RICERCA ITALIANA     

Peer to peeR beyOnd FILE Sharing (PROFILES)

Università degli Studi di Trento

Abstract

This project addresses the study of peer-to-peer (P2P) communication systems, considering P2P as a novel communication paradigm that is changing the rules of the communication game in the Internet. P2P applications (Napster, Gnutella, Kazaa, ...) became famous (or infamous!) thanks to file-sharing and the exchange of copyrighted information. However, the key point for the success of P2P networks are cooperation and resource sharing, which make the system scalable, highly performing, dependable, and resilient. Recent P2P systems like Bit-Torrenti, Spit-Stream, and Skype made it clear that P2P networking can address many other applications apart from file-sharing.
The Profiles (Peer to peeR beyOnd FILE Sharing) project goal is the systematic study and design of a specific class of non file-sharing services: Content Distribution Applications (CDAs). A CDA is a system where a piece of information (audio, video, data or multimedia) is distributed to a community of users. They include live event broadcasting/multicasting, conferencing and conversational applications, fast delivery of critical software patches, etc. Different CDA have different performance metrics and different requirements, but they also share common features and fundamental architectures.
Profiles starts from the system analysis and modeling and proceed to the implementation of proof-of-concept prototypes. The project is subdivided in three WPs (plus management – WP0), and further in nine tasks:
WP1: Distribution systems analysis and modeling
- T11: Time-sensitive applications
- T12: Delay-tolerant applications
- T13: Security issues
WP2: Middleware design and evaluation
- T21: SIP-based approach to P2P signaling
- T22: Overlay network setup and maintenance
- T23: Distribution architecture and topology
- T24: Privacy and security provisioning
WP3: Service Prototyping
- T31: System definition and protocol design
- T32: Prototype implementation and testing

The roadmap of the project is the following. First of all it starts form foundational analysis (WP1) of possible services and applications, including requirements, performance (needed and achievable), and behaviors. Then it proceeds to system component (algorithms, procedures, protocols, etc.) design together with their evaluation as single elements (WP2). This WP aims at providing logical building blocks for general P2P systems, with specific reference to CDA systems. Finally in WP3 some suitable applications and services are selected, the supporting system defined and the relative software designed and implemented, producing a prototype whose aim is the demonstration of a performance-oriented, design-driven approach to the realization of innovative applications based on the P2P communication paradigm. WP3 also includes an experimental and testing part, in which the developed prototype is used within the project partners’ institutions and is made available to the research community for “live” testing.
Tasks and WPs are not sequential, but will coexist and interoperate during most of the project life. <<<

Principal Investigator

Renato Antonio Lo Cigno Università degli Studi di TRENTO

Research Objectives

P2P paradigm owes its success to file-sharing, applications where users make their files (e.g., MP3 music, video clips, or simply PC applications) available to the community in exchange of the possibility to download other users’ files. New applications focused on file exchange are continuously designed and introduced in the Internet. Unfortunately, some examples of illegal use of P2P communications (mainly for sharing copyrighted material) made it to the newspapers headlines, creating a bad reputation for P2P applications.
P2P networking, however, represents a major breakpoint in the communication paradigm, whose impact on the Internet is still not completely understood, but it is probably as large as the introduction of mobility in telephone networks.
The diffusion of P2P applications is not only due to the free availability of contents, but also for their easy of use and performance. The client-server communication paradigm was at the root of the Internet growth and success, but it has to adapt continuously to increasing demand and it very often show its limitations when services and traffic patterns change abruptly. For instance, Internet telephony (not simple VoIP applications, but a real global service with directory services, open users’ registration, etc.) did not quite take off until Skype (a proprietary P2P-based system) was introduced. In spite of Skype and other innovative applications discussed in the State of the Art section, P2P continues to be associated with file-sharing and most often with systems infringing digital copyrights, despite legal actions major companies are taking.
The P2P communication paradigm is by no means limited to file-sharing applications: indeed it can serve just as well many other applications, starting from streaming audio and video, to conferencing, to content distribution, to distributed backup systems, to search engines, to many others. Non file-sharing P2P applications are being proposed and the aim of this project is the thorough exploration of some of the most promising ones.
Most P2P systems were born with a make-it-do approach, applying heuristics and common good sense to most parts of the system, with a major exception: File (content) individuation and search engines. For instance most file-sharing application (exceptions are Bit-Torrent and similar systems) tends to disregard the content download/upload phase, as well as all other performance issues apart from efficiently searching the desired file. This is a valid approach for rare contents, whose main problem is indeed finding who stores it, but in many other cases different performance metrics dominate the lot, one example for all: streaming a popular live event. There is no search phase at all (the event is well known) and thousands, maybe millions of users want to follow it live, i.e., within seconds one another. The key performance here is managing the distribution topology. IP multicast, that can seem the logical solution for streaming, was never widely adopted due to its many limitations and problems. Application Layer Multicast, which falls in the cauldron of P2P networking and can support streaming as well as other applications, is instead gaining popularity, leveraging on cooperation and sharing (between users) of transmission resources.
This project will focus on applications that are not dominated by the search phase (“beyond file-sharing” as the title goes) concentrating on the other performance issues and using already existing robust and performing search engines. Indeed, to limit the scope of the project, Profiles (Peer to peeR beyOnd FILE Sharing) will concentrate on Content Distribution Applications (CDA). A CDA is system where a piece of information (audio, video, data or multimedia) is distributed to a community of users. Different CDA can have different performance metrics, and one of the goals of Profiles will be the analysis of these different metrics, as well as other service-dependent characteristics, and requirements, like security and reliability.
Profiles does not address analysis and modeling only. Indeed, this will roughly be only one third of the research effort. The real objective of the project is proposing a performance oriented design methodology for future P2P networking applications. To reach this goal, Profiles will start from a design-oriented analysis and modeling of applications. Afterwards it will decompose applications in simpler, self-contained modules, and design algorithms and procedures to realize them. Finally the project will develop the software modules needed to proceed to a proof-of-concept implementation of innovative systems, as well as to testing extensively the realized prototypes.
In slightly deeper detail, referring the reader to the Project Description for additional details, Profiles will study both time-sensitive and delay-tolerant CDA, like video streaming or conferencing on the one hand, and instant messaging or critical software patch distribution (e.g., virus footprints) on the other hand. Applications will be classified and analyzed searching for their specific requirements and characteristics; common features, like the topology and architecture of the distribution process, will be isolated and further analyzed to find suitable methods and algorithms to optimally (where possible) solve the underlying communication problem. Security and privacy issues, as well as standard-based signaling technologies are also part of the research scenario, since modern telecommunication services, whether P2P based or not, cannot abstract from either of them: insecure networking is not accepted by users, provides or governments, while non-standard, non-interoperable solutions are rarely accepted by the market or even by the research community. Concerning signaling, IETF based solutions will be pursued, while security and privacy in P2P networks still requires fundamental comprehension and insight.
In conclusion, the objective of Profiles is investigating the consequences of the P2P communication paradigm adoption, and demonstrating that P2P networks can be properly designed to support applications beyond file sharing to the benefit of the users and the community. <<<

Timescale

24 months

National and international background

Basics
Peer-to-peer (P2P) applications have obtained an unexpected success in the Internet users' community. Statistics on IP traffic point out that P2P traffic represents the dominant component of the whole Internet traffic. The novelty of the P2P paradigm relies on two main concepts: cooperation among users and resource sharing. Cooperation, with users providing services to the community, has several beneficial effects on the global system performance: it permits to improve capacity, the network reliability, and it makes the network more adaptive to the users’ needs. The P2P paradigm has become very popular essentially for file-sharing: Napster, Gnutella, Kazaa, and [1][2][3] are well known examples of P2P file-sharing applications. In such systems a fully distributed database of files is maintained by the users (peers), each user (peer) making available local files to the rest of the community. When a peer desires to retrieve a file from the network, he first has to localize the file (i.e., the IP addresses of the peers storing it) through a specific search procedure; then it downloads the file from one (or many) of the identified peers. The design of efficient content localization procedures is a key issue to make the P2P file-sharing systems scalable.
In P2P systems of the first generation (also known as unstructured P2P systems - Napster, Gnutella, Kazaa, ...) the procedure relied on simple principles such as access to a centralized database storing the directory (information regarding the localization of files), or the propagation of a request message to all –or a part of all– the peers in the network (flooding). Such search schemes are not scalable. Recently more sophisticated P2P architectures were proposed, in which a fully distributed localization directory is maintained by the peers. Very efficient location procedures were proposed for structured (or Distributed Hash Tables –DHT– based) systems. CAN, Chord, and Pastry [4][5][6] are example of recently proposed structured P2P systems which provide scalable distributed object location and routing substrates for wide-area P2P file-sharing, but also for other applications like fully distributed fault-tolerant file storage services [7].
Applications
After the first wave of P2P file-sharing applications, which often reaches the attention of mass media for they were used to exchange illegal contents, the P2P communication paradigm is starting to be used in different applications. Live media streaming and on-demand streaming services are expected to benefit from the P2P approach. In the Internet, media streaming applications are based on the traditional client-server model. This approach leads to limitations on the performance because the server represents a single point of failure and high rate network access is costly. On-demand streaming refers to the distribution of pre-recorded contents where required streams of different users are not synchronized. Work on Application Level Multicast (ALM, e.g., Scribe [8]) is relevant to streaming. IP Multicast is difficult to use in geographical domains, since it is not fully supported by many routers on the Internet,. There are two general approaches in realizing ALM: tree-building (e.g. Scribe) and flooding (e.g. CAN-Multicast). In the first case, a single overlay network is built and each multicast group is defined via a spanning tree on it, while in the second each group is defined by a different overlay network and the overlay network is used as a broadcast medium.
The distribution of streaming media content is one of the most bandwidth intensive services available on the Internet [9], and many other applications and protocols have been proposed. Coolstreaming [10], a totally distributed streaming platform for live events with interesting features like the buffer map representation, and SplitStream [11], based on the ALM proposed in Scribe, are just two of the published approaches. In 2002, Microsoft Research presented CoopNet [12], combining both aspects of content distribution mentioned before. The Cooperative Network of CoopNet addresses the problem of overloaded servers, having its clients cooperating with each other to distribute content via caching schemes. Slightly different approaches to live streaming are presented in GnuStream [13] (built on Gnutella). It is a receiver-driven media streaming system: the receiver aggregates the bandwidth available from a dynamic set of senders, achieving load distribution and fast reaction to sender capacity and on/off-line status changes.
Promise [14] is P2P media streaming system with key functions of peer lookup, peer-based aggregated streaming, dynamic adaptations to network and peer conditions. Promise is based on an application-level P2P service called CollectCast [14]. Its major functions are: (i) inferring and leveraging the underlying network topology and performance information for the selection of senders; (ii) monitoring peers’ status and connections, reacting to peer/connection failure or degradation; (iii) dynamically switching active senders and standby senders. In Promise the dynamics and diversity are reflected in both peers and network connections among peers. A sender may stop contributing to a P2P streaming session at any time, the outbound bandwidth contributed by a sender may change, the connection between a sender and the receiver may exhibit different end-to-end bandwidth, loss, and failure rate. Additional streaming systems like PeerCast, Zigzag and others are discussed in UniTn and UniTo specific SoA sections. Also the following discussion on non-streaming content distributions systems is further pursued by UniTn and UniTo.
The P2P approach has been recently successfully employed for the distribution to large communities of users of very popular large files (bulk data), such as, operating systems updates, patches, anti-viruses. BitTorrent [15], Bullet [16], Slurpie [17] are examples of such protocols designed for bulk data transfer leveraging on the P2P paradigm. Download chains or more sophisticated download structures must be efficiently managed in P2P content distribution systems. A crucial task for P2P content distribution systems is to efficiently use the transmission resources of peers in the network so as to maximize the global throughput and minimize the peer download time. BitTorrent [15] distributes large bulk data by cutting them in pieces called ‘chunks’ and independently downloading each of them to improve the performance. Parallel download of different chunks by several peers is allowed. Bullet [16] is a file swarming system that implements different strategies, such as content push or pull, the capability to encode the content to make the distribution more robust, different peer selection and chunk selection strategies (which peer/chunk a node have to choose to download from/to upload to). Slurpie [17] is a protocol for bulk data transfer that leverages on collaboration of other nodes. It is specifically designed for transfer of data with no time constraints. [18] discusses the fairness of swarming applications and introduces a protocol with a set of incentives for collaborative file distribution.
Other studies on file swarming systems were proposed for web-based content retrieval. In [19] the authors study a simple swarming protocol to demonstrate the superiority of swarming application wrt the client-server paradigm. Proof [20] is a system designed to handle flash crowds. It is a particular application of the file swarming concept, where the objects are web-based contents cached at the nodes. A scenario whose importance exploded in the last two years for the application of the P2P approach is IP telephony, presently constituting the second most important field of application of P2P systems, after file sharing. For instance, Skype [21] offers a P2P-based system for voice communication across the Internet. Skype is proprietary and it does not appear as extensible for future services as one might desire. Additionally Skype relies on a central server for authentication procedures partially ‘breaking’ the P2P paradigm. The lack of a coordinated and standardized approach results in a variety of P2P systems that cannot interact among each other. For this reason the efforts put by IETF in extending the Session Initiation Protocol (SIP) [22] to P2P networking are of extreme interest. Starting from Skype shortcomings, a great interest arose about the definition of an open standard P2P IP telephony architecture based on SIP (see [23][24] and additional literature discussed in UniPr SoA). At the latest IETF meetings, great interest arose in the creation of an IETF WG on SIP P2P. These efforts within IETF are specifically targeted to the IP telephony scenario, but they will include into SIP generic mechanisms to create a P2P overlay that can be exploited beyond the IP telephony application. P2P SIP can be easily be envisaged as a building block to realize the full functionality of a P2P middleware like JXTA [25].
Performance analysis
After the diffusion of P2P file-sharing applications, many works focused on their impact on the network through measurements, simulations and analytical models.
Measurements on Gnutella, Kazaa, eDonkey and BitTorrent were considered in [26][27][28][29] to characterize end-user hosts, their connectivity and behaviour. These studies show the presence of significant heterogeneity in peer characteristics. All these studies try to have insights on systems behaviour in order to better understand the fundamental dynamics of the systems.
Many simulators were implemented for the evaluation of P2P networks, but few of them are general enough to deserve attention. Often is a critical issue, because of the large number of peers involved in a realistic scenario. In order to avoid overhead related to simulating network-level details, some existing simulators [30][31] focus only on the overlay, and these are most interesting,
Few analytical and mathematical models have been proposed in order to investigate P2P system dynamics. In [32], the system capacity to provide a given content is analyzed in transient by means of branching processes and in steady state by simple Markovian models. BitTorrent-like file sharing systems represent the reference context for many works. In particular, the effect of parallel downloads on service capacity has been highlighted, taking into account the number of on-line peers, the number of requests in progress or queued, and the number of peers that have completed their download. The authors of [33] derive a simple deterministic fluid model from the Markovian model proposed in [32] to study the temporal evolution of the peer number and the average downloading time in BitTorrent-like systems. More recent models attempt to include network-level aspects and parameters in modelling P2P systems, like in [34][35]. In particular, a simple fluid model is proposed in [34] to evaluate the effect of access link capacity heterogeneity on the dynamics of file diffusion in P2P systems. In [36] a stochastic fluid-flow model is devised to evaluate the impact of file popularity, bandwidth characteristics, concurrent downloads and uploads, cooperation level among peers, and user behaviour on resource transfer time distribution.
Security aspects
P2P systems are not exempt from security and privacy problems. There are only few proposals of design principles addressing such problems. Security requirements in P2P systems can be classified in four categories: availability, authenticity, anonymity and access control [37]. For each category there are several types of possible malicious behaviours and many solutions have been proposed, depending on whether the P2P system is unstructured (e.g., Gnutella) or structured (DHT based systems).
The goal of Denial of Service (DoS) attacks is to make a node or a resource unavailable to other users. The easiest DoS attack is through bandwidth saturation via message flooding. This is easily achieved in unstructured P2P [38], but not in structured ones [39], as in the latter systems routing of messages follows rules that prevent this kind of attack. The work in [40] has identified a set of defences that systems can deploy against such attacks and potential synergies among them; the same paper includes a spectrum of denial-of-service or attrition attacks from low-level packet flooding to high-level abuse of the peer communication protocol.
In structured P2P systems privacy protection can be a problem, however anonymity as a means to protect privacy opens the door to possible misuses/abuses. To cope with this problem, an access control scheme based on reputation is presented in [41]. Improving the authenticity, confidentiality, and integrity of the resources is studied, for example, in [42] where the authors present a solution for copyrighted items.
In structured P2P systems, some attacks and possible defences are proposed in [43]: routing attacks (i.e., modifying the routing table on a node or changing the path to a specific node), and storage and retrieval attacks (e.g., denying the existence of data when required) are the most common. It has been proved that even a small fraction of malicious nodes can prevent correct message delivery throughout the overlay network [44]. Other quite common security issues, to be taken into account in P2P modelling and design, are Byzantine failures [45], and Sybil attacks [46], in which a single faulty entity presents multiple identities, gaining control on a substantial fraction of the system.
A key point in P2P is peer cooperation: users might choose to pursue their own interest disregarding the community. This selfish behaviour is called the free riding: a free-rider benefits from the effort of the other peers, without contributing any resources or performing any task itself. Two types of free-riding can be distinguished: peers not providing resources like files or hardware resources, or peers not providing base functionalities like forwarding signaling.
One class of solutions includes reputation systems. Online reputation management systems can be described as large-scale “word-of-mouth communities” in which individuals share opinions about other individuals. Reputation is an assumption that past behaviour is indicative of future behaviour. A high online reputation corresponds to a trustworthy entity. Most existing examples of reputation management systems are centralized, e.g., feedback rating in eBay. In a fully decentralized architecture, the main goal of a reputation mechanism is to take the reputation information, that is locally generated as a result of an interaction between peers, and spread it throughout the network to produce a global reputation rating for the network nodes. Examples of reputation-based approaches can be found in [47][48][49].
Incentive-based approaches provide different levels of service related to the degree of contribution. Recent file-sharing applications like BitTorrent [15] or eMule [50] use, respectively, a tit-for-tat or a credit scheme to prevent parasitic behaviour. Incentives can be granted by means of real/virtual currency managed through micro-payment mechanisms and resource trading schemes (examples are [51][52]. These schemes, as they draw on a form of money, typically face problems like forgery, double spending or user acceptance. The same problem is also tacked with game-theoretic approaches providing schemes to drive a P2P system in equilibrium independently from the different kind of strategies that users may adopt [53][54]. <<<