Vulnerabilities of P2P Systems and a Critical Look at their Solutions

Peer-to-peer systems have emerged from a drive to realize a computing architecture which cannot be taken down by attacking any single point. Scale and massively distributed nature of its architecture are its characteristics defense. Interestingly, these two features also seem to have introduced new set of menacing vulnerabilities. The vulnerabilities become complex due to architectural goals such as load distribution, search facilitation, and easy of reconfigurability. A P2P network must be expanded to include nodes in a potentially unknown environment (such as the Internet). These untrusted nodes may be faulty, malicious, and act together to commit as much damage to the P2P network as possible. In this survey, we discuss some of the vulnerabilities of these P2P systems, and take a critical look at some of their solutions to better understand these new threats.

[1]  Brian D. Noble,et al.  Samsara: honor among thieves in peer-to-peer storage , 2003, SOSP '03.

[2]  Ling Liu,et al.  Vulnerabilities and Security Threats in Structured Peer-to-Peer Systems : A Quantitative Analysis , 2004 .

[3]  Miguel Castro,et al.  Defending against eclipse attacks on overlay networks , 2004, EW 11.

[4]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[5]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[6]  Robert Tappan Morris,et al.  Security Considerations for Peer-to-Peer Distributed Hash Tables , 2002, IPTPS.

[7]  Roger Wattenhofer,et al.  Attacks on Peer-to-Peer Networks , 2005 .

[8]  Steve Chien,et al.  A First Look at Peer-to-Peer Worms: Threats and Defenses , 2005, IPTPS.

[9]  Mudhakar Srivatsa,et al.  Vulnerabilities and security threats in structured overlay networks: a quantitative analysis , 2004, 20th Annual Computer Security Applications Conference.

[10]  B. Achiriloaie,et al.  VI REFERENCES , 1961 .

[11]  H. Rowaihy,et al.  Limiting Sybil Attacks in Structured Peer-to-Peer Networks , 2005 .

[12]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.

[13]  Robert Morris,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM 2001.

[14]  Thomas F. La Porta,et al.  Limiting Sybil Attacks in Structured P2P Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.