1st International ICST/Create-Net Workshop on Peer-to-Peer Information Management

Research Article

Exploiting P2P systems for DDoS attacks

Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1145/1146847.1146894,
    author={Naoum  Naoumov and Keith  Ross},
    title={Exploiting P2P systems for DDoS attacks},
    proceedings={1st International ICST/Create-Net Workshop on Peer-to-Peer Information Management},
    publisher={ACM},
    proceedings_a={P2PIM},
    year={2006},
    month={6},
    keywords={},
    doi={10.1145/1146847.1146894}
}
  • Naoum Naoumov
    Keith Ross
    Year: 2006
    Exploiting P2P systems for DDoS attacks
    P2PIM
    ACM
    DOI: 10.1145/1146847.1146894
Naoum Naoumov1, Keith Ross1
  • 1: Department of Computer and Information Science, Polytechnic University, Brooklyn, NY 11201

Abstract

When a P2P system has millions of concurrently active peers, there is the risk that it could serve as a DDoS engine for attacks against a targeted host. In this paper we describe two approaches to creating a DDoS engine out of a P2P system: the first involves poisoning the distributed index in the peers; the second involves poisoning the routing tables in the peers. For both approaches, the targeted host does not have to be a participant in the P2P system, and could be a web server, a mail server, or a user's desktop. We then examine these two poisoning attacks in Overnet, a popular DHT-based P2P file-sharing system. By using limited poisoning attacks of short duration on Overnet's indexing and routing tables, we create DDoS attacks against a targeted host. We find that with modest effort, both DDoS attacks can direct significant traffic from diverse peers to the target.

Published
2006-06-01
Publisher
ACM
http://dx.doi.org/10.1145/1146847.1146894
Copyright © 2006–2024 ACM
EAI Logo

About EAI

Community

Publish with EAI