Gnutella: integrating performance and security in fully decentralized P2P models

Quantified Score

Visualization

Abstract

Peer-To-Peer (P2P) systems have made an enormous impact on the Internet, directly affecting its performance and security. The litigation against P2P file sharing has led some designers to opt for purely decentralized P2P models. The latter have quickly become attractive to Internet users, who often consider pure P2P as more "secure" than hybrid systems (i.e. with some central entity). In this paper, we concentrate on some relevant security threats and performance inefficiencies in the Gnutella P2P network, which is worldwide the most popular fully decentralized system. We present the results we obtain from the analysis of spurious content circulating in the network. We observe a significant propagation of unwanted and unrelated query replies, systematically taking place. This leads to the transfer of junk or unsafe files, potentially resulting in hosts' security violations and Denial of Service attacks. The analysis of IP addresses shows that peers responsible for spreading these files are recurrent over time and over specific network segments. They also share a specific pattern of common features, clearly suggesting the use of modified versions of Gnutella applications. Typically these peers run as super-nodes (ultrapeers), which represent the highest level of control of the Gnutella system. In spite of many different solutions proposed in the past to integrate security mechanisms into Gnutella, none of them have been adopted in practice. We discuss the necessary trade-offs of these proposed solutions and we also analyze the (unofficial) hypothesis that some entities, having commercial convenience in polluting the Gnutella network, may be involved. We propose solutions that help mitigating some of the problems, while still preserving the basic structure of the Gnutella protocol.