DDoS vulnerability of BitTorrent Peer Exchange extension: Analysis and defense

BitTorrent (BT) is a well-known Peer-to-Peer (P2P) downloading protocol and has been implemented in several versions. New features and extensions used to improve performance of BitTorrent systems also bring some security issues. In this paper, we analyze potential DDoS vulnerabilities of BT and its Peer Exchange extension. We show the ways of launching connection-exhausted DDoS attacks. Our experiments demonstrate these attacks are persistent and incur few costs for the attacker. By analyzing the main causes we find that both the defect of implement and the lack of trust and authentication mechanism are to blame, while the latter is critical. To defend against the DDoS attacks, we propose a score-based peer Reputation Exchange (REX) mechanism. Using REX, the score of a malicious peer is less than that of a good peer after several iterations, hence has less chance to be connected. REX makes it difficult to launch a DDoS attack and it can effectively mitigate the effect of the attack.