Title :
Efficient DHT attack mitigation through peers´ ID distribution
Author :
Cholez, Thibault ; Chrisment, Isabelle ; Festor, Olivier
Author_Institution :
MADYNES, INRIA Nancy-Grand Est, Nancy, France
Abstract :
We present a new solution to protect the widely deployed KAD DHT against localized attacks which can take control over DHT entries. We show through measurements that the IDs distribution of the best peers found after a lookup process follows a geometric distribution. We then use this result to detect DHT attacks by comparing real peers´ ID distributions to the theoretical one thanks to the Kullback-Leibler divergence. When an attack is detected, we propose countermeasures that progressively remove suspicious peers from the list of possible contacts to provide a safe DHT access. Evaluations show that our method detects the most efficient attacks with a very small false-negative rate, while countermeasures successfully filter almost all malicious peers involved in an attack. Moreover, our solution completely fits the current design of the KAD network and introduces no network overhead.
Keywords :
peer-to-peer computing; security of data; DHT attack; KAD DHT; Kullback-Leibler divergence; distributed hash table; malicious peers; peer ID distribution; Filters; Identity management systems; Intrusion detection; Large-scale systems; Monitoring; Peer to peer computing; Pollution; Privacy; Protection; Routing protocols; DHT; IDs distribution; KAD; Sybil attack; attack detection; attack mitigation;
Conference_Titel :
Parallel & Distributed Processing, Workshops and Phd Forum (IPDPSW), 2010 IEEE International Symposium on
Conference_Location :
Atlanta, GA
Print_ISBN :
978-1-4244-6533-0
DOI :
10.1109/IPDPSW.2010.5470928
