BotTorrent: misusing BitTorrent to launch DDoS attacks

Authors:
Karim El Defrawy;Minas Gjoka;Athina Markopoulou
Affiliations:
University of California, Irvine;University of California, Irvine;University of California, Irvine
Venue:
SRUTI'07 Proceedings of the 3rd USENIX workshop on Steps to reducing unwanted traffic on the internet
Year:
2007

Citing 7
Cited 9

Code-Red: a case study on the spread and victims of an internet worm

Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Inside the Slammer Worm

IEEE Security and Privacy
Internet Denial of Service: Attack and Defense Mechanisms (Radia Perlman Computer Networking and Security)

Internet Denial of Service: Attack and Defense Mechanisms (Radia Perlman Computer Networking and Security)
Tussle in cyberspace: defining tomorrow's internet

IEEE/ACM Transactions on Networking (TON)
Exploiting P2P systems for DDoS attacks

InfoScale '06 Proceedings of the 1st international conference on Scalable information systems
The bittorrent p2p file-sharing system: measurements and analysis

IPTPS'05 Proceedings of the 4th international conference on Peer-to-Peer Systems
Misusing unstructured p2p systems to perform dos attacks: the network that never forgets

ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security

Exploiting KAD: possible uses and misuses

ACM SIGCOMM Computer Communication Review
Antisocial Networks: Turning a Social Network into a Botnet

ISC '08 Proceedings of the 11th international conference on Information Security
Monitoring the Bittorrent Monitors: A Bird's Eye View

PAM '09 Proceedings of the 10th International Conference on Passive and Active Network Measurement
Measurement and mitigation of BitTorrent leecher attacks

Computer Communications
The WOMBAT Attack Attribution Method: Some Results

ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
Request diversion: a novel mechanism to counter P2P based DDoS attacks

International Journal of Internet Protocol Technology
Preventing DDoS attacks on internet servers exploiting P2P systems

Computer Networks: The International Journal of Computer and Telecommunications Networking
Poisoning the Kad network

ICDCN'10 Proceedings of the 11th international conference on Distributed computing and networking
eDonkey & eMule's Kad: Measurements & Attacks

Fundamenta Informaticae

Quantified Score

Hi-index	0.01

Visualization

Abstract

BitTorrent is currently one of the most popular peer-to-peer systems. BitTorrent clients are widely spread all over the world and account for a large fraction of today's Internet traffic. In this paper, we show that BitTorrent can be exploited by misdirecting clients to send their traffic toward any host on the Internet. The volume of a BitTorrent swarm can thus be converted into firepower for launching a distributed denial-of-service attack that can exhaust the victim's resources, including access bandwidth and connection resources. We identify novel exploits of the BitTorrent system and conduct real-life experiments that demonstrate the feasibility and severity of such attacks. We characterize the volume, duration and spread of attack traffic observed in our experiments. Finally, we discuss possible fixes and the limits of both attack and defense approaches.