Attacking the Kad network

Wang, Peng; Tyra, James; Chan-Tin, Eric; Malchow, Tyson; Kune, Denis Foo; Hopper, Nicholas; Kim, Yong‐Dae

doi:10.1145/1460877.1460907

Cited by 37 publications

(30 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In detail, such type of system, may be subjected to several types of threats, such as eavesdropping, data modification, IP address spoofing, Denial-of-Service (DoS ) [31] and man-in-the-middle attacks [32], [33], [34]. However, the absence of single point of failure, and hence of elements which may become an easy target for DoS attack, makes the proposed solution sufficiently robust, because of Kademlia, due to its decentralized architecture that is the only critical component for the overall system operations, is resistant against most of the known DoS attacks.…”

Section: The Security Servicesmentioning

confidence: 99%

Fully Distributed Secure Video Surveillance Via Portable Device with User Awareness

Castiglione

D’Ambrosio

Santis

et al. 2013

Security Engineering and Intelligence Informatics

View full text Add to dashboard Cite

Section: The Security Servicesmentioning

confidence: 99%

Fully Distributed Secure Video Surveillance Via Portable Device with User Awareness

Castiglione

D’Ambrosio

Santis

et al. 2013

Security Engineering and Intelligence Informatics

View full text Add to dashboard Cite

“…They showed how this attack can take the control over information stored in the DHT, compromise the privacy of users and be used to launch a DDoS attack without further effort from a single computer. On the other hand, Wang et al [20] proposed an alternative attack, called reflection attack, in which all the entries in the target's routing table contain the target's IP. They proposed an identity authentication to avoid this hijacking, currently implemented by KAD clients.…”

Section: Related Workmentioning

confidence: 99%

“…These mechanisms include flood protection, IP verification and identity verification, and make a KAD client resilient to most known-attacks, including the Sybil attack [17] and contacts overwriting [20] attacks. KAD's developers considered the network's flaws and turned it into a strong and mature P2P network.…”

Section: Related Workmentioning

confidence: 99%

When KAD Meets BitTorrent - Building a Stronger P2P Network

Timpanaro

Cholez

Chrisment

et al. 2011

2011 IEEE International Symposium on Parallel and Distributed Processing Workshops and PHD Forum

View full text Add to dashboard Cite

Abstract-The current wave of evolution that leads BitTorrent towards a fully decentralized architecture is both promising and risky. Related work demonstrates that BitTorrent's Mainline DHT is exposed to several identified security issues. In parallel, the KAD DHT has been the core of intense research and was improved over years. In this paper, we present a study that motivates the integration of both worlds. We provide a performance comparison of both DHTs in terms of publishing efficiency. We investigate the security threats and show that the current BitTorrent Mainline DHT is much more vulnerable to attacks than KAD. On the other hand, we demonstrate that the file download service provided by BitTorrent outperforms the one of KAD. Given the strengths and weaknesses of both DHTs, we propose a design in which the two P2P networks can be merged to form a fully distributed, efficient and safe P2P eco-system.

show abstract

“…In the original Kad protocol, lookup is parallel. However, each round of the parallel lookup uses only the best results, allowing an attacker to perform a denial of service attack by returning many non-existent nodes with IDs close to the target [39]. Torsk iterative lookup fixes this problem by maintaining distinct "best result" lists for each of the three parallel paths.…”

Section: Design Of Torskmentioning

confidence: 99%

Scalable onion routing with torsk

McLachlan

Tran

Hopper

et al. 2009

Proceedings of the 16th ACM Conference on Computer and Communications Security

Self Cite

View full text Add to dashboard Cite

We introduce Torsk, a structured peer-to-peer low-latency anonymity protocol. Torsk is designed as an interoperable replacement for the relay selection and directory service of the popular Tor anonymity network, that decreases the bandwidth cost of relay selection and maintenance from quadratic to quasilinear while introducing no new attacks on the anonymity provided by Tor, and no additional delay to connections made via Tor. The resulting bandwidth savings make a modest-sized Torsk network significantly cheaper to operate, and allows low-bandwidth clients to join the network.Unlike previous proposals for P2P anonymity schemes, Torsk does not require all users to relay traffic for others. Torsk utilizes a combination of two P2P lookup mechanisms with complementary strengths in order to avoid attacks on the confidentiality and integrity of lookups. We show by analysis that previously known attacks on P2P anonymity schemes do not apply to Torsk, and report on experiments conducted with a 336-node wide-area deployment of Torsk, demonstrating its efficiency and feasibility.

show abstract

Attacking the Kad network

Cited by 37 publications

References 10 publications

Fully Distributed Secure Video Surveillance Via Portable Device with User Awareness

Fully Distributed Secure Video Surveillance Via Portable Device with User Awareness

When KAD Meets BitTorrent - Building a Stronger P2P Network

Scalable onion routing with torsk

Contact Info

Product

Resources

About