DDoS vulnerability of BitTorrent Peer Exchange extension: Analysis and defense

Majing Su, Hongli Zhang, Bingxing Fang, Xiaojiang Du

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Scopus citations

Abstract

BitTorrent (BT) is a well-known Peer-to-Peer (P2P) downloading protocol and has been implemented in several versions. New features and extensions used to improve performance of BitTorrent systems also bring some security issues. In this paper, we analyze potential DDoS vulnerabilities of BT and its Peer Exchange extension. We show the ways of launching connection- exhaustedDDoSattacks. Our experiments demonstrate these attacks are persistent and incur few costs for the attacker. By analyzing the main causes we find that both the defect of implement and the lack of trust and authentication mechanism are to blame, while the latter is critical. To defend against the DDoS attacks, we propose a score-based peer Reputation Exchange (REX) mechanism. Using REX, the score of a malicious peer is less than that of a good peer after several iterations, hence has less chance to be connected. REX makes it difficult to launch a DDoS attack and it can effectively mitigate the effect of the attack.

Original languageEnglish
Title of host publication2012 IEEE International Conference on Communications, ICC 2012
Pages1048-1052
Number of pages5
DOIs
StatePublished - 2012
Event2012 IEEE International Conference on Communications, ICC 2012 - Ottawa, ON, Canada
Duration: 10 Jun 201215 Jun 2012

Publication series

NameIEEE International Conference on Communications
ISSN (Print)1550-3607

Conference

Conference2012 IEEE International Conference on Communications, ICC 2012
Country/TerritoryCanada
CityOttawa, ON
Period10/06/1215/06/12

Keywords

  • BitTorrent
  • DDoS attack
  • P2P
  • peer exchange

Fingerprint

Dive into the research topics of 'DDoS vulnerability of BitTorrent Peer Exchange extension: Analysis and defense'. Together they form a unique fingerprint.

Cite this