Request diversion: a novel mechanism to counter P2P based DDoS attacks

Authors:
Basheer Al-Duwairi;Abdul-Raheem Masoud Mustafa
Affiliations:
Network Engineering and Security Department, Jordan University of Science and Technology, Irbid 22110, Jordan.;Cyberia, ISP. Co., Amman 11185, Jordan
Venue:
International Journal of Internet Protocol Technology
Year:
2010

Citing 11
Cited 0

A N algorithm for mutual exclusion in decentralized systems

ACM Transactions on Computer Systems (TOCS)
On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets

Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
SOS: secure overlay services

Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
New directions in traffic measurement and accounting

Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
SYN-dog: Sniffing SYN Flooding Sources

ICDCS '02 Proceedings of the 22 nd International Conference on Distributed Computing Systems (ICDCS'02)
Hop-count filtering: an effective defense against spoofed DDoS traffic

Proceedings of the 10th ACM conference on Computer and communications security
The impact and implications of the growth in residential user-to-user traffic

Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Distributed Systems: Principles and Paradigms (2nd Edition)

Distributed Systems: Principles and Paradigms (2nd Edition)
BotTorrent: misusing BitTorrent to launch DDoS attacks

SRUTI'07 Proceedings of the 3rd USENIX workshop on Steps to reducing unwanted traffic on the internet
To filter or to authorize: network-layer DoS defense against multimillion-node botnets

Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Misusing unstructured p2p systems to perform dos attacks: the network that never forgets

ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security

Quantified Score

Hi-index	0.02

Visualization

Abstract

P2P-based distributed denial of service (DDoS) attacks represent an emerging threat for today's internet. This type of attacks exploits a design vulnerability of P2P networks in such a way as to drive as many P2P users as possible to download certain popular file(s) from a targeted host. This paper proposes a novel scheme, called request diversion, to counter DDoS attacks originating from P2P networks. The main idea of the proposed scheme is to divert P2P users from requesting a file that is advertised originally by an attacker to be available at the targeted host. This is achieved by intentionally making fake advertisements about the availability of the same file at different locations. The performance of the proposed scheme was evaluated through extensive simulation experiments. Simulation results show that request diversion scheme can reduce attack request rate drastically without being exploited by malicious users and without modifying the P2P clients and protocols.