Final published version
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - Mitigating eclipse attacks in peer-to-peer networks
AU - Germanus, D.
AU - Roos, S.
AU - Strufe, T.
AU - Suri, Neeraj
PY - 2014/10/29
Y1 - 2014/10/29
N2 - Peer-to-Peer (P2P) protocols usage is proliferating for a variety of applications including time-and safety-critical ones. While the distributed design of P2P provides inherent fault tolerance to certain failures, the large-scale decentralized coordination exhibits various exploitable security threats. One of these key threats are Eclipse attacks, where a large fraction of malicious peers can surround, i.e., eclipse benign peers. Topology-aware localized Eclipse attacks (taLEAs) are a new class of such attacks that allows for highly efficient denial of service attacks with a small amount of malicious resources. Our contribution is twofold: First, we show the generic susceptibility of structured P2P protocols to taLEAs. Second, we propose a new lookup mechanism for the proactive and reactive detection and mitigation of such attacks. Our novel lookup mechanism complements the common deterministic lookup with randomized decisions in order to reduce the predictability of the lookup. We validate our proposed technique via extensive simulations, increasing the lookup success to 100% in many scenarios. © 2014 IEEE.
AB - Peer-to-Peer (P2P) protocols usage is proliferating for a variety of applications including time-and safety-critical ones. While the distributed design of P2P provides inherent fault tolerance to certain failures, the large-scale decentralized coordination exhibits various exploitable security threats. One of these key threats are Eclipse attacks, where a large fraction of malicious peers can surround, i.e., eclipse benign peers. Topology-aware localized Eclipse attacks (taLEAs) are a new class of such attacks that allows for highly efficient denial of service attacks with a small amount of malicious resources. Our contribution is twofold: First, we show the generic susceptibility of structured P2P protocols to taLEAs. Second, we propose a new lookup mechanism for the proactive and reactive detection and mitigation of such attacks. Our novel lookup mechanism complements the common deterministic lookup with randomized decisions in order to reduce the predictability of the lookup. We validate our proposed technique via extensive simulations, increasing the lookup success to 100% in many scenarios. © 2014 IEEE.
KW - Distributed Hash Table
KW - Localized Eclipse Attack
KW - Mitigation
KW - Peer-to-Peer Protocol
KW - Security
KW - Denial-of-service attack
KW - Distributed computer systems
KW - Fault tolerance
KW - Network security
KW - Secure communication
KW - Telecommunication networks
KW - Peer-to-peer protocols
KW - Peer to peer networks
U2 - 10.1109/CNS.2014.6997509
DO - 10.1109/CNS.2014.6997509
M3 - Conference contribution/Paper
SN - 9781479958900
SP - 400
EP - 408
BT - 2014 IEEE Conference on Communications and Network Security
PB - Springer-Verlag
ER -