Exploiting P2P systems for DDoS attacks

Naoum Naoumov, Keith Ross

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    When a P2P system has millions of concurrently active peers, there is the risk that it could serve as a DDoS engine for attacks against a targeted host. In this paper we describe two approaches to creating a DDoS engine out of a P2P system: the first involves poisoning the distributed index in the peers; the second involves poisoning the routing tables in the peers. For both approaches, the targeted host does not have to be a participant in the P2P system, and could be a web server, a mail server, or a user's desktop. We then examine these two poisoning attacks in Overnet, a popular DHT-based P2P file-sharing system. By using limited poisoning attacks of short duration on Overnet's indexing and routing tables, we create DDoS attacks against a targeted host. We find that with modest effort, both DDoS attacks can direct significant traffic from diverse peers to the target.

    Original languageEnglish (US)
    Title of host publicationProceedings of the 1st International Conference on Scalable Information Systems, InfoScale '06
    Volume152
    DOIs
    StatePublished - 2006
    Event1st International Conference on Scalable Information Systems, InfoScale '06 - Hong Kong, China
    Duration: May 30 2006Jun 1 2006

    Other

    Other1st International Conference on Scalable Information Systems, InfoScale '06
    CountryChina
    CityHong Kong
    Period5/30/066/1/06

    Fingerprint

    Servers
    Engines

    ASJC Scopus subject areas

    • Human-Computer Interaction

    Cite this

    Naoumov, N., & Ross, K. (2006). Exploiting P2P systems for DDoS attacks. In Proceedings of the 1st International Conference on Scalable Information Systems, InfoScale '06 (Vol. 152). [1146894] https://doi.org/10.1145/1146847.1146894

    Exploiting P2P systems for DDoS attacks. / Naoumov, Naoum; Ross, Keith.

    Proceedings of the 1st International Conference on Scalable Information Systems, InfoScale '06. Vol. 152 2006. 1146894.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Naoumov, N & Ross, K 2006, Exploiting P2P systems for DDoS attacks. in Proceedings of the 1st International Conference on Scalable Information Systems, InfoScale '06. vol. 152, 1146894, 1st International Conference on Scalable Information Systems, InfoScale '06, Hong Kong, China, 5/30/06. https://doi.org/10.1145/1146847.1146894
    Naoumov N, Ross K. Exploiting P2P systems for DDoS attacks. In Proceedings of the 1st International Conference on Scalable Information Systems, InfoScale '06. Vol. 152. 2006. 1146894 https://doi.org/10.1145/1146847.1146894
    Naoumov, Naoum ; Ross, Keith. / Exploiting P2P systems for DDoS attacks. Proceedings of the 1st International Conference on Scalable Information Systems, InfoScale '06. Vol. 152 2006.
    @inproceedings{0e00cb1beef243399018e1d7024f0c69,
    title = "Exploiting P2P systems for DDoS attacks",
    abstract = "When a P2P system has millions of concurrently active peers, there is the risk that it could serve as a DDoS engine for attacks against a targeted host. In this paper we describe two approaches to creating a DDoS engine out of a P2P system: the first involves poisoning the distributed index in the peers; the second involves poisoning the routing tables in the peers. For both approaches, the targeted host does not have to be a participant in the P2P system, and could be a web server, a mail server, or a user's desktop. We then examine these two poisoning attacks in Overnet, a popular DHT-based P2P file-sharing system. By using limited poisoning attacks of short duration on Overnet's indexing and routing tables, we create DDoS attacks against a targeted host. We find that with modest effort, both DDoS attacks can direct significant traffic from diverse peers to the target.",
    author = "Naoum Naoumov and Keith Ross",
    year = "2006",
    doi = "10.1145/1146847.1146894",
    language = "English (US)",
    isbn = "1595934286",
    volume = "152",
    booktitle = "Proceedings of the 1st International Conference on Scalable Information Systems, InfoScale '06",

    }

    TY - GEN

    T1 - Exploiting P2P systems for DDoS attacks

    AU - Naoumov, Naoum

    AU - Ross, Keith

    PY - 2006

    Y1 - 2006

    N2 - When a P2P system has millions of concurrently active peers, there is the risk that it could serve as a DDoS engine for attacks against a targeted host. In this paper we describe two approaches to creating a DDoS engine out of a P2P system: the first involves poisoning the distributed index in the peers; the second involves poisoning the routing tables in the peers. For both approaches, the targeted host does not have to be a participant in the P2P system, and could be a web server, a mail server, or a user's desktop. We then examine these two poisoning attacks in Overnet, a popular DHT-based P2P file-sharing system. By using limited poisoning attacks of short duration on Overnet's indexing and routing tables, we create DDoS attacks against a targeted host. We find that with modest effort, both DDoS attacks can direct significant traffic from diverse peers to the target.

    AB - When a P2P system has millions of concurrently active peers, there is the risk that it could serve as a DDoS engine for attacks against a targeted host. In this paper we describe two approaches to creating a DDoS engine out of a P2P system: the first involves poisoning the distributed index in the peers; the second involves poisoning the routing tables in the peers. For both approaches, the targeted host does not have to be a participant in the P2P system, and could be a web server, a mail server, or a user's desktop. We then examine these two poisoning attacks in Overnet, a popular DHT-based P2P file-sharing system. By using limited poisoning attacks of short duration on Overnet's indexing and routing tables, we create DDoS attacks against a targeted host. We find that with modest effort, both DDoS attacks can direct significant traffic from diverse peers to the target.

    UR - http://www.scopus.com/inward/record.url?scp=34547343505&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=34547343505&partnerID=8YFLogxK

    U2 - 10.1145/1146847.1146894

    DO - 10.1145/1146847.1146894

    M3 - Conference contribution

    SN - 1595934286

    SN - 9781595934284

    VL - 152

    BT - Proceedings of the 1st International Conference on Scalable Information Systems, InfoScale '06

    ER -