Dec. 6, 2004 to Dec. 10, 2004
Mudhakar Srivatsa , Georgia Institute of Technology
Ling Liu , Georgia Institute of Technology
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSAC.2004.50
A number of recent applications have been built on distributed hash tables (DHTs) based overlay networks. Almost all DHT-based schemes employ a tight deterministic data placement and ID mapping schemes. This feature on one hand provides assurance on location of data if it exists, within a bounded number of hops, and on the other hand, opens doors for malicious nodes to lodge attacks that can potentially thwart the functionality of the overlay network.<div></div> This paper studies several serious security threats in DHT-based systems through two targeted attacks at the overlay network's protocol layer. The first attack explores the routing anomalies that can be caused by malicious nodes returning incorrect lookup routes. The second attack targets the ID mapping scheme. We disclose that the malicious nodes can target any specific data item in the system; and corrupt/modify the data item to its favor. For each of these attacks, we provide quantitative analysis to estimate the extent of damage that can be caused by the attack; followed by experimental validation and defenses to guard the overlay networks from such attacks.
Mudhakar Srivatsa, Ling Liu, "Vulnerabilities and Security Threats in Structured Overlay Networks: A Quantitative Analysis", ACSAC, 2004, Computer Security Applications Conference, Annual, Computer Security Applications Conference, Annual 2004, pp. 252-261, doi:10.1109/CSAC.2004.50