Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
P2P
2010
IEEE
2010
IEEE
On the Privacy of Peer-Assisted Distribution of Security Patches
Abstract--When a host discovers that it has a software vulnerability that is susceptible to an attack, the host needs to obtain and install a patch. Because centralized distribution of patches may not scale well, peer-to-peer (P2P) approaches have recently been suggested. There is, however, a serious privacy problem with peer-assisted patch distribution: when a peer A requests a patch from another peer B, it announces to B its vulnerability, which B can exploit instead of providing the patch. Through analytical modeling and simulation, we show that a large majority of vulnerable hosts will typically become compromised with a basic design for peer-assisted patch distribution. We then study the effectiveness of two different approaches in countering this privacy problem. The first approach utilizes special-purpose peer nodes, referred to as honeypots, that discover and blacklist malicious peers listening for patch requests from susceptible hosts. In the second approach, the patches are r...
Real-time Traffic| Added | 14 Feb 2011 |
| Updated | 14 Feb 2011 |
| Type | Journal |
| Year | 2010 |
| Where | P2P |
| Authors | Di Wu, Cong Tang, Prithula Dhungel, Nitesh Saxena, Keith W. Ross |
Comments (0)
Researcher Info
|
