A Model to Quantify the Success of a Sybil Attack Targeting RELOAD/Chord Resources

The Sybil attack is one of the most harmful security threats for distributed hash tables (DHTs). This attack is not only a theoretical one, but it has been spotted "in the wild", and even performed by researchers themselves to demonstrate its feasibility. In this letter we analyse the Sybil attack whose objective is that the targeted resource cannot be accessed by any user of a Chord DHT, by replacing all the replica nodes that store it with sybils. In particular, we propose a simple, yet complete model that provides the number of random node-IDs that an attacker would need to generate in order to succeed with certain probability. Therefore, our model enables to quantify the cost of performing a Sybil resource attack on RELOAD/Chord DHTs more accurately than previous works, and thus establishes the basis to measure the effectiveness of different solutions proposed in the literature to prevent or mitigate Sybil attacks.This work has been partially supported by the EU FP7 TREND project (257740), the Spanish T2C2 project (TIN2008-06739-C04-01) and the Madrid MEDIANET project (S-2009/TIC-1468).European Community's Seventh Framework ProgramPublicad

Detection and mitigation of the eclipse attack in chord overlays

Distributed hash table-based overlays are widely used to support efficient information routing and storage in structured peer-to-peer networks, but they are also subject to numerous attacks aimed at disrupting their correct functioning. In this paper, we analyse the impact of the eclipse attack on a chord-based overlay in terms of number of key lookups intercepted by a collusion of malicious nodes. We propose a detection algorithm for the individuation of ongoing attacks to the chord overlay, relying on features that can be independently estimated by each network peer, which are given as input to a C4.5-based binary classifier. Moreover, we propose some modifications to the chord routing protocol in order to mitigate the effects of such attacks. The countermeasures introduce a limited traffic overhead and can operate either in a distributed fashion or assuming the presence of a centralised trusted entity. Numerical results show the effectiveness of the proposed mitigation techniques