【作者】 史建焘；

【导师】 张宏莉；

【作者基本信息】 哈尔滨工业大学 ， 信息安全， 2012， 博士

【摘要】 做为本世纪初期互联网上发展最为迅猛的技术之一，P2P技术秉承了互联网发展初期的设计理念，摒弃了服务器与客户机之分，使得网络计算模式从集中向分布式偏移，充分利用了网络边缘的终端设备，使得网络中的所有成员都作为对等主体直接互联和交换文件，形成了规模更大，可扩展性更好的覆盖网络，许多基于P2P技术的应用也随之应运而生。然而，P2P技术在促进了Internet软硬件资源共享的同时，其固有的匿名性、动态性和开放性的特点也如同一把双刃剑，对互联网的安全性提出了更为严峻的挑战。由于服务的可靠性，所提供资源的真实性通常无法保证，又缺少中心组件的控制和管理，使得P2P网络中存在着更多可以被攻击者利用的漏洞。P2P网络的共享机制和快速选路机制，也为病毒和蠕虫提供了快速传播平台。这都严重制约了P2P系统的进一步推广，甚至威胁到了整个互联网的安全。如何提高P2P网络的安全性已经成为当前一项亟待解决的重要问题。本文的研究以P2P技术最初的应用模式文件共享系统为对象，从系统设计的角度分析了其安全性威胁及隐患，提出了若干提升P2P文件共享系统安全性的策略和方法。全文首先系统地介绍了P2P网络的结构及其特点，总结了P2P网络的主要安全问题和研究现状。然后以典型的P2P文件共享系统的行为周期模型为脉络，分别研究了资源发布/搜索，节点选择，分块选择以及数据传输四个不同阶段下的主要安全威胁，并从系统设计的角度，针对性的提出了改进P2P网络安全性的方法。首先，在数据传输阶段和分块选择阶段存在的假块污染攻击，属于典型的资源消耗攻击，严重的影响了P2P系统的可用性。本文以BitTorrent为研究对象，通过建立假块污染攻击的随机模型给出了攻击所能达到的理论上限。然后在半开放环境下进行了广域网实验，验证了假块污染攻击对实际应用的危害，得出污染攻击至少可以带来3倍以上的下载延迟。最后提出了对抗假块污染攻击的SmartHash算法，并从多个角度对其进行了优化，通过仿真实验的方式评价了该算法的有效性和可行性。其次，在节点选择阶段的路由安全问题，不仅威胁到了系统的可用性，同时为其他更具破坏性的大规模网络攻击提供了实施平台。本文在实际网络环境下，针对BT的Mainline DHT进行了攻击验证，证明通过索引毒害和路由攻击的方式可以控制DHT的搜索结果。为了解决这一问题，本文提出了改进的节点ID生成机制、路由表更新机制以及搜索路径选择机制，通过理论分析和仿真实验证明，改进后的系统在保证查询效率的同时，安全性得到了提升。最后，在资源发布和搜索阶段的安全威胁，主要包括系统可用性和资源真实性的问题。本文在系统可用性方面的工作主要针对DHT结构，研究了在典型应用eMule的KAD网络下，基于关键词的索引资源在ID空间分布上的不均衡问题，给出了一种基于多重目标ID的索引发布和搜索机制，通过仿真实验证明该机制能够有效的提高索引负载均衡性。在资源真实性方面，本文给出了一种适用于P2P文件共享系统的资源评价模型(FRep)，并详细介绍了FRep的评价收集机制，节点选择机制，评价质疑机制，激励与惩罚机制以及历史评价交换机制，分析了该模型能够抵御大规模欺骗攻击的能力。最后通过对比实验证明FRep比起已有的信誉模型能更好的抵御外来攻击，同时具有更好的计算和通信效率。总体而言，本文对P2P文件共享网络的安全性问题进行了系统的研究，深入地分析了其行为周期模型中不同阶段下的安全威胁，提出了提高其安全性的技术和方法，对未来P2P网络研究的继续开展具有指导意义。更多还原

【Abstract】 As one of the most rapidly developed technology on the Internet in the earlypart of this century, P2P technology adhering to the initial design concept ofInternet, get rid of the difference between server and client, making networkcomputing model develop from decentralized mode to distributed mode, fullyuses resources of terminal equipments at the edge of Internet. Being equal parts,all the members in the network can directly connect and exchange files, and forma larger, more scalable overlay network. More and more P2P based applicationsare coming into being. However, though P2P technology promotes the sharing ofInternet hardware and software, its inherent anonymity, dynamic and opennesscharacters severely threat the security of Internet. Due to the reliability of theservice and the authenticity of the resources can not be guaranteed, and lack ofcontrol and management from a central component, there are morevulnerabilities that can be exploited by attackers in the P2P network. The easyway to share and fast way to route, also provide a platform for rapid spreading ofviruses and worms. Those seriously constraint the further developing of P2Psystem, and even threat the security of the entire Internet. How to improve thesecurity of P2P network has become an important issue to be solved. Thisdissertation analyzes and invests main security threats in P2P file sharing systems.From the point of view of system design, some enhancement methods areproposed.Firstly， fake-block attack in data transfer phase is a typical resourceconsumption attack, which seriously affect the availability of P2P systems. Thisdissertation studies fake-block attack in BitTorrent system, and creates astochastic mathematics model to give the theoretical upper bound that the attackcan take. Then the WAN experiment in a semi-open environment verifies theharm of fake-block attack in real network, and gives the result that the attack canbring at least3times delay of downloading. Finally a SmartHash algorithm basedcountermeasure is given. Simulation indicates this method is feasible andeffective. Secondly，routing security issues in peer selecting phase, not only threat theavailability of the system, but also provide a platform for other larger scaledestructive attacks. This dissertation makes attack validation in BT’s MainlinedDHT under actual network environment, proves that index poisoning and routingattack can controls the searching results of DHT network. To solve this securityissue, this dissertation proposes the improved node ID generation mechanism,routing table updating mechanism and the searching path selection mechanism.Theoretical analysis and simulation results show that the improved method canguarantee the query efficiency and system safety.Lastly， security threats in resource publishing/searching stage includesystem availability and resources authenticity. Research work of systemavailability is mainly focused on DHT structure. We study the keyword loadbalance problem in KAD network of eMule, and give a publishing and searchingimprovement based on the index of multiple target IDs. Simulation experimentsindicate the method can effectively improve the index load balancing. Researchwork of resources authenticity proposes a resource rating model in P2P filesharing system, called FRep, and details introduces votes aggregating mechanism,peer choosing mechanism, challenge mechanism, punishing and encouragemechanism and voting record exchange mechanism, analyzes the ability of FRepto resist large scale deception attacks. Simulation experiments prove FRep ismore powerful to counter against outside attacks and has better computationand communication efficiency.Overall, this dissertation systematically researches the security problems inP2P file sharing networks, in-depth analyzes different security threats in all stagesof P2P file sharing cycle model. The proposed methods and technologies caneffectively improve the performance and enhance the security of P2P network,which is significant for the future research on P2P network更多还原