Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - PASS
T2 - An Address Space Slicing Framework for P2P Eclipse Attack Mitigation
AU - Germanus, D.
AU - Ismail, H.
AU - Suri, Neeraj
PY - 2015/9/28
Y1 - 2015/9/28
N2 - The decentralized design of Peer-To-Peer (P2P) protocols inherently provides for fault tolerance to non-malicious faults. However, the base P2P scalability and decentralization requirements often result in design choices that negatively impact their robustness to varied security threats. A prominent vulnerability are Eclipse attacks that aim at information hiding and consequently perturb a P2P overlay's reliable service delivery. Divergent lookups constitute an advocated mitigation technique but are size-limited to overlay networks with tens of thousands of peers. In this work, building upon divergent lookups, we propose a novel and scalable P2P address space slicing strategy (PASS) to efficiently mitigate attacks in overlays that host hundreds of thousands of peers. Moreover, we integrate and evaluate diversely designed lookup variants to assess their network overhead and mitigation rates. The proposed PASS approach shows mitigation rates reaching up to 100%. © 2015 IEEE.
AB - The decentralized design of Peer-To-Peer (P2P) protocols inherently provides for fault tolerance to non-malicious faults. However, the base P2P scalability and decentralization requirements often result in design choices that negatively impact their robustness to varied security threats. A prominent vulnerability are Eclipse attacks that aim at information hiding and consequently perturb a P2P overlay's reliable service delivery. Divergent lookups constitute an advocated mitigation technique but are size-limited to overlay networks with tens of thousands of peers. In this work, building upon divergent lookups, we propose a novel and scalable P2P address space slicing strategy (PASS) to efficiently mitigate attacks in overlays that host hundreds of thousands of peers. Moreover, we integrate and evaluate diversely designed lookup variants to assess their network overhead and mitigation rates. The proposed PASS approach shows mitigation rates reaching up to 100%. © 2015 IEEE.
KW - Distributed Hash Table
KW - Localized Eclipse Attack
KW - Lookup
KW - Mitigation
KW - Peer-To-Peer Networks
KW - Security
KW - Distributed computer systems
KW - Fault tolerance
KW - Fault tolerant computer systems
KW - Network security
KW - Overlay networks
KW - Telecommunication networks
KW - Lookups
KW - Peer to peer networks
U2 - 10.1109/SRDS.2015.14
DO - 10.1109/SRDS.2015.14
M3 - Conference contribution/Paper
SP - 74
EP - 83
BT - 2015 IEEE 34th Symposium on Reliable Distributed Systems (SRDS)
PB - IEEE
ER -