Exploiting P2P systems for DDoS attacks

Naoum Naoumov; Keith Ross

doi:10.1145/1146847.1146894

Exploiting P2P systems for DDoS attacks

Naoum Naoumov, Keith Ross

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

When a P2P system has millions of concurrently active peers, there is the risk that it could serve as a DDoS engine for attacks against a targeted host. In this paper we describe two approaches to creating a DDoS engine out of a P2P system: the first involves poisoning the distributed index in the peers; the second involves poisoning the routing tables in the peers. For both approaches, the targeted host does not have to be a participant in the P2P system, and could be a web server, a mail server, or a user's desktop. We then examine these two poisoning attacks in Overnet, a popular DHT-based P2P file-sharing system. By using limited poisoning attacks of short duration on Overnet's indexing and routing tables, we create DDoS attacks against a targeted host. We find that with modest effort, both DDoS attacks can direct significant traffic from diverse peers to the target.

Original language	English (US)
Title of host publication	Proceedings of the 1st International Conference on Scalable Information Systems, InfoScale '06
DOIs	https://doi.org/10.1145/1146847.1146894
State	Published - Dec 1 2006
Event	1st International Conference on Scalable Information Systems, InfoScale '06 - Hong Kong, China Duration: May 30 2006 → Jun 1 2006

Publication series

Name	ACM International Conference Proceeding Series
Volume	152

Other

Other	1st International Conference on Scalable Information Systems, InfoScale '06
Country	China
City	Hong Kong
Period	5/30/06 → 6/1/06

Fingerprint

ASJC Scopus subject areas

Software
Human-Computer Interaction
Computer Vision and Pattern Recognition
Computer Networks and Communications

Cite this

Naoumov, N., & Ross, K. (2006). Exploiting P2P systems for DDoS attacks. In Proceedings of the 1st International Conference on Scalable Information Systems, InfoScale '06 [1146894] (ACM International Conference Proceeding Series; Vol. 152). https://doi.org/10.1145/1146847.1146894

Naoumov, N & Ross, K 2006, Exploiting P2P systems for DDoS attacks. in Proceedings of the 1st International Conference on Scalable Information Systems, InfoScale '06., 1146894, ACM International Conference Proceeding Series, vol. 152, 1st International Conference on Scalable Information Systems, InfoScale '06, Hong Kong, China, 5/30/06. https://doi.org/10.1145/1146847.1146894

@inproceedings{0e00cb1beef243399018e1d7024f0c69,

title = "Exploiting P2P systems for DDoS attacks",

abstract = "When a P2P system has millions of concurrently active peers, there is the risk that it could serve as a DDoS engine for attacks against a targeted host. In this paper we describe two approaches to creating a DDoS engine out of a P2P system: the first involves poisoning the distributed index in the peers; the second involves poisoning the routing tables in the peers. For both approaches, the targeted host does not have to be a participant in the P2P system, and could be a web server, a mail server, or a user's desktop. We then examine these two poisoning attacks in Overnet, a popular DHT-based P2P file-sharing system. By using limited poisoning attacks of short duration on Overnet's indexing and routing tables, we create DDoS attacks against a targeted host. We find that with modest effort, both DDoS attacks can direct significant traffic from diverse peers to the target.",

author = "Naoum Naoumov and Keith Ross",

year = "2006",

month = dec,

day = "1",

doi = "10.1145/1146847.1146894",

language = "English (US)",

isbn = "1595934286",

series = "ACM International Conference Proceeding Series",

booktitle = "Proceedings of the 1st International Conference on Scalable Information Systems, InfoScale '06",

note = "1st International Conference on Scalable Information Systems, InfoScale '06 ; Conference date: 30-05-2006 Through 01-06-2006",

}

TY - GEN

T1 - Exploiting P2P systems for DDoS attacks

AU - Naoumov, Naoum

AU - Ross, Keith

PY - 2006/12/1

Y1 - 2006/12/1

N2 - When a P2P system has millions of concurrently active peers, there is the risk that it could serve as a DDoS engine for attacks against a targeted host. In this paper we describe two approaches to creating a DDoS engine out of a P2P system: the first involves poisoning the distributed index in the peers; the second involves poisoning the routing tables in the peers. For both approaches, the targeted host does not have to be a participant in the P2P system, and could be a web server, a mail server, or a user's desktop. We then examine these two poisoning attacks in Overnet, a popular DHT-based P2P file-sharing system. By using limited poisoning attacks of short duration on Overnet's indexing and routing tables, we create DDoS attacks against a targeted host. We find that with modest effort, both DDoS attacks can direct significant traffic from diverse peers to the target.

AB - When a P2P system has millions of concurrently active peers, there is the risk that it could serve as a DDoS engine for attacks against a targeted host. In this paper we describe two approaches to creating a DDoS engine out of a P2P system: the first involves poisoning the distributed index in the peers; the second involves poisoning the routing tables in the peers. For both approaches, the targeted host does not have to be a participant in the P2P system, and could be a web server, a mail server, or a user's desktop. We then examine these two poisoning attacks in Overnet, a popular DHT-based P2P file-sharing system. By using limited poisoning attacks of short duration on Overnet's indexing and routing tables, we create DDoS attacks against a targeted host. We find that with modest effort, both DDoS attacks can direct significant traffic from diverse peers to the target.

UR - http://www.scopus.com/inward/record.url?scp=34547343505&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34547343505&partnerID=8YFLogxK

U2 - 10.1145/1146847.1146894

DO - 10.1145/1146847.1146894

M3 - Conference contribution

AN - SCOPUS:34547343505

SN - 1595934286

SN - 9781595934284

T3 - ACM International Conference Proceeding Series

BT - Proceedings of the 1st International Conference on Scalable Information Systems, InfoScale '06

T2 - 1st International Conference on Scalable Information Systems, InfoScale '06

Y2 - 30 May 2006 through 1 June 2006

ER -

Access to Document

10.1145/1146847.1146894