DenialofService Resilience in P2P File Sharing Systems - PowerPoint PPT Presentation

About This Presentation
Title:

DenialofService Resilience in P2P File Sharing Systems

Description:

... of-Service Resilience in P2P File Sharing Systems. Dan Dumitriu (EPFL) Ed ... P2P file sharing systems are very vulnerable in the face of coordinated attack ... – PowerPoint PPT presentation

Number of Views:47
Avg rating:3.0/5.0
Slides: 47
Provided by: csNorth
Category:

less

Transcript and Presenter's Notes

Title: DenialofService Resilience in P2P File Sharing Systems


1
Denial-of-Service Resilience in P2P File Sharing
Systems
  • Dan Dumitriu (EPFL)
  • Ed Knightly (Rice)
  • Aleksandar Kuzmanovic (Northwestern)
  • Ion Stoica (Berkeley)
  • Willy Zwaenepoel (EPFL)

2
The Myth
  • P2P systems are very robust!
  • They are very tolerant of random failures
  • They are tolerant of node churn

3
Our Findings
  • P2P file sharing systems are very vulnerable in
    the face of coordinated attack
  • However, resources required to mount a successful
    attack are large

4
DoS Attacks
  • Goals of DoS
  • Prevent successful downloads
  • i.e. reduce goodput to near zero
  • Two classes considered
  • File targeted
  • Already in use!
  • Affects any P2P network, including Bittorrent
  • We developed Network targeted attack
  • Targets P2P networks using flooding search

5
Outline
  • Methodology
  • File Attack
  • Network Attack
  • Defenses Against Network Attack
  • Conclusions

6
Methodology
  • Analytical modeling
  • Discrete-time
  • Simulation
  • Discrete Event simulation
  • Gnutella simulator
  • Structella simulator
  • Metrics
  • Percent of good files in the system
  • P(good reply), i.e. of replies not tampered
    with
  • Goodput

7
User Model
  • Two phase user-system interaction
  • Query
  • User sends query for particular file
  • Responses are received and stored
  • User waits for a certain amount of time
  • Download
  • One or more responses are selected based on
    policy
  • Downloads are initiated
  • Closed loop

8
Outline
  • Methodology
  • File Attacks
  • Network Attacks
  • Defenses Against Network Attacks
  • Conclusions

9
File-targeted Attacks
  • Attacker offers fake content, for a specific file
  • Content must have a valid checksum header
  • Detection of fake content must be slow
  • Attacker needs to get in early
  • Unwitting users offer false content and thus it
    spreads

10
Interesting Questions
  • What is the impact on rate of spread of good
    files?
  • What is the impact of freeloaders?
  • What is the impact of the user persistence
    factor?

11
Spreading Corruption
Fraction of Nodes With File
12
Persistence and Freeloading
Fraction of Nodes With File
Here it is!
13
Cost of File-targeted Attack
  • Attacker needs to serve 10 of downloads of a
    file
  • Real cost could be significant
  • If files are very popular
  • If attacker wants to pollute many files
  • Cost is per file!
  • Can we do better? Can we take down the entire
    P2P network?

14
Outline
  • Methodology
  • File Attacks
  • Network Attacks
  • Defenses Against Network Attacks
  • Conclusions

15
Network-targeted Attacks
  • Objective is to serve fake content and waste
    systems bandwidth
  • Compromises the search mechanism
  • Affects entire P2P network and all files
  • Intercept replies being routed to requesting peer
  • Replies already have correct filename and
    checksum
  • Modify replies to redirect downloader
  • False Reply attack redirects to attacker node
    which serves false content, with good checksum
    and header
  • Advertise fast downloads

16
Goodput Under Attack
17
Interesting Questions
  • What is the impact of network diameter?
  • What is the impact of SuperNodes?
  • What is the impact of graph topology?
  • What is the impact of desired anonymity?
  • What is the impact of the type of routing overlay?

18
Path Length
19
SuperNodes
20
Power Law
21
Overlay Network
22
Overlay Network - Goodput
23
Outline
  • Methodology
  • File Attacks
  • Network Attacks
  • Defenses Against Network Attacks
  • Conclusions

24
Client Counter-Strategies
  • Clients can defend themselves?
  • Modify reply selection policy!
  • How well can they do given
  • Redundant downloads?
  • Randomized selection?
  • Reputation systems?

25
Randomization
26
Redundancy
27
Reputation System
28
Cost of Network Attacks
  • Attacker only needs to compromise 2.5 of
    supernodes in a network
  • Cost is still significant, but not unmanageable
  • If P2P system has 4 million nodes attacker needs
    10000 nodes
  • Attackers nodes can be virtual
  • Attacker nodes must be well connected

29
Outline
  • Methodology
  • File Attacks
  • Network Attacks
  • Defenses Against Network Attacks
  • Conclusions

30
Conclusions
  • P2P Systems are vulnerable!
  • File attacks work!
  • Network Attack is devastating, but considerable
    resources are required
  • Structured overlay helps, somewhat
  • Reputation systems do little to alleviate the
    situation
  • User behavior is a major influence
  • Users may trade off between goodput without
    attack and attack effectiveness

31
Thank You!
32
Extra slides
33
Relationship
  • Depends on client selection strategy
  • Best select
  • Random select
  • Redundant select

34
Relationship
35
Freeloaders
36
Gnutella search mechanism
  • Steps
  • Node 2 initiates search for file A

7
1
4
2
6
3
5
37
Gnutella search mechanism
  • Steps
  • Node 2 initiates search for file A
  • Sends message to all neighbors

7
1
4
2
6
3
5
38
Gnutella search mechanism
  • Steps
  • Node 2 initiates search for file A
  • Sends message to all neighbors
  • Neighbors forward message

7
1
4
2
6
3
5
39
Gnutella search mechanism
  • Steps
  • Node 2 initiates search for file A
  • Sends message to all neighbors
  • Neighbors forward message
  • Nodes that have file A initiate a reply message

7
1
4
2
6
3
5
40
Gnutella search mechanism
  • Steps
  • Node 2 initiates search for file A
  • Sends message to all neighbors
  • Neighbors forward message
  • Nodes that have file A initiate a reply message
  • Query reply message is back-propagated

7
1
4
2
6
3
5
41
Gnutella search mechanism
  • Steps
  • Node 2 initiates search for file A
  • Sends message to all neighbors
  • Neighbors forward message
  • Nodes that have file A initiate a reply message
  • Query reply message is back-propagated

7
1
4
2
6
3
5
42
Gnutella search mechanism
  • Steps
  • Node 2 initiates search for file A
  • Sends message to all neighbors
  • Neighbors forward message
  • Nodes that have file A initiate a reply message
  • Query reply message is back-propagated
  • File download directly

download A
7
1
4
2
6
3
5
43
Redundancy
44
What are P2P systems?
  • Search
  • Centralized
  • Napster
  • Distributed
  • Gnutella, Kazaa, Overnet, etc.
  • Bittorrent
  • Download
  • Single source
  • Multiple source
  • Bittorrent

45
Conclusions
  • Attack depends on freeloading being common
  • Attack depends on users giving up, not being very
    persistent
  • If all good users are cooperative, i.e. share
    files, attack does not scale
  • Bittorrent is susceptible
  • It is already happening!

46
  • Slow Node attack redirects to very slow node
    which has the file
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "DenialofService Resilience in P2P File Sharing Systems" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!