Social networks are great for connecting with other people, but they can also be leveraged for enhanced security properties. In this talk, I will describe two systems — Pisces and Persea — that we have designed to take advantage of the information that is inherent in the social network structure. Pisces is a system for enhancing anonymity in peer-to-peer (P2P) anonymity system designs. An anonymity system, such as the popular Tor network, helps protect your privacy on the Internet and enables people in countries like Syria to get around Internet censorship. In Pisces, we route our anonymity paths through users’ social connections using verifiable random paths. We show that this technique provides much better privacy than prior designs in the face of strong attackers.
Persea addresses the reliability of looking up information and resources in a P2P system, such as Skype or Bittorrent. Existing systems are vulnerable to an attacker adding many malicious peer nodes, e.g. by using a botnet, and having them undermine the reliability of lookups. We propose a P2P system, Persea, based on a bootstrap tree — essentially a social network that shows how each person entered the P2P system via a series of invitations. We embed the bootstrap tree into the identities that nodes use to locate themselves and perform lookups. We argue that this approach is more suitable to P2P systems than prior approaches and show that it provides lookup success rates at least as good as in prior work.
Matthew Wright is an Associate Professor-Computer Science & Engineering at the University of Texas Arlington.