Efficient DHT attack mitigation through peers' ID distribution

Thibault Cholez 1 Isabelle Chrisment 1 Olivier Festor 1
1 MADYNES - Management of dynamic networks and services
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : We present a new solution to protect the widely deployed KAD DHT against localized attacks which can take control over DHT entries. We show through measurements that the IDs distribution of the best peers found after a lookup process follows a geometric distribution. We then use this result to detect DHT attacks by comparing real peers' ID distributions to the theoretical one thanks to the Kullback-Leibler divergence. When an attack is detected, we propose countermeasures that progressively remove suspicious peers from the list of possible contacts to provide a safe DHT access. Evaluations show that our method detects the most efficient attacks with a very small false-negative rate, while countermeasures successfully filter almost all malicious peers involved in an attack. Moreover, our solution completely fits the current design of the KAD network and introduces no network overhead.
Type de document :
Communication dans un congrès
Seventh International Workshop on Hot Topics in Peer-to-Peer Systems - HotP2P 2010, Apr 2010, Atlanta, United States. 2010
Liste complète des métadonnées

https://hal.inria.fr/inria-00490509
Contributeur : Thibault Cholez <>
Soumis le : mardi 8 juin 2010 - 18:11:50
Dernière modification le : mardi 10 avril 2018 - 09:17:12
Document(s) archivé(s) le : vendredi 19 octobre 2012 - 15:45:46

Identifiants

  • HAL Id : inria-00490509, version 1

Collections

Citation

Thibault Cholez, Isabelle Chrisment, Olivier Festor. Efficient DHT attack mitigation through peers' ID distribution. Seventh International Workshop on Hot Topics in Peer-to-Peer Systems - HotP2P 2010, Apr 2010, Atlanta, United States. 2010. 〈inria-00490509〉

Partager

Métriques

Consultations de la notice

188

Téléchargements de fichiers

690