Title :
Securing Structured Overlays against Identity Attacks
Author :
Puttaswamy, Krishna P N ; Zheng, Haitao ; Zhao, Ben Y.
Author_Institution :
Dept. of Comput. Sci., Univ. of California at Santa Barbara, Santa Barbara, CA, USA
Abstract :
Structured overlay networks can greatly simplify data storage and management for a variety of distributed applications. Despite their attractive features, these overlays remain vulnerable to the Identity attack, where malicious nodes assume control of application components by intercepting and hijacking key-based routing requests. Attackers can assume arbitrary application roles such as storage node for a given file, or return falsified contents of an online shopper´s shopping cart. In this paper, we define a generalized form of the Identity attack, and propose a lightweight detection and tracking system that protects applications by redirecting traffic away from attackers. We describe how this attack can be amplified by a Sybil or Eclipse attack, and analyze the costs of performing such an attack. Finally, we present measurements of a deployed overlay that show our techniques to be significantly more lightweight than prior techniques, and highly effective at detecting and avoiding both single node and colluding attacks under a variety of conditions.
Keywords :
peer-to-peer computing; security of data; Eclipse attack; Sybil attack; data storage management; hijacking; identity attack; key-based routing request; lightweight detection system; lightweight tracking system; online shopper; security; shopping cart; structured overlay network; structured peer-to-peer overlay; traffic; Identity Attack; Overlay Network; Overlay Routing; Peer-to-Peer; Security; distributed systems; overlay networks.; routing protocols;
Journal_Title :
Parallel and Distributed Systems, IEEE Transactions on
DOI :
10.1109/TPDS.2008.241
