An Enhanced Kad Protocol Resistant to Eclipse Attacks

Abstract

Kad is a P2P protocol which has about 1 million concurrent online users. The eclipse attack is one of the most severe threats in Kad. In this paper, we propose a distributed verification approach to defend against the eclipse attack in Kad. Previous works mostly concentrate on ID generation or secure routing algorithm. Our approach utilizes many benign peers to prove that the storage peer is valid. The attacker has to provide massive malicious hosts and IP addresses to break our defense. In contrast, it is hard for the attacker to get these resources. Moreover, our solution could be applied to the open-source software and centralized services are not needed in our system. Simulation results show that the attacker has to get 1000 IP addresses to launch the attack successfully.