P2P routing table poisoning: A quorum-based sanitizing approach

Peer-to-Peer (P2P) protocols underlie multiple networked applications given that the P2P decentralized design inherently fosters scalability and robustness. While distributiveness and scalability are attractive features, these facets also increase exposure to malicious peers which can propagate malicious routing information. Accordingly, a diverse set of continuously evolving attacks can be mounted that can cause severe service impairments over the entire overlay network. Most proposed countermeasures focus on providing diversity or redundancy to overcome malicious routing information with their emphasis on periodic detection/removal mechanisms done locally within a peer as continuous monitoring or global sharing of peer status entails high costs. However, a local approach naturally also limits the global effectiveness prompting the need for distributed solutions. In this work, we build upon contemporary distributed solutions (that developed specific attack detection and mitigation techniques for specific overlay types and specific attacks), to propose a generalized attack detection and mitigation approach applicable to varied overlay and attack models. Consequently, we propose a novel and efficient routing table sanitizing approach that (a) is independent of a specific attack variant, lookup approach or a specific victim set, (b) continuously detects and subsequently removes malicious routing information based on distributed quorum decisions, and (c) efficiently forwards malicious information findings to other peers which allows for progressive global sanitizing. The generalized mechanism shows a high sanitizing accuracy of up to 90% when evaluated against a generalized attack scenario with various adversarial behaviors.