DDoS Vulnerability Analysis of Bittorrent Protocol
نویسنده
چکیده
Bittorrent (BT) traffic had been reported to contribute to 30% of the Internet traffic nowadays and the number of participants have been growing rapidly. For such a protocol that significantly involved in the Internet traffic, the robustness and security must be evaluated carefully. In this paper, we analyze the BT protocol and identify several potential vulnerabilities available for malicious Internet users to exploit and leverage them and launch Distributed Denial of Service (DDoS) attack. We demonstrate such possibility by launching a DDoS attack using one of the methods studied and reveal some measurements recorded on such attack. We then propose fixes to the existing BT protocol and discuss critical issues when designing a peer-to-peer (P2P) network in the future.
منابع مشابه
F-STONE: A Fast Real-Time DDOS Attack Detection Method Using an Improved Historical Memory Management
Distributed Denial of Service (DDoS) is a common attack in recent years that can deplete the bandwidth of victim nodes by flooding packets. Based on the type and quantity of traffic used for the attack and the exploited vulnerability of the target, DDoS attacks are grouped into three categories as Volumetric attacks, Protocol attacks and Application attacks. The volumetric attack, which the pro...
متن کاملVulnerability of the Process Communication Model in Bittorrent Protocol
BitTorrent is the most extensively used protocol in peer-to-peer systems. Its clients are widely spread worldwide and account for a large fraction of today’s Internet traffic. This paper will discuss potential attack that exploits a certain vulnerability of BitTorrent based systems. Code injection refers to force a code – which may be malicious to run inside another benign code, by inserting it...
متن کاملComplementing Security Breach of Authentication by Using Shared Authentication Information in Mobile WiMAX Networks
The signalling protocol vulnerability opens DDoS problem in Mobile WiMAX networks. This letter proposes an authentication method that uses the unrevealed upper 64 bits of Cipher-based MAC as a solution. It runs for MSs in idle mode and reduces the calculation complexity by 59% under DDoS attack while incurring 1% overhead under normal condition. key words: SAI, protocol vulnerability, DDoS, aut...
متن کاملAttacks on Message Stream Encryption
Message Stream Encryption (MSE) provides obfuscation, data confidentiality, and limited authentication to BitTorrent clients. Although obfuscation of header and payload data was the main design goal of MSE, users understandably still expect data confidentiality and authentication from their BitTorrent clients. In this paper, we present numerous attacks on the MSE protocol itself, independent of...
متن کاملAnalyzing the Propagation of IoT Botnets from DNS Leakage
Mirai and Hajime are two large botnets that came to prominence in the Fall of 2016, notably due to Mirai’s launching of several large DDoS attacks. The propagation method of the two botnets is similar, drawing upon poor security measures in IoT devices. While reverseengineering efforts have detailed the propagation logic, measuring the actual growth of each botnet remains difficult, with curren...
متن کامل