The index poisoning attack in P2P file sharing systems

Jian Liang, Naoum Naoumov, Keith Ross

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    P2P file-sharing systems have indexes, which users search to find locations of desired titles. In the index poisoning attack, the attacker inserts massive numbers of bogus records into the index for a set of targeted titles. As a result, when a user searches for a targeted title, the index returns bogus results, such as bogus file identifiers, bogus IP addresses, or bogus port numbers. In this paper we first show that both structured and unstructured P2P file-sharing systems are highly vulnerable to the index poisoning attack. We then develop a novel and efficient methodology for estimating index poisoning levels and pollution levels in file-sharing systems. The methodology is efficient in that involves neither the downloading nor the analysis of binary content files. We deploy data-harvesting platforms for FastTrack, an unstructured file-sharing system, and Overnet, a DHT-based file-sharing system. Applying our methodology to harvested data, we find that index poisoning is pervasive in both systems. We also outline a distributed blacklisting procedure for countering the index poisoning and pollution attacks.

    Original languageEnglish (US)
    Title of host publicationProceedings - INFOCOM 2006: 25th IEEE International Conference on Computer Communications
    DOIs
    StatePublished - 2006
    EventINFOCOM 2006: 25th IEEE International Conference on Computer Communications - Barcelona, Spain
    Duration: Apr 23 2006Apr 29 2006

    Other

    OtherINFOCOM 2006: 25th IEEE International Conference on Computer Communications
    CountrySpain
    CityBarcelona
    Period4/23/064/29/06

    Fingerprint

    Pollution

    ASJC Scopus subject areas

    • Electrical and Electronic Engineering
    • Hardware and Architecture

    Cite this

    Liang, J., Naoumov, N., & Ross, K. (2006). The index poisoning attack in P2P file sharing systems. In Proceedings - INFOCOM 2006: 25th IEEE International Conference on Computer Communications [4146885] https://doi.org/10.1109/INFOCOM.2006.232

    The index poisoning attack in P2P file sharing systems. / Liang, Jian; Naoumov, Naoum; Ross, Keith.

    Proceedings - INFOCOM 2006: 25th IEEE International Conference on Computer Communications. 2006. 4146885.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Liang, J, Naoumov, N & Ross, K 2006, The index poisoning attack in P2P file sharing systems. in Proceedings - INFOCOM 2006: 25th IEEE International Conference on Computer Communications., 4146885, INFOCOM 2006: 25th IEEE International Conference on Computer Communications, Barcelona, Spain, 4/23/06. https://doi.org/10.1109/INFOCOM.2006.232
    Liang J, Naoumov N, Ross K. The index poisoning attack in P2P file sharing systems. In Proceedings - INFOCOM 2006: 25th IEEE International Conference on Computer Communications. 2006. 4146885 https://doi.org/10.1109/INFOCOM.2006.232
    Liang, Jian ; Naoumov, Naoum ; Ross, Keith. / The index poisoning attack in P2P file sharing systems. Proceedings - INFOCOM 2006: 25th IEEE International Conference on Computer Communications. 2006.
    @inproceedings{f7043a34d00d475c99266df1e3a58c96,
    title = "The index poisoning attack in P2P file sharing systems",
    abstract = "P2P file-sharing systems have indexes, which users search to find locations of desired titles. In the index poisoning attack, the attacker inserts massive numbers of bogus records into the index for a set of targeted titles. As a result, when a user searches for a targeted title, the index returns bogus results, such as bogus file identifiers, bogus IP addresses, or bogus port numbers. In this paper we first show that both structured and unstructured P2P file-sharing systems are highly vulnerable to the index poisoning attack. We then develop a novel and efficient methodology for estimating index poisoning levels and pollution levels in file-sharing systems. The methodology is efficient in that involves neither the downloading nor the analysis of binary content files. We deploy data-harvesting platforms for FastTrack, an unstructured file-sharing system, and Overnet, a DHT-based file-sharing system. Applying our methodology to harvested data, we find that index poisoning is pervasive in both systems. We also outline a distributed blacklisting procedure for countering the index poisoning and pollution attacks.",
    author = "Jian Liang and Naoum Naoumov and Keith Ross",
    year = "2006",
    doi = "10.1109/INFOCOM.2006.232",
    language = "English (US)",
    isbn = "1424402212",
    booktitle = "Proceedings - INFOCOM 2006: 25th IEEE International Conference on Computer Communications",

    }

    TY - GEN

    T1 - The index poisoning attack in P2P file sharing systems

    AU - Liang, Jian

    AU - Naoumov, Naoum

    AU - Ross, Keith

    PY - 2006

    Y1 - 2006

    N2 - P2P file-sharing systems have indexes, which users search to find locations of desired titles. In the index poisoning attack, the attacker inserts massive numbers of bogus records into the index for a set of targeted titles. As a result, when a user searches for a targeted title, the index returns bogus results, such as bogus file identifiers, bogus IP addresses, or bogus port numbers. In this paper we first show that both structured and unstructured P2P file-sharing systems are highly vulnerable to the index poisoning attack. We then develop a novel and efficient methodology for estimating index poisoning levels and pollution levels in file-sharing systems. The methodology is efficient in that involves neither the downloading nor the analysis of binary content files. We deploy data-harvesting platforms for FastTrack, an unstructured file-sharing system, and Overnet, a DHT-based file-sharing system. Applying our methodology to harvested data, we find that index poisoning is pervasive in both systems. We also outline a distributed blacklisting procedure for countering the index poisoning and pollution attacks.

    AB - P2P file-sharing systems have indexes, which users search to find locations of desired titles. In the index poisoning attack, the attacker inserts massive numbers of bogus records into the index for a set of targeted titles. As a result, when a user searches for a targeted title, the index returns bogus results, such as bogus file identifiers, bogus IP addresses, or bogus port numbers. In this paper we first show that both structured and unstructured P2P file-sharing systems are highly vulnerable to the index poisoning attack. We then develop a novel and efficient methodology for estimating index poisoning levels and pollution levels in file-sharing systems. The methodology is efficient in that involves neither the downloading nor the analysis of binary content files. We deploy data-harvesting platforms for FastTrack, an unstructured file-sharing system, and Overnet, a DHT-based file-sharing system. Applying our methodology to harvested data, we find that index poisoning is pervasive in both systems. We also outline a distributed blacklisting procedure for countering the index poisoning and pollution attacks.

    UR - http://www.scopus.com/inward/record.url?scp=34547421426&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=34547421426&partnerID=8YFLogxK

    U2 - 10.1109/INFOCOM.2006.232

    DO - 10.1109/INFOCOM.2006.232

    M3 - Conference contribution

    AN - SCOPUS:34547421426

    SN - 1424402212

    SN - 9781424402212

    BT - Proceedings - INFOCOM 2006: 25th IEEE International Conference on Computer Communications

    ER -