'Rewiring' file-sharing networks may stop attacks

A proposed US law permitting attacks on peer-to-peer file sharing networks to disrupt illegal copying could be undermined by research from two US computer researchers.

Peer-to-peer networks let thousands of personal computers communicate with each other so that users can search each other's hard drives for files.

Some sections of the US entertainment industry are so concerned about copyright infringement on peer-to-peer networks that they are pushing for new powers to put a stop to the activity themselves. The plans have outraged many peer-to-peer network users and civil liberty campaigners.

A US bill proposed in July 2002 would give copyright holders the legal power to attack the computers of file sharers suspected of piracy. Experts say it would be relatively easy to log on to a network and deliberately overload suspected users with fake requests for a file, by misinforming other "nodes". This is similar to overloading a web site with fake traffic in a "denial of service" attack.

But Neil Daswani and Hector Garcia-Molina of the Database Research Department at Stanford University in the US believe it may be possible to redesign peer-to-peer networks to protect them against such attacks. Daswani says this may also guard these networks against malicious computer hackers. He told New Scientist: "We were interested in both protecting the network from being shut down and protecting individual users."

Flood gates

Daswani and Garcia-Molina mathematically modeled the popular open source network Gnutella and experimented with different combinations of existing rules for efficiently sharing file requests across a network. This network consists of ordinary users, or "nodes" and "supernodes", which have higher bandwidth. Requests are broadcast between nodes and supernodes with little discrimination.

Daswani points out that anyone can join a peer-to-peer network, so it cannot be run on trust. Instead, the researchers gave each node a set of simple rules to follow when processing requests from other peers. They found that when requests from ordinary nodes were treated in a different way to requests from supernodes the damage caused by a flooding attack was dramatically reduced.

The optimum policy was to refuse second requests from a specific supernode until all other connected supernodes had also made a request - showing the request is more likely to be genuine. Favouring requests from local supernodes was also beneficial. A good overall arrangement was to have peers communicating normally within small groups and limiting communication between these groups.

By applying these rules, Daswani says, "you don't end up using up all your bandwidth if there's a malicious node on the network."

Related Stories

New P2P network funded by US government 1 October 2002

"Random walkers" may speed peer-to-peer networks 5 July 2002

New techniques make file-sharing flourish 30 May 2002

For more related stories search the print edition Archive

Weblinks

Neil Daswani, Stanford University

Gnutella

P2P Piracy Prevention Act

Adam Langley's weblog

Peer-to-peer: Harnessing the Power of Disruptive Technologies

Peer review

Theodore Hong, an expert in peer-to-peer networks at Imperial College in the UK says: "They've developed a good model for quantifying the damage caused by a query flood. Using these policies, you can cut the damage caused by a flood in half."

But Adam Langley, a UK-based peer-to-peer programmer and contributor to Peer-to-Peer: Harnessing the Power of Disruptive Technologies is not convinced that the system would work in the real world. "I wonder about its practicality," he told New Scientist, as the model assumes an ideal, uniform network.

Organisations including the Recording Industry Association of America (RIAA) and the Motion Picture Association of America (MPAA) are pushing for better protection of copyrighted music and movies. The P2P Piracy Prevention Act, proposed by Senator Howard Berman, is currently being redrafted following severe criticism and is not likely to be introduced in any form until January 2003 at the earliest.

Will Knight

This story is from NewScientist.com's news service - for more exclusive news and expert analysis every week subscribe to New Scientist print edition.