pith. sign in

arxiv: 1906.10272 · v1 · pith:PWNVUK4Xnew · submitted 2019-06-25 · 💻 cs.CR

CAPnet: A Defense Against Cache Accounting Attacks on Content Distribution Networks

Ghada Almashaqbeh , Kevin Kelley , Allison Bishop , Justin Cappos This is my paper

Pith reviewed 2026-05-25 17:06 UTC · model grok-4.3

classification 💻 cs.CR
keywords cache accountabilityaccounting attackspeer-assisted CDNcontent distribution networkssecurity puzzleincentive systemsuntrusted caches
0
0 comments X

The pith

CAPnet uses a client-solved puzzle requiring data colocation to bound accounting attacks when untrusted caches join peer-assisted CDNs.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

Peer-assisted CDNs improve delivery by letting untrusted peers cache and transfer content but face attacks in which caches collude with clients to claim credit for transfers that never occurred. CAPnet counters this with a lightweight puzzle clients must solve before any cache receives credit. The puzzle is constructed so that a valid solution is possible only when the requested data is colocated, thereby confirming that at least a pre-configured amount of content was actually retrieved. Experiments indicate the client-side cost stays low enough for one core to support dozens of simultaneous 1080p streams while a single server core can generate puzzles at 4.26 Tbps.

Core claim

CAPnet is the first technique that lets untrusted caches join a peer-assisted CDN while providing a bound on the effectiveness of accounting attacks. At its heart is a lightweight cache accountability puzzle that clients must solve before caches are given credit. This puzzle requires colocating the data a client has requested, so its solution confirms that the content (or at least an amount of data within a pre-configured bound) has actually been retrieved.

What carries the argument

lightweight cache accountability puzzle whose solution requires colocating the requested data to confirm retrieval

If this is right

  • Untrusted caches can participate without allowing unbounded false credit claims.
  • Client overhead remains compatible with real-time high-definition video playback.
  • Server-side puzzle generation scales to support hundreds of thousands of concurrent clients per core.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same colocation requirement could be applied to other peer-to-peer incentive mechanisms that reward reported transfers.
  • Tuning the pre-configured data bound offers a direct way to trade security margin against puzzle difficulty for different content sizes.

Load-bearing premise

A valid puzzle solution is possible only when the requested data is actually present and colocated with the client.

What would settle it

An experiment in which a client produces a valid puzzle solution for a cache that never transferred the requested content to that client.

Figures

Figures reproduced from arXiv: 1906.10272 by Allison Bishop, Ghada Almashaqbeh, Justin Cappos, Kevin Kelley.

Figure 1
Figure 1. Figure 1: CAPnet integration in content distribution ( [PITH_FULL_IMAGE:figures/full_fig_p006_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: An example of puzzle challenge generation with two chunks and two [PITH_FULL_IMAGE:figures/full_fig_p008_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Generator speed for various configurations ( [PITH_FULL_IMAGE:figures/full_fig_p017_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Solver speed for various configurations ( [PITH_FULL_IMAGE:figures/full_fig_p018_4.png] view at source ↗
read the original abstract

Peer-assisted content distribution networks(CDNs) have emerged to improve performance and reduce deployment costs of traditional, infrastructure-based content delivery networks. This is done by employing peer-to-peer data transfers to supplement the resources of the network infrastructure. However, these hybrid systems are vulnerable to accounting attacks in which the peers, or caches, collude with clients in order to report that content was transferred when it was not. This is a particular issue in systems that incentivize cache participation, because malicious caches may collect rewards from the content publishers operating the CDN without doing any useful work. In this paper, we introduce CAPnet, the first technique that lets untrusted caches join a peer-assisted CDN while providing a bound on the effectiveness of accounting attacks. At its heart is a lightweight cache accountability puzzle that clients must solve before caches are given credit. This puzzle requires colocating the data a client has requested, so its solution confirms that the content (or at least an amount of data within a pre-configured bound) has actually been retrieved. We analyze the security and overhead of our scheme in realistic scenarios. The results show that a modest client machine using a single core can solve puzzles at a rate sufficient to simultaneously watch dozens of 1080p videos. The technique is designed to be even more scalable on the server side. In our experiments, one core of a single low-end machine is able to generate puzzles for 4.26 Tbps of bandwidth - enabling 870,000 clients to concurrently view the same 1080p video. This demonstrates that our scheme can ensure cache accountability without degrading system productivity.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

0 major / 2 minor

Summary. The manuscript introduces CAPnet as the first technique allowing untrusted caches to participate in peer-assisted CDNs while bounding accounting attacks. It centers on a lightweight cache accountability puzzle that clients must solve before caches receive credit; the puzzle is designed to require colocation of the requested data so that a valid solution confirms retrieval of the content (or an amount within a pre-configured bound). The paper reports security and overhead analysis in realistic scenarios, claiming a single client core suffices for dozens of simultaneous 1080p streams and a single server core can generate puzzles for 4.26 Tbps (supporting 870,000 concurrent 1080p clients).

Significance. If the puzzle construction enforces the stated colocation property and the reported performance numbers hold under the described conditions, the work supplies a practical, scalable defense for incentive-driven peer-assisted CDNs against collusion-based accounting attacks. The provision of concrete throughput figures for both client and server sides is a strength that supports the claim of negligible productivity impact.

minor comments (2)
  1. [Abstract] Abstract: the performance claims (4.26 Tbps server generation rate and 870,000-client concurrency) are presented without any description of the experimental methodology, workload parameters, hardware configuration, or measurement variance; adding a brief methods clause or reference to the relevant evaluation section would improve verifiability.
  2. [Abstract] Abstract: the phrase 'an amount of data within a pre-configured bound' is used without indicating how the bound is chosen or enforced in the puzzle construction; a short clarifying sentence would reduce ambiguity for readers.

Simulated Author's Rebuttal

0 responses · 0 unresolved

We thank the referee for their careful reading and positive evaluation of the manuscript. The recommendation for minor revision is noted. The report lists no major comments, so we have no specific technical points to address at this time.

Circularity Check

0 steps flagged

No significant circularity in derivation chain

full rationale

The paper introduces CAPnet as a new construction centered on a cache accountability puzzle whose security property (colocation of requested data confirming retrieval within a bound) is stated directly as the design premise rather than derived from equations, fitted parameters, or self-citations. No load-bearing steps reduce by construction to inputs; performance bounds are presented as experimental measurements on the proposed mechanism. The derivation chain is self-contained as an explicit protocol design with no renaming of known results or imported uniqueness theorems.

Axiom & Free-Parameter Ledger

1 free parameters · 2 axioms · 1 invented entities

The central claim rests on the unproven assumption that the puzzle construction forces data colocation and on standard cryptographic hardness assumptions for puzzle difficulty; no free parameters are explicitly fitted in the abstract, but the pre-configured data bound functions as one tunable value.

free parameters (1)
  • pre-configured data bound
    Amount of data whose retrieval is confirmed by puzzle solution; chosen to balance security and overhead.
axioms (2)
  • domain assumption Puzzle solution requires colocating the requested content data
    Stated directly in abstract as the mechanism that confirms actual retrieval.
  • standard math Standard cryptographic puzzle hardness holds against colluding clients and caches
    Implicit in any puzzle-based verification scheme.
invented entities (1)
  • cache accountability puzzle no independent evidence
    purpose: Lightweight challenge whose solution proves data delivery
    New mechanism introduced to enforce accountability

pith-pipeline@v0.9.0 · 5828 in / 1331 out tokens · 24537 ms · 2026-05-25T17:06:37.922748+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

24 extracted references · 24 canonical work pages

  1. [1]

    https://www.akamai.com/

    Akamai. https://www.akamai.com/

    work page

  2. [2]

    https://www.akamai.com/us/en/products/media-delivery/ netsession-interface-overview.jsp

    Akamai NetSession. https://www.akamai.com/us/en/products/media-delivery/ netsession-interface-overview.jsp

    work page

  3. [3]

    https://www.cisco.com/c/en/us/solutions/collateral/service-provider/ visual-networking-index-vni/mobile-white-paper-c11-520862 .html

    Cisco Visual Networking Index: Forecast and Methodology, 2016-2021 . https://www.cisco.com/c/en/us/solutions/collateral/service-provider/ visual-networking-index-vni/mobile-white-paper-c11-520862 .html

    work page 2016

  4. [4]

    https://aws.amazon.com/cloudfront/

    CloudFront. https://aws.amazon.com/cloudfront/

    work page

  5. [5]

    http://fortune.com/2016/03/05/house-of- cards-viewership/

    House of Cards Viewers Stats . http://fortune.com/2016/03/05/house-of- cards-viewership/

    work page 2016

  6. [6]

    https://www.netflix.com/

    Netflix. https://www.netflix.com/

    work page

  7. [7]

    https://help.netflix.com/ en/node/306

    Netflix Internet Connection Speed Recommendations. https://help.netflix.com/ en/node/306

    work page

  8. [8]

    https://www.swarmify.com/

    Swarmify. https://www.swarmify.com/

    work page

  9. [9]

    https://www.networks.nokia.com/products/velocix-media-delivery- platform

    Velocix. https://www.networks.nokia.com/products/velocix-media-delivery- platform

    work page

  10. [10]

    https://www.youtube.com/

    Youtube. https://www.youtube.com/

    work page

  11. [11]

    Reliable client accounting for p2p-infrastructure hybrids

    Aditya, P., Zhao, M., Lin, Y., Haeberlen, A., Druschel, P., Maggs, B., and Wishon, B. Reliable client accounting for p2p-infrastructure hybrids. In NSDI’12 (2012)

    work page 2012

  12. [12]

    Survey on peer-assisted content delivery networks

    Anjum, N., Karamshuk, D., Shikh-Bahaei, M., and Sastry, N. Survey on peer-assisted content delivery networks. Computer Networks 116 (2017)

    work page 2017

  13. [13]

    Content delivery networks , vol

    Buyya, R., Pathan, M., and Vakali, A. Content delivery networks , vol. 9. Springer Science & Business Media, 2008

    work page 2008

  14. [14]

    Dynamic proofs of retrievability via obliv- ious ram

    Cash, D., K¨upc ¸¨u, A., and Wichs, D. Dynamic proofs of retrievability via obliv- ious ram. Journal of Cryptology 30 , 1 (2017)

    work page 2017

  15. [15]

    Proofs of space

    Dziembowski, S., Faust, S., Kolmogorov, V., and Pietrzak, K. Proofs of space. In Crypto’15 (2015)

    work page 2015

  16. [16]

    C., K ¨upc ¸¨u, A., Papamanthou, C., and Tamassia, R

    Erway, C. C., K ¨upc ¸¨u, A., Papamanthou, C., and Tamassia, R. Dynamic provable data possession. ACM Transactions on Information and System Security 17, 4 (2015). 20

    work page 2015

  17. [17]

    Peerreview: Practical accountability for distributed systems

    Haeberlen, A., Kouznetsov, P., and Druschel, P. Peerreview: Practical accountability for distributed systems. ACM SIGOPS operating systems review 41, 6 (2007)

    work page 2007

  18. [18]

    IEEE Transactions on Multimedia 18 , 5 (2016)

    Jin, Y., Wen, Y., and Guan, K.Toward cost-efficient content placement in media cloud: modeling and analysis. IEEE Transactions on Multimedia 18 , 5 (2016)

    work page 2016

  19. [19]

    Y., Dai, Y., and Li, X

    Lian, Q., Zhang, Z., Yang, M., Zhao, B. Y., Dai, Y., and Li, X. An empirical study of collusion behavior in the maze p2p file-sharing system. In ICDCS’07 (2007)

    work page 2007

  20. [20]

    Ensuring content integrity for untrusted peer-to-peer content distribution networks

    Michalakis, N., Soul ´e, R., and Grimm, R. Ensuring content integrity for untrusted peer-to-peer content distribution networks. In NSDI’07 (2007)

    work page 2007

  21. [21]

    K., Zentveld, E., Crispo, B., and Tanenbaum, A

    Nair, S. K., Zentveld, E., Crispo, B., and Tanenbaum, A. S. Floodgate: A micropayment incentivized p2p content delivery network. In IEEE ICCCN’08 (2008)

    work page 2008

  22. [22]

    K., Sekar, V., Spensky, C., and Zhang, Z

    Reiter, M. K., Sekar, V., Spensky, C., and Zhang, Z. Making peer-assisted content distribution robust to collusion using bandwidth puzzles. In ICISS’09 (2009)

    work page 2009

  23. [23]

    Toward publicly auditable secure cloud data storage services

    Wang, C., Ren, K., Lou, W., and Li, J. Toward publicly auditable secure cloud data storage services. IEEE network 24 , 4 (2010)

    work page 2010

  24. [24]

    Peer-assisted content distribution in akamai netsession

    Zhao, M., Aditya, P., Chen, A., Lin, Y., Haeberlen, A., Druschel, P., Maggs, B., Wishon, B., and Ponec, M. Peer-assisted content distribution in akamai netsession. In IMC’13 (2013). 21

    work page 2013