Susceptibility Analysis of Structured P2P Systems to Localized Eclipse Attacks

Abstract: Abstract-Peer-to-Peer (P2P) protocols are susceptible to Localized Eclipse Attacks (LEA), i.e., attacks where a victim peer's environment is masked by malicious peers which are then able to instigate progressively insidious security attacks. To obtain effective placement of malicious peers, LEAs significantly benefit from overlay topology-awareness. Hence, we propose heuristics for Chord, Pastry and Kademlia to assess the protocols' LEA susceptibility based on their topology characteristics and overlay routing… Show more

“…In [15], the authors discuss the systematic LEA susceptibility from an application independent view and refer to accountable design choices of many structured P2P protocols. The authors conducted an analyical and experimental study to underline the potentially high impact of the attack for the Chord [1], Pastry [2] and Kademlia [3] protocols.…”

“…In contrast to their convergent counterpart, divergent lookups do not converge towards the destination peer's proximity. This is a key requirement for our mitigation, as the majority of convergent lookups query peers in the destination's proximity (see Section V and [15]) and we assume that the taLEA attacker populates the proximity.…”

“…This is an experimental in-depth follow up of [15]. 2) Divergent Lookup Reliability -Which success rates of divergent lookups can be achieved for iterative and recursive Kademlia variants, churn variants, workload models, and overlay network sizes?…”

“…Despite their inherent resilience to failures, structured designs are susceptible to attacks such as Sybil, Routing, Poisoning, Join/leave, or Eclipse attacks (EA) [7]. Our focus is on EAs that constitute a significant vulnerability of P2P systems [8]- [15] and their applications. Besides having attracted attention in the research community, measurement studies of the topology of the KAD network indicate the existence of Eclipse attacks in the real-world [16], [17].…”

“…taLEAs are highly efficient attacks that require only a small number of malicious peers that need to be located in the proximity of the targeted peers. In contrast to the EA and LEA approach where the sheer mass of malicious resources determines the attacks' effectiveness, taLEAs exploit an inherent weakness of most DHTs [15].…”

Mitigating Eclipse attacks in Peer-To-Peer networks

“…In [15], the authors discuss the systematic LEA susceptibility from an application independent view and refer to accountable design choices of many structured P2P protocols. The authors conducted an analyical and experimental study to underline the potentially high impact of the attack for the Chord [1], Pastry [2] and Kademlia [3] protocols.…”

“…In contrast to their convergent counterpart, divergent lookups do not converge towards the destination peer's proximity. This is a key requirement for our mitigation, as the majority of convergent lookups query peers in the destination's proximity (see Section V and [15]) and we assume that the taLEA attacker populates the proximity.…”

“…This is an experimental in-depth follow up of [15]. 2) Divergent Lookup Reliability -Which success rates of divergent lookups can be achieved for iterative and recursive Kademlia variants, churn variants, workload models, and overlay network sizes?…”

“…Despite their inherent resilience to failures, structured designs are susceptible to attacks such as Sybil, Routing, Poisoning, Join/leave, or Eclipse attacks (EA) [7]. Our focus is on EAs that constitute a significant vulnerability of P2P systems [8]- [15] and their applications. Besides having attracted attention in the research community, measurement studies of the topology of the KAD network indicate the existence of Eclipse attacks in the real-world [16], [17].…”

“…taLEAs are highly efficient attacks that require only a small number of malicious peers that need to be located in the proximity of the targeted peers. In contrast to the EA and LEA approach where the sheer mass of malicious resources determines the attacks' effectiveness, taLEAs exploit an inherent weakness of most DHTs [15].…”

Mitigating Eclipse attacks in Peer-To-Peer networks

Detecting and Mitigating P2P Eclipse Attacks

PASS: An Address Space Slicing Framework for P2P Eclipse Attack Mitigation