• DocumentCode
    1951981
  • Title

    DDoS Attacks by Subverting Membership Management in P2P Systems

  • Author

    Sun, Xin ; Torres, Ruben ; Rao, Sanjay

  • Author_Institution
    Purdue University, sun19@ecn.purdue.edu
  • fYear
    2007
  • fDate
    16-16 Oct. 2007
  • Firstpage
    1
  • Lastpage
    6
  • Abstract
    We show that malicious participants in a peer-to-peer system can subvert its membership management mechanisms to create large-scale DDoS attacks on nodes not even part of the overlay system. The attacks exploit many fundamental design choices made by peer-to-peer system designers such as (i) use of push-based mechanisms; (ii) use of distinct logical identifier (e.g. IDs in a DHT) corresponding to the same physical identifier (e.g., IP address), typically to handle hosts behind NATs; and (iii) inadequate or poorly designed mechanisms to validate membership information. We demonstrate the significance of the attacks in the context of mature and extensively deployed peer-to-peer systems with representative and contrasting membership management algorithms - DHT-based Kad and gossip-based ESM.
  • Keywords
    Computer crime; Intrusion detection; Large-scale systems; Network address translation; Peer to peer computing; Robustness; Streaming media; Sun; Telecommunication traffic; Web and internet services;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Secure Network Protocols, 2007. NPSec 2007. 3rd IEEE Workshop on
  • Conference_Location
    Beijing, China
  • Print_ISBN
    978-1-4244-1603-5
  • Electronic_ISBN
    978-1-4244-1603-5
  • Type

    conf

  • DOI
    10.1109/NPSEC.2007.4371618
  • Filename
    4371618
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1951981