【作者】 张涵；

【导师】 沈昌祥；

【作者基本信息】 北京工业大学 ， 计算机应用技术， 2013， 博士

【摘要】 Peer-to-Peer(P2P)系统是一种利用参与者的计算、存储和传输能力进行资源共享、数据计算的分布式系统。它在文件共享、流媒体服务和分布式计算领域得到了广泛的应用。P2P系统在发展同时也面临着安全挑战，它遭受着女巫攻击、free-riding（搭便车）资源污染、蠕虫病毒传播等多种攻击的侵害。在P2P系统的三种结构中，半分布式P2P系统，因具有多个超级节点，使得系统稳定性较高，且易于实现安全策略而成为较为流行一种结构。本文以解决P2P系统中的安全问题为研究动机，以半分布式P2P系统为研究对象，以研究分析该系统中的安全缺陷为基础，提出一套适合半分布式P2P系统的安全体系结构并深入研究该体系结构中的关键技术。本文通过研究分析恶意用户攻击P2P系统所利用的安全缺陷，提出了P2P系统中广泛存在的三大安全问题：身份管理问题、激励机制反应速度问题以及用户路由表问题。以研究解决这三大安全问题为出发点，提出了一套以用户身份数量的有穷性为保障，以激励机制为手段，以统一的系统服务为接口，适用于半分布式P2P系统的安全的体系结构。能有效地阻止恶意用户进入系统，缩小了系统遭受攻击的损失。针对半分布式P2P系统中的身份管理问题，本文提出一种基于用户设备向量的身份管理机制。该方法通过参考犯罪成本理论，分析了恶意用户为攻击系统而更换计算设备的可能。以不均衡的犯罪收益/成本比率为支撑，以用户所能持有的设备数量有穷为基础，限定了用户能够产生的身份识别符号数量。该机制将用户的所有设备归纳成集合，通过用户当前所登录系统的设备对用户的身份进行识别，达到自动识别用户身份的目标。这一身份管理机制使得恶意用户不再能无限地产生身份，从而有效地降低了恶意用户对系统的影响，约束了恶意用户的攻击行为，使得激励机制有了可靠的底层服务。实验结果表明，对比目前主流的谜题破解方案，提出的身份管理机制更能有效地限制恶意用户身份的总数量。针对激励机制反应速度不足的问题，本文提出基于恶意行为记忆因子的激励机制。通过对用户之间最近一段时期内发生的不满意服务情况进行积累和全局统筹，提出了恶意行为记忆因子的概念。以恶意行为记忆因子为基础，改进了现有的激励机制，使得恶意用户对系统产生的负面影响能够被系统进行记录，从而导致更换了新身份的恶意用户或者其他恶意用户将受到以往负面行为的影响，加快这些用户信任值扣除的速度，达到加速恶意用户死亡的目的。改进后的激励机制，增强了系统对攻击的反应能力与反应速度，彼此独立的恶意用户对系统实施的攻击行为将由恶意行为记忆因子进行关联，使得后续的攻击行为所遭受的惩罚力度加大，从而保证了系统安全。实验结果表明，通过引入恶意行为记忆因子，激励机制能够更快速地驱逐恶意用户。此外，当与身份管理机制进行配合时能够将恶意用户的身份数量控制在更低的水平。针对用户路由表安全问题，本文提出了基于来源可信度的节点交换机制。节点交换是目前半分布式P2P系统中更新邻居节点列表最流行的方式。通过引入来源可信度的概念，突出了来源节点的重要性，使得系统目前的节点交换算法具有了量化的选择标准。通过改进系统现有的节点交换算法，筛选掉不合格的邻居节点，增强了系统节点交换功能的安全性，使得恶意用户难以通过节点交换对系统产生进一步影响。实验结果表明，对比系统原有节点交换方案，本文提出的方案更能有效地避免恶意用户被选入交换集中。更多还原

【Abstract】 Peer-to-Peer (abbr. P2P) system is a distributed system which uses users’ leisurebandwidth and storage to share resources. P2P system has vast application family infile sharing, streaming and distribution computing. Along with the development, P2Psystem faces many challenges: the sybil attack, resource pollution and worms. Amongthree of P2P system structure, Semi-P2P showed its advantage. The supernode-peerstructure makes it more stable and easy to realize security strategy. In the motivationof solving security issues in Semi-P2P system, this dissertation mainly focuses onproposing a secure architecture for Semi-P2P and its key technology.Based on analysis of leaks exploited by the attacker, this dissertation proposesthree prime security problems, which are identity management problem, the slowreaction speed of incentive mechanism and peer router problem. For solving theseproblems, a Semi-P2P orient secure architecture is proposed. The architecture makesthe finite of number of users’ identities as backbone; uses incentive mechanism asmethod for identifying attacker; provides a unified interface to upper layerapplications. The architecture can prevent malicious user from entering systemeffectively whereby avoid compromising system performance.To solving identity management problem, this dissertation proposes an identitymanagement mechanism base on user’s device vector. By introducing crime theory,this dissertation analyzes the possibility of purchasement of a new device for anattacker after an attack. Due to the imbalance between profit and cost, making thefinite of number of users’ devices as basic assumption, the mechanism effectivelylimits the number of identities one single user can gain. The mechanism collectsdevices of a user into a set. By using the set and the device user logged on, the modelcan automatically recognize the user. Due to the finite of identities number, attackercannot attack the system easily. As a result, the reliable backbone of incentivemechanism is established. Experiment results showed that, comparing with puzzle,which is the popular identity management method in P2P, the mechanism proposed inthis dissertation can limit the number of users’ identities into a reasonable finitenumber.To improve incentive mechanism reaction speed, this dissertation proposes animproved incentive mechanism based on malicious action memory factor. By accumulating of dissatisfying service received by system users, the concept ofmalicious action memory factor is proposed. Based on the factor, this dissertationimproves current incentive mechanism. The factor works as memory of attacked log.Every attack would increase the factor whereby further attacking behavior gains moresevere punishment. The improved incentive mechanism showed its speedy whenencounter an attack. The attack come from different attackers would be linked,making further attack receive harsh punishment. Experimental results showed that, byusing the factor, the improved incentive mechanism expel attacker quicker. By thehelp of identity management, the improved incentive mechanism can control thecount of attackers to a lower level.To solving peer router problem, this dissertation proposes an improve peerexchange mechanism base on the source trust. Peer exchange is the most used peerrouter update method in P2P system. Based introducing the source trust, the importantof the source of a peer is emphasized. Source trust works as a ruler in peer exchangeoperation. By expelling low source trust value peers from the exchange set, thesecurity of peers’ route table can be guaranteed. Experiment results showed that,comparing with the current peer exchange approach, the approach proposed in thisdissertation can reduce the attackers’ peer from being exchanged.更多还原