DS
Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers and Digital Signatures

It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:

STrPe-DS

1.When peers join the team they receive the public key of the splitter.

Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers and Digital Signatures

It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:

STrPe-DS

1.When peers join the team they receive the public key of the splitter.

2.For each chunk, the splitter sends a message like this:

$\{chunk, nChunk, dst, S priv (H(chunk + nChunk + dst))\}$

Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers and Digital Signatures

It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:

STrPe-DS

1.When peers join the team they receive the public key of the splitter.

2.For each chunk, the splitter sends a message like this:

$\{chunk, nChunk, dst, S priv (H(chunk + nChunk + dst))\}$

3.The peers verify dst and check if the hash value is correct.

Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers and Digital Signatures

It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:

STrPe-DS

1.When peers join the team they receive the public key of the splitter.

2.For each chunk, the splitter sends a message like this:

$\{chunk, nChunk, dst, S priv (H(chunk + nChunk + dst))\}$

3.The peers verify dst and check if the hash value is correct.

4.The splitter periodically requests the list of removed peers to the TP.

Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers and Digital Signatures

It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:

STrPe-DS

1.When peers join the team they receive the public key of the splitter.

2.For each chunk, the splitter sends a message like this:

$\{chunk, nChunk, dst, S priv (H(chunk + nChunk + dst))\}$

3.The peers verify dst and check if the hash value is correct.

4.The splitter periodically requests the list of removed peers to the TP.

5.Peers removed by any TP are directly expelled by the splitter after a random time.

Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers and Digital Signatures


  • Can trusted peers expel the bad guys by following these basic rules?

    Non-repudiation

Introduction P2PSP Security Deployment Conclusions Publications

Experimental results

Results obtained by simulation [war-games]

Persistent, Selective and Collaborative Attack

experiments
Introduction P2PSP Security Deployment Conclusions Publications

Experimental results

experiments

Trusted peers as unique defense strategy is not appealing when #MPs is greater than #TPs

Introduction P2PSP Security Deployment Conclusions Publications

Shamir Secret Sharing Scheme

Distribute secret into N shares useless by themselves, but with any $t$ shares can reconstruct it

Shamir Secret Sharing

The scheme turns the secret into the independent term of a polynomial of degree $t-1$, where $t$ is the number of shares needed to get the secret

Strategy based on Trusted Peers and Shamir's Secret Sharing

The main idea is very simple: “if you want to remain in the team you must have a good behavior with at least t peers”. The behavior rules are:

TP-SSS
Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers and Shamir's Secret Sharing

TP-SSS

1.The Splitter sends a message $eSP^r_{j,i}$.

$eSP^r_{j,i}=\{eCH^r_{j,i},\ SH^{r+1}_i\}$

$eCH^r_{j,i} = \{C_j, j, P_i, r, E_{K^r_i}[S_{pr}(H(C_j||j||P_i||r))]\}$

$SH^{r+1}_i=\{\{SH^{r+1}_i\}_q,\ q=1,\ \ldots,\ n_r\}$

$\{SH^{r+1}_i\}_q=\{P_i,P_q, r+1, A^{r+1}_{q,i},S_{pr}(H(P_i||P_q||r+1||A^{r+1}_{q,i}))\}$

Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers and Shamir's Secret Sharing

TP-SSS

1.The Splitter sends a message $eSP^r_{j,i}$.

$eSP^r_{j,i}=\{eCH^r_{j,i},\ SH^{r+1}_i\}$

$eCH^r_{j,i} = \{C_j, j, P_i, r, E_{K^r_i}[S_{pr}(H(C_j||j||P_i||r))]\}$

$SH^{r+1}_i=\{\{SH^{r+1}_i\}_q,\ q=1,\ \ldots,\ n_r\}$

$\{SH^{r+1}_i\}_q=\{P_i,P_q, r+1, A^{r+1}_{q,i},S_{pr}(H(P_i||P_q||r+1||A^{r+1}_{q,i}))\}$

2.The peer reconstructs $K^r_i$, decrytps the message and verifies the signature.

Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers and Shamir's Secret Sharing

TP-SSS

1.The Splitter sends a message $eSP^r_{j,i}$.

$eSP^r_{j,i}=\{eCH^r_{j,i},\ SH^{r+1}_i\}$

$eCH^r_{j,i} = \{C_j, j, P_i, r, E_{K^r_i}[S_{pr}(H(C_j||j||P_i||r))]\}$

$SH^{r+1}_i=\{\{SH^{r+1}_i\}_q,\ q=1,\ \ldots,\ n_r\}$

$\{SH^{r+1}_i\}_q=\{P_i,P_q, r+1, A^{r+1}_{q,i},S_{pr}(H(P_i||P_q||r+1||A^{r+1}_{q,i}))\}$

2.The peer reconstructs $K^r_i$, decrytps the message and verifies the signature.

3.The peer sends the message decrypted.

$PP^r_{i,q}=\left\{CH^r_{j,i},\ \{SH^{r+1}_i\}_q \right\}$

$CH^r_{j,i} = \{C_j, j, P_i, r, S_{pr}(H(C_j||j||P_i||r))\}$

Introduction P2PSP Security Deployment Conclusions Publications

Strategy based on Trusted Peers and Shamir's Secret Sharing

TP-SSS

1.The Splitter sends a message $eSP^r_{j,i}$.

$eSP^r_{j,i}=\{eCH^r_{j,i},\ SH^{r+1}_i\}$

$eCH^r_{j,i} = \{C_j, j, P_i, r, E_{K^r_i}[S_{pr}(H(C_j||j||P_i||r))]\}$

$SH^{r+1}_i=\{\{SH^{r+1}_i\}_q,\ q=1,\ \ldots,\ n_r\}$

$\{SH^{r+1}_i\}_q=\{P_i,P_q, r+1, A^{r+1}_{q,i},S_{pr}(H(P_i||P_q||r+1||A^{r+1}_{q,i}))\}$

2.The peer reconstructs $K^r_i$, decrytps the message and verifies the signature.

3.The peer sends the message decrypted.

$PP^r_{i,q}=\left\{CH^r_{j,i},\ \{SH^{r+1}_i\}_q \right\}$

$CH^r_{j,i} = \{C_j, j, P_i, r, S_{pr}(H(C_j||j||P_i||r))\}$

4.The peer verifies the message and saves the share.

Introduction P2PSP Security Deployment Conclusions Publications

Theoretical analysis

Results obtained after a theoretical analysis: $\text{#MPs} <= N/2$

$t=6$

results sss

Some attacks are fully mitigated with only one Trusted Peer but not others

Introduction P2PSP Security Deployment Conclusions Publications

Outline

  • Introduction

    • Background
    • Research Questions
  • Peer to Peer Straighforward Protocol

    • An application-layer protocol that provides real-time broadcasting on the Internet
  • Security

    • Pollution Attacks
    • Strategies applied to Traditional Networks
    • Strategies applied to Software Defined Networks
  • Deployment Issues

    • NAT Traversal using Collaborative Port Prediction
    • Runing P2PSP on low resources devices
  • Conclusions

    • Key Results
Introduction P2PSP Security Deployment Conclusions Publications

Software Defined Networks

SDN Architecture

SDN Architecture
Introduction P2PSP Security Deployment Conclusions Publications

Software Defined Networks

P2PSP Proposal

SDN P2PSP Proposal
Introduction P2PSP Security Deployment Conclusions Publications

Software Defined Networks

P2PSP Proposal

SDN P2PSP Proposal
Introduction P2PSP Security Deployment Conclusions Publications

Software Defined Networks

P2PSP Proposal

SDN P2PSP Proposal
Introduction P2PSP Security Deployment Conclusions Publications

Software Defined Networks

P2PSP Proposal

SDN P2PSP Proposal
Introduction P2PSP Security Deployment Conclusions Publications

Software Defined Networks

P2PSP Proposal

SDN P2PSP Proposal
Introduction P2PSP Security Deployment Conclusions Publications

Software Defined Networks

P2PSP Proposal

SDN P2PSP Proposal
Introduction P2PSP Security Deployment Conclusions Publications

Software Defined Networks

P2PSP Proposal

SDN P2PSP Proposal
Introduction P2PSP Security Deployment Conclusions Publications

Software Defined Networks

P2PSP Proposal

SDN P2PSP Proposal
Introduction P2PSP Security Deployment Conclusions Publications

Software Defined Networks

It also works under hybrid environments

SDN Hybrid P2PSP Proposal
Introduction P2PSP Security Deployment Conclusions Publications

Detection Probabilities

Model

$p = \sum_{r=1}^{N} \left(\left(\frac{Z-2}{Z-1}\right)^{(r-1)} \times \frac{1}{Z-1}\right)$

SDN Probability Model

Expelling takes 98 seconds assuming a 720p HD video (2500 kbps) and chunk size 1024 bytes

Introduction P2PSP Security Deployment Conclusions Publications

Experiments

Team size: 10 to 100 | Samples: 100 | Period: 1 | Cases: Fixed and Variable attacks.

An open-source implementation is available on GitHub

SDN experiments
Introduction P2PSP Security Deployment Conclusions Publications

Experiments

Modifying the scrambling period

SDN Probability Scrambling period

We can modify the parameters to find a compromise between detection success and cost

Introduction P2PSP Security Deployment Conclusions Publications

Outline

  • Introduction

    • Background
    • Research Questions
  • Peer to Peer Straighforward Protocol

    • An application-layer protocol that provides real-time broadcasting on the Internet
  • Security

    • Pollution Attacks
    • Strategies applied to Traditional Networks
    • Strategies applied to Software Defined Networks
  • Deployment Issues

    • NAT Traversal using Collaborative Port Prediction
    • Runing P2PSP on low resources devices
  • Conclusions

    • Key Results
Introduction P2PSP Security Deployment Conclusions Publications

NAT Traversal

Peers communication issues

NAT Traversal
Introduction P2PSP Security Deployment Conclusions Publications

NAT Traversal

Peers communication issues

NAT Traversal
Introduction P2PSP Security Deployment Conclusions Publications

NAT Traversal

Peers communication issues

NAT Traversal
Introduction P2PSP Security Deployment Conclusions Publications

NAT Traversal

Peers communication issues

NAT Traversal

$P_1$ should send the hello message to $B^1$ and $P_2$ should send the hello message to $A^1$
We will have to predict the ports that will be used

Introduction P2PSP Security Deployment Conclusions Publications

Collaborative Port Prediction

Proposal


Info collected from monitors peers by the Splitter:
$\Delta^B = \left\{ \begin{array}{ll} 0&, \text{ if } \forall i, \Delta_i^B = 0 \\ \mathrm{GCD}(\Delta_1^B, \cdots, \Delta_N^B)&, \text{ otherwise} \end{array} \right.$



Info received from the Splitter by $P_j$:
$\begin{array}{rcl} \{s(P_j)\} & = & B^0 + j + \{s\in\{0,1,\cdots,n/2-1\}\}; \\ \{s(P_j)\} & += & B^0 + (j + \{s\in\{n/2,\cdots, n-1\}\}) \cdot \Delta^B \end{array}$

Introduction P2PSP Security Deployment Conclusions Publications

Experiments

Port step: [1 to 200] | Monitors: 1 | Port predictions $n=20$

Performance NAT Traversal
Introduction P2PSP Security Deployment Conclusions Publications

Experiments

$N:$ [1 to 10] | Port step: [1 to 6] | Port predictions $n=20$

Number monitors NAT Traversal

Only two monitor peers collaborating leads to higher traversal success rates

Introduction P2PSP Security Deployment Conclusions Publications

Outline

  • Introduction

    • Background
    • Research Questions
  • Peer to Peer Straighforward Protocol

    • An application-layer protocol that provides real-time broadcasting on the Internet
  • Security

    • Pollution Attacks
    • Strategies applied to Traditional Networks
    • Strategies applied to Software Defined Networks
  • Deployment Issues

    • NAT Traversal using Collaborative Port Prediction
    • Runing P2PSP on low resources devices
  • Conclusions

    • Key Results
Introduction P2PSP Security Deployment Conclusions Publications

Google Chromecast

Google Chromecast (GC) is a device designed as small dongle, which enable users with a mobile device or personal computer to play Internet-streamed audio-visual content on a high-definition television.

Chromecast Device Chromecast 2 Device

Low Resources

1st generation incorporates a Marvel ARMADA 1500 Mini, and 512 MB of RAM memory. It also includes hardware for decoding VP8 and H.264 video compression formats.

2nd generation GCs use a Marvel ARMADA 1500 Mini Plus, 2.5 times faster than the 1st generation. Includes 512 MB of RAM memory. It is also able to decode VP9.

Introduction P2PSP Security Deployment Conclusions Publications

How does it work?

Chromecast en Cast developers
Introduction P2PSP Security Deployment Conclusions Publications

Built-in Technologies

HTML5
WebRTC


MSE

Introduction P2PSP Security Deployment Conclusions Publications

Development

A P2PSP Chromecast Team

Team P2PSP en Chromecast
Introduction P2PSP Security Deployment Conclusions Publications

Development

P2PSP Chromecast Peer Architecture

Arquitectura peer en chromecast
Introduction P2PSP Security Deployment Conclusions Publications

Experiments

Streaming a MP4 (H.264 + AAC) video at 24 FPS. Resolution: 640x360

Splitter smartphone
Introduction P2PSP Security Deployment Conclusions Publications

Experiments

Streaming a MP4 (H.264 + AAC) video at 24 FPS. Resolution: 1920x1080

Splitter smartphone

Number of peers receiving the media increases significantly in comparison with a CS model

Introduction P2PSP Security Deployment Conclusions Publications

Experiments

Streaming a MP4 (H.264 + AAC) video at 24 FPS. Resolution: 640x360

Peers in Chromecast CPU Usage
Introduction P2PSP Security Deployment Conclusions Publications

Experiments

Streaming a MP4 (H.264 + AAC) video at 24 FPS. Resolution: 1920x1080

Peers in Chromecast CPU Usage
Introduction P2PSP Security Deployment Conclusions Publications

Experiments

Streaming a MP4 (H.264 + AAC) video at 24 FPS. Resolutions: 640x360 and 1920x1080

Peers in Chromecast Memory Usage

A peer can run on a GC improving the QoE of the user when connected to an HDMI TV

Introduction P2PSP Security Deployment Conclusions Publications

Outline

  • Introduction

    • Background
    • Research Questions
  • Peer to Peer Straighforward Protocol

    • An application-layer protocol that provides real-time broadcasting on the Internet
  • Security

    • Pollution Attacks
    • Strategies applied to Traditional Networks
    • Strategies applied to Software Defined Networks
  • Deployment Issues

    • NAT Traversal using Collaborative Port Prediction
    • Runing P2PSP on low resources devices
  • Conclusions

    • Key Results
Introduction P2PSP Security Deployment Conclusions Publications

Conclusions

Security

1. Our experimental results show that using only trusted peers as a defense strategy is not appealing when the number of malicious peers can be large.

2. The most severe possible attack is fully mitigated by using SSS. For the remaining attacks, we can improve effectiveness to face them increasing the number of TPs.

3. Reliable time bounded MP detection, not only in pure SDN environments but also in mixed environments where some peers are on the Internet and others are under managed networks.

Introduction P2PSP Security Deployment Conclusions Publications

Conclusions

Deployment

1. We proposed a straightforward P2P protocol to ensure an easy implementation, even in resource-constrained devices. Moreover, we identified the main issues and proposed a modular design.

2. We proposed a new and simple NAT traversal algorithm that uses collaborative port prediction in which a low number of source ports is needed for traversal succes.

3. We got a implementation of the P2PSP running on embedded devices aiming of avoiding third-party media servers, in order to decrease the cost of the streaming and increase the degree of privacy.

Introduction P2PSP Security Deployment Conclusions Publications

Publications

International Journals (JCR)

1. Medina-Lopez, C., Mertens, M.B., Gonzalez-Ruiz, V. & Casado, L.G. (2019). Reducing streaming cost while increasing privacy: A case study on a smartphone and chromecast using peer-to-peer technology to skip third-party servers. IEEE Consumer Electronics Magazine, DOI: 10.1109/MCE.2018.2880810. 8, pp. 50–55 Impact factor JCR 2018: 3.273. (Q1).

2. (Under Review) Medina-Lopez, C., Casado, L.G, Yuansong Qiao & Gonzalez-Ruiz, V. An SDN Approach to Detect Targeted Attacks in P2P Fully Connected Overlays. International Journal of Information Security. Impact Factor JCR 2018: 1.822. 44/107 (Q2).

3. (Under Review) Medina-Lopez, C., García-Ortiz J.P, Martinez, J.A, Casado, L.G, Gonzalez-Ruiz, V. NAT Traversal in P2P Networks using Collaborative Port Prediction. Peer-to-Peer Networking and Applications. Impact Factor JCR 2018: 2.397. 70/155 (Q2).

Introduction P2PSP Security Deployment Conclusions Publications

Publications

International Conferences with DOI

1. Medina-López, C., González-Ruiz, V. & Casado, L. (2017). On mitigating pollution and free-riding attacks by Shamir’s Secret Sharing in fully connected P2P systems. In 13th International Wireless Communications and Mobile Computing Conference (IWCMC), pp. 711–716, DOI: 10.1109/IWCMC.2017.7986372. IEEE. GGS Rating: B, GGS Class: 3.

2. Medina-López, C., Shakirov, I., Casado, L. & González-Ruiz, V. (2017). On pollution attacks in fully connected P2P networks using trusted peers. In Intelligent Systems Design and Applications, pp. 144–153, DOI: 10.1007/978-3-319-53480-0. Springer Internation Publishing, Porto. CORE 2016: rank C.

3. Medina-López, C., Casado, L. & González-Ruiz, V. (2015). Pollution Attacks Detection in the P2PSP Live Streaming System. In International Joint Conference. CISIS 2015. Advances in Intelligent Systems and Computing, pp. 401–410, DOI: 10.1007/978-3-319-19713-5 34. Springer International Publishing. CORE 2014: rank B.

Introduction P2PSP Security Deployment Conclusions Publications

Publications

Other International Conferences

1. Medina-López, C. (2015). Participation as speaker. In GSoC 2015 Lightning Talks, Google Inc., SunnyVale, CA. USA.

2. Medina-López, C., García Ortiz, J.P., Naranjo, J., Casado, L. & González-Ruiz, V. (2014). IPTV using P2PSP and HTML5+WebRTC. In 4th W3C Web and TV Workshop, 5, IRT, W3C, Munchen, Germany.

Introduction P2PSP Security Deployment Conclusions Publications

Publications

National Conferences

1. Medina-López, C., González-Ruiz, V., Casado, L.G., Naranjo, J. & García-Ortiz, J.P. (2015). Ejecutando peers p2psp en google chromecast. In Actas VI Jornadas de Computación Empotrada, pp. 123–129, Cordoba.

2. Medina-López, C., Naranjo, J., Garcı́a-Ortiz, J.P., Casado, L.G. & González-Ruiz, V. (2013). Execution of the P2PSP protocol in parallel environments. In G.B. y Alberto A. Del Barrio Garcia, ed., Actas XXIV Jornadas de Paralelismo, pp. 216–221, Madrid.

Introduction P2PSP Security Deployment Conclusions Publications

Publications

Other Publications produced during the elaboration of this Thesis

1. Andujar, A. & Medina-López, C. (2019). Exploring New Ways of eTandem and Telecollaboration Through the WebRTC Protocol: Students’ Engagement and Perceptions. International Journal of Emerging Technologies in Learning (iJET), 14, pp. 200–217.

2. Medina-Lopez, C., Casado, L.G. & Gonzalez-Ruiz, V. (2015). P2PSP: un protocolo de red sencillo como herramienta para el aprendizaje basado en proyectos. Experiencias Docentes en Redes de Computadores, 1, pp. 35–41.

Introduction P2PSP Security Deployment Conclusions Publications

Thanks!

Feder Gobierno de España CEIA3 P2PSP protocol grupo SAL Google Summer of Code 2017