Analysis of DoS Attacks and Peer-to-Peer Networks by dfhdhdhdhjr


									Analysis of DoS Attacks and
  Peer-to-Peer Networks

       Stephen Pitts
   Definitions
   Intro
   Threats
   Proposed Solution
   Future Work
   Peer-to-Peer Networks
       A network that enables different computers
        or nodes to directly exchange or share its
        resources and services amongst each other
   Gnutella
       A peer-to-peer overlay network designed
        for resource sharing across the global
        internet (DeFigueiredo, Dimitri),
   Built at the application layer
   Client programs run on each node
    allowing them to communicate with
    each other
   Connectivity, routing, and resource
    searching responsibilities are distributed
    equally to every node in the network.
   4 types of messages
       Ping - used to discover new nodes
       Pong - a reply to a ping that provides
        information about the network node
       Query – used to search for files contained
        by other nodes on the network
       Query Hit – contains a list of 1 or more
        files which match a given query.
             Searching for resources on a
                                                                  Gnutella Network

         Node A                  Query
                    {minimum speed, search criteria}
Step 1                   20kb/s, Jennifer Lopez
                                                                 10kb/s        5kb/s

                         Query Hit
     {number of hits, port, IP address, speed, host ID}
             1, 80,, 30kb/s, 3                           30kb/s

                                                       *All nodes contain Jennifer Lopez
   Query Flooding
       Occurs when one node is hit with too many query requests
        at one time which overloads that node which in turn causes
        that node to deny service to its resources.
   Content Authentication
       Is the file downloaded what its suppose to be?
       There is no way that Gnutella can authenticate a file.
       You may ask for a Jennifer Lopez file and get Trojan Virus
        that causes a denial of service on your computer.
   Query Hijacking
       This is when one node listens to a query of another node
        and decides to send malicious code as a answer to that
        query which could in turn take over your system and deny
        its services.
   Digital Signatures
       Can be incorporated within a peer-to-peer network to
        prevent content alterations
       Has some limitations
            Increases the resources overhead
            A key for each signature would have to be obtained from the
             central authority for every download.
            Would drastically slow down the Gnutella network because too
             many users would have to rely on a centralized resource within
             a decentralized network
   To the best of my knowledge, there really isn’t a sure
    fire way to prevent Query Hijacking or Query
Future Work
   I will continue to study the aspects of
    Query Hijacking and Query Flooding to
    hopefully invent a solution to these
    problems. At this point I feel as though
    it would take years of studying to get
    these answers. Another area that I
    would like to persue is finding a
    decentralized way to authenticate files
    within a peer-to-peer network.

To top