Taxonomy of Structured P2P Overlay Networks Security Attacks
The survey and classification of the different security
attacks in structured peer-to-peer (P2P) overlay networks can be
useful to computer system designers, programmers, administrators,
and users. In this paper, we attempt to provide a taxonomy of
structured P2P overlay networks security attacks. We have specially
focused on the way these attacks can arise at each level of the
network. Moreover, we observed that most of the existing systems
such as Content Addressable Network (CAN), Chord, Pastry,
Tapestry, Kademlia, and Viceroy suffer from threats and vulnerability
which lead to disrupt and corrupt their functioning. We hope that our
survey constitutes a good help for who-s working on this area of
research.
[1] Petroski: To Engineer is Human: The role of failure in successful
design. Vintage Books, New York 1992.
[2] S. Androutsellis-Theotokis and D. Spinellis: A survey of peer-to-peer
content distribution technologies. ACM Computing Surveys 36(4):
335-371 2004.
[3] E.K. lua, J. Crowcroft, and M. PIAS: A survey and comparaison of Peerto-
Peer Overlay Networks Schemes. IEEE Communication Survey and
Tutorial, 2005
[4] Emil Sit and Robert Morris: Security Considerations for Peer-to-Peer
Distributed Hash Tables. Workshop on Peer-to-Peer Systems,March
2002
[5] MS. Artigas, PG. L├│pez, and A.F. Skarmeta: A comparative study of
hierarchical DHT systems. Proceedings of the 32nd IEEE Conference on
Local Computer Networks 325-333 2007
[6] Ratnasamy, S., Francis, P., Handley, M., Karp, R., and Shenker: A
scalable content-addressable network. In Proceedings of ACM
SIGCOMM San Diego, California, Aug. 2001.
[7] I. Stoica, R. Morris et al., "Chord: A Scalable Peer-to-Peer Lookup
Protocol for Internet Applications," IEEE/ACM Trans. Net., vol. 11, no.
1, 2003, pp. 17-32.
[8] A. Rowstron and P. Druschel, "Pastry: Scalable, Distributed Object
Location and Routing for Large-scale Peer-to-peer Systems," Proc.
Middleware, 2001.
[9] B. Y. Zhao et al., "Tapestry: A Resilient Global-Scale Overlay for
Service Deployment," IEEE JSAC, vol. 22, no. 1, Jan. 2004, pp. 41-53.
[10] P. Maymounkov and D. Mazieres, "Kademlia: A Peer-to-Peer
Information System Based on the XOR Metric," Proc. IPTPS,
Cambridge, MA, USA, Feb. 2002, pp. 53-65.
[11] D. Malkhi, M. Naor, and D. Ratajczak, "Viceroy: A Scalable and
Dynamic Emulation of the Butterfly," Proc. ACM PODC 2002,
Monterey, CA, USA, July 2002, pp. 183-92.
[12] X. Yue, X. Qiu, Y. Ji, and C. Zhang: P2P attack taxonomy and
relationship analysis. In ICACT-09: Proceedings of the 11th
international conference on Advanced Communication Technology,
pages 1207-1210. IEEE Press, 2009.
[13] D. S.Wallach: A survey of peer-to-peer security issues. In International
Symposium on Software Security, pages 42-57, 2002.
[14] L. Wang: Attacks against peer-to-peer networks and countermeasures.
Paper on the course T II0.5290 Seminar on Network Security at TKK,
2006.
[15] Conner W, Nahrstedt K, Gupta I: Preventing DoS attacks in peer-to-peer
media streaming systems. In: Proc of the 13th annual conference on
multimedia computing and networking (MMCN-06), San Jose
[16] Yang J, Li Y, Huang B, Ming J: Preventing DDoS attacks based on
credit model for P2P streaming system. In: ATC -08: Proc of the 5th
international conference on autonomic and trusted computing. Springer,
Berlin, pp 13-20
[17] M. Engle and J. I. Khan: Vulnerabilities of P2P Systems and a Critical
Look at their Solutions Technical Report 2006:
http://medianet.kent.edu/technicalreport.htm
[18] http://en.wikipedia.org/wiki/Man-in-the-middle_attack
[19] E. Cooke, F. Jahanian, and D. McPherson, "The zombie roundup:
Understanding, detecting, and disrupting botnets," in Proceedings of
SRUTI: Steps to Reducing Unwanted Traffic on the Internet, July 2005.
[20] J. B. Grizzard, V. Sharma, C. Nunnery, B. B. Kang, and D. Dagon:
Peer-to-peer botnets: Overview and case study. In USENIX Workshop
on Hot Topics in Understanding Botnets (HotBots-07), 2007.
[21] J.Douceur: The Sybil Attack. Proceedings of the First International
Workshop on Peer-to-peer Systems. Springer, March 2002.
[22] H. Rowaihy, W. Enck, P. McDaniel, and T. La Porta: Limiting Sybil
attacks in structured P2P networks. pages 2596 -2600,May 2007.
[23] P. Druschel and A. I. T. Rowstron. PAST: A large-scale, persistent peerto-
peer storage utility. In Proceedings of the 8th IEEE Workshop on Hot
Topics in Operating Systems. IEEE Computer Society, 2001.
[24] J. Dinger and H. Hartenstein. Defending the Sybil attack in P2P
networks: taxonomy, challenges, and a proposal for self-registration.
Apr. 2006.
[25] H. Yu, M. Kaminsky, P. B. Gibbons, and A. Flaxman. Sybilguard:
defending against sybil attacks via social networks. In Proceedings of
the ACM SIGCOMM Conference (SIGCOMM). ACM Press, 2006.
[26] H. Yu, P. B. Gibbons,M. Kaminsky, and F. Xiao. Sybil-Limit: A nearoptimal
social network defense against Sybil attacks. Networking,
IEEE/ACM Transactions on, PP(99):1 -14, 2009.
[27] M. Castro, P. Druschel, A. J. Ganesh, A. I. T. Rowstron, and D. S.
Wallach. Secure routing for structured peer-to-peer overlay networks. In
Proceedings of the 5th ACM Symposium on Operating System Design
and Implementation (OSDI), Operating Systems Review, pages 299-
314. ACM Press, 2002.
[28] D. Cerri, A. Ghioni, S. Paraboschi, and S. Tiraboschi: ID mapping
attacks in P2P networks. In Global Telecommunications Conference,
2005. GLOBECOM -05. IEEE, volume 3, Dec. 2005.
[29] T. Condie, V. Kacholia, S. Sankararaman, J. M. Hellerstein, and P.
Maniatis: Induced churn as shelter from routing-table poisoning. In In
Proc. 13th Annual Network and Distributed System Security
Symposium (NDSS), 2006.
[30] K. Puttaswamy, H. Zheng, and B. Zhao: Securing structured overlays
against identity attacks. Parallel and Distributed Systems, IEEE
Transactions on, 20(10):1487-1498, Oct. 2009.
[31] D. Stutzbach and R. Rejaie: Understanding churn in peer-to-peer
networks. In IMC -06: Proceedings of the 6th ACM SIGCOMM
conference on Internet measurement, pages 189-202. ACM, 2006.
[32] Jian Liang, Naoum Naoumov, and Keith W. Ross: The Index Poisoning
Attack in P2P File Sharing Systems. In IEEE Conference on Computer
Communication, Barcelona, Spain, April 2006.
[33] Dhungel P, Hei X, Ross KW, Saxena N: The pollution attack in P2P live
video streaming: measurement results and defenses. In: Proc of the 2007
workshop on peer-to-peer streaming and IP-TV (P2P-TV-07). ACM,
New York, pp 323-328
[34] J. Liang, R. Kumar, Y. Xi and K. Ross, Pollution in P2P File Sharing
Systems, In Proc. Of INFOCOM-05, May 2005.
[35] Neil Daswani and Hector Garcia-molina: Query-Flood DoS Attacks in
Gnutella. InACM CCS, 2002
[36] N.S. Good, A. Krekelberg: Usability and privacy: a study of KaZaA P2P
file-sharing. CHI 2003, April 5-10, 2003, Ft. Lauderdale, Florida, USA
in ACM, Volume No. 5, Issue No 1
[1] Petroski: To Engineer is Human: The role of failure in successful
design. Vintage Books, New York 1992.
[2] S. Androutsellis-Theotokis and D. Spinellis: A survey of peer-to-peer
content distribution technologies. ACM Computing Surveys 36(4):
335-371 2004.
[3] E.K. lua, J. Crowcroft, and M. PIAS: A survey and comparaison of Peerto-
Peer Overlay Networks Schemes. IEEE Communication Survey and
Tutorial, 2005
[4] Emil Sit and Robert Morris: Security Considerations for Peer-to-Peer
Distributed Hash Tables. Workshop on Peer-to-Peer Systems,March
2002
[5] MS. Artigas, PG. L├│pez, and A.F. Skarmeta: A comparative study of
hierarchical DHT systems. Proceedings of the 32nd IEEE Conference on
Local Computer Networks 325-333 2007
[6] Ratnasamy, S., Francis, P., Handley, M., Karp, R., and Shenker: A
scalable content-addressable network. In Proceedings of ACM
SIGCOMM San Diego, California, Aug. 2001.
[7] I. Stoica, R. Morris et al., "Chord: A Scalable Peer-to-Peer Lookup
Protocol for Internet Applications," IEEE/ACM Trans. Net., vol. 11, no.
1, 2003, pp. 17-32.
[8] A. Rowstron and P. Druschel, "Pastry: Scalable, Distributed Object
Location and Routing for Large-scale Peer-to-peer Systems," Proc.
Middleware, 2001.
[9] B. Y. Zhao et al., "Tapestry: A Resilient Global-Scale Overlay for
Service Deployment," IEEE JSAC, vol. 22, no. 1, Jan. 2004, pp. 41-53.
[10] P. Maymounkov and D. Mazieres, "Kademlia: A Peer-to-Peer
Information System Based on the XOR Metric," Proc. IPTPS,
Cambridge, MA, USA, Feb. 2002, pp. 53-65.
[11] D. Malkhi, M. Naor, and D. Ratajczak, "Viceroy: A Scalable and
Dynamic Emulation of the Butterfly," Proc. ACM PODC 2002,
Monterey, CA, USA, July 2002, pp. 183-92.
[12] X. Yue, X. Qiu, Y. Ji, and C. Zhang: P2P attack taxonomy and
relationship analysis. In ICACT-09: Proceedings of the 11th
international conference on Advanced Communication Technology,
pages 1207-1210. IEEE Press, 2009.
[13] D. S.Wallach: A survey of peer-to-peer security issues. In International
Symposium on Software Security, pages 42-57, 2002.
[14] L. Wang: Attacks against peer-to-peer networks and countermeasures.
Paper on the course T II0.5290 Seminar on Network Security at TKK,
2006.
[15] Conner W, Nahrstedt K, Gupta I: Preventing DoS attacks in peer-to-peer
media streaming systems. In: Proc of the 13th annual conference on
multimedia computing and networking (MMCN-06), San Jose
[16] Yang J, Li Y, Huang B, Ming J: Preventing DDoS attacks based on
credit model for P2P streaming system. In: ATC -08: Proc of the 5th
international conference on autonomic and trusted computing. Springer,
Berlin, pp 13-20
[17] M. Engle and J. I. Khan: Vulnerabilities of P2P Systems and a Critical
Look at their Solutions Technical Report 2006:
http://medianet.kent.edu/technicalreport.htm
[18] http://en.wikipedia.org/wiki/Man-in-the-middle_attack
[19] E. Cooke, F. Jahanian, and D. McPherson, "The zombie roundup:
Understanding, detecting, and disrupting botnets," in Proceedings of
SRUTI: Steps to Reducing Unwanted Traffic on the Internet, July 2005.
[20] J. B. Grizzard, V. Sharma, C. Nunnery, B. B. Kang, and D. Dagon:
Peer-to-peer botnets: Overview and case study. In USENIX Workshop
on Hot Topics in Understanding Botnets (HotBots-07), 2007.
[21] J.Douceur: The Sybil Attack. Proceedings of the First International
Workshop on Peer-to-peer Systems. Springer, March 2002.
[22] H. Rowaihy, W. Enck, P. McDaniel, and T. La Porta: Limiting Sybil
attacks in structured P2P networks. pages 2596 -2600,May 2007.
[23] P. Druschel and A. I. T. Rowstron. PAST: A large-scale, persistent peerto-
peer storage utility. In Proceedings of the 8th IEEE Workshop on Hot
Topics in Operating Systems. IEEE Computer Society, 2001.
[24] J. Dinger and H. Hartenstein. Defending the Sybil attack in P2P
networks: taxonomy, challenges, and a proposal for self-registration.
Apr. 2006.
[25] H. Yu, M. Kaminsky, P. B. Gibbons, and A. Flaxman. Sybilguard:
defending against sybil attacks via social networks. In Proceedings of
the ACM SIGCOMM Conference (SIGCOMM). ACM Press, 2006.
[26] H. Yu, P. B. Gibbons,M. Kaminsky, and F. Xiao. Sybil-Limit: A nearoptimal
social network defense against Sybil attacks. Networking,
IEEE/ACM Transactions on, PP(99):1 -14, 2009.
[27] M. Castro, P. Druschel, A. J. Ganesh, A. I. T. Rowstron, and D. S.
Wallach. Secure routing for structured peer-to-peer overlay networks. In
Proceedings of the 5th ACM Symposium on Operating System Design
and Implementation (OSDI), Operating Systems Review, pages 299-
314. ACM Press, 2002.
[28] D. Cerri, A. Ghioni, S. Paraboschi, and S. Tiraboschi: ID mapping
attacks in P2P networks. In Global Telecommunications Conference,
2005. GLOBECOM -05. IEEE, volume 3, Dec. 2005.
[29] T. Condie, V. Kacholia, S. Sankararaman, J. M. Hellerstein, and P.
Maniatis: Induced churn as shelter from routing-table poisoning. In In
Proc. 13th Annual Network and Distributed System Security
Symposium (NDSS), 2006.
[30] K. Puttaswamy, H. Zheng, and B. Zhao: Securing structured overlays
against identity attacks. Parallel and Distributed Systems, IEEE
Transactions on, 20(10):1487-1498, Oct. 2009.
[31] D. Stutzbach and R. Rejaie: Understanding churn in peer-to-peer
networks. In IMC -06: Proceedings of the 6th ACM SIGCOMM
conference on Internet measurement, pages 189-202. ACM, 2006.
[32] Jian Liang, Naoum Naoumov, and Keith W. Ross: The Index Poisoning
Attack in P2P File Sharing Systems. In IEEE Conference on Computer
Communication, Barcelona, Spain, April 2006.
[33] Dhungel P, Hei X, Ross KW, Saxena N: The pollution attack in P2P live
video streaming: measurement results and defenses. In: Proc of the 2007
workshop on peer-to-peer streaming and IP-TV (P2P-TV-07). ACM,
New York, pp 323-328
[34] J. Liang, R. Kumar, Y. Xi and K. Ross, Pollution in P2P File Sharing
Systems, In Proc. Of INFOCOM-05, May 2005.
[35] Neil Daswani and Hector Garcia-molina: Query-Flood DoS Attacks in
Gnutella. InACM CCS, 2002
[36] N.S. Good, A. Krekelberg: Usability and privacy: a study of KaZaA P2P
file-sharing. CHI 2003, April 5-10, 2003, Ft. Lauderdale, Florida, USA
in ACM, Volume No. 5, Issue No 1
@article{"International Journal of Information, Control and Computer Sciences:57252", author = "Zied Trifa and Maher Khemakhem", title = "Taxonomy of Structured P2P Overlay Networks Security Attacks", abstract = "The survey and classification of the different security
attacks in structured peer-to-peer (P2P) overlay networks can be
useful to computer system designers, programmers, administrators,
and users. In this paper, we attempt to provide a taxonomy of
structured P2P overlay networks security attacks. We have specially
focused on the way these attacks can arise at each level of the
network. Moreover, we observed that most of the existing systems
such as Content Addressable Network (CAN), Chord, Pastry,
Tapestry, Kademlia, and Viceroy suffer from threats and vulnerability
which lead to disrupt and corrupt their functioning. We hope that our
survey constitutes a good help for who-s working on this area of
research.", keywords = "P2P, Structured P2P Overlay Networks, DHT,
Security, classification", volume = "6", number = "4", pages = "488-7", }
