Sciweavers

ACNS
2008
Springer

Pushback for Overlay Networks: Protecting Against Malicious Insiders

14 years 6 months ago
Pushback for Overlay Networks: Protecting Against Malicious Insiders
Peer-to-Peer (P2P) overlay networks are a flexible way of creating decentralized services. Although resilient to external Denial of Service attacks, overlay networks can be rendered inoperable by simple flooding attacks generated from insider nodes. In this paper, we study detection and containment mechanisms against insider Denial of Service (DoS) attacks for overlay networks. To counter such attacks, we introduce novel mechanisms for protecting overlay networks that exhibit well defined properties due to their structure against non-conforming (abnormal) behavior of participating nodes. We use a lightweight distributed detection mechanism that exploits inherent structural invariants of DHTs to ferret out anomalous flow behavior. We evaluate our mechanism’s ability to detect attackers using our prototype implementation on web traces from IRCache served by a DHT network. Our results show that our system can detect a simple attacker whose attack traffic deviates by as little as 5% ...
Angelos Stavrou, Michael E. Locasto, Angelos D. Ke
Added 01 Jun 2010
Updated 01 Jun 2010
Type Conference
Year 2008
Where ACNS
Authors Angelos Stavrou, Michael E. Locasto, Angelos D. Keromytis
Comments (0)