Defending against Sybil nodes in BitTorrent

  • Authors:
  • Jung Ki So;Douglas S. Reeves

  • Affiliations:
  • Department of Computer Science, North Carolina State University, Raleigh, NC;Department of Computer Science, North Carolina State University, Raleigh, NC

  • Venue:
  • NETWORKING'11 Proceedings of the 10th international IFIP TC 6 conference on Networking - Volume Part II
  • Year:
  • 2011

Quantified Score

Hi-index 0.00

Visualization

Abstract

BitTorrent and its derivatives contribute a major portion of Internet traffic due to their simple and scalable operation. However, the lack of security mechanisms makes them vulnerable to attacks such as file piece pollution, connection slot consumption, and bandwidth exhaustion. These effects are made worse by the ability of attackers to manufacture new identities, or Sybil nodes, at will. The net effect of Sybil nodes and weak security leads to inefficient BitTorrent operation, or collapse. In this paper, we present defenses against threats from Sybil attackers in BitTorrent. A simple, direct reputation scheme called GOLF fosters peer cooperation to exclude potential attackers. Locality filtering tentatively identifies Sybil nodes based on patterns in IP addresses. Under the proposed scheme, Sybil attackers may still continue malicious behaviors, but their effect sharply decreases. Comparison to existing reputation models shows GOLF effectively detects and blocks potential attackers, despite false accusation.