Browse > Article
http://dx.doi.org/10.13089/JKIISC.2013.23.4.695

Preventing ID Mapping Attacks on DHT Networks through Non-Voluntary Node Locating  

Lee, Cheolho (Ajou University)
Choi, Kyunghee (Ajou University)
Chung, Kihyun (Ajou University)
Kim, Jongmyung (The Attached Institute of ETRI)
Yun, Youngtae (The Attached Institute of ETRI)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.23, no.4, 2013 , pp. 695-707 More about this Journal
Abstract
DHT(Distributed Hash Table) networks such as Kademlia are vulnerable to the ID mapping attack caused by the voluntary DHT mapping structure where the location of a node is solely determined by itself on the network topology. This causes security problems such as eclipse, DRDoS and botnet C&C on DHT networks. To prevent ID mapping attacks, we propose a non-voluntary DHT mapping scheme and perform analysis on NAT compatibility, attack resistance, and network dynamicity. Analysis results show that our approach may have an equivalent level of attack resistance comparing with other defense mechanisms and overcome their limitations including NAT compatibility and network dynamicity.
Keywords
DHT; Kademlia; overlay network; P2P; ID mapping;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Daniel Stutzbach and Reza Rejaie, "Understanding churn in peer-to-peer networks," in Proc. ACM SIGCOMM, 2006.
2 Scott A. Crosby and Dan S. Wallach, "An Analysis of BitTorrent's Two Kademlia- Based DHTs," Department of Computer Science, Rice University, Houston, TX, USA, Tech. Rep., TR-07-04, pp. 20-22, 2007.
3 M. Steiner and E. W. Biersack, "Crawling Azureus," Eurecom, Tech. Rep., RR-08-223, pp. 11-12, Jun. 2008.
4 The Pirate Bay, Jan. 2013. [Online]. Available: http://thepiratebay.org
5 Thibault Cholez, Isabelle Chrisment, and Olivier Festor, "Evaluation of Sybil Attacks Protection Schemes in KAD," In Proc. AIMS 2009, LNCS 5637, pp. 70-82, 2009.
6 RFC 5389, "Session Traversal Utilities for NAT (STUN)," IETF Network Working Group, Oct. 2008.
7 Jari Sundell, "libTorrent-rakShasa- 0.13.0," 2011. [Online]. Available: http://libtorrent.rakshasa.no/
8 L. DAcunto, J. A. Pouwelse, H. J. Sips, "A Measurement of NAT and Firewall Characteristics in Peer-to-peer Systems," in Proc. ASCI Conference, pp. 1-5, 2009.
9 B. Ford, P. Srisuresh, D. Kegel, "Peer-to-peer Communication Across Network Address Translators," in Proc. USENIX Annual Technical Conference, Apr. 2005.
10 Stuart Cheshire, Marc Krochmal, and Kiren Sekar, "NAT Port Mapping Protocol (NAT-PMP)," IETF Internet Draft, Jun. 2005.
11 ISO/IEC 29341, "UPnP Device Architecture," Dec. 2008.
12 Ping Wang, Baber Aslam, and Cliff C. Zou, "Peer-to-Peer Botnets: The Next Generation of Botnet Attacks," in Stavroulakis, Peter; Stamp, Mark (Eds): Handbook of Information and Communication Security, Chapter 18, Springer Press, pp. 335-350, 2010.
13 P. Maymounkov and D. Mazieres, "Kademlia: A peer-to-peer information system based on the XOR metric." in Proc. Peer-to-Peer Systems, First International Workshop, IPTPS 2002, LNCS, vol. 2429. Springer, pp.53-65, Mar. 2002.
14 Ping Wang, Lei Wu, Baber Aslam, and Cliff C. Zou, "A Systematic Study on Peer-to-Peer Botnets," in Proc. ICCCN, pp. 1-8, Aug. 2009.
15 G. Starnberger, C. Kruegel, and E. Kirda, "Overbot - a botnet protocol based on kademlia," in Proc. Security and Privacy in Communication Networks (Secure- Comm '08), no. 13, Sep. 2008.
16 X. Sun, R. Torres, and S. G. Rao, "On the feasibility of exploiting P2P systems to launch DDoS attacks," in Proc. Peer-to-Peer Networking and Applications, pp. 36-51, 2010.
17 RFC 5735, "Special Use IPv4 Address," IETF Network Working Group, Jan. 2010.
18 Yangyang Liu and Jianping Pan, "The Impact of NAT on BitTorrent-like P2P Systems," in Proc. Peer-to-Peer Computing, pp. 241-251, 2009.
19 Quynh Dang, "Recommendation for Applications using Approved Hash Algorithms," NIST Special Publication 800-107 rev. 1, pp. 8-11, Aug. 2012.
20 John R. Douceur, "The Sybil Attack," in Pro. 1st Int'l Workshop on Peer-to-Peer Systems (IPTPS), Mar. 2002.
21 Zhoujun Li and Xiaoming Chen, "Misusing Kademlia Protocol to Perform DDoS Attacks," in Pro. IEEE International Symposium on Parallel and Distributed Processing with Applications, pp. 80-86, Dec. 2008.
22 Moritz Steiner, Taoufik En-Najjary, and Ernst W. Biersack, "Long Term Study of Peer Behavior in the KAD DHT," IEEE/ACM Trans. Netw., vol. 17, pp. 1371-1384, Oct. 2009.   DOI   ScienceOn
23 Moritz Steiner, Taoufik En-najjary, and Ernst W. Biersack, "Exploiting KAD: possible uses and misuses," in Proc. ACM SIGCOMM Computer Communication Review, vol. 37, pp.65-70, Oct. 2007.
24 Thibault Cholez, Isabelle Chrisment, and Olivier Festor, "Monitoring and Controlling Content Access in KAD," in Proc. IEEE ICC, pp. 23-27, May 2010.
25 Jie Yu, Zhoujun Li, Peng Xiao, Chengfang Fang, Jia Xu and Ee-Chien Chang, "ID Repetition in Structured P2P Networks," The Computer Journal, vol. 54, no. 6, pp. 962-975, Mar. 2011.   DOI   ScienceOn
26 D. Cerri, A. Ghioni, S. Paraboschi, and S. Tiraboschi, "ID mapping attacks in p2p networks," in Proc. IEEE Global Communications Conference, pp. 1785-1790, 2005.
27 Andrew Loewenstern, "DHT Protocol," 2008. [Online]. Available: http://www.bittorrent.org/beps/bep 0005.html
28 Ingmar Baumgart and Sebastian Mies, "S/Kademlia: A Practicable Approach Towards Secure Key-Based Routing," in Proc. P2P-NVE 2007 in conjunction with ICPADS 2007, Hsinchu, Taiwan, vol. 2, pp. 1-8, Dec. 2007.
29 Arvid Norberg, "libtorrent-rasterbar- 0.15.6," 2011. [Online]. Available: http://www.rasterbar.com/products/libtorrent/
30 PengWang, James Tyra, Eric Chan-Tin, Tyson Malchow, Denis Foo Kue, Nicholas Hopper, and Yongdae Kim, "Attacking the Kad Network," in Proc. SecureComm, no. 23, 2008.