More Web Proxy on the site http://driver.im/

Article

Query-flood DoS attacks in gnutella

Authors:

Hector Garcia-MolinaAuthors Info & Claims

CCS '02: Proceedings of the 9th ACM conference on Computer and communications security

Pages 181 - 192

https://doi.org/10.1145/586110.586136

Published: 18 November 2002 Publication History

Abstract

We describe a simple but effective traffic model that can be used to understand the effects of denial-of-service (DoS) attacks based on query floods in Gnutella networks. We run simulations based on the model to analyze how different choices of network topology and application level load balancing policies can minimize the effect of these types of DoS attacks. In addition, we also study how damage caused by query floods is distributed throughout the network, and how application-level policies can localize the damage.

References

[1]

Cert advisory ca-2000-01 denial-of-service developments. http://www.cert.org/ advisories/ CA-2000-01.html, January 2000.

[2]

Edward Amoroso. A policy model for denial of service. In Proc. Computer Security Foundations Workshop III, pages 110--114, Franconia, NH USA, June 1990. IEEE Computer Society Press.

[3]

Icmp traceback messages. http://www. silicondefense. com/research/itrex/archive/tracing-papers/draft-bellovin-itrace-00.txt.

[4]

Arturo Crespo and Hector Garcia-Molina. Routing indexes for peer-to-peer systems. Technical report, Stanford Univ., CS Dept., 2001.

[5]

David Ratajczak, Dahlia Malkhi, Moni Naor. Viceroy: A scalable and dynamic lookup network. Proc. ACM PODC '02, August 2002.

[6]

R. Dingledine, M. Freedman, and D. Molnar. The free haven project: distributed anonymous storage service. Proc. of the Workshop on Design Issues in Anonymity and Unobservability, Berkeley, CA, USA. Springer: New York (2001)., 2001.

Digital Library

[7]

P. Ferguson and D. Senie. Network ingress filtering: Defeating denial of service attacks which employ ip source address spoofing. In IETF RFC 2267, 1998.

Digital Library

[8]

Lee Garber. Denial-of-service attacks rip the internet. Computer, pages 12--17, April 2000.

Digital Library

[9]

E.A. Hyden. Operating system support for quality of service. Ph.D. Thesis, University of Cambridge, 1994.

[10]

Kazaa home page. http://www.kazaa.com/.

[11]

Angelos D. Keromytis, Vishal Misra, and Dan Rubenstein. Secure overlay services. In Proc. of the ACM SIGCOMM Conference, August 2002.

Digital Library

[12]

R. Lethin. Reputation. In Peer-to-peer: Harnessing the power of disruptive technologies. ed. Andy Oram, O'Reilly and Associates, March 2001.

[13]

Limewire home page. http://www.limewire.com/.

[14]

Aviel D. Rubin, Marc Waldman, and Lorrie Faith Cranor. Publius: A robust, tamper-evident, censorship-resistant, web publishing system. In Proc. 9th USENIX Security, August 2000.

Digital Library

[15]

Mojo nation technical overview home page. http://www.mojonation.net/docs/technical\_overview.shtml.

[16]

D. Moore, G. Voelker, and S. Savage. Inferring internet denial of service activity. In Proc. 2001 USENIX Security, Washington D.C., August 2001.

Digital Library

[17]

Morpheus home page. http://www.musiccity.com.

[18]

R. M. Needham. Denial of service. In Proc. 1st ACM CCS, pg 151--153, Fairfax, Virginia, November 1993.

Digital Library

[19]

Roger M. Needham. Denial of service: an example. Comm. of the ACM, 37(11):42--46, 1994.

Digital Library

[20]

Peter G. Neumann. Inside risks: denial-of-service attacks. Comm. of the ACM, 43(4):136--136, 2000.

Digital Library

[21]

Flow control algorithm for distributed 'broadcast-route' networks with reliable transport links. http://www.grouter.net/ gnutella/flowcntl.htm.

[22]

T. Ptacek and T. Newsham. Insertion, evasion, and denial of service: Eluding network intrusion detection. Technical report, Secure Networks, Inc., January 1998.

[23]

N. Daswani and H. Garcia-Molina. Query-flood DoS Attacks in Gnutella Networks (Extended Version). Technical Report, Stanford Univ. CS Dept.

[24]

S. Ratnasamy, P. Francis, M. Handley, R. Karp, and S. Shenker. A scalable content-addressable network. ACM SIGCOMM, 2001.

Digital Library

[25]

Reputation technologies home page. http://reputation.com.

[26]

R. Dingledine. The free haven project: Design and deployment of an anonymous secure data haven. MIT Masters Thesis May 2000.

[27]

Sachrifc: Simple flow control for gnutella. http://www.limewire.com/ developer/ sachrifc.html.

[28]

A. Rowstron, P. Druschel. Pastry: Scalable distributed object location and routing for largescale peer-to-peer systems. In Proc. IFIP/ACM Middleware, Heidelberg, Germany, November 2001.

Digital Library

[29]

C. L. Schuba, I. V. Krsul, M. G. Kuhn, E. H. Spafford, A. Sundaram, and D. Zamboni. Analysis of a denial of service attack on TCP. In Proc. 1997 IEEE Symposium on Security and Privacy, pages 208--223. IEEE Computer Society Press, May 1997.

Digital Library

[30]

Ultrapeers: Another step towards gnutella scalability. http://groups.yahoo.com/group/the\_gdf/files/Proposals/Ultrapeer/Ultrapeers.html.

[31]

A. C. Snoeren, C. Partridge, L. A. Sanchez, C. E. Jones, F. Tchakountio, S. T. Kent, and W. T. Strayer. Hash-based ip traceback. In Proc. of the ACM SIGCOMM 2001 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, August 2001., 2001.

Digital Library

[32]

O. Spatscheck and L. L. Peterson. Defending against denial of service attacks in scout. In Operating Systems Design and Implementation, pages 59--72, 1999.

Digital Library

[33]

A. Karlin, S. Savage, D. Wetherall, and T. Anderson. Network support for ip traceback. In ACM/IEEE Transactions on Networking, 9(3), June 2001.

Digital Library

[34]

A. Karlin, S. Savage, D. Wetherall and T. Anderson. Practical network support for ip traceback. In Proc. 2000 ACM SIGCOMM Conference, Stockholm, Sweden, August 2000.

Digital Library

[35]

I. Stoica, R. Morris, D. Karger, M. Kaashoek, and H. Balakrishnan. Chord: A scalable peer-to-peer lookup service for internet applications. Technical Report TR-819, MIT, March 2001.

[36]

B. Yang and H. Garcia-Molina. Designing a super-peer network. Submitted for publication.

[37]

Beverly Yang and Hector Garcia-Molina. Efficient search in peer-to-peer networks. Technical report, Stanford Univ., CS Dept., 2001.

[38]

C. Yu and V. Gligor. A formal specification and verification method for the prevention of denial of service. In Proc. 1988 IEEE Symposium on Security and Privacy, pages 187--202, Oakland, CA. IEEE Computer Society Press. 117, 1988.

[39]

B. Zhao, J. Kubiatowicz, and A. Joseph. Tapestry: An infrastructure for fault-resilient wide-area location and routing. Technical Report UCB//CSD-01-1141, U. C. Berkeley, April 2001.

Digital Library

[40]

L. Peterson and B. Davie. Computer Networks: A Systems Approach. Morgan Kaufman: SF (2000).

Digital Library

Cited By

Lyu MGharakheili HRussell CSivaraman V(2021)Hierarchical Anomaly-Based Detection of Distributed DNS Attacks on Enterprise NetworksIEEE Transactions on Network and Service Management10.1109/TNSM.2021.305009118:1(1031-1048)Online publication date: Mar-2021
https://doi.org/10.1109/TNSM.2021.3050091
Hota CNarang PReddy J(2016)Unwanted Traffic Identification in Large-Scale University Networks: A Case StudyBig Data Analytics10.1007/978-81-322-3628-3_9(163-187)Online publication date: 13-Oct-2016
https://doi.org/10.1007/978-81-322-3628-3_9
Narang PHota C(2015)Game-theoretic strategies for IDS deployment in peer-to-peer networksInformation Systems Frontiers10.1007/s10796-015-9582-117:5(1017-1028)Online publication date: 1-Oct-2015
https://dl.acm.org/doi/10.1007/s10796-015-9582-1
Show More Cited By

Index Terms

Query-flood DoS attacks in gnutella
1. Computing methodologies
  1. Modeling and simulation
2. Information systems
  1. Information retrieval
    1. Search engine architectures and scalability
      1. Distributed retrieval
      2. Peer-to-peer retrieval
  2. Information storage systems
    1. Storage architectures
      1. Distributed storage
      2. Storage network architectures

Recommendations

Denial-of-service attacks and countermeasures on BitTorrent

BitTorrent has been widely used for the efficient distribution of files, such as digital content and media files, to very large numbers of users. However, previous work has exposed vulnerabilities in the protocol and demonstrated that they can be ...
DoS Attacks on Blockchain Ecosystem
Euro-Par 2021: Parallel Processing Workshops
Abstract
Denial of Service (DoS) attacks are a growing threat in network services. The frequency and intensity of DoS attacks are rapidly increasing day by day. The immense financial potential of the Cryptocurrency market is a prevalent target of the DoS ...
Securing Structured Overlays against Identity Attacks

Structured overlay networks can greatly simplify data storage and management for a variety of distributed applications. Despite their attractive features, these overlays remain vulnerable to the Identity attack, where malicious nodes assume control of ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '02: Proceedings of the 9th ACM conference on Computer and communications security

November 2002

284 pages

ISBN:1581136129

DOI:10.1145/586110

Editor:
Vijay Atluri
Rutgers University
,
General Chair:
Sushil Jajodia
George Mason University
,
Program Chair:
Ravi Sandhu
SingleSignOn.Net and George Mason University

Copyright © 2002 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 November 2002

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

CCS02

Sponsor:

CCS02: ACM Conference on Computer and Communications Security

November 18 - 22, 2002

Washington, DC, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

55
Total Citations
View Citations
1,593
Total Downloads

Downloads (Last 12 months)6
Downloads (Last 6 weeks)1

Reflects downloads up to 04 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Lyu MGharakheili HRussell CSivaraman V(2021)Hierarchical Anomaly-Based Detection of Distributed DNS Attacks on Enterprise NetworksIEEE Transactions on Network and Service Management10.1109/TNSM.2021.305009118:1(1031-1048)Online publication date: Mar-2021
https://doi.org/10.1109/TNSM.2021.3050091
Hota CNarang PReddy J(2016)Unwanted Traffic Identification in Large-Scale University Networks: A Case StudyBig Data Analytics10.1007/978-81-322-3628-3_9(163-187)Online publication date: 13-Oct-2016
https://doi.org/10.1007/978-81-322-3628-3_9
Narang PHota C(2015)Game-theoretic strategies for IDS deployment in peer-to-peer networksInformation Systems Frontiers10.1007/s10796-015-9582-117:5(1017-1028)Online publication date: 1-Oct-2015
https://dl.acm.org/doi/10.1007/s10796-015-9582-1
Touceda DSierra JIzquierdo ASchulzrinne H(2011)Survey of Attacks and Defenses on P2PSIP CommunicationsIEEE Communications Surveys & Tutorials10.1109/SURV.2011.060711.00152Online publication date: 2011
https://doi.org/10.1109/SURV.2011.060711.00152
Zhao KMa XYang J(2011)Efficient Flooding SearchProceedings of the 2011 International Conference on Computational and Information Sciences10.1109/ICCIS.2011.141(1112-1115)Online publication date: 21-Oct-2011
https://dl.acm.org/doi/10.1109/ICCIS.2011.141
Qwasmi NAhmed FLiscano R(2011)Simulation of DDOS Attacks on P2P NetworksProceedings of the 2011 IEEE International Conference on High Performance Computing and Communications10.1109/HPCC.2011.86(610-614)Online publication date: 2-Sep-2011
https://dl.acm.org/doi/10.1109/HPCC.2011.86
Tseng YChen F(2011)A free-rider aware reputation system for peer-to-peer file-sharing networksExpert Systems with Applications: An International Journal10.1016/j.eswa.2010.08.03238:3(2432-2440)Online publication date: 1-Mar-2011
https://dl.acm.org/doi/10.1016/j.eswa.2010.08.032
Mejías BVan Roy P(2010)BeernetInternational Journal of Adaptive, Resilient and Autonomic Systems10.4018/jaras.20100701011:3(1-24)Online publication date: 1-Jul-2010
https://dl.acm.org/doi/10.4018/jaras.2010070101
Qi MYang Y(2009)P2P DDoSProceedings of the 6th international conference on Fuzzy systems and knowledge discovery - Volume 710.5555/1802134.1802194(265-268)Online publication date: 14-Aug-2009
https://dl.acm.org/doi/10.5555/1802134.1802194
Yue XQiu XJi YZhang C(2009)P2P attack taxonomy and relationship analysisProceedings of the 11th international conference on Advanced Communication Technology - Volume 210.5555/1701835.1701893(1207-1210)Online publication date: 15-Feb-2009
https://dl.acm.org/doi/10.5555/1701835.1701893
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents