TY - GEN
T1 - DDoS vulnerability of BitTorrent Peer Exchange extension
T2 - 2012 IEEE International Conference on Communications, ICC 2012
AU - Su, Majing
AU - Zhang, Hongli
AU - Fang, Bingxing
AU - Du, Xiaojiang
PY - 2012
Y1 - 2012
N2 - BitTorrent (BT) is a well-known Peer-to-Peer (P2P) downloading protocol and has been implemented in several versions. New features and extensions used to improve performance of BitTorrent systems also bring some security issues. In this paper, we analyze potential DDoS vulnerabilities of BT and its Peer Exchange extension. We show the ways of launching connection- exhaustedDDoSattacks. Our experiments demonstrate these attacks are persistent and incur few costs for the attacker. By analyzing the main causes we find that both the defect of implement and the lack of trust and authentication mechanism are to blame, while the latter is critical. To defend against the DDoS attacks, we propose a score-based peer Reputation Exchange (REX) mechanism. Using REX, the score of a malicious peer is less than that of a good peer after several iterations, hence has less chance to be connected. REX makes it difficult to launch a DDoS attack and it can effectively mitigate the effect of the attack.
AB - BitTorrent (BT) is a well-known Peer-to-Peer (P2P) downloading protocol and has been implemented in several versions. New features and extensions used to improve performance of BitTorrent systems also bring some security issues. In this paper, we analyze potential DDoS vulnerabilities of BT and its Peer Exchange extension. We show the ways of launching connection- exhaustedDDoSattacks. Our experiments demonstrate these attacks are persistent and incur few costs for the attacker. By analyzing the main causes we find that both the defect of implement and the lack of trust and authentication mechanism are to blame, while the latter is critical. To defend against the DDoS attacks, we propose a score-based peer Reputation Exchange (REX) mechanism. Using REX, the score of a malicious peer is less than that of a good peer after several iterations, hence has less chance to be connected. REX makes it difficult to launch a DDoS attack and it can effectively mitigate the effect of the attack.
KW - BitTorrent
KW - DDoS attack
KW - P2P
KW - peer exchange
UR - http://www.scopus.com/inward/record.url?scp=84871991446&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84871991446&partnerID=8YFLogxK
U2 - 10.1109/ICC.2012.6364105
DO - 10.1109/ICC.2012.6364105
M3 - Conference contribution
AN - SCOPUS:84871991446
SN - 9781457720529
T3 - IEEE International Conference on Communications
SP - 1048
EP - 1052
BT - 2012 IEEE International Conference on Communications, ICC 2012
Y2 - 10 June 2012 through 15 June 2012
ER -