An analysis of using reflectors for distributed denial-of-service attacks
ACM SIGCOMM Computer Communication Review
Query-flood DoS attacks in gnutella
Proceedings of the 9th ACM conference on Computer and communications security
SLIC: A Selfish Link-Based Incentive Mechanism for Unstructured Peer-to-Peer Networks
ICDCS '04 Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04)
Characterizing the two-tier gnutella topology
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Exploiting KAD: possible uses and misuses
ACM SIGCOMM Computer Communication Review
BotTorrent: misusing BitTorrent to launch DDoS attacks
SRUTI'07 Proceedings of the 3rd USENIX workshop on Steps to reducing unwanted traffic on the internet
Antisocial Networks: Turning a Social Network into a Botnet
ISC '08 Proceedings of the 11th international conference on Information Security
Peer-to-peer system-based active worm attacks: Modeling, analysis and defense
Computer Communications
Inferring undesirable behavior from P2P traffic analysis
Proceedings of the eleventh international joint conference on Measurement and modeling of computer systems
Measurement and mitigation of BitTorrent leecher attacks
Computer Communications
Request diversion: a novel mechanism to counter P2P based DDoS attacks
International Journal of Internet Protocol Technology
GAS: overloading a file sharing network as an anonymizing system
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Preventing DDoS attacks on internet servers exploiting P2P systems
Computer Networks: The International Journal of Computer and Telecommunications Networking
MOR: monitoring and measurements through the onion router
PAM'10 Proceedings of the 11th international conference on Passive and active measurement
What is the impact of p2p traffic on anomaly detection?
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
ICDCN'10 Proceedings of the 11th international conference on Distributed computing and networking
eDonkey & eMule's Kad: Measurements & Attacks
Fundamenta Informaticae
Hi-index | 0.00 |
Unstructured P2P systems have gained great popularity in recent years and are currently used by millions of users. One fundamental property of these systems is the lack of structure, which allows decentralized operation and makes it easy for new users to join and participate in the system. However, the lack of structure can also be abused by malicious users. We explore one such attack, that enables malicious users to use unstructured P2P systems to perform Denial of Service (DoS) attacks to third parties. Specifically, we show that a malicious node can coerce a large number of peers to perform requests to a target host that may not even be part of the P2P network, including downloading unwanted files from a target Web Server. This is a classic form of denial-of-service which also has two interesting characteristics: (a) it is hard to identify the originator of the attack, (b) it is even harder to stop the attack. The second property comes from the fact that certain unstructured P2P systems seem to have a kind of “memory”, retaining knowledge about (potentially false) queries for many days. In this paper we present real-world experiments of Gnutella-based DoS attacks to Web Servers. We explore the magnitude of the problem and present a solution to protect innocent victims against this attack.