Vulnerabilities and Security Threats in Structured Overlay Networks: A Quantitative Analysis. Srivatsa, M. & Liu, L. 2004.
Vulnerabilities and Security Threats in Structured Overlay Networks: A Quantitative Analysis [link]Paper  doi  abstract   bibtex   
A number of recent applications have been built on distributed hash tables (DHTs) based overlay networks. Almost all DHT-based schemes employ a tight deterministic data placement and ID mapping schemes. This feature on one hand provides assurance on location of data if it exists, within a bounded number of hops, and on the other hand, opens doors for malicious nodes to lodge attacks that can potentially thwart the functionality of the overlay network. This paper studies several serious security threats in DHT-based systems through two targeted attacks at the overlay network\textquoterights protocol layer. The first attack explores the routing anomalies that can be caused by malicious nodes returning incorrect lookup routes. The second attack targets the ID mapping scheme. We disclose that the malicious nodes can target any specific data item in the system; and corrupt/modify the data item to its favor. For each of these attacks, we provide quantitative analysis to estimate the extent of damage that can be caused by the attack; followed by experimental validation and defenses to guard the overlay networks from such attacks.
@conference {1038318,
	title = {Vulnerabilities and Security Threats in Structured Overlay Networks: A Quantitative Analysis},
	booktitle = {ACSAC {\textquoteright}04: Proceedings of the 20th Annual Computer Security Applications Conference},
	year = {2004},
	pages = {252{\textendash}261},
	publisher = {IEEE Computer Society},
	organization = {IEEE Computer Society},
	address = {Washington, DC, USA},
	abstract = {A number of recent applications have been built on distributed hash tables (DHTs) based overlay networks. Almost all DHT-based schemes employ a tight deterministic data placement and ID mapping schemes. This feature on one hand provides assurance on location of data if it exists, within a bounded number of hops, and on the other hand, opens doors for malicious nodes to lodge attacks that can potentially thwart the functionality of the overlay network. This paper studies several serious security threats in DHT-based systems through two targeted attacks at the overlay network{\textquoteright}s protocol layer. The first attack explores the routing anomalies that can be caused by malicious nodes returning incorrect lookup routes. The second attack targets the ID mapping scheme. We disclose that the malicious nodes can target any specific data item in the system; and corrupt/modify the data item to its favor. For each of these attacks, we provide quantitative analysis to estimate the extent of damage that can be caused by the attack; followed by experimental validation and defenses to guard the overlay networks from such attacks.},
	keywords = {distributed hash table, overlay networks, P2P},
	isbn = {0-7695-2252-1},
	doi = {10.1109/CSAC.2004.50},
	url = {http://portal.acm.org/citation.cfm?id=1038254.1038318$\#$},
	author = {Srivatsa, Mudhakar and Liu, Ling}
}

Downloads: 0