Exploiting P2P systems for DDoS attacks

Naoum Naoumov, Keith Ross

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    When a P2P system has millions of concurrently active peers, there is the risk that it could serve as a DDoS engine for attacks against a targeted host. In this paper we describe two approaches to creating a DDoS engine out of a P2P system: the first involves poisoning the distributed index in the peers; the second involves poisoning the routing tables in the peers. For both approaches, the targeted host does not have to be a participant in the P2P system, and could be a web server, a mail server, or a user's desktop. We then examine these two poisoning attacks in Overnet, a popular DHT-based P2P file-sharing system. By using limited poisoning attacks of short duration on Overnet's indexing and routing tables, we create DDoS attacks against a targeted host. We find that with modest effort, both DDoS attacks can direct significant traffic from diverse peers to the target.

    Original languageEnglish (US)
    Title of host publicationProceedings of the 1st International Conference on Scalable Information Systems, InfoScale '06
    DOIs
    StatePublished - Dec 1 2006
    Event1st International Conference on Scalable Information Systems, InfoScale '06 - Hong Kong, China
    Duration: May 30 2006Jun 1 2006

    Publication series

    NameACM International Conference Proceeding Series
    Volume152

    Other

    Other1st International Conference on Scalable Information Systems, InfoScale '06
    CountryChina
    CityHong Kong
    Period5/30/066/1/06

      Fingerprint

    ASJC Scopus subject areas

    • Software
    • Human-Computer Interaction
    • Computer Vision and Pattern Recognition
    • Computer Networks and Communications

    Cite this

    Naoumov, N., & Ross, K. (2006). Exploiting P2P systems for DDoS attacks. In Proceedings of the 1st International Conference on Scalable Information Systems, InfoScale '06 [1146894] (ACM International Conference Proceeding Series; Vol. 152). https://doi.org/10.1145/1146847.1146894