Information Technology Reference
In-Depth Information
Sybil identities is bounded. The random walk scheme is outlined as follows.
A peer with degree d carries out d random walks starting from itself of a
pre-defined length w (according to Yu et al., w = 2000 for a one-million node
social network). Now, an honest peer accepts the joining of a new peer if
the random walk of the former intersects with the one of the latter. It is not
di
cult to choose an appropriate w based on the size of the social network so
that the random walks of an honest peer reside entirely within the honest peer
set. On the other hand, for a malicious new peer's random walk to intersect
with some random walks of an honest peer, one of the attack edges must be
used. By monitoring the intersection points (which are the incident nodes of
edge attack edges), a honest peer can judge probabilistically whether a new
peer is indeed a Sybil peer.
7.5 DDoS Attacks
P2P systems are highly vulnerable to be used as a vehicle to launch dis-
tributed denial-of-service (DDoS) attack [Naoumov and Ross, 2006]. Specifi-
cally, there are two types of attack strategies for exploiting a P2P network:
(1) index poisoning; and (2) routing table poisoning.
Every P2P system maintains a certain mapping of keys to values. The most
notable example is the mapping of file names to file data. More precisely, file
names are eventually mapped to locations of file data. In index poisoning
attack, the adversary modifies the index table of peers so that keys are largely
mapped to the address of a victim peer, which in fact does not store the
requested data. Thus, a swarm of peers requesting certain popular files will
make connections with the victim peer, thereby overwhelming it.
In a similar vein, the adversary can also poison the routing table entries
of a large number of peers so that routing requests are directed to a victim
peer.
Brinkmeier et al. [Brinkmeier et al., 2009] also proposed several heuristic
techniques to make a P2P live media streaming system more attack resilient.
The first insight is that each node should have a low dependency (in terms of
data transmission) on other nodes. The rationale is that the streaming quality
will not be too affected by node dynamics. The second trick is to balance the
relevance and importance of nodes across the network so that the whole system
will not be too dependent upon a few key nodes. Finally, it is also important
to keep the topology information a secret so that potential malicious peers
cannot easily identify important target peers for launching the attack.
Search WWH ::
Custom Search