Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Query-Flood DoS Attacks in Gnutella by Andreas Legrum based upon a paper by Neil Daswani and Hector Garcia-Molina.

Published byAlban Leonard Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Query-Flood DoS Attacks in Gnutella by Andreas Legrum based upon a paper by Neil Daswani and Hector Garcia-Molina."— Presentation transcript:

1 1 Query-Flood DoS Attacks in Gnutella by Andreas Legrum based upon a paper by Neil Daswani and Hector Garcia-Molina

2 2 Overview What does DoS mean? How does Gnutella work? (simplified) Policies to select queries What is a good/malicious node? How to measure the damage inflicted? Examples for network topologies Which policies/topologies work best? Summary Questions

3 3 What does DoS mean? DoS: abbreviation for Denial of Service Normally done by flooding a PC with (useless) requests in order to cut CPU time for the other running processes including GUI. The PC seems to be frozen although he’s only trying to cope with the incoming data and so he’s no longer offering any useful service.

4 4 How does Gnutella work? (simplified) Network of supernodes Clients send their queries to the node they are connected to Nodes forward incoming queries to their neighbors and clients Queries have a TTL specifying the max. number of nodes to travel

5 5 Policies to select queries Reservation Ratio Incoming Allocation Strategy (IAS) Drop Strategy (DS) Reservation Ratio A fractal defining how many percent of a nodes query processing capacity is reserved for local peers. If there aren’t enough queries from local peers, left over capacity is used for remote peer’s queries (queries received from other supernodes).

6 6 Policies to select queries Incoming Allocation Strategy (IAS) Weighted IAS Nodes sending more queries will be given more processing capacity. So each connected node will have approximately the same percentage of queries served. Fractional IAS The available capacity is equally distributed among among all connected nodes, no matter how many queries they’ve sent. Leftover capacity is distributed by reapplying the strategy.

7 7 Policies to select queries Drop Strategy (DS) Queries are grouped by same source IP and TTL Proportional Each group has the same percentage of queries served. Equal Each group has the same amount of queries served. OrderByTTL (PreferHighTTL / PreferLowTTL) Queries with high/low TTL are served first. Again, leftover capacity is redistributed by reapplying.

8 8 What is a good/malicious node? not serving / forwarding incoming queries -> structural damage sending out lots of useless queries -> flooding damage Best modeled by setting the reservation ratio to 1 and having the node generate as much queries possible Characteristics of a malicious node: Characteristics of a good node: The model presented is simple enough to be modeled. To do so, we have to specify two kinds of nodes. Most nodes in the network are good nodes Trying to maximize the networks service by setting its reservation ratio close to the optimal value Modeled as a normal node; all good nodes are modeled having the same processing capacity and using the best average reservation ratio

9 9 How to measure the damage inflicted? The damage of query-flood DoS attacks is mainly a reduction of the amount of remote service the network is offering. To measure this damage, the service capacity has to be calculated before and after turning a good into a malicious node.

10 10 Examples for network topologies

11 11 Which policies/topologies work best? In order to test the effectiveness of the policies, tests had been run on simulated networks of 14- 16 nodes at worst-case conditions. This table shows the percentage loss in service after a node was turned into a malicious one: It’s easy to see that fractional/equal has the lowest loss.

12 12 Which policies/topologies work best? When comparing fractional/equal with weighted/proportional while the malicious node is at the worst possible point in the network, you see that the better policies might be up to 4.4 times better than worse ones.

13 13 Which policies/topologies work best? It also can be seen that the complete (K) topology takes the lowest damage when using the best policies. Unfortunately it may not be practically used in networks with thousands of clients. Also, malicious nodes at center positions may inflict higher damage then those at the borders of the network.

14 14 Summary It’s impossible to save an open network from malicious nodes, but by using efficient query selection policies the damage dealt may be reduced. Also some of the damage might be prevented by selecting an optimal topology and not having these nodes easily take a center position in the network.

15 15 Questions? Are there any questions?

Download ppt "1 Query-Flood DoS Attacks in Gnutella by Andreas Legrum based upon a paper by Neil Daswani and Hector Garcia-Molina."

Similar presentations

Peer-to-Peer and Social Networks An overview of Gnutella.

Peer-to-Peer and Social Networks An overview of Gnutella.
INF 123 SW ARCH, DIST SYS & INTEROP LECTURE 12 Prof. Crista Lopes.

INF 123 SW ARCH, DIST SYS & INTEROP LECTURE 12 Prof. Crista Lopes.
Evaluation of a Scalable P2P Lookup Protocol for Internet Applications

Evaluation of a Scalable P2P Lookup Protocol for Internet Applications
Replication Strategies in Unstructured Peer-to-Peer Networks Edith Cohen Scott Shenker This is a modified version of the original presentation by the authors.

Replication Strategies in Unstructured Peer-to-Peer Networks Edith Cohen Scott Shenker This is a modified version of the original presentation by the authors.
Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—2-1 Implementing an EIGRP-Based Solution Advanced EIGRP Features in an Enterprise Network.

© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—2-1 Implementing an EIGRP-Based Solution Advanced EIGRP Features in an Enterprise Network.
Efficient Search - Overview Improving Search In Peer-to-Peer Systems Presented By Jon Hess cs294-4 Fall 2003.

Efficient Search - Overview Improving Search In Peer-to-Peer Systems Presented By Jon Hess cs294-4 Fall 2003.
UNIVERSITY OF JYVÄSKYLÄ Building NeuroSearch – Intelligent Evolutionary Search Algorithm For Peer-to-Peer Environment Master’s Thesis by Joni Töyrylä 3.9.2004.

UNIVERSITY OF JYVÄSKYLÄ Building NeuroSearch – Intelligent Evolutionary Search Algorithm For Peer-to-Peer Environment Master’s Thesis by Joni Töyrylä
Improving Search in Peer-to-Peer Networks Beverly Yang Hector Garcia-Molina Presented by Shreeram Sahasrabudhe

Improving Search in Peer-to-Peer Networks Beverly Yang Hector Garcia-Molina Presented by Shreeram Sahasrabudhe
1 An Overview of Gnutella. 2 History The Gnutella network is a fully distributed alternative to the centralized Napster. Initial popularity of the network.

1 An Overview of Gnutella. 2 History The Gnutella network is a fully distributed alternative to the centralized Napster. Initial popularity of the network.
Search and Replication in Unstructured Peer-to-Peer Networks Pei Cao, Christine Lv., Edith Cohen, Kai Li and Scott Shenker ICS 2002.

Search and Replication in Unstructured Peer-to-Peer Networks Pei Cao, Christine Lv., Edith Cohen, Kai Li and Scott Shenker ICS 2002.
LightFlood: An Optimal Flooding Scheme for File Search in Unstructured P2P Systems Song Jiang, Lei Guo, and Xiaodong Zhang College of William and Mary.

LightFlood: An Optimal Flooding Scheme for File Search in Unstructured P2P Systems Song Jiang, Lei Guo, and Xiaodong Zhang College of William and Mary.
Denial-of-Service Resilience in Peer-to-Peer Systems D. Dumitriu, E. Knightly, A. Kuzmanovic, I. Stoica and W. Zwaenepoel Presenter: Yan Gao.

Denial-of-Service Resilience in Peer-to-Peer Systems D. Dumitriu, E. Knightly, A. Kuzmanovic, I. Stoica and W. Zwaenepoel Presenter: Yan Gao.
Peer-to-Peer Networks João Guerreiro Truong Cong Thanh Department of Information Technology Uppsala University.

Peer-to-Peer Networks João Guerreiro Truong Cong Thanh Department of Information Technology Uppsala University.
Open Problems in Data- Sharing Peer-to-Peer Systems Neil Daswani, Hector Garcia-Molina, Beverly Yang.

Open Problems in Data- Sharing Peer-to-Peer Systems Neil Daswani, Hector Garcia-Molina, Beverly Yang.
P2p, Spring 05 1 Topics in Database Systems: Data Management in Peer-to-Peer Systems March 29, 2005.

P2p, Spring 05 1 Topics in Database Systems: Data Management in Peer-to-Peer Systems March 29, 2005.
Evaluation of Ad hoc Routing Protocols under a Peer-to-Peer Application Authors: Leonardo Barbosa Isabela Siqueira Antonio A. Loureiro Federal University.

Evaluation of Ad hoc Routing Protocols under a Peer-to-Peer Application Authors: Leonardo Barbosa Isabela Siqueira Antonio A. Loureiro Federal University.
Tirgul 9 Amortized analysis Graph representation.

Tirgul 9 Amortized analysis Graph representation.
UNIVERSITY OF JYVÄSKYLÄ Chedar P2P platform InBCT 3.2 Peer-to-Peer communication Cheese Factory -project Research Assistant.

UNIVERSITY OF JYVÄSKYLÄ Chedar P2P platform InBCT 3.2 Peer-to-Peer communication Cheese Factory -project Research Assistant.
Multiple constraints QoS Routing Given: - a (real time) connection request with specified QoS requirements (e.g., Bdw, Delay, Jitter, packet loss, path.

Multiple constraints QoS Routing Given: - a (real time) connection request with specified QoS requirements (e.g., Bdw, Delay, Jitter, packet loss, path.

Similar presentations

Ads by Google