Distributed Denial-of-Service attacks are an effective means to make a service unavailable, mask other attack activities and generally degrade or disrupt network functionality. The key characteristic is that analysis of and defence against this attack type is difficult because of the high number of attacking hosts and large amount of attack traffic that can be generated. The emerging Peer-to-Peer filesharing systems have characteristics that turn them into an attractive infrastructure that can be used as attack platform. Attackers that can compromise a P2P system can expect benefits such as a large number of participants, easy hiding of attack control traffic and good, global distribution of participating hosts. This gives attackers high flexibility and at the same time a smal risk of being identified. This paper explains these characteristics in detail and concludes that further research into this threat and into possible countermeasures is urgently needed.
[1]
Matei Ripeanu,et al.
Peer-to-peer architecture case study: Gnutella network
,
2001,
Proceedings First International Conference on Peer-to-Peer Computing.
[2]
Bernhard Plattner,et al.
Analysis of an anonymity network for web browsing
,
2002,
Proceedings. Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.
[3]
MirkovicJelena,et al.
A taxonomy of DDoS attack and DDoS defense mechanisms
,
2004
.
[4]
Vern Paxson,et al.
How to Own the Internet in Your Spare Time
,
2002,
USENIX Security Symposium.
[5]
염흥렬,et al.
[서평]「Applied Cryptography」
,
1997
.