Information Technology Reference
In-Depth Information
Chapter 7
7.1 Overview
Security issues are even more prominent in a P2P network, compared with
a traditional client-server system. This is because without centralized author-
ity (i.e., trusted servers), it is very di
cult to guarantee data integrity and
confidentiality in the P2P data sharing process. Specifically, it is di
cult to
encrypt data because key management is hard in a P2P network. Without
such confidentiality protection, all kinds of serious problems arise, such as file
content poisoning, routing table pollution, etc. The key issue here is that there
is little a peer can do to verify the data being shared.
Another ba
ing issue is the use of a P2P network as a vehicle to launch
further attacks. The most probable situation is that some malicious peers, by
controlling a large number of other peers, can perform DDoS attacks on some
specific peers. The way to control a large number of peers can be done through
routing table pollution as detailed in this chapter below.
Speaking of controlling the P2P network, it is not necessary to control a
large number of physical peers. A malicious peer can actually launch a Sybil
attackāto obtain a large number of valid identities on the network. Combating
Sybil attacks is therefore a very important area of research. We will discuss
some recently proposed schemes below.
Finally, we will also discuss an interesting way to make use of legitimate
peers to deliberately poison the contents sent to identified pirates.
7.2 Content Pollution
Pollution attacks refer to the situations where attackers deliberately spread
corrupted or faked data in a P2P network. At the very least, the damage is
that benign or honest peers' download bandwidth and storage are wasted. In
the worst case, such corrupted data could even contain malicious code which
can lead to further damages.
Kumar et al. [Kumar et al., 2006] presented an interesting mathemati-
159
Search WWH ::
Custom Search