Query-flood DoS attacks in gnutella

Daswani, Neil; García-Molina, Héctor

doi:10.1145/586110.586136

Cited by 58 publications

(22 citation statements)

References 23 publications

(18 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Many researchers have considered the prevention of IP spoofing and/or packet flooding attacks at the network layer [48,51,35,66,37] as well as request flooding attacks at the application layer [22,41,65]. In addition to flooding-based attacks, some previous work has also considered the exploitation of application-layer semantics for Web servers [62].…”

Section: Background and State Of The Artmentioning

confidence: 99%

“…Daswani and Garcia-Molina examined the effects of different overlay network topologies and load balancing strategies on the prevention of application-layer DoS attacks that flood the Gnutella protocol with queries [22]. Their study was one of the first to focus on denial-of-service attacks in peer-to-peer systems at the application layer.…”

Section: Application-layermentioning

confidence: 99%

See 1 more Smart Citation

Session management for accountability in distributed multimedia services

Conner¹,

Nahrstedt²,

Borisov³

et al. 2009

SIGMultimedia Rec.

View full text Add to dashboard Cite

Internet-based multimedia applications (e.g., voice-over-IP, instant messaging, and video conferencing) are continuing to grow in importance as more people depend on such applications for personal and professional communications. Although performance is almost always a concern with multimedia systems that must satisfy quality-of-service (QoS) constraints, security is also a major requirement given the increasing criticality of such applications. For example, businesses might depend on Internet telephony to reach customers while governments might depend on video streaming to disseminate information. For distributed multimedia services, in addition to the traditional security properties (confidentiality, integrity, and availability), accountability is also important to complement perimeter defenses. Accounting for user actions within the system enables the development of higher-level security services.This dissertation will present the Kantoku framework, which includes several different accounting mechanisms for different environments ranging from single servers to server clusters to computing clouds. Our framework focuses on distributed multimedia services deployed in such environments.In particular, we will show how our Kantoku framework can be used to address the problem of transaction state overload on multimedia servers.The primary attack that we consider throughout this dissertation is a novel denial-of-service attack that intentionally induces transaction state overload at multimedia servers. We refer to this attack as a Ringing-based denial-of-service attack. Unlike many denial-of-service attacks that rely on an increase in the incoming traffic rate, a Ringing-based denial-of-service attack only requires an increase in the transaction durations while the incoming traffic rate does not change. Such attacks cannot be detected by protection mechanisms that monitor the network traffic for anomalies. After briefly explaining some background information on the Session Initiation Protocol, we characterize transaction state accumulation during a Ringing-based denial-of-service attack both mathematically and empirically through extensive experiments.The first solution to preventing transaction state overload that we present is a family of early ii termination algorithms that selectively terminate transactions suspected of causing transaction state overload in multimedia servers. This protection mechanism relies on per-transaction accounting at a single server. The three algorithms that we developed are thoroughly evaluated in the context of Ringing-based denial-of-service attacks with experiments on a local testbed.As an alternative to early termination, we also developed two admission control algorithms that selectively reject transaction requests from users suspected of consuming more than their fair share of transaction resources among a group of multimedia servers. This protection mechanism relies on per-client accounting across a cluster of multimedia servers. The two algorithms that we developed are t...

show abstract

Section: Background and State Of The Artmentioning

confidence: 99%

Section: Application-layermentioning

confidence: 99%

Session management for accountability in distributed multimedia services

Conner¹,

Nahrstedt²,

Borisov³

et al. 2009

SIGMultimedia Rec.

View full text Add to dashboard Cite

show abstract

“…A malicious peer can initiate an application-layer Denial of Service (DoS) attack using the Notify messages. However, almost every message type in P2P protocol (Query, QueryHit, Push, Ping, and Pong) can be exploited in order to launch denial of service attacks [27][28][29][30]. Some proposals exist in the literature aiming to counter the application-layer DoS attacks [30][31][32].…”

Section: Fake Queryhit Messagesmentioning

confidence: 99%

“…One scheme can be based on the comparison of the number of Notify messages routed by each controlled peer. If a monitoring peer detects a big difference among the number of Notify messages routed by its controlled peers, it can begin to filter (delete/drop) Notify messages coming from that controlled peers (similar to what is proposed in [30]). Since the danger of DoS attack exists for all P2P protocol messages, we think that the precautions taken for other P2P messages can be applied for Notify message as well.…”

Section: Fake Queryhit Messagesmentioning

confidence: 99%

Counteracting free riding in Peer-to-Peer networks

2008

View full text Add to dashboard Cite

The existence of a high degree of free riding is a serious threat to Peer-to-Peer (P2P) networks. In this paper, we propose a distributed framework to reduce the adverse effects of free riding on P2P networks. Our solution primarily focuses on locating free riders and taking actions against them. We propose a framework in which each peer monitors its neighbors, decides if they are free riders, and takes appropriate actions. Unlike other proposals against free riding, our framework does not require any permanent identification of peers or security infrastructures for maintaining a global reputation system. Our simulation results show that the framework can reduce the effects of free riding and can therefore increase the performance of a P2P network.

show abstract

“…However, the use of P2P file-sharing software can raise serious security issues [3,6,13,19], as often sensitive personal information can be at risk due to improper usage by users. At the same time, file-sharing technology is largely user controlled, which is sometimes beneficial but hard to regulate.…”

Section: Introductionmentioning

confidence: 99%