Turning P2P Networks into DDoS Engines: A Survey
Subject Areas : Journal of Computer & Robotics
Hamid Farhadi
1
,
Behzad Akbari
2
,
Shahab Rajaee
3
,
Mohammad Farahani
4
1 - School of Science and Eng., Sharif University of Technology (International Campus), Kish, Iran
2 - Department of Electrical and Computer Eng., Tarbiat Modares University, Tehran, Iran
3 - School of Science and Eng., Sharif University of Technology (International Campus), Kish, Iran
4 - School of Science and Eng., Sharif University of Technology (International Campus), Kish, Iran
Keywords:
Abstract :
[1] D.D. Clark, J. Wroclawski, K.R. Sollins, and R. Braden, Tussle in
cyberspace: defining tomorrow's internet, IEEE/ACM Trans. on
Networking, vol. 13, pp. 462–475, 2005.
[2] J. Mirkovic, S. Dietrich, D. Dittrich, and P. Reiher, Internet Denial
of Service: attack and defense mechanisms (Radia Perlman
Computer Networking and Security), Prentice Hall PTR Upper
Saddle River, NJ, USA, 2004.
[3] “The NGN forum” [Online], Available: http://www.catr.cn/
zhthg/ngn/2007/ [Accessed: May 2010].
[4] E.K. Lua, J. Crowcroft, M. Pias, R. Sharma, and S. Lim, A survey
and comparison of peer-to-peer overlay network schemes, IEEE
Communications Surveys & Tutorials, vol. 7, pp. 72–93, 2005.
[5] Napster - Wikipedia, the free encyclopedia, May 2010, [Online].
Available: http://en.wikipedia.org/wiki/Napster [Accessed: May
2010].
[6] Gnutella - Wikipedia, the free encyclopedia, May 2010, [Online].
Available: http://en.wikipedia.org/wiki/Gnutella [Accessed: May
2010].
[7] FastTrack - Wikipedia, the free encyclopedia, May 2010, [Online].
Available: http://en.wikipedia.org/wiki/Fasttrack [Accessed: May
2010].
[8] B. Cohen, Incentives build robustness in BitTorrent, The First
Workshop on Economics of Peer-to-Peer systems, Berkeley, CA,
USA, June 2003.
[9] BitTorrent (protocol) - Wikipedia, the free encyclopedia, May
2010, [Online]. Available: http://en.wikipedia.org/wiki/BitTorrent_(protocol) [Accessed: May 2010]. [10] K. El Defrawy, M. Gjoka, and A. Markopoulou, Bottorrent: Misusing Bittorrent to launch DDoS attacks, the 3rd USENIX workshop on Steps to reducing unwanted traffic on the internet (SRUTI'07), Berkeley, CA, USA, June 2007. [11] Y. Liu, X. Liu, C. Wang, and L. Xiao, Defending P2Ps from overlay flooding-based DDoS, The Int. Conf. on Parallel Processing (ICPP), Xian, China, September, pp. 28–28, 2007. [12] X. Sun, R. Torres, and S. Rao, DDoS attacks by subverting membership management in P2P systems, Secure Network Protocols, pp. 1–6, 2007. [13] X. Sun, R. Torres, and S. Rao, Preventing DDoS Attacks with P2P systems through robust membership management, Technical Report TR-ECE-07-13, Purdue University, USA, February 2007. [14] J. Oikarinen and D. Reed, Internet relay chat protocol, RFC 1459, May 1993. [15] Twitter - Wikipedia, the free encyclopedia, May 2010, [Online]. Available: http://en.wikipedia.org/wiki/Twitter [Accessed: May 2010]. [16] N. Friess and J. Aycock, Black Market Botnets, Jul. 2007. [17] Z. Li, Q. Liao, and A. Striegel, Botnet Economics: Uncertainty Matters, Managing Information Risk and the Economics of Security, pp. 245-267, 2009. [18] M. Ripeanu, Peer-to-Peer Architecture Case Study: Gnutella Network, University of Chicago, Department of Computer Science, 2001. [19] E. Athanasopoulos, K.G. Anagnostakis, and E.P. Markatos, Misusing unstructured p2p systems to perform dos attacks: The network that never forgets, Lecture Notes in Computer Science, vol. 3989, p. 130, 2006. [20] D. Zeinalipour-yazti, Exploiting the security weaknesses of the Gnutella protocol, Course Project for Seminar in Computer Security at University of California - Riverside, Department of Computer Science, March 2002. [21] P. Maymounkov and D. Mazieres, Kademlia: A peer-to-peer information system based on the xor metric, First International Workshop on Peer-to-Peer Systems, pp. 53–65, 2002. [22] A. Rowstron and P. Druschel, Pastry: Scalable, distributed object location and routing for large-scale peer-to-peer systems, IFIP/ACM Int. Conf. on Distributed Systems Platforms (Middleware), pp. 329–350, 2001. [23] B.Y. Zhao, J.D. Kubiatowicz, and A.D. Joseph, Tapestry: a fault-tolerant wide-area application infrastructure, ACM SIGCOMM Computer Communication Review, vol. 32, pp. 81–81, 2002.
[24] Z. Li and X. Chen, Misusing Kademlia protocol to perform DDoS Attacks, IEEE Int. Symp. on parallel and distributed processing with applications, Sydney, Australia, pp. 80–86, 2008. [25] J. Liang, N. Naoumov, and K.W. Ross, The index poisoning attack in p2p file sharing systems, IEEE INFOCOM 2006, Barcelona: 2006. [26] N. Naoumov and K. Ross, Exploiting P2P systems for DDoS attacks, The first Int. Conf. on Scalable information systems (InfoScale '06), NY, USA, pp. 47, 2006. [27] A. Belapurkar et al., Infrastructure-Level threatsand vulnerabilitie, distributed systems security: issues, processes and solutions, Wiley, pp. 71-98, 2009. [28] H. Schulze and K. Mochalski, Internet Study 2008/2009 [Online]. Available: http://www.ipoque.com/resources/internet-studies/ internet-study-2008_2009.pdf [Accessed: October 2009]. [29] Mininova’s torrent downloads double to 7 billion in a year | TorrentFreak [Online]. Available: http://torrentfreak.com/ mininovas -torrent- downloads -doubled-in-a-year-090105/ [Accessed: February 2010]. [30] iMesh Homepage [Online]. Available: http://www.imesh.com/ [Accessed: May 2010]. [31] KaZaA Homepage [Online]. Available: http://www.kazaa.com/ [Accessed: May 2010]. [32] Morpheus [Online]. Available: http://en.wikipedia.org/wiki/ Morpheus_(computer_program) [Accessed: May 2010]. [33] eDonkey network [Online]. Available: http://en.wikipedia.org/ wiki/EDonkey_network [Accessed: May 2010]. [34] Official eMule Homepage. [Online]. Available: http://www. emule-project.net/home/perl/general.cgi?l=1 [Accessed: May 2010]. [35] Overnet [Online]. Available: http://en.wikipedia.org/wiki/ Overnet [Accessed: May 2010]. [36] K.C. Sia, DDoS vulnerability analysis of Bit-Torrent protocol, Technical Report, UCLA: 2006. [37] K. El Defrawy, M. Gjoka, and A. Markopoulou, Bottorrent: Misusing bittorrent to launch ddos attacks, USENIX SRUTI, Santa Clara, 2007. [38] J. Harrington, C. Kuwanoe, and C.C. Zou, A BitTorrent-driven distributed denial-of-service attack, 3rd Int. Conf. on Security and Privacy in Communication Networks, Nice, France: , pp. 17–20.
[39] N. Naoumov and K. Ross, Exploiting p2p systems for ddos attacks, Proc.s of the 1st Int. Conf. on Scalable information systems, Hong Kong, pp. 47-53, 2006.
