Presentation is loading. Please wait.

Presentation is loading. Please wait.

20090304 Hongil Kim E. Chan-Tin, P. Wang, J. Tyra, T. Malchow, D. Foo Kune, N. Hopper, Y. Kim, "Attacking the Kad Network - Real World Evaluation and High.

Published byEmery Young Modified over 8 years ago

Similar presentations

Presentation on theme: "20090304 Hongil Kim E. Chan-Tin, P. Wang, J. Tyra, T. Malchow, D. Foo Kune, N. Hopper, Y. Kim, "Attacking the Kad Network - Real World Evaluation and High."— Presentation transcript:

1 20090304 Hongil Kim E. Chan-Tin, P. Wang, J. Tyra, T. Malchow, D. Foo Kune, N. Hopper, Y. Kim, "Attacking the Kad Network - Real World Evaluation and High Fidelity Simulation using DVN -", Wiley Security and Communication Networks 2009Attacking the Kad Network - Real World Evaluation and High Fidelity Simulation using DVN - 1

2  File Sharing : Napster, Gnutella, BitTorrent, etc  Recent Commercial Applications  Skype  BitTorrent becomes legit  P2P TV by Yahoo Japan  Research community  P2P File and archival systems: Ivy, Kosha, Oceanstore, CFS  Web caching: Squirrel, Coral  Multicast systems: SCRIBE  P2P DNS: CoDNS and CoDoNS  Internet routing: RON  Next generation Internet Architecture: I3 2

3  How to find the desired information?  Centralized structured: Napster  Decentralized unstructured: Gnutella  Decentralized structured: Distributed Hash Table ▪ Content Addressable!  A DHT provides a hash table’s simple put/get interface  Insert a data object, i.e., key-value pair (k,v)  Retrieve the value v using key k Napster BAX … Napster.com P P: a node looking for a file O: offerer of the file Query QueryHit Download O Match O retrieve (K 1 ) K V 3

4  Every node has a unique ID: nodeID  Every object has a unique ID: key  Keys and nodeIDs are logically arranged on a ring (ID space)  A data object is stored at its root(key) and several replica roots  Closest nodeID to the key (or successor of k)  Range: the set of keys that a node is responsible for  Routing table size: O(log(N))  Routing delay: O(log(N)) hops  Content addressable! 4 C B R Q D Y X A k (k,v)

5  Kad  A peer-to-peer DHT based on Kademlia  Kad Network  Overnet: an overlay built on top of eDonkey clients ▪Used by P2P Bots  Overlay built using eD2K series clients ▪eMule, aMule, MLDonkey ▪Over 1 million nodes, many more firewalled users  BT series clients ▪Overlay on Azureus ▪Overlay on Mainline and BitComet 5

6  d(X, Y) = X XOR Y  An entry in k-bucket shares at least k-bit prefix with the nodeID  k=20 in overnet  Add new contact if  k-bucket is not full  Parallel, iterative, prefix-matching routing  Replica roots: k closest nodes 1 0 1 0 1 0 1 0 01001011 00100101 01011010 … 01000001 K bucket 10101100 123.24.3.1 23.37.12.13 311.1.3.4 129.5.3.1 11011011 11000100 11111110 … 11010001 10001011 10010100 10001110 … 10000001 10101100 11000100 11001010 11001100 11001011 Find/store 6

7  No restriction on nodeID  Replica root: |r, k| <   K buckets with index [0,4] can be split if new contact is added to full bucket  Wide routing table  short routing path  K bucket in i-th level covers 1/2 i ID space  A knows new node by asking or contact from other nodes  Hello_req is used for liveness  routing request can be used 1 0 1 0 1 0 1 0 10101100 15141312111098765 1 1 1 101010101010 0101010 010 0 43210 7

8  No admission control, no verifiable binding  An attacker can launch a Sybil attack by generating an arbitrary number of IDs  Eclipse Attack  Stay long enough: Kad prefers long-lived contact  (ID, IP) update: Kad client will update IP for a given ID without any verification  Termination condition  Query terminates when A receives 300 matches.  Timeout  When M returns many contacts close to K, A contacts only those nodes and timeouts. 8

9  Preparation phase  Backpointer Hijacking: 8 A, attacker M ▪ Learns A’s Routing Table by sending appropriate queries ▪ Then, change routing table by sending the following message.  Execution phase  Provide many non-existing contacts ▪ Fact: Query will timeout after trying 25 contacts. MA 0xD00DIP B IP M Hello, B, IP M 9

10 10

11  Assumption  Total 1M nodes  800 routing table entries  100 Mbps network link  Preparation cost  41.2GB bandwidth to hijack 30% of routing table  Takes 55 minutes with 100 Mbps link  Query prevention  100 Mbps link is sufficient to stop 65% of WHOLE query messages. 11

12  11,303 ~ 16,105 Kad nodes running on ~500 PlanetLab machines ^Comparison between expected and measured  keyword query failures  Number of messages used to attack one node  Bandwidth usage 12

13  Fill node A’s routing table with A itself. A C G … G C A C G … G C Attack IP C IP G ^≈ 100% queries failed after attack ^Nodes can recover slowly ^Second round of attack Hello, X, IP A 13

14  Identity authentication  Routing correctness  Independent parallel routes ▪ Incrementally deployable 14 MethodSecurePersistent IDIncremental deployable Verify the liveness of old IPNoYes Drop Hello with new IPYesNoYes ID=hash(IP)YesNo ID=hash(Public Key)Yes No backpointersCurrent methodIndependent parallel routes 40%98% fail45% fail 10%59.5% fail1.7% fail

15 Thank you Any Questions?

Download ppt "20090304 Hongil Kim E. Chan-Tin, P. Wang, J. Tyra, T. Malchow, D. Foo Kune, N. Hopper, Y. Kim, "Attacking the Kad Network - Real World Evaluation and High."

Similar presentations

P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.

P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.
Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.

Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.
Kademlia: A Peer-to-peer Information System Based on the XOR Metric Petar Mayamounkov David Mazières A few slides are taken from the authors’ original.

Kademlia: A Peer-to-peer Information System Based on the XOR Metric Petar Mayamounkov David Mazières A few slides are taken from the authors’ original.
Chord: A scalable peer-to- peer lookup service for Internet applications Ion Stoica, Robert Morris, David Karger, M. Frans Kaashock, Hari Balakrishnan.

Chord: A scalable peer-to- peer lookup service for Internet applications Ion Stoica, Robert Morris, David Karger, M. Frans Kaashock, Hari Balakrishnan.
1 1 Chord: A scalable Peer-to-peer Lookup Service for Internet Applications Dariotaki Roula

1 1 Chord: A scalable Peer-to-peer Lookup Service for Internet Applications Dariotaki Roula
Xiaowei Yang xwy@cs.duke.edu CompSci 356: Computer Network Architectures Lecture 22: Overlay Networks Xiaowei Yang xwy@cs.duke.edu.

Xiaowei Yang CompSci 356: Computer Network Architectures Lecture 22: Overlay Networks Xiaowei Yang
Scribe: A Large-Scale and Decentralized Application-Level Multicast Infrastructure Miguel Castro, Peter Druschel, Anne-Marie Kermarrec, and Antony L. T.

Scribe: A Large-Scale and Decentralized Application-Level Multicast Infrastructure Miguel Castro, Peter Druschel, Anne-Marie Kermarrec, and Antony L. T.
Application Layer Overlays IS250 Spring 2010 John Chuang.

Application Layer Overlays IS250 Spring 2010 John Chuang.
Peer to Peer File Sharing Huseyin Ozgur TAN. What is Peer-to-Peer?  Every node is designed to(but may not by user choice) provide some service that helps.

Peer to Peer File Sharing Huseyin Ozgur TAN. What is Peer-to-Peer?  Every node is designed to(but may not by user choice) provide some service that helps.
Vault: A Secure Binding Service Guor-Huar Lu, Changho Choi, Zhi-Li Zhang University of Minnesota.

Vault: A Secure Binding Service Guor-Huar Lu, Changho Choi, Zhi-Li Zhang University of Minnesota.
X Non-Transitive Connectivity and DHTs Mike Freedman Karthik Lakshminarayanan Sean Rhea Ion Stoica WORLDS 2005.

X Non-Transitive Connectivity and DHTs Mike Freedman Karthik Lakshminarayanan Sean Rhea Ion Stoica WORLDS 2005.
Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.

Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.
Efficient Content Location Using Interest-based Locality in Peer-to-Peer Systems Presented by: Lin Wing Kai.

Efficient Content Location Using Interest-based Locality in Peer-to-Peer Systems Presented by: Lin Wing Kai.
Peer-to-Peer Intro 5.4.2005 Jani & Sami Peltotalo.

Peer-to-Peer Intro Jani & Sami Peltotalo.
Object Naming & Content based Object Search 2/3/2003.

Object Naming & Content based Object Search 2/3/2003.
Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.

Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.
Topics in Reliable Distributed Systems 048961 Fall 2003-2004 Dr. Idit Keidar.

Topics in Reliable Distributed Systems Fall Dr. Idit Keidar.
1 CS 194: Distributed Systems Distributed Hash Tables Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer.

1 CS 194: Distributed Systems Distributed Hash Tables Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer.
Wide-area cooperative storage with CFS

Wide-area cooperative storage with CFS
Improving Data Access in P2P Systems Karl Aberer and Magdalena Punceva Swiss Federal Institute of Technology Manfred Hauswirth and Roman Schmidt Technical.

Improving Data Access in P2P Systems Karl Aberer and Magdalena Punceva Swiss Federal Institute of Technology Manfred Hauswirth and Roman Schmidt Technical.

Similar presentations

Ads by Google