BitTorrentAttack-SesureCom07 - 1 A BitTorrent-Driven...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
1 A BitTorrent-Driven Distributed Abstract —BitTorrent is a popular peer-to-peer file-sharing protocol that utilizes a central server, known as a “tracker”, to coordinate connections between peers in a “swarm”, a term used to describe a BitTorrent ad-hoc file sharing network. The tracker of a swarm is specified by the original file distributor and trusted unconditionally by peers in the swarm. This central point of control provides an opportunity for a file distributor to deploy a modified tracker to provide peers in a swarm with malicious coordination data, directing peer connection traffic toward an arbitrary target machine on an arbitrary service port. Although such an attack does not generate huge amount of attack traffic, it would set up many connections with the victim server successfully and hold these connections until time out, which could cause serious denial-of-service by exhausting a server’s connection resource. In this paper, we present such an attack that is entirely tracker-based, requiring no modifications to BitTorrent client software and could be deployed by an attacker right now. The results from both simulation and real-world experiments show the applicability of this attack. Due to the skyrocketing popularity of BitTorrent and numerous large-scale swarms existed in the Internet, BitTorrent swarms provide an intriguing platform for launching distributed denial-of-service attacks based on connection exhaustion. Keywords-BitTorrent, Distributed denial-of-service, Peer-to-peer networks I. INTRODUCTION Over the past several years, peer-to-peer (P2P) networks have enjoyed a tremendous rise in popularity, primarily as a means of transferring large files over the Internet. In 1999, “Napster” became the first peer-to-peer file-sharing network to attract mainstream attention and was widely used to share music via the Internet. The Napster network makes use of a centralized server to maintain a list of currently connected clients and the files that each client makes available at a given point in time [3]. The next peer-to-peer file-sharing protocol to garner a great deal of attention was “Gnutella” [4]. Unlike Napster, Gnutella provides a true peer-to-peer network that does not need This research was supported by NSF grant CNS-0627318 and Intel Research Fund. centralized servers for client tracking. Instead, a Gnutella client requires only the address of a single remote peer to bootstrap its connection to the Gnutella network, obtaining the identities of further peers by querying the peer or peers used during the bootstrap phrase [4]. Following Gnutella, the next wave of peer-to-peer file sharing came in the form of the “FastTrack” protocol, which implemented a supernode-based architecture [5]. A supernode is a high-powered, well connected client in the P2P network that can assume the functionality of a directory server for a number of lower-powered or lesser-connected clients, relieving overheard from those machines and allowing for greater scalability. The most popular of the FastTrack-based networks,
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 08/25/2011 for the course EEL 5937 taught by Professor Staff during the Spring '08 term at University of Central Florida.

Page1 / 8

BitTorrentAttack-SesureCom07 - 1 A BitTorrent-Driven...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online