Despite the success of peer-to-peer systems, a majority of their overlay architectures are vulnerable to exploitation. Some of the features for improved performance have created security holes that attackers can breach to gain control of the network. De facto network security solutions (e.g., trusted servers, encryption, and firewalls) offer little assistance, as they are often not compatible with the open and decentralized structure of peer-to-peer networks. To address overlay security problems, we propose Phyllo, a node-partitioning framework that isolates untrusted nodes from the core network. Yet, the isolated nodes can still participate in peer-to-peer communications. Our partitioning scheme also allows nodes to move between partitions, while introducing marginal performance overheads. Our experimental results indicate that Phyllo supports more reliable message delivery in the presence of malicious nodes.
Date of creation, presentation, or exhibit
Department, Program, or Center
Computer Science (GCCIS)
Phyllo: A Peer-to-Peer Overlay Security Framework, Proceedings of the First Workshop on Secure Network Protocols. November 2005.
RIT – Main Campus