Collaborative anomaly detection for structured P2P networks

Authors:
Wei Wang;Hong Man;Fangming He
Affiliations:
Department of Electrical and Computer Engineering, Stevens Institute of Technology, Hoboken, NJ;Department of Electrical and Computer Engineering, Stevens Institute of Technology, Hoboken, NJ;Department of Electrical and Computer Engineering, Stevens Institute of Technology, Hoboken, NJ
Venue:
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Year:
2009

Citing 7
Cited 0

Chord: A scalable peer-to-peer lookup service for internet applications

Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
The Sybil Attack

IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Secure routing for structured peer-to-peer overlay networks

OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Defending the Sybil Attack in P2P Networks: Taxonomy, Challenges, and a Proposal for Self-Registration

ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
Defending against eclipse attacks on overlay networks

Proceedings of the 11th workshop on ACM SIGOPS European workshop
Message Dropping Attacks in Overlay Networks: Attack Detection and Attacker Identification

ACM Transactions on Information and System Security (TISSEC)
Anonymity Scheme for Interactive P2P Services

CCGRID '08 Proceedings of the 2008 Eighth IEEE International Symposium on Cluster Computing and the Grid

Quantified Score

Hi-index	0.00

Visualization

Abstract

Anomaly detection in Peer-to-Peer (P2P) networks is generally difficult due to the large number of users in the network. Exhaustive probing on each user is extremely unrealistic. Besides, unlike hierarchical systems, the infrastructure of a P2P network is flat, which makes multi-casting based probing schemes impossible. Most P2P security research focus on proactive prevention schemes to secure the system. In this paper, we aim to apply passive anomaly detection to estimate the proportion of malicious nodes in the network, without any network parameter information. Two deployment schemes are proposed for different network attacks. We deploy monitoring nodes which maintain both in- and out-of-band P2P communications. Monitoring nodes collaboratively probe one another periodically, and observations at each monitoring node are aggregated by a token message. Simulation results show that after applying our anomaly detection system, we can estimate the status of malicious nodes in a P2P network with high accuracy, and the delivery rate of the network is noticeably increased after successfully blocking suspicious nodes.