ARR 2006 poster

1
Exploiting BitTorrent For Fun (But Not Profit)
Nikitas Liogkas, Robert Nelson, Eddie Kohler,
Lixia Zhang UCLA Computer Science Department
Experimental Setup
Summary

• Private torrents
• eight leechers, one seed on Planetlab
• imposed upload and download limits
• purpose to assess the benefit to the selfish
  peer and the damage to the honest peers
• Public torrents
• two clients, selfish and honest, join the same
  torrent at the same time
• purpose to reveal the impact of the exploits in
  real settings

BitTorrent is a popular peer-to- peer content
distribution protocol. This work assessed its
robustness against selfish clients, who try to
download more than their fair share by abusing
existing protocol mechanisms. We designed three
such exploits and evaluated them on public and
private torrents.
Contributions
Evaluation Results

• Fairness peers who do not upload should not
  receive good service
• Robustness the system should always be able to
  provide service
• Contributions of this work
• fairness violations are feasible
• such violations, however, do not significantly
  reduce robustness
• proposed five design principles for robust
  peer-to-peer protocols

• Exploit 1 (Fig.1)
• a fast selfish peer gets 22 better download
  rates
• however, robustness does not suffer honest peers
  do worse by
• results validated in public torrents
• Exploit 1 with modified seed (Fig.2)
• (seed uploading to one leecher at a time)
• considerable fairness violation fast selfish
  peer gets faster by 155
• robustness suffers honest peers slower by at
  least 32
• multiple uploading slots are critical to
  robustness
• Exploit 2 (Fig.3)
• a fast selfish peer gets 29 better download
  rates
• however, exploit fails in public torrents due to
  the lack of optimistic unchoking
• Exploit 3 (Fig.4)
• a fast selfish peer gets 22 better download
  rates
• however, modern implementations remember the
  origin of pieces thus, they can detect and
  blacklist cheaters
• remembering past interactions supports robustness

seed uploads data to only one leecher at a time
155
Exploit Design

• Regular protocol operation
• 1. Download only from seeds
• repeatedly ask the tracker for new peer lists and
  separate out the seeds
• download from seeds and other leechers without
  uploading in return
• can download the entire content without uploading
  at all
• 2. Download from fastest peers
• do not perform optimistic unchokes

I have
repeatedrequests
peer lists
29
Conclusions
download limit for peers 1,3,5-7

• In practice, BitTorrent appears
• quite robust against this kind of
• exploits in most cases, we observe no
• considerable degradation of the
• systems quality of service.
• Based on our observations, we propose
• the following five principles for the
• design of robust peer-to-peer protocols
• parallel downloading maintain parallel
  interactions with multiple peers enables
  adaptivity in dynamic conditions
• memory remember past interactions enables
  detection and punishment of peers sending
  corrupted data
• problem partitioning decouple data needs from
  provided service prevents manipulation by
  declaring false info
• export minimal information hide exploitable
  properties (e.g. that you are a seed) prevents
  monopolization
• keep the network connected random choice in
  optimistic unchoking prevents clustering and
  starvation

4
I have
1
2
3
garbage
1
2
3