TY - GEN
T1 - The index poisoning attack in P2P file sharing systems
AU - Liang, Jian
AU - Naoumov, Naoum
AU - Ross, Keith W.
PY - 2006
Y1 - 2006
N2 - P2P file-sharing systems have indexes, which users search to find locations of desired titles. In the index poisoning attack, the attacker inserts massive numbers of bogus records into the index for a set of targeted titles. As a result, when a user searches for a targeted title, the index returns bogus results, such as bogus file identifiers, bogus IP addresses, or bogus port numbers. In this paper we first show that both structured and unstructured P2P file-sharing systems are highly vulnerable to the index poisoning attack. We then develop a novel and efficient methodology for estimating index poisoning levels and pollution levels in file-sharing systems. The methodology is efficient in that involves neither the downloading nor the analysis of binary content files. We deploy data-harvesting platforms for FastTrack, an unstructured file-sharing system, and Overnet, a DHT-based file-sharing system. Applying our methodology to harvested data, we find that index poisoning is pervasive in both systems. We also outline a distributed blacklisting procedure for countering the index poisoning and pollution attacks.
AB - P2P file-sharing systems have indexes, which users search to find locations of desired titles. In the index poisoning attack, the attacker inserts massive numbers of bogus records into the index for a set of targeted titles. As a result, when a user searches for a targeted title, the index returns bogus results, such as bogus file identifiers, bogus IP addresses, or bogus port numbers. In this paper we first show that both structured and unstructured P2P file-sharing systems are highly vulnerable to the index poisoning attack. We then develop a novel and efficient methodology for estimating index poisoning levels and pollution levels in file-sharing systems. The methodology is efficient in that involves neither the downloading nor the analysis of binary content files. We deploy data-harvesting platforms for FastTrack, an unstructured file-sharing system, and Overnet, a DHT-based file-sharing system. Applying our methodology to harvested data, we find that index poisoning is pervasive in both systems. We also outline a distributed blacklisting procedure for countering the index poisoning and pollution attacks.
UR - http://www.scopus.com/inward/record.url?scp=34547421426&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=34547421426&partnerID=8YFLogxK
U2 - 10.1109/INFOCOM.2006.232
DO - 10.1109/INFOCOM.2006.232
M3 - Conference contribution
AN - SCOPUS:34547421426
SN - 1424402212
SN - 9781424402212
T3 - Proceedings - IEEE INFOCOM
BT - Proceedings - INFOCOM 2006
T2 - INFOCOM 2006: 25th IEEE International Conference on Computer Communications
Y2 - 23 April 2006 through 29 April 2006
ER -