1st International ICST/Create-Net Workshop on Peer-to-Peer Information Management

Research Article

Exploiting P2P systems for DDoS attacks

  • @INPROCEEDINGS{10.1145/1146847.1146894,
        author={Naoum  Naoumov and Keith  Ross},
        title={Exploiting P2P systems for DDoS attacks},
        proceedings={1st International ICST/Create-Net Workshop on Peer-to-Peer Information Management},
        publisher={ACM},
        proceedings_a={P2PIM},
        year={2006},
        month={6},
        keywords={},
        doi={10.1145/1146847.1146894}
    }
    
  • Naoum Naoumov
    Keith Ross
    Year: 2006
    Exploiting P2P systems for DDoS attacks
    P2PIM
    ACM
    DOI: 10.1145/1146847.1146894
Naoum Naoumov1, Keith Ross1
  • 1: Department of Computer and Information Science, Polytechnic University, Brooklyn, NY 11201

Abstract

When a P2P system has millions of concurrently active peers, there is the risk that it could serve as a DDoS engine for attacks against a targeted host. In this paper we describe two approaches to creating a DDoS engine out of a P2P system: the first involves poisoning the distributed index in the peers; the second involves poisoning the routing tables in the peers. For both approaches, the targeted host does not have to be a participant in the P2P system, and could be a web server, a mail server, or a user's desktop. We then examine these two poisoning attacks in Overnet, a popular DHT-based P2P file-sharing system. By using limited poisoning attacks of short duration on Overnet's indexing and routing tables, we create DDoS attacks against a targeted host. We find that with modest effort, both DDoS attacks can direct significant traffic from diverse peers to the target.