Detection and mitigation of localized attacks in a widely deployed P2P network

Cholez, Thibault; Chrisment, Isabelle; Festor, Olivier; Doyen, Guillaume

doi:10.1007/s12083-012-0137-7

Cited by 23 publications

(16 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The influence of adversarial nodes in P2P networks has been thoroughly researched in [10][11][12], with recent work focusing on DLT networks such as Ethereum [13][14][15][16][17] and Bitcoin [7,17,18]. The identified problems are diverse and include, but are not limited to the following: Eclipse Attacks, DoS and DDoS attacks, manipulation of routing advertisements (i.e., BGP hijacks), man-in-the-middle attacks and Sybil attacks (a recent study reported a Sybil attack that was executed on the Bitcoin Cash network with up to 5000 Sybil nodes [19]).…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Aurora-Trinity: A Super-Light Client for Distributed Ledger Networks Extending the Ethereum Trinity Client

Benčić

Žarko

2022

Sensors

View full text Add to dashboard Cite

Light clients for distributed ledger networks can verify blockchain integrity by downloading and analyzing blockchain headers. They are designed to circumvent the high resource requirements, i.e., the large bandwidth and memory requirements that full nodes must meet, which are unsuitable for consumer-grade hardware and resource-constrained devices. Light clients rely on full nodes and trust them implicitly. This leaves them vulnerable to various types of attacks, ranging from accepting maliciously forged data to Eclipse attacks. We introduce Aurora-Trinity, a novel version of light clients that addresses the above-mentioned vulnerability by relying on our original Aurora module, which extends the Ethereum Trinity client. The Aurora module efficiently discovers the presence of malicious or Byzantine nodes in distributed ledger networks with a predefined and acceptable error rate and identifies at least one honest node for persistent or ephemeral communication. The identified honest node is used to detect the latest canonical chain head or to infer the state of an entry in the ledger without downloading the header chain, making the Aurora-Trinity client extremely efficient. It can run on consumer-grade hardware and resource-constrained devices, as the Aurora module consumes about 0.31 MB of RAM and 1 MB of storage at runtime.

show abstract

Section: Related Workmentioning

confidence: 99%

“…In a loop, APREQ and APRES messages are exchanged and the contents of the APRES messages are used to update α (lines (6-8)). A random, uncontacted node from S h is used for the next hop (lines (11)(12)). If d hops were made (line (5)), or z reaches (0) (line (9)), the walk ends and the result is returned (line ( 14)).…”

Section: Aurora Algorithmmentioning

confidence: 99%

Aurora-Trinity: A Super-Light Client for Distributed Ledger Networks Extending the Ethereum Trinity Client

Benčić

Žarko

2022

Sensors

View full text Add to dashboard Cite

show abstract

“…In the wider literature, various methods to limit this type of attack have been proposed. These methods can be classified based on the following parameters:  Strong identification of peers [35]  Authentication and authorization [36]  Trust score [37] ■ Eclipse attack. In a network, many versions of this attack are possible.…”

Section: Attacksmentioning

confidence: 99%

Novel Trusted Hierarchy Construction for RFID Sensor–Based MANETs Using ECCs

Kumar¹,

Gopal²,

Aggarwal³

2015

ETRI J

View full text Add to dashboard Cite

In resource‐constrained, low‐cost, radio‐frequency identification (RFID) sensor–based mobile ad hoc networks (MANETs), ensuring security without performance degradation is a major challenge. This paper introduces a novel combination of steps in lightweight protocol integration to provide a secure network for RFID sensor–based MANETs using error‐correcting codes (ECCs). The proposed scheme chooses a quasi‐cyclic ECC. Key pairs are generated using the ECC for establishing a secure message communication. Probability analysis shows that code‐based identification; key generation; and authentication and trust management schemes protect the network from Sybil, eclipse, and de‐synchronization attacks. A lightweight model for the proposed sequence of steps is designed and analyzed using an Alloy analyzer. Results show that selection processes with ten nodes and five subgroup controllers identify attacks in only a few milliseconds. Margrave policy analysis shows that there is no conflict among the roles of network members.

show abstract

“…Several researchers [6], [7] have reported ongoing Sybil attacks in the KAD network, and even performed it themselves for research purposes. Therefore multiple works in the literature [8] have proposed solutions to prevent or mitigate the harm produced by Sybil attacks.…”

Section: Using a Sybil Attack Against Dht Resourcesmentioning

confidence: 99%

“…Some of the most popular DHT systems like KAD, the one employed by the eMule file-sharing network, or the two main DHTs associated to BitTorrent, account for millions of concurrently connected users. In particular, Steiner et al [12], and more recently Cholez et al [7], reported that the number of users concurrently connected to the KAD network varies between 3.3 and 4.5 millions. Furthermore, the minimum number of replicas of KAD resources is r = 10.…”

Section: Vulnerability Of Dht Systems To Sybil Resource Attacksmentioning

confidence: 99%