Conference PaperPDF Available

A Taxonomy of Attack Methods on Peer-to-Peer Network

Authors:

Abstract and Figures

In the recent years we’ve seen a tremendous growth in peer-to-peer network development. Such rapid development has drawn the attention of many types of attackers.They either choose peer-to-peer network as their ultimate target or they use peer-to-peer network as an intermediate tool to generate more sophisticated attack against another target. There are many papers contributed by many researchers targeting different types of attack model found in peer-to-peer network. But a single paper classifying all known types of attacks peer-to-peer network is scarce. This paper fills in that gap by proposing a complete taxonomy of popular known attack methods found in peer-to-peer network.
Content may be subject to copyright.
132 Indian Conference on Computational Intelligence and Information Security (ICCIIS–07), January 25, 2007
1Dept. of Information & Communication Technology, Metropolitan University, Sylhet, Bangladesh. E-mail: sferdous@metrouni.edu.bd
2Dept. of Computer Science & Engineering, Shah Jalal University of Science & Technology, Sylhet, Bangladesh. E-mail: farida-cse@sust.edu
3Dept. of Computer Science & Engineering, Primeasia University, Dhaka, Bangladesh. E-mail: mzn_munna@yahoo.com
A Taxonomy of Attack Methods on Peer-to-Peer Network
Md. Sadek Ferdous1, Farida Chowdhury2 and Md. Moniruzzaman3
AbstractIn the recent years we’ve seen a tremendous growth
in peer-to-peer network development. Such rapid development
has drawn the attention of many types of attackers. They either
choose peer-to-peer network as their ultimate target or they use
peer-to-peer network as an intermediate tool to generate more
sophisticated attack against another target. There are many
papers contributed by many researchers targeting different types
of attack model found in peer-to-peer network. But a single
paper classifying all known types of attacks peer-to-peer network
is scarce. This paper fills in that gap by proposing a complete
taxonomy of popular known attack methods found in peer-to-
peer network.
Key Words: Peer-to-Peer, Peer-to-Peer Security, Taxonomy.
I. INTRODUCTION
Peer to Peer, shortly known as P2P is one of the two
architectures in communication network by which two or
more entities in a networked environment communicate with
each other. The other architecture is Client/Server. In
client/server architecture, there is usually a Server entity and
one or more Client entities. Communication between any two
entities has to be done through server. Traditionally Server is
the service provider and the client(s) are the service consumer.
But Peer to Peer architecture is a server-less architecture.
Every entity in the network is altogether Server and Client,
that is, every entity is at a time service provider and service
consumer. A network based on Peer to Peer architecture can
be loosely said as Peer to Peer Network. A formal definition
can be stated as [26]: Peer to Peer Networks are those that
exhibit three characteristics: self organization, symmetric
communication and distributed control. A self organizing P2P
network “automatically adapts to the arrival, departure and
failure of nodes” [27]. P2P system and P2P computing
sometimes are used by the researchers to loosely define the
P2P network. In this paper, those three terms will be used
interchangeably.
Before 1999 P2P was a topic of research interest among
only the researchers. But the inception of Napster in 1999
changed the whole scenario of P2P research [2]. Since then
researchers around the world deployed P2P network in many
different applications which include Communication Appli-
cation like IM (Instant Messaging), Distributed Computation
Project like Seti@Home, gnome@home, etc, Distributed
Database System, Content Distribution System for sharing
mostly digital media [29]. Due to the immense interest of the
researchers and the active participation of mass peoples many
P2P network like Gnutella, Pastry, Tapestry, Chord, Content
Addressable Network (CAN), Kazaa, Freenet, FastTrack,
Overnet, eDonkey, BitTorrent have come into existence [26,
29]. Such popularity drew attention of many “bad peoples” or
hackers. With a scalable rate of attack success, P2P network
has been a potential target for them. Outlook magazine ranked
P2P applications on the list of top 20 vulnerabilities of the
recent time [8]. That’s why, security in the P2P network has
been one of the most sought after factors among the
researchers.
Following this introduction, this paper is organized as
follows: Section 2 describes the related works in P2P attack
model. Section 3 proposes the complete taxonomy of different
attack methods found in P2P network. Section 4 suggests
future work. We conclude in Section 5.
II. RELATED WORKS
Numerous papers have been published in this field either
illustrating different P2P attack model or exemplifying
different defense mechanisms in certain aspect. In this section
we’ll cite some of those papers. In [10, 13, 16, 19, 31], impact
of worm propagation in P2P network been analyzed. [3]
discusses how a P2P system can be used to generate DDoS
attack. In [11], Sybil, one of the major types of attacks in P2P
network, has been analyzed. [5] examine another virulent
attack of P2P network named Eclipse. [21] examines attacks
based on content availability in P2P network. [28] provides a
taxonomy of rational attack found in P2P network. [17]
illustrates different types of P2P attack methods and their
solutions. [23] proposes a distributed recovery method if a
P2P network is under violent attack. In [18] an attack resistant
P2P system has been proposed. Though there are many papers
in this respective field, but almost each of them is confined to
different aspect of a single attack entity. But to the best of our
knowledge we’ve not seen any paper which proposes a
comprehensive taxonomy of all known attack methods in P2P
network. If such paper exists in reality, we’ve been completely
unaware of it during the writing of this paper.
III. TAXONOMY OF ATTACKS ON P2P
Various forms of attacks in the P2P network can be
roughly categorized into two broad categories (Figure 1):
Active attack and Passive attack. Active attack can be defined
as the attack which mainly targets node or nodes in the P2P
network. The main motif behind active attack is to cause
damage to a node or nodes. Whereas, passive attack includes
those attacks whose ultimate target is the P2P network itself,
not the node of the P2P network. The main motif behind
Published in the Proceedings of the 1st Indian Conference on Computational Intelligence and
Information Security, 2007 (ICCIIS, 07), pp:132-138.
A Taxonomy of Attack Methods on Peer-to-Peer Network 133
passive network is to disrupt or damage the P2P network
service so that participants are restrained to use the particular
service.
A. Active Attack
Active attack can again be subdivided into two other
categories (Figure 2a): Targeted attack and Opportunistic
Attack. A targeted attack is launched by the attacker with a
definite target or targets in mind. Before initiating such
attack, attacker fixes a particular target(s) and gathers as
much knowledge as possible about the possible target(s).
Whereas in the Opportunistic attack, an attack is launched
aiming no particular node. Intention behind such attack is to
exploit as much node as possible and then take advantage of
the vulnerabilities found on those nodes. So the number of
affected nodes in the targeted attack is almost much lesser
than those of opportunistic attack.
1. Targeted Attack: There are several types of attack in the
P2P network that can be classified into some form of Targeted
attack. Those attacks include (Figure 2a): MiTM (Man in The
Middle) attack, DoS/DDoS Attack, Short Circuit Attack,
Resource Exhaustion Attack and Identity Attack.
MiTM: Man in The Middle (MiTM) is a very infamous attack
which prevails in almost every form network communication,
both in wired and wireless communication. According to [22],
a MiTM can be defined as: “An attack in which the attacker
impersonates both ends of a secure communication channel.
The attacker eavesdrops on a secure/non-secure communi-
cation session to gain information that enables the attacker to
impersonate both parties’ communicating”. In the network
communication, an attacker, by using some crafty method,
places himself between two nodes exchanging data. So that,
every data that should pass only between two original hosts
passes through the attacking host. Such attack can remain
undetected if the attacker remains passive. In the active attack
method, the attacker can choose to modify the data that passes
through him. These nodes can be either in wired or wireless
network and either in P2P network or Client/Server network.
In a non-P2P environment, this crafty method is usually done
with the help of ARP cache poisoning [20]. In a P2P network
this task is extremely simple [17] as there is no control over
node placement in the P2P network. That is, a node can be
placed any where in the network. Most current P2P networks
such as pastry, chord, etc support this. The above mentioned
P2P networks are extremely vulnerable to this level of attack.
Identity Attack: An identity attack in P2P network can be
defined as: “An attack on which the identity of participating
nodes in the P2P network is not protected and can be easily
tracked down by the attacker with the intention to harass or
actively and legally attack them” [1, 25]. In two very popular
P2P networks such as BitTorrent and eMule, list and identities
of participating nodes can be traced with some queries [1].
After revealing the identities, other forms of attack such as
DoS, DDoS, State Exhaustion Attack, etc can be initiated
against those nodes or they can be legally harassed in many
forms.
Active DoS/DDoS: Denial of Service (DoS) is a specialized
form of attack, in which the attacker tries to prevent legitimate
users to access to a system or network by several possible
means, including: Flooding the network with so much traffic
that traffic from legitimate clients is overwhelmed, flooding
the network with so many requests for a network service that
the host providing the service cannot receive similar requests
from legitimate clients and thus disrupting communications
between hosts and legitimate clients by various means, include-
ing alteration of system configuration information or even
physical destruction of network servers and components [22].
As defined by the World Wide Web Security FAQ [14]:
“A Distributed Denial of Service (DDoS) attack uses many
computers to launch a coordinated DoS attack against one or
more targets. Using client/server technology, the perpetrator is
able to multiply the effectiveness of the Denial of Service
significantly by harnessing the resources of multiple unwitting
accomplice computers which serve as attack platforms”. That
is in a DDoS, attacker, by using some crafty methods,
compromises as many as host as possible in the network. Such
compromised host is known as Zombies. Then using these
zombies, the attacker launches DDoS attack against a
particular target where each zombie launches its own forms of
DoS attack against that node. In DoS attack, the attacking
node actively participates in the attack so that attacking node
can easily tracked down, whereas in DDoS attack, the main
attacker seldom participates in the attack. He mainly
coordinates the attack among the zombies and upon his order,
Fig. 1: Taxonomy of P2P attack
Peer-to-Peer Attack
Active
Attack
Passive
Attack
Fig. 2a: Taxonomy of active attack
Active
Attack
Targeted
Attack
Opportunistic
Attack
MiTM
Attack
Active
DoS/DDoS
Attack
Identity
Attack
Short
Circuit
Attack
Zombification
Attack
Eclipse
Attack
Simple
Dos/DDoS
Resource
Exhau
stion
Attack
Coordinated
Worm
Attack
Active
Worm
Attack
Worm
Infection
Spamming
134 Indian Conference on Computational Intelligence and Information Security (ICCIIS–07), January 25, 2007
the zombies participates in the active attack. So it is very
difficult to track down the main attacker.
DoS and DDoS attack in the P2P is very likely to occur. In
a P2P network, there are a huge number of participants and the
traffic generated by them is huger. So it is very difficult to
predict traffic between nodes. This makes very very hard to
detect compromise of P2P nodes from the outside. Attack
traffic of DoS and DDoS and attack control traffic of DDoS
can be hidden in normal P2P traffic. In this way, a
compromised P2P system may offer enough security for an
attacker [3]. DoS and DDoS attack in the P2P network can be
targeted against any particular node or against the P2P
network system. The former is a form of active attack while
the later is a form of passive attack. So here we’re discussing
the DoS attack that can be initiated against the node and we’ll
discuss the later in the paragraph of the passive attack.
Resource Exhaustion Attack: In [22] this attack is defined as:
“A resource exhaustion (or resource starvation) is a form of
DoS attack in which the attacker uses up a resource on the
target system, with the result that no resources are available
for legitimate users trying to access the system. Examples of
types of resources that can be “starved” include Central
Processing Unit (CPU) cycles, memory (physical or virtual),
network bandwidth, disk space, disk quota, file handles,
processes, and thread”. In a P2P network a modified version
of such attack is initiated against the nodes in which
information related to a network query is stored [18]. In such
attack, the attacker launches a huge amount of queries at a
very rapid rate on those nodes to tire out the buffers of those
nodes so that those nodes can’t serve any query and thus
creating disruption of service. Recursive overlay network is
much susceptible to this kind of attack [18].
2. Opportunitistic Attack: There are several types of attack in
the P2P network that can be classified into some form of
Opportunistic attack. Those attacks include (Figure 2b):
Worm Infection, Zombification Attack and Eclipse Attack.
Short Circuit Attack: In a recursive overlay network, query
may reach a node more than one time. In the usual sense, the
node will detect and drop those queries. However, if responses
are lost due to some factors such network error, node failure or
malicious nodes, the querying node may be unable to find an
object even though there exists a path to the node where it
resides. When a node drops such response with the intention
that node drop will lead to the possibility of disruption of
availability of a node for the querying node, then this
malicious event can be considered as Short Circuit Attack
[18]. This is a particular event of opportunistic attack as this
attack succeeds if and only if other path of the response also
somehow becomes unavailable.
Worm Infection: In [22], Worm has been defined as
“Autonomous code that propagates across a network”.
Computer virus is a malicious code that infects files on a
system, whereas worm is one form of a computer virus which
can infect a local system and spread to other systems on the
network as well. Like all other network system, worm
infection imposes a great threat toward P2P system. Recent
surge in the P2P system also makes it a potential lucrative
target for worm infection. Wei Yu, Corey Boyer, Dong Xuan
in [31] stated three reasons which explained the justification
for P2P system to be as one of the major targets for worm
infection. Those reasons are: “1) compromising P2P systems
with a large number of registered active hosts can easily
accelerate Internet worm propagation, as hosts in P2P systems
are real and active; 2) some hosts in P2P systems may have
vulnerable network and system environments, i.e., home
networks; 3) as hosts in P2P systems maintain a certain
number of neighbors for P2P routing purposes, worm infected
hosts in the P2P system can easily propagate the worm to its
P2P neighbors, which continue the worm propagation to other
hosts”. Their statements were justified when one of the vicious
recent worms known as MyDoom spread themselves over the
Kazaa P2P system [31]. P2P worm can be of two types:
1) Active worm or Scanning worm and 2) Coordinated worm
or Overlay Topological worm.
Active Worm: Active worm or scanning worm is one
particular type of worm which randomly probe IP addresses
for their propagation [31]. Actually this is the type of worm
that is usually found in any network including P2P network.
This type of worm is implemented using Pure Random-based
Scan or PRS [31]: In this strategy, worm-infected hosts do not
have any prior knowledge of the hosts. The worm host
randomly selects the IP addresses of victim targets from the
global IP address space and launches the worm attack and tries
to find some vulnerability to be exploited among them.
Coordinated Worm: Coordinated worm, also known as
Overlay Topological Worm, is a particular type of worm
which is designed specially for any particular P2P network. It
never randomly scans for any target like the scanning worm,
rather it uses some kind of coordinating information found in
the Overlay topology of the P2P network. This type of worm
is more deadly than the scanning worm in three ways which
include [31]: First, they spread much faster. Second, the rates
of failed connections they generate are not high. Finally, their
traffic patterns can be blended into the normal traffic patterns
of the P2P network which makes them very difficult to be
detected. One of the main sources of coordinated information
is Distributed Hash Table (DHT) of many P2P networks [10].
The other sources might be the software itself by which any
user connects to the P2P network as many nodes in the P2P
networks will be running the same software. So a vulnerability
in that software (such as a buffer overflow), all of the nodes in
the network are also vulnerable. In this case a P2P worm need
only look at the P2P routing tables and infect the hosts neighbor
set and thus has the capability to spread exponentially (by the
average degree of nodes) through the network [17].
Zombification Attack: Zombie is a compromised system used
as an intermediary in a Distributed Denial of Service (DDoS)
attack [22]. Such compromised hosts generally are poorly
secured systems connected to the Internet, which the attacker
A Taxonomy of Attack Methods on Peer-to-Peer Network 135
compromises and on which the attacker installs special DDoS
agent software. Using large numbers of zombies is the key to a
DDoS attack and provides the amplification factor that makes
them so much more effective than traditional DoS attacks.
The process of finding poorly secured system can be
defined as Zombification Attack and it is a form of
opportunistic attack as the attacker has no specific target in
mind. He will try to zombiefy as many nodes as possible by
exploiting different vulnerabilities found on different node.
The step of Zombification is quite simple. The attacker will
run automated tools to find vulnerable hosts on other networks
connected to the Internet. Popular tools for launching such
DDoS attacks include TFN, TFN2K, Trinoo, and Stachel-
draht, all of which are readily available on the Internet [22].
Spamming: According to [22], the more formal way of
defining spam is any form of e-mail that tries to hide its
originating e-mail address to make it hard to trace the sender
or that uses deception in the subject line to try to induce the
recipient to open the message. It has become the curse of the
Internet. Though spamming is not directly related to the
security of the system, but it can create disturbances for the
participants of the P2P network. As in some P2P network
identity of the user can be revealed, attacker can target them
for spamming and thus harass them.
Eclipse Attack: Eclipse attack [15] in P2P network is defined as
an attack in which a large number of malicious nodes with some
methods compel the legitimate nodes to adopt the malicious
nodes as their neighbors so that they can dominate the sets of
legitimate nodes. If successful, an Eclipse attack enables the
attacker to mediate most overlay traffic [5]. In the extreme, an
Eclipse attack allows the attacker to control all overlay traffic
that means, a successful Eclipse attack partition the network
into two or more partitions and then all communication that
passes the partition is forwarded by the malicious node [17]. It’s
one large form of MiTM attack. A successful eclipse attack,
combined with creating fake nodes, can bring most networks
entirely down [17]. Castro et al. identify the Eclipse attack as a
threat in structured overlay networks [15].
B. Passive Attack
There are many different forms of passive attack which
include (Figure 2b): Cached Data Attack, Sybil Attack,
Bootstrapping Attack, Spamming, ID Mapping Attack,
Routing Table Attack, Rational Attack, Passive Dos/DDoS
attack and Content Availability Depletion Attack.
Cached Data Attack: Caching has been a major way to
improve performance in the P2P network. An excellent
description of caching in peer-to-peer systems can be obtained
in [24], [30]. Though caches offer a performance boost, it
opens up a new security loophole in the system. The attacker
may exploit the cache of the nodes. Such exploitation may
create down-gradable performance for the network [18].
Sybil Attack: Sybil attack is defined as an attack on uniqueness
on identity in which a node dominates the P2P network by
obtaining a large number of node identifiers and thus imitating
a large number of nodes [11]. This dominance can be used to
control the whole P2P network by only one node. The
network becomes more vulnerable to this attack if the attacker
can place the new nodes anywhere in the network by manually
influencing in the ID space. This enables the attacker to use a
minimum number of nodes and impose a large amount of
damage to the network. When the attacker gains enough nodes
in that segment compared to the legitimate nodes, the attacker
can control all messages that pass through the segment. This
attack can be used as gateway to execute large scale attacks of
other types such as Eclipse. Sybil attack is one of those attacks
in the P2P network which are very difficult to detect [18].
Bootstrapping Attack: When a new node joins the system, it
must contact at least one existing node of the system. This
process is known as bootstrapping and this can be
accomplished in two ways: either using a centralized
bootstrapping service through a bootstrap server or
maintaining a list of nodes in which the program runs. The
later method is very popular as it diminishes the need of
contacting a bootstrap server [18]. This bootstrapping can be
source of another form of attack known as bootstrapping
attack. It is not exactly a direct attack over the P2P network,
rather an outcome of different types of P2P attack such Sybil
or Eclipse Attack. In any of the above attacks, when a network
is partitioned, the Bootstrapping Attack can be formalized. If
there is a subnet of malicious nodes around the new node and
the new node just bootstraps using one of them then that new
node will be effectively a part of the malicious node and be
partitioned from the actual network. The attacker then can use
this node as one of his attacking nodes.
Fig. 2b: Taxonomy of passive attack
Passive Attack
Cached
Data
Attack
Sybil
Attack
Boot
Strapping
Attack
ID
Mapping
Attack
Routing
Information
Attack
Rational
Attack
Passive
DoS/DDoS
Attack
Content
Availability
Depletion
Attack
Resource
Restriction
Poisoning
Auditing
Attack
Polluting
Free
Riding
Policy
Attack
Content
Restriction
Join &
Leave
Attack
Traffic
Amplification
Attack
Normal
DoS
136 Indian Conference on Computational Intelligence and Information Security (ICCIIS–07), January 25, 2007
ID Mapping Attack: In this attack, an attacker may obtain a
particular node identifier and thus a particular position on the
overlay network. Having got a particular identifier, the
attacker gains control over nearby resources [6]. The outcome
of this type of attack can be illustrated with an example: Node
A contacts a malicious node B. Node B knows that node A
will contact the set of neighbors such as Node C. B sends A
the list of its neighbors including C. Then B pretends to be
node C by the IP mapping attack and sends the answer to node
A. If A has no mean to verify the origin of the message then it
could be deceived into believing that false message that it
obtained from B was indeed the actual message from C.
Routing Information Attack: Nodes in the P2P network
preserve some sort routing information to route queries in the
system. Those routing information can be a potential target.
Routing information attack in the P2P network involves either
Incorrect Lookup Routing or Incorrect Routing Update [12].
In the incorrect lookup routing, malicious node forwards
queries to incorrect or non-existence node and then the
original node may never find the destination node. In the
incorrect routing update, a malicious node could corrupt the
routing table with incorrect updates to neighbors so that the
non-malicious nodes may then start pointing to incorrect
nodes or to nonexistent nodes. Structured P2P network that
has the freedom to choose between multiple routes is more
vulnerable to such attack [12, 18].
Rational Attack: It will be reasonable if we assume that most
of the participating nodes in the P2P network will be rational,
that is they will try to maximize their consumption of system
resources while lowering the use of their own. If such
behavior breaches the system policy then it can be defined as a
rational attack. According to the [28], a formal definition has
been defined as: “In most P2P systems, self-interested behavior
at the expense of the system can be classified as a rational
manipulation failure or, from a different perspective, a rational
attack”. Rational attack takes different disguise which include:
Free Riding: Free riding in the P2P network is defined as a
process when a Peer consumes resources mostly while
producing very few. For example, in a file sharing P2P
system, when the users only download resources and never
upload/share any their resources then they are defined as a free
rider. Free riding is a very common phenomenon for any P2P
network. Adar and Huberman [7] analyzed free-riding in the
Gnutella. The authors found that almost 70% of Gnutella users
were free-riders and the top 1% of sharing hosts returns 50%
of all responses. Nearly 50% of the shared files came from just
1% of hosts. In more recent research, Asvanund et al [4] found
that 42% of Gnutella v0.6 users were free-riders. Though free
riding is not directly related to the security of P2P network but
greater involvement of the free riding- peers will certainly
decrease the network performance. Free riding is of two types:
Content Restriction & Resource Restriction.
Content Restriction: Content restriction is defined as a
particular type of free riding in which participating nodes are
not sharing any of their contents (e.g. files) on the network [17].
Resource Restriction: Resource restriction is defined as a
particular type of free riding in which participating nodes are
not contributing any of their resources on the network [17].
Policy Attack: Some P2P networks implement some sorts of
auditing policies to diminish the possibility of free riding. A
policy attack is defined as an attack in which a node in the
P2P network exploits any loophole that is found in those
auditing policies [28].
Auditing Attack: Auditing attack in the P2P network is defined
as an attack in which any auditory system, that is present in
the network, is interrupted by some methods so that they can’t
detect the misbehavior of the irrational nodes [28].
Passive Dos/DDoS Attack: In the passive DoS/DDoS attack,
the target is not any particular node(s). Its main motif is to
disrupt the service of the respective P2P network. Such
passive DoS/DDoS can take different forms which include:
Join & Leave Attack, Simple DoS Attack and Traffic
Amplification Attack.
Join & Leave Attack: In the P2P systems, nodes join and leave
in dynamic fashion. Most of existing structured systems need
some amount of routing information to handle such
dynamism. There are two different types of DoS attacks
possible based on such dynamic join and leave of nodes:
(a) DoS against the network using rapid joins and leaves and
(b) DoS against the network using network stabilization
protocols [18]. If a significant number of nodes join and leave
the network at an extremely rapid rate the overhead associated
with such dynamic join and leave can become significant and
thus degrading the performance of the system. The attacker
can initiate such attack in two different ways (a) By being a
participant in rapid leave and join itself (b) By exploiting a set
of victim nodes by attacking malicious nodes.
Simple DoS Attack: The main motif of such attack is to disrupt
the service the network offers. As for example, lookup (key),
store (key) of a distributed hash table offers can be thwarted.
This can be accomplished by increasing the false traffic in the
system more than its limit. In this case no more legitimate
users will be able to take that particular P2P service. Both
recursive and iterative overlay network are vulnerable to such
attack.
Traffic Amplification Attack: Traffic amplification attack is
defined as any type of attack that magnifies the effect of a
single attacking host. Traffic amplification attack works by
having one packet generate multiple responses. The resulting
effect is that a single attacking host appears as multiple hosts,
with the goal of intensifying the effect of the attack to bring
down entire networks. Distributed Denial-of-Service (DDoS)
attacks are classic examples of amplification attacks in which
A Taxonomy of Attack Methods on Peer-to-Peer Network 137
intermediary compromised hosts are used to multiply the
malicious intent of a single intruder [22].
Content Availability Depletion Attack: Content availability
depletion attack in the P2P network can be defined as an
attack in which availability of the resources in the network
will be depleted with some crafty methods so that legitimate
users find it difficult to avail a particular resource. Copyright
Holders are here the potential attackers who try to deplete the
copyrighted materials in the P2P file-sharing network so that
the copyrighted materials can’t be easily availed. There are
two popular techniques by which such attack can be
generated: Poisoning and Pollutioning. A study provides
empirical evidence that a considerable amount of the files
found in the KaZaA/FastTrack network are unusable, due to
either pollution or poisoning [9].
Poisoning: A popular technique to reduce the availability of a
specific resource such movie, song or software in a P2P
network is to inject a huge number of decoys into the network
The decoys can be defined as “the files whose name and
metadata information (e.g., artist name, genre, length) match
those of the item, but whose actual content is unreadable,
corrupted, or altogether different from what the user expects
[21]”. Such intentional injection of decoys is regarded as
poisoning. Decoy can be inserted either by random decoy
injection, replicated decoy injection or replicated transient
decoy injection [21].
Polluting: Polluting can be defined as accidental insertion of
poorly encoded or truncated chunks/packets into an otherwise
valid file on the network [22]. It has the effect of reducing the
amount of usable resource in the network.
IV. FUTURE WORKS
In this paper, we’ve presented a complete taxonomy of all
the attack methods that are found in the P2P network
currently. This work can be extended in future by proposing
another complete taxonomy of the mitigation methods of these
attack methods.
V. CONCLUSION
There is no doubt that P2P network will enjoy much more
popularity day by day. Such increasing popularity will draw
attention of many more attackers. So the rate and amount of
the attacks in P2P network is surely to amplify. To fight back
such attack and their upcoming variants, a comprehensive
understanding on those attack methods are crucial. This paper
serves this purpose by providing a complete taxonomy of
almost all known types of attack methods in P2P network.
This understating can then be used to investigate new
countermeasures and comprehensive solutions against any
type of attacks in P2P network.
REFERENCES
[1] Nash, Andre L., “Attacking P2P Networks”, ECS 235—Hao Chen -
Fall 2005, December, 2005.
[2] Oram, Andy, “Peer to Peer: Harnessing the Power of Disruptive
Technologies”, O’Reilly, 2001.
[3] Wagner, Arno and Plattner, Bernhard, “Peer to Peer Systems as attack
platform for Distributed Denial of Service”, ACM SACT Workshop
2002, Washington D.C., USA, 2002.
[4] Atip, Asvanund, Clay, Karen, Krishnan, Ramayya and Michael Smith,
“An Empirical Analysis of Network Externalities in Peer-To-Peer
Music Sharing Networks”, In Proceedings of the 23rd International
Conference on Information Systems (ICIS), Barcelona, Spain,
December, 2002.
[5] Singh, R. Atul, Castro, Miguel, Druschel, Peter and Rowstron,
Antony, “Defending against Eclipse attacks on overlay networks”, In
the Proceedings of the 11th ACM SIGOPS European Workshop,
Leuven, Belgium, September 2004.
[6] Cerri, Davide, Ghioni, Alessandro, Paraboschi, Stefano and
Tiraboschi, Simone, “ID Mapping Attacks in P2P Networks”, In IEEE
GLOBECOM 2005.
[7] Adar, Eytan and Huberman, Bernardo A., “Free riding on Gnutella”,
http://www.firstmonday.dk/issues/issue5_10/adar/
[8] Gross, Grant, “What Are the Worst Security Problems?”, Outlook,
IDG News Service, October, 2003.
[9] Liang, J., Kumar, R., Xi, Y., and Ross, K., “Pollution in P2P file
sharing systems”, In Proceedings of IEEE INFOCOM’05, Miami, FL,
March, 2005.
[10] Kannan, Jayanthkumar and Lakshminarayanan, Karthik, “Implications
of Peer-to-Peer Networks on Worm Attacks and Defenses”, CS294-4
Project, Fall 2003, For Computer Science Dept. of Berkley University.
http://www.cs.berkeley.edu/~kubitron/courses/cs294-4-F03/
projects /karthik_jayanth.pdf.
[11] Douceur, John R., “The Sybil Attack”, In Proceedings for the 1st
International Workshop on Peer-to-Peer Systems (IPTPS ’02),
Cambridge, Massachusetts, USA, March. 2002.
[12] Shanmugasundaram, Kulesh, “Peer-to-Peer Systems Security Issues”
http://isis.poly.edu/kulesh/stuff/talks/p2psecurity.ppt.
[13] Zhou, Lidong, Zhang, Lintao, McSherry, Frank, Immorlica, Nicole,
Costa, Manuel and Chien, Steve, “A First Look at Peer-to-Peer
Worms: Threats and Defenses”, In Proceedings of the 4th
International Workshop on Peer-To-Peer Systems (IPTPS 2005),
Ithaca, New York, February, 2005.
[14] Stein, Lincoln and Stuart, John N., “The World Wide Web Security
FAQ”, Version 3.1.2, February 4, 2002. http://www.w3.org/Security/
faq/wwwsf6.html#DOS-Q2
[15] Castro, M., Druschel, P., Ganesh, A., Rowstron, A. and Wallach, D.S.,
“Secure routing for structured peer-to-peer overlay networks", In
Proceedings of USENIX Operating System Design and
Implementation(OSDI), Boston, MA, Dec. 2002.
[16] Costa, Manuel, Crowcroft, Jon, Castro, Miguel, Rowstron, Antony,
Zhou, Lidong, Zhang, Lintao and Barham, Paul, “Vigilante: End-to-
End Containment of Internet Worms”, In Proceedings of the 20th
ACM Symposium on Operating Systems Principles (SOSP 2005),
Brighton, United Kingdom, October, 2005.
[17] Engle, Marling, “Vulnerabilities of P2P Systems and a Critical look at
Their Solutions”, April, 2006. http://medianet.kent.edu/surveys/
IAD06S-P2PVulnerabilities-marling/index.html.
[18] Mishra, Mayank, “Cascad e: an attack resistant peer-to-peer system”,
http://mnl.cs.stonybrook.edu/home/mayank/CascadeReport.pdf.
[19] Collins, Michael, Gates, Carrie and Kataria, Gaurav, “A Model for
Opportunistic Network Exploits : The Case of P2P Worms”, In Fifth
Workshop on the Economics of Information Security,
Cambridge, UK, 2006. http://weis2006.econinfosec.org/docs/30.pdf.
[20] Tulloch, Mitch, Microsoft Encyclopedia of Security, Microsoft Press,
2003.
138 Indian Conference on Computational Intelligence and Information Security (ICCIIS–07), January 25, 2007
[21] Christin, Nicolas, Weigend, Andreas S. and Chuang, John, “Content
Availability, Pollution and Poisoning in File Sharing Peer-to-Peer
Networks”, In Proceedings of the 6th ACM conference on
Electronic commerce, Vancouver, BC, Canada, Pages: 68–77,
2005.
[22] Peer-to-Peer inf orma tion fro m wiki ped ia. h ttp://en. wikipedia.org/
wiki/Peer-to-peer.
[23] Keyani, Pedram, Larson, Brian and Senthil, Muthukumar, “Peer
Pressure: Distributed Recovery from Attacks in Peer-to-Peer
Systems”, In IFIP Peer-to-Peer Computing, 2002.
[24] Yolum, Pinar, Singh and Munindar P., “Flexible Caching in Peer-to-
Peer Information Systems”, In Proceedings of the 4th International Bi-
Conference Workshop on Agent-Oriented Information Systems
(AOIS), Bologna, July 2002.
[25] Wagner, Robert, “Address Resolution Protocol Spoofing and Man-in-
the-Middle Attacks”, Practical Assignment GSEC Version 1.2f,
August, 2001. http://www.phlak.org/docs/arp/address.pdf.
[26] Roussopoulos, M., Baker, M., Rosenthal, D., Guili, T., Maniatis,
P. and Mogul, J., “2 P2P or Not 2 P2P?”, In The 3rd International
Workshop on peer to peer systems, San diego, CA, USA, February,
2004.
[27] Rowstron, A. and Druschel, P. “Pastry: Scalable, distributed objection
location and routing for large scale peer-to-peer systems”, In
IFIP/ACM Middleware, Heidelberg, Germany, November, 2001.
[28] Nielson, Seth James, Crosby, Scott A. and Wallach, Dan S., “A
Taxonomy of Rational Attacks”, In The 4th International Workshop
on Peer-to-Peer Systems (IPTPS'05), Ithaca, New York, USA,
February, 2005.
[29] Androutsellis-Theotokis, Stephanos and Spinellis, Diomidis, “A
survey of peer-to-peer content distribution technologies”, In ACM
Computing Surveys, 36(4):335–371, December 2004.
[30] Stading, Tyron, Maniatis, Petros and Baker, Mary, “Peer-to-Peer
Caching Schemes to Address Flash Crowds (2002)”, In 1st
International Peer To Peer Systems Workshop (IPTPS 2002).
[31] Yu, Wei, Boyer, Corey, Chellappan, Sriram and Xuan, Dong, “Peer-
to-Peer System-based Active Worm Attacks: Modeling and Analysis”,
In Proc. of IEEE International Conference on Communications (ICC),
pp. 295-300, May 2005.
... -Content availability depletion [123] Arise from attacks targeting content availability which make finding a needed resource difficult. They are accomplished by poisoning or pollution of the replicated resources, lowering the relative availability of usable content in the network. ...
Article
Full-text available
The use of online social networks, such as Facebook and Twitter, has grown at a phenomenal rate. These platforms offer services that support interactions via messaging, chatting or audio/video conferencing, and also sharing of content. Most, if not all, of these platforms use centralized computing systems; therefore, the control and management of the systems lies entirely in the hands of one provider, who must be trusted to treat the data and communication traces securely. As a zero-trust alternative, peer-to-peer (P2P) technologies promise to support end-to-end communication, uncompromising access control, anonymity and resilience against censorship and massive data leaks through misused trust. The goals of this survey are threefold. First, the survey elaborates the properties of P2P-based online social networks and defines the requirements for such (zero-trust) platforms. Second, it gives an exposition of the building blocks for P2P frameworks that allow the creation of such sophisticated and demanding applications, such as user/identity management, reliable data storage, secure communication, access control and general-purpose extensibility, which are not properly addressed in other P2P surveys. As a third point, it gives a comprehensive analysis of proposed P2P-based online social network applications, frameworks and architectures by exploring the technical details, inter-dependencies and maturity of these solutions.
... However, even after the implementation of such schemes, the data availability may be highly affected due holes arising from routing-, storage-or resource lookup-based inconsistencies. Content availability depletion [125] may arise due to attacks that target the content availability, making it hard for the legitimate users to find a needed resource and are usually accomplished by poisoning or pollution attacks. Poisoning and pollution of the replicated resources lowers the relative availability of usable content in the P2P network. ...
Preprint
Full-text available
Online social networks, such as Facebook and twitter, are a growing phenomenon in today's world, with various platforms providing capabilities for individuals to collaborate through messaging and chatting as well as sharing of content such as videos and photos. Most, if not all, of these platforms are based on centralized computing systems, meaning that the control and management of the systems lies in the hand of one provider, which must be trusted to treat the data and communication traces securely. While users aim for privacy and data sovereignty, often the providers aim to monetize the data they store. Even, federated privately run social networks require a few enthusiasts that serve the community and have, through that, access to the data they manage. As a zero-trust alternative, peer-to-peer (P2P) technologies promise networks that are self organizing and secure-by-design, in which the final data sovereignty lies at the corresponding user. Such networks support end-to-end communication, uncompromising access control, anonymity and resilience against censorship and massive data leaks through misused trust. The goals of this survey are three-fold. Firstly, the survey elaborates the properties of P2P-based online social networks and defines the requirements for such (zero-trust) platforms. Secondly, it elaborates on the building blocks for P2P frameworks that allow the creation of such sophisticated and demanding applications, such as user/identity management, reliable data storage, secure communication, access control and general-purpose extensibility, features that are not addressed in other P2P surveys. As a third point, it gives an overview of proposed P2P-based online social network applications, frameworks and architectures. In specific, it explores the technical details, inter-dependencies and maturity of the available solutions.
... They are briefly discussed below: An analysis and comparison of different taxonomies within the domain of social engineering has been presented in [10]. The authors in [11] have presented a taxonomy of a wide range of attack methods in Peer-to-Peer networks. A taxonomy of threats in Cloud-of-Things has been presented in [12]. ...
Article
Full-text available
In this article, we present a model of cyber attacks which can be used to represent a cyber attack in an intuitive and concise way. With ever-increasing popularities of online services, we have seen a growing number of cyber attacks targeted towards large online service providers as well as individuals and the IoT devices. To mitigate these attacks, there is a strong urge to understand their different aspects. Creating a model is a widely used method towards this goal. Unfortunately, the number of models for cyber attacks is pretty low and even the existing models are not comprehensive. In this paper, we aim to fill this gap by presenting a comprehensive cyber attack model. We have used this model to represent a wide range of cyber attacks and shown its applicability and usefulness. We believe that our model will be a useful tool for the formal analysis of cyber attacks.
Article
Full-text available
Distributed Denial-of-Service attacks are an ef-fective means to make a service unavailable, mask other attack activities and generally de-grade or disrupt network functionality. The key characteristic is that analysis of and defence against this attack type is difficult because of the high number of attacking hosts and large amount of attack traffic that can be generated. The emerging Peer-to-Peer filesharing systems have characteristics that turn them into an at-tractive infrastructure that can be used as attack platform. Attackers that can compromise a P2P system can expect benefits such as a large num-ber of participants, easy hiding of attack control traffic and good, global distribution of partici-pating hosts. This gives attackers high flexibility and at the same time a smal risk of being iden-tified. This paper explains these characteristics in detail and concludes that further research into this threat and into possible countermeasures is urgently needed.
Article
Full-text available
We segregate attacks into two categories – targeted and opportunistic – based on whether the attacker compromises a specific target (targeted) or a number of intermediate targets to fulfill his end goal (opportunistic). We assume that opportunistic attackers consider targets indistinguishable except for their vulnerabilities, and are interested in acquiring as many targets as possible. We therefore hypothesize that opportunistic attackers will develop attacks involving services which have the largest number of potential targets. We test this hypothesis in a limited way by correlating worm releases on P2P file sharing networks with the number of users on the networks being targeted. Our results demonstrate that this relationship exists only for variants of worms and not for new worms. We further demonstrate that the results are service specific, and that there is no general model that represents the entire file sharing vector.
Conference Paper
Full-text available
Copyright holders have been investigating technological solutions to prevent distribution of copyrighted materials in peer-to-peer file sharing networks. A particularly popular technique consists in "poi- soning" a specific item (movie, song, or software title) by injecting a massive number of decoys into the peer-to-peer network, to re- duce the availability of the targeted item. In addition to poisoning, pollution, that is, the accidental injection of unusable copies of files in the network, also decreases content availability. In this paper, we attempt to provide a first step toward understanding the differences between pollution and poisoning, and their respective impact on content availability in peer-to-peer file sharing networks. To that effect, we conduct a measurement study of content availability in the four most popular peer-to-peer file sharing networks, in the ab- sence of poisoning, and then simulate different poisoning strategies on the measured data to evaluate their potential impact. We exhibit a strong correlation between content availability and topological properties of the underlying peer-to-peer network, and show that the injection of a small number of decoys can seriously impact the users' perception of content availability.
Article
Peer-to-peer systems have emerged from a drive to realize a computing architecture which cannot be taken down by attacking any single point. Scale and massively distributed nature of its architecture are its characteristics defense. Interestingly, these two features also seem to have introduced new set of menacing vulnerabilities. The vulnerabilities become complex due to architectural goals such as load distribution, search facilitation, and easy of reconfigurability. A P2P network must be expanded to include nodes in a potentially unknown environment (such as the Internet). These untrusted nodes may be faulty, malicious, and act together to commit as much damage to the P2P network as possible. In this survey, we discuss some of the vulnerabilities of these P2P systems, and take a critical look at some of their solutions to better understand these new threats.
Article
From the Publisher:Upstart software projects Napster, Gnutella, and Freenet have dominated newspaper headlines, challenging traditional approaches to content distribution with their revolutionary use of peer-to-peer file-sharing technologies. Reporters try to sort out the ramifications of seemingly ungoverned peer-to-peer networks. Lawyers, business leaders, and social commentators debate the virtues and evils of these bold new distributed systems. But what's really behind such disruptive technologies -- the breakthrough innovations that have rocked the music and media worlds? And what lies ahead? In this book, key peer-to-peer pioneers take us beyond the headlines and hype and show how the technology is changing the way we communicate and exchange information. Those working to advance peer-to-peer as a technology, a business opportunity, and an investment offer their insights into how the technology has evolved and where it's going. They explore the problems they've faced, the solutions they've discovered, the lessons they've learned, and their goals for the future of computer networking. Until now, Internet communities have been limited by the flat interactive qualities of email and network newsgroups, where people can exchange recommendations and ideas but have great difficulty commenting on one another's postings, structuring information, performing searches, and creating summaries. Peer-to-peer challenges the traditional authority of the client/server model, allowing shared information to reside instead with producers and users. Peer-to-peer networks empower users to collaborate on producing and consuming information, adding to it, commenting on it, and building communities around it. This compilation represents the collected wisdom of today's peer-to-peer luminaries. It includes contributions from Gnutella's Gene Kan, Freenet's Brandon Wiley, Jabber's Jeremie Miller, and many others -- plus serious discussions of topics ranging from accountability and trust to security and performance. Fraught with questions and promise, peer-to-peer is sure to remain on the computer industry's center stage for years to come.
Article
Distributed computer architectures labeled "peer-to-peer" are designed for the sharing of computer resources (content, storage, CPU cycles) by direct exchange, rather than requiring the intermediation or support of a centralized server or authority. Peer-to-peer architectures are characterized by their ability to adapt to failures and accommodate transient populations of nodes while maintaining acceptable connectivity and performance.Content distribution is an important peer-to-peer application on the Internet that has received considerable research attention. Content distribution applications typically allow personal computers to function in a coordinated manner as a distributed storage medium by contributing, searching, and obtaining digital content.In this survey, we propose a framework for analyzing peer-to-peer content distribution technologies. Our approach focuses on nonfunctional characteristics such as security, scalability, performance, fairness, and resource management potential, and examines the way in which these characteristics are reflected in---and affected by---the architectural design decisions adopted by current peer-to-peer systems.We study current peer-to-peer systems and infrastructure technologies in terms of their distributed object location and routing mechanisms, their approach to content replication, caching and migration, their support for encryption, access control, authentication and identity, anonymity, deniability, accountability and reputation, and their use of resource trading and management schemes.
Article
Recently, two trends have emerged in the field of peer-to-peer networks: widespread deployment of peer-to-peer systems for file sharing and develop-ment of distributed hash tables that provide efficient lookups. In this paper, we study how to harness the power of these technologies to further the state-of-the-art in both designing and defending against Inter-net worms. We quantify this advance from three dif-ferent viewpoints. Firstly, peer-to-peer traffic char-acteristics differs from traditional Internet traffic in several aspects, and we quantitatively analyze the ef-fect of these differences on worm propagation and control. Secondly, we show that a DHT is an ideal model for coordination among worms, and design a DHT-enabled worm that is an improvement over ex-isting worm designs in a number of aspects, mainly stealth in propagation and speed of propagation. Our DHT-based worm designs can be used to implement a variety of policies aimed at circumventing existing schemes for worm propagation control. Our results also show that a coordinated worm can spread more than twice as fast as worms such as Slammer, while halving the number of unsuccessful probes. In this way, this paper attempts to "raise the bar" in worm design, and this is essential to the development of suitable defenses. Finally, we offer some prelimi-nary insights on how a DHT can be used to be defend against worms.
Conference Paper
This paper presents the design and evaluation of Pastry, a scalable, distributed object location and routing substrate for wide-area peer-to-peer applications. Pastry performs application-level routing and object location in a potentially very large overlay network of nodes connected via the Internet. It can be used to support a variety of peer-to-peer applications, including global data storage, data sharing, group communication and naming. Each node in the Pastry network has a unique identifier (nodeId). When presented with a message and a key, a Pastry node efficiently routes the message to the node with a nodeId that is numerically closest to the key, among all currently live Pastry nodes. Each Pastry node keeps track of its immediate neighbors in the nodeId space, and notifies applications of new node arrivals, node failures and recoveries. Pastry takes into account network locality; it seeks to minimize the distance messages travel, according to a to scalar proximity metric like the number of IP routing hops. Pastry is completely decentralized, scalable, and self-organizing; it automatically adapts to the arrival, departure and failure of nodes. Experimental results obtained with a prototype implementation on an emulated network of up to 100,000 nodes confirm Pastry’s scalability and efficiency, its ability to self-organize and adapt to node failures, and its good network locality properties.