Title :
DDoS vulnerability of BitTorrent Peer Exchange extension: Analysis and defense
Author :
Su, Majing ; Zhang, Hongli ; Fang, Bingxing ; Du, Xiaojiang
Author_Institution :
Sch. of Comput. Sci. & Technol., Harbin Inst. of Technol., Harbin, China
Abstract :
BitTorrent (BT) is a well-known Peer-to-Peer (P2P) downloading protocol and has been implemented in several versions. New features and extensions used to improve performance of BitTorrent systems also bring some security issues. In this paper, we analyze potential DDoS vulnerabilities of BT and its Peer Exchange extension. We show the ways of launching connection-exhausted DDoS attacks. Our experiments demonstrate these attacks are persistent and incur few costs for the attacker. By analyzing the main causes we find that both the defect of implement and the lack of trust and authentication mechanism are to blame, while the latter is critical. To defend against the DDoS attacks, we propose a score-based peer Reputation Exchange (REX) mechanism. Using REX, the score of a malicious peer is less than that of a good peer after several iterations, hence has less chance to be connected. REX makes it difficult to launch a DDoS attack and it can effectively mitigate the effect of the attack.
Keywords :
cryptographic protocols; iterative methods; message authentication; peer-to-peer computing; BT; BitTorrent system; DDoS vulnerability; REX mechanism; authentication mechanism; iteration method; peer exchange extension; peer-to-peer downloading protocol; score-based peer reputation exchange; security issue; trust mechanism; Authentication; Computer crime; IP networks; Peer to peer computing; Protocols; BitTorrent; DDoS attack; P2P; peer exchange;
Conference_Titel :
Communications (ICC), 2012 IEEE International Conference on
Conference_Location :
Ottawa, ON
Print_ISBN :
978-1-4577-2052-9
Electronic_ISBN :
1550-3607
DOI :
10.1109/ICC.2012.6364105
