3 research outputs found
A Model to Quantify the Success of a Sybil Attack Targeting RELOAD/Chord Resources
The Sybil attack is one of the most harmful security threats for distributed hash tables (DHTs). This attack is not only a theoretical one, but it has been spotted "in the wild", and even performed by researchers themselves to demonstrate its feasibility. In this letter we analyse the Sybil attack whose objective is that the targeted resource cannot be accessed by any user of a Chord DHT, by replacing all the replica nodes that store it with sybils. In particular, we propose a simple, yet complete model that provides the number of random node-IDs that an attacker would need to generate in order to succeed with certain probability. Therefore, our model enables to quantify the cost of performing a Sybil resource attack on RELOAD/Chord DHTs more accurately than previous works, and thus establishes the basis to measure the effectiveness of different solutions proposed in the literature to prevent or mitigate Sybil attacks.This work has been
partially supported by the EU FP7 TREND project (257740), the Spanish
T2C2 project (TIN2008-06739-C04-01) and the Madrid MEDIANET project
(S-2009/TIC-1468).European Community's Seventh Framework ProgramPublicad
Detection and mitigation of the eclipse attack in chord overlays
Distributed hash table-based overlays are widely used to support efficient information
routing and storage in structured peer-to-peer networks, but they are also subject to numerous
attacks aimed at disrupting their correct functioning. In this paper, we analyse the impact of the
eclipse attack on a chord-based overlay in terms of number of key lookups intercepted by a
collusion of malicious nodes. We propose a detection algorithm for the individuation of ongoing
attacks to the chord overlay, relying on features that can be independently estimated by each
network peer, which are given as input to a C4.5-based binary classifier. Moreover, we propose
some modifications to the chord routing protocol in order to mitigate the effects of such attacks.
The countermeasures introduce a limited traffic overhead and can operate either in a distributed
fashion or assuming the presence of a centralised trusted entity. Numerical results show the
effectiveness of the proposed mitigation techniques