Researchers Outline Targeted Content Poisoning For P2P Data

Diomidis Spinellis writes "Two USC researchers published a paper in the prestigious IEEE Transactions on Computers that describes a technique for p2p content poisoning targeted exclusively at detected copyright violators. Using identity-based signatures and time-stamped tokens they report a 99.9 percent prevention rate in Gnutella, KaZaA, and Freenet and a 85-98 percent prevention rate on eMule, eDonkey, and Morpheus. Poison-resilient networks based on the BitTorrent protocol are not affected. Also the system can't protect small files, like a single-song MP3. Although the authors don't say so explicitly, my understanding is that the scheme is only useful on commercial p2p distribution systems that adopt the proposed protocol."

Researcher is the wrong word.

[Darkness404]

I'm not exactly sure "researcher" is the right word here. From the paper

Abstract: Today's peer-to-peer (P2P) networks are grossly abused by Illegal distributions of music, games, video streams, and popular software. These abuses have resulted in heavy financial loss in media and content industry. Collusive piracy is the main source of intellectual property violations within the boundary of P2P networks. This problem is resulted from paid clients (colluders) illegally sharing copyrighted content files with unpaid clients (pirates). Such an on-line piracy has hindered the use of open P2P networks for commercial content delivery. We propose a proactive poisoning scheme to stop colluders and pirates from working together in alleged copyright infringements in P2P file sharing. The basic idea is to detect pirates with identity- based signatures and time-stamped tokens. Then we stop collusive piracy without hurting legitimate P2P clients. We developed a new peer authorization protocol (PAP) to distinguish pirates from legitimate clients. Detected pirates will receive poisoned chunks in repeated attempts. A reputation-based mechanism is developed to detect colluders. The system does not slow down legal download from paid clients. The pirates are severely penalized with no chance to download successfully in finite time. Based on simulation results, we find 99.9% success rate in preventing piracy on file-level hashing networks like Gnutella, KaZaA,Area, LimeWire, etc. Our protection scheme achieved 85-98% prevention rate on part-level hashing networks like eMuel, Shareaz, eDonkey, Morpheus, etc. Our new scheme enables P2P technology for building a new generation of content delivery networks (CDNs). These P2P-based CDNs provide faster delivery speed, higher content availability, and cost-effectiveness than using conventional CDNs built with huge network of surrogate servers.

This isn't unbiased in the least. Sure, arguably it is "research" but calling them researchers from an university makes them seem neutral at best.

Re:Researcher is the wrong word.

[s-whs]

] Researcher is the wrong word.

I was thinking the same thing. But not necessarily based on them being biased, but for this: Why would anyone want to 'research' this? I can understand making a protocol resilient to poisoning (same as making a computer resilient to virus attacks, there will always be a-holes trying to mess things up wether legal or illegal), or making it faster, adding some nifty features perhaps. But poisoning to prevent illegal sharing with the pathetic argument that this hinders commercial distribution? What kind of a researcher is that? A RIAA paid one I'd guess. Possibly as valuable as those 'researchers' for tobacco companies who said there was no health problem with smoking.

Re:Researcher is the wrong word.

[Darkness404]

Exactly, I was reading into the article thinking it would be presented as a vulnerability or proof of concept that could be exploited by the RIAA, not that the entire thing seemed to be written especially for the RIAA.

Re:Researcher is the wrong word.

[siloko]

Researchers find a topic that interests them and follow through on some hunch. When they have found out something potentially publishable (the meat and potatoes of a researchers career) they big it up. This abstract reads exactly like that - "we did some work and this is why it's the most important work in the world" - the fact that the spiel coincides with the RIAA party line is probably coincidence.

Re:Actually

[Darkness404]

And so is DDoS attacks, but that sure didn't stop the RIAA from using MediaDefender ( http://en.wikipedia.org/wiki/MediaDefender )

Copyright violators

[wigaloo]

Two UCLA researchers published a paper in the prestigious IEEE Transactions on Computers that describes a technique for p2p content poisoning targeted exclusively at detected copyright violators.

What's to prevent poisoning legal p2p? There are plenty of examples of copyrights being inappropriately asserted. The technology itself doesn't discriminate.

The dawn of a new age

[mewsenews]

Humans had discovered methods to speedily and automatically transmit mountainous volumes of data. It was a new frontier, a utopia where information was shared peacefully between the people who wanted to see it. And what was its downfall? Not the anarchists, or the communists, or the Islamic fundamentalists, but the so called leaders of the free world.

"We had to do it," they said, "there is such a thing as too much freedom."

Re:Freenet

They lump Freenet into the category of "Gnutella-like networks", and say that their attack against gnutella should also work against Freenet since it is Gnutella-like (p.2 and p.12).

In other words, it is as you said, they are lumping it together with other networks.

It makes me question the quality of their research if they think that Freenet is so similar to Gnutella that the same class of attacks would work against both.

Re:Adopting the proposed protocol?

[Joce640k]

They already tried this about five years ago with poisoned servers. What happened? The Kad search mechanism was adopted and the servers were useless.

The same thing will happen here, the protocol will change, the poisoners will have wasted a lot of money and achieved nothing.