The index poisoning attack in P2P file sharing systems

Jian Liang, Naoum Naoumov, Keith W. Ross

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    P2P file-sharing systems have indexes, which users search to find locations of desired titles. In the index poisoning attack, the attacker inserts massive numbers of bogus records into the index for a set of targeted titles. As a result, when a user searches for a targeted title, the index returns bogus results, such as bogus file identifiers, bogus IP addresses, or bogus port numbers. In this paper we first show that both structured and unstructured P2P file-sharing systems are highly vulnerable to the index poisoning attack. We then develop a novel and efficient methodology for estimating index poisoning levels and pollution levels in file-sharing systems. The methodology is efficient in that involves neither the downloading nor the analysis of binary content files. We deploy data-harvesting platforms for FastTrack, an unstructured file-sharing system, and Overnet, a DHT-based file-sharing system. Applying our methodology to harvested data, we find that index poisoning is pervasive in both systems. We also outline a distributed blacklisting procedure for countering the index poisoning and pollution attacks.

    Original languageEnglish (US)
    Title of host publicationProceedings - INFOCOM 2006
    Subtitle of host publication25th IEEE International Conference on Computer Communications
    DOIs
    StatePublished - 2006
    EventINFOCOM 2006: 25th IEEE International Conference on Computer Communications - Barcelona, Spain
    Duration: Apr 23 2006Apr 29 2006

    Publication series

    NameProceedings - IEEE INFOCOM
    ISSN (Print)0743-166X

    Other

    OtherINFOCOM 2006: 25th IEEE International Conference on Computer Communications
    CountrySpain
    CityBarcelona
    Period4/23/064/29/06

    ASJC Scopus subject areas

    • Computer Science(all)
    • Electrical and Electronic Engineering

    Fingerprint Dive into the research topics of 'The index poisoning attack in P2P file sharing systems'. Together they form a unique fingerprint.

    Cite this