Analysing the Security of Incentive Schemes in P2P-based File-sharing Systems

For Peer-to-Peer (P2P) file-sharing services cooperation is essential. However, peers behave rationally and try to maximise their benefits, while minimising their effort. To increase system performance incentive schemes are used to enforce cooperation. Nonetheless, so called free-riders and malicious peers try to attack these incentive schemes. In this paper we will first explain two popular P2P file-sharing applications (BitTorrent and eMule), especially focusing on their incentive mechanisms. We then discuss incentive schemes in general, introducing genuine and artificial incentives and providing a taxonomy for incentives. We show that genuine incentive are regarded robust, since they are implemented directly into the service. Finally, we discuss attacks on P2P incentive schemes. We categorize the attacks in four classes: rational attacks, Denial-of-Service (DoS) attacks, ID-based attacks and collusion attacks. We show that with these attacks, it is possible to bypass incentive mechanisms and disturb P2P file-sharing services. We show that numerous attacks against BitTorrent are available and the current BitTorrent and BitTorrent private tracker incentives can be bypassed completely. We will further discover that eMule is insufficiently reasearched and few attacks exists. Finally, we introduce countermeasures, which prevent most of the analysed attacks.