1 Query-Flood DoS Attacks in Gnutella by Andreas Legrum based upon a paper by Neil Daswani and Hector Garcia-Molina.

Slides:

Advertisements

Similar presentations

Peer-to-Peer and Social Networks An overview of Gnutella.

Advertisements

INF 123 SW ARCH, DIST SYS & INTEROP LECTURE 12 Prof. Crista Lopes.

Evaluation of a Scalable P2P Lookup Protocol for Internet Applications

Replication Strategies in Unstructured Peer-to-Peer Networks Edith Cohen Scott Shenker This is a modified version of the original presentation by the authors.

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.

© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—2-1 Implementing an EIGRP-Based Solution Advanced EIGRP Features in an Enterprise Network.

Efficient Search - Overview Improving Search In Peer-to-Peer Systems Presented By Jon Hess cs294-4 Fall 2003.

UNIVERSITY OF JYVÄSKYLÄ Building NeuroSearch – Intelligent Evolutionary Search Algorithm For Peer-to-Peer Environment Master’s Thesis by Joni Töyrylä

Improving Search in Peer-to-Peer Networks Beverly Yang Hector Garcia-Molina Presented by Shreeram Sahasrabudhe

1 An Overview of Gnutella. 2 History The Gnutella network is a fully distributed alternative to the centralized Napster. Initial popularity of the network.

Search and Replication in Unstructured Peer-to-Peer Networks Pei Cao, Christine Lv., Edith Cohen, Kai Li and Scott Shenker ICS 2002.

LightFlood: An Optimal Flooding Scheme for File Search in Unstructured P2P Systems Song Jiang, Lei Guo, and Xiaodong Zhang College of William and Mary.

Denial-of-Service Resilience in Peer-to-Peer Systems D. Dumitriu, E. Knightly, A. Kuzmanovic, I. Stoica and W. Zwaenepoel Presenter: Yan Gao.

Peer-to-Peer Networks João Guerreiro Truong Cong Thanh Department of Information Technology Uppsala University.

Open Problems in Data- Sharing Peer-to-Peer Systems Neil Daswani, Hector Garcia-Molina, Beverly Yang.

P2p, Spring 05 1 Topics in Database Systems: Data Management in Peer-to-Peer Systems March 29, 2005.

Evaluation of Ad hoc Routing Protocols under a Peer-to-Peer Application Authors: Leonardo Barbosa Isabela Siqueira Antonio A. Loureiro Federal University.

Tirgul 9 Amortized analysis Graph representation.

UNIVERSITY OF JYVÄSKYLÄ Chedar P2P platform InBCT 3.2 Peer-to-Peer communication Cheese Factory -project Research Assistant.

Multiple constraints QoS Routing Given: - a (real time) connection request with specified QoS requirements (e.g., Bdw, Delay, Jitter, packet loss, path.

Detecting Network Intrusions via Sampling : A Game Theoretic Approach Presented By: Matt Vidal Murali Kodialam T.V. Lakshman July 22, 2003 Bell Labs, Lucent.

DDoS Defense by Offense Presented by: Matthew C.H. Ma Damon Chan.

Paul Solomine Security of P2P Systems. P2P Systems Used to download copyrighted files illegally. The RIAA is watching you… Spyware! General users become.

1 Denial-of-Service Resilience in P2P File Sharing Systems Dan Dumitriu (EPFL) Ed Knightly (Rice) Aleksandar Kuzmanovic (Northwestern) Ion Stoica (Berkeley)

1 SLIC: A Selfish Link-based Incentive Mechanism for Unstructured P2P Networks Qixiang Sun Hector Garcia-Molina Stanford University.

Decentralized resource management for a distributed continuous media server Cyrus Shahabi and Farnoush Banaei-Kashani IEEE Transactions on Parallel and.

Locality-Aware Request Distribution in Cluster-based Network Servers 1. Introduction and Motivation --- Why have this idea? 2. Strategies --- How to implement?

Efficient Content Location Using Interest-based Locality in Peer-to-Peer Systems Presented by: Lin Wing Kai.

Keeping Peers Honest In EigenTrust Robert McGrew Joint work with Zoë Abrams and Serge Plotkin.

Exploiting Content Localities for Efficient Search in P2P Systems Lei Guo 1 Song Jiang 2 Li Xiao 3 and Xiaodong Zhang 1 1 College of William and Mary,

1 Maximizing Remote Work in Flooding-based P2P Systems Qixiang Sun Neil Daswani Hector Garcia-Molina Stanford University.

Flash Crowds And Denial of Service Attacks: Characterization and Implications for CDNs and Web Sites Aaron Beach Cs395 network security.

Bluenet a New Scatternet Formation Scheme * Huseyin Ozgur Tan * Zifang Wang,Robert J.Thomas, Zygmunt Haas ECE Cornell Univ*

Comparing Hybrid Peer-to-Peer Systems Beverly Yang and Hector Garcia-Molina Presented by Marco Barreno November 3, 2003 CS 294-4: Peer-to-peer systems.

Efficient Search in Peer to Peer Networks By: Beverly Yang Hector Garcia-Molina Presented By: Anshumaan Rajshiva Date: May 20,2002.

UNIVERSITY OF JYVÄSKYLÄ Resource Discovery Using NeuroSearch Presentation for the Agora Center InBCT-seminar Mikko Vapa, researcher InBCT 3.2.

UNIVERSITY OF JYVÄSKYLÄ Resource Discovery in Unstructured P2P Networks Distributed Systems Research Seminar on Mikko Vapa, research student.

UNIVERSITY OF JYVÄSKYLÄ Topology Management Algorithms in Chedar InBCT 3.2 Peer-to-Peer communication Cheese Factory -project

UNIVERSITY OF JYVÄSKYLÄ Topology Management in Unstructured P2P Networks Distributed Systems Research Seminar on Annemari Auvinen, Research Student.

1CS 6401 Peer-to-Peer Networks Outline Overview Gnutella Structured Overlays BitTorrent.

1 Napster & Gnutella An Overview. 2 About Napster Distributed application allowing users to search and exchange MP3 files. Written by Shawn Fanning in.

Introduction Widespread unstructured P2P network

“Intra-Network Routing Scheme using Mobile Agents” by Ajay L. Thakur.

Peer to Peer Research survey TingYang Chang. Intro. Of P2P Computers of the system was known as peers which sharing data files with each other. Build.

1 BitHoc: BitTorrent for wireless ad hoc networks Jointly with: Chadi Barakat Jayeoung Choi Anwar Al Hamra Thierry Turletti EPI PLANETE 28/02/2008 MAESTRO/PLANETE.

This document is for informational purposes only, and Tekelec reserves the right to change any aspect of the products, features or functionality described.

Chapter 22 Network Layer: Delivery, Forwarding, and Routing Part 5 Multicasting protocol.

Super-peer Network. Motivation: Search in P2P Centralised (Napster) Flooding (Gnutella)  Essentially a breadth-first search using TTLs Distributed Hash.

Quantitative Evaluation of Unstructured Peer-to-Peer Architectures Fabrício Benevenuto José Ismael Jr. Jussara M. Almeida Department of Computer Science.

Detection of Denial-of-Message Attacks on Sensor Network Broadcasts Jonathan M.McCune Elaine Shi Adrian Perrig and Michael K.Reiter.

1 Peer-to-Peer Technologies Seminar by: Kunal Goswami (05IT6006) School of Information Technology Guided by: Prof. C.R.Mandal, School of Information Technology.

Efficient P2P Search by Exploiting Localities in Peer Community and Individual Peers A DISC’04 paper Lei Guo 1 Song Jiang 2 Li Xiao 3 and Xiaodong Zhang.

Vulnerability in Socially-informed Peer-to-Peer Systems Jeremy Blackburn Nicolas Kourtellis Adriana Iamnitchi University of South Florida.

By Jonathan Drake.  The Gnutella protocol is simply not scalable  This is due to the flooding approach it currently utilizes  As the nodes increase.

P2p, Fall 06 1 Topics in Database Systems: Data Management in Peer-to-Peer Systems Search in Unstructured P2p.

Computer Networking P2P. Why P2P? Scaling: system scales with number of clients, by definition Eliminate centralization: Eliminate single point.

On Reducing Mesh Delay for Peer- to-Peer Live Streaming Dongni Ren, Y.-T. Hillman Li, S.-H. Gary Chan Department of Computer Science and Engineering The.

Evaluation GUESS and Non-Forwarding Peer-to-Peer search ICDCS paper Beverly Yang Patrick Vinograd Hector Garcia-Molina Computer Science Department, Stanford.

SPAN: An Energy-Efficient Coordination Algorithm for Topology Maintenance in Ad Hoc Wireless Networks Benjie Chen, Kyle Jamieson, Hari Balakrishnan, Robert.

Project Summary Fair and High Throughput Cache Partitioning Scheme for CMPs Shibdas Bandyopadhyay Dept of CISE University of Florida.

CS 347Notes081 CS 347: Parallel and Distributed Data Management Notes 08: P2P Systems.

School of Electrical Engineering &Telecommunications UNSW Cost-effective Broadcast for Fully Decentralized Peer-to-peer Networks Marius Portmann & Aruna.

SERENA: SchEduling RoutEr Nodes Activity in wireless ad hoc and sensor networks Pascale Minet and Saoucene Mahfoudh INRIA, Rocquencourt Le Chesnay.

Lecture 4 Page 1 CS 111 Summer 2013 Scheduling CS 111 Operating Systems Peter Reiher.

Distributed Caching and Adaptive Search in Multilayer P2P Networks Chen Wang, Li Xiao, Yunhao Liu, Pei Zheng The 24th International Conference on Distributed.

Comparison of Network Attacks COSC 356 Kyler Rhoades.

CHAPTER 3 Architectures for Distributed Systems

Peer-to-Peer and Social Networks

Improving Performance in the Gnutella Protocol

Presentation transcript:

1 Query-Flood DoS Attacks in Gnutella by Andreas Legrum based upon a paper by Neil Daswani and Hector Garcia-Molina

2 Overview What does DoS mean? How does Gnutella work? (simplified) Policies to select queries What is a good/malicious node? How to measure the damage inflicted? Examples for network topologies Which policies/topologies work best? Summary Questions

3 What does DoS mean? DoS: abbreviation for Denial of Service Normally done by flooding a PC with (useless) requests in order to cut CPU time for the other running processes including GUI. The PC seems to be frozen although he’s only trying to cope with the incoming data and so he’s no longer offering any useful service.

4 How does Gnutella work? (simplified) Network of supernodes Clients send their queries to the node they are connected to Nodes forward incoming queries to their neighbors and clients Queries have a TTL specifying the max. number of nodes to travel

5 Policies to select queries Reservation Ratio Incoming Allocation Strategy (IAS) Drop Strategy (DS) Reservation Ratio A fractal defining how many percent of a nodes query processing capacity is reserved for local peers. If there aren’t enough queries from local peers, left over capacity is used for remote peer’s queries (queries received from other supernodes).

6 Policies to select queries Incoming Allocation Strategy (IAS) Weighted IAS Nodes sending more queries will be given more processing capacity. So each connected node will have approximately the same percentage of queries served. Fractional IAS The available capacity is equally distributed among among all connected nodes, no matter how many queries they’ve sent. Leftover capacity is distributed by reapplying the strategy.

7 Policies to select queries Drop Strategy (DS) Queries are grouped by same source IP and TTL Proportional Each group has the same percentage of queries served. Equal Each group has the same amount of queries served. OrderByTTL (PreferHighTTL / PreferLowTTL) Queries with high/low TTL are served first. Again, leftover capacity is redistributed by reapplying.

8 What is a good/malicious node? not serving / forwarding incoming queries -> structural damage sending out lots of useless queries -> flooding damage Best modeled by setting the reservation ratio to 1 and having the node generate as much queries possible Characteristics of a malicious node: Characteristics of a good node: The model presented is simple enough to be modeled. To do so, we have to specify two kinds of nodes. Most nodes in the network are good nodes Trying to maximize the networks service by setting its reservation ratio close to the optimal value Modeled as a normal node; all good nodes are modeled having the same processing capacity and using the best average reservation ratio

9 How to measure the damage inflicted? The damage of query-flood DoS attacks is mainly a reduction of the amount of remote service the network is offering. To measure this damage, the service capacity has to be calculated before and after turning a good into a malicious node.

10 Examples for network topologies

11 Which policies/topologies work best? In order to test the effectiveness of the policies, tests had been run on simulated networks of nodes at worst-case conditions. This table shows the percentage loss in service after a node was turned into a malicious one: It’s easy to see that fractional/equal has the lowest loss.

12 Which policies/topologies work best? When comparing fractional/equal with weighted/proportional while the malicious node is at the worst possible point in the network, you see that the better policies might be up to 4.4 times better than worse ones.

13 Which policies/topologies work best? It also can be seen that the complete (K) topology takes the lowest damage when using the best policies. Unfortunately it may not be practically used in networks with thousands of clients. Also, malicious nodes at center positions may inflict higher damage then those at the borders of the network.

14 Summary It’s impossible to save an open network from malicious nodes, but by using efficient query selection policies the damage dealt may be reduced. Also some of the damage might be prevented by selecting an optimal topology and not having these nodes easily take a center position in the network.

15 Questions? Are there any questions?