1. 1 / 15 Attacks on Peer-to-Peer Networks Class Presentation CIS 510 – Peer-to-Peer Networking University of Oregon Christian Beckel Department of Computer and Information Science

2. 2 / 15 Introduction ● Awareness of vulnerability ● Everybody can join the network ● Decentralized structure ● Fault tolerance ● General attacks ● Destroy the system ● Competitors, governments, music industry, bored people ● Rational attacks ● Exploit the system ● Personal benefits ● Colluded / single hop attacks

3. 3 / 15 General Attacks ● DoS Attack ● Usually performed by a group of peers ● February 2000: $1.2 billion economic impact for Amazon, Yahoo!, CNN, eBay ● Centralized P2P Systems vulnerable ● Countermeasures ● Server farm ● Pure / Hybrid P2P

4. 4 / 15 General Attacks ● Example: BitTorrent ● LokiTorrent attacked in 12/2004 [1] ● 100 Mbit connection down for 10 hours

5. 5 / 15 ● Man-in-the-Middle Attack ● Originally a cryptographic attack ● Modify routing requests ● Corrupt files on their way ● Countermeasures ● Reputation scheme ● Signing Messages ● Hard to find out malicious node General Attacks

6. 6 / 15 ● Example: CAN [2] ● 10,000 peers ● Modifying and dropping routing requests ● Intentionally / peer error ● 1 in 10 requests corrupted ● Countermeasures ● Multipath routing General Attacks

7. 7 / 15 General Attacks ● File Pollution ● Music Industry pays Overpeer or Retsnap ● Damage audio files or destroy them ● Dangerous if peers leave their computer running ● Countermeasure: ● Reputation schemes ● Checksum ● Example:KaZaA ● More than 50% of recent popular songs are polluted [3] ● Vast majority intentional

8. 8 / 15 Rational Attacks ● Selfish behavior ● Save bandwidth ● Earn credits ● Caused by rational actions ● Countermeasures ● Incentive solution to share resources ● Tit for Tat in BitTorrent ● Robustness important

9. 9 / 15 Rational Attacks ● Example: Free-Riding on Gnutella [4] ● 70% of Gnutella users share no files ● 50% of responses returned by top 1%

10. 10 / 15 Rational Attacks ● Zero-cost identities ● Peers avoid punishment ● Basis for other attacks ● Hard to distinguish new peers from whitewasher ● Punishing newcomers -> discourages new peers ● Generous to newcomers -> motivates whitewasher ● Goal ● Cooperate with good peers ● Defect bad peers ● Stranger Adaptive Strategy ● Cooperate with P(min{p s /c s },1) ● Policy that adapts to behavior of previous strangers

11. 11 / 15 Rational Attacks ● Traitors ● Acquiring high reputation or stealing identity ● Turn into defective peers before leaving the system ● Duration of history important:

12. 12 / 15 Rational Attacks ● False reports ● Influence credit assignment by faking reports ● Four scenarios where peers could lie [5] ● Providing service ● Increase personal reputation ● Solution: Proof of service ● Colluding peers -> economic countermeasure ● Receiving service ● Similar to above, punish receiver ● Not providing service ● Not receiving service ● Lowers other peer's reputation to increase the overall standing

13. 13 / 15 Rational Attacks ● Proof of Service [6] ● Neither client nor server should be able to deny service ● p: provider ● r: receiver ● b i : file block

14. 14 / 15 Rational / General Attack ● Sybil Attack [7] ● “One can have, some claim, as many electronic personas as one has time and energy to create” Judith S. Donath ● Virtual overlay of P2P systems ● Problems ● Redundancy ● Byzantine General Problem ● Biased reputation ● Solution ● True sybil-proof network needs central entity ● Otherwise:For what time period the network can be assumed to be not dominated by sybils with high probability

15. 15 / 15 The End ● Conclusion ● Minimize possible damage caused by general attacks ● Design P2P network to be robust against rational attacks (up to a certain degree) ● Questions

16. 16 / 15 References ● [1]: R. Lemos. BitTorrent servers under attack. CNET News.com, December 2004. http://news.zdnet.com/2100-1009_22-5473754.html ● [2]: T. Reidemeister, K. Böhm, P. A. S. Ward, and E. Buchmann. Malicious Behaviour in Content-Addressable Peer-to-Peer Networks. In CNSR, pages 319 - 326, 2005. ● [3]: J. Liang, R. Kumar, Y. Xi, and K. Ross. Pollution in P2P File Sharing Systems. In IEEE Infocom, March 2005. Miami, FL, USA. ● [4]: E. Adar and B. Huberman. Free Riding on Gnutella. Technical report, Xerox PARC, August 2000. ● [5]: M. Feldman, K. Lai, I. Stoica, and J. Chuang. Robust Incentive Techniques for Peer-to-Peer Networks. In ACM Electronic Commerce, 2004. ● [6]: J. Li and X. Kang. mSSL: Extending SSL to Support Data Sharing Among Collaborative Clients. In Proceedings of Annual Computer Security Applications Conference, pages 357 - 368, Tucson, Arizona, December 2005. ● [7]: J. Douceur. The Sybil Attack. In Proceedings of the IPTPS02 Workshop, Cambridge, MA (USA), March 2002.