The Eclipse attack

Abstract

Overlay networks are widely used to deploy functionality at edge nodes without changing network routers. Each node in an overlay network maintains pointers to a set of neighbor nodes. These pointers are used both to maintain the overlay and to implement application functionality. If an attacker controls a large fraction of the neighbors of correct nodes, it can "eclipse" correct nodes and prevent correct overlay operation. Even if the attacker controls only a small fraction of the overlay nodes, it may be able to launch the Eclipse attack by manipulating the overlay maintenance algorithm. This thesis discusses the impact of Eclipse attack on several type of overlays and presents the design, implementation and evaluation of a new defense that can be applied to any overlay. Additionally, the proposed defense enables secure implementations of overlay optimizations that choose neighbors according to metrics like proximity or node capacity