{"title":"PASS:用于P2P Eclipse攻击缓解的地址空间切片框架","authors":"Daniel Germanus, Hatem Ismail, N. Suri","doi":"10.1109/SRDS.2015.14","DOIUrl":null,"url":null,"abstract":"The decentralized design of Peer-to-Peer (P2P) protocols inherently provides for fault tolerance to non-malicious faults. However, the base P2P scalability and decentralization requirements often result in design choices that negatively impact their robustness to varied security threats. A prominent vulnerability are Eclipse attacks that aim at information hiding and consequently perturb a P2P overlay's reliable service delivery. Divergent lookups constitute an advocated mitigation technique but are size-limited to overlay networks with tens of thousands of peers. In this work, building upon divergent lookups, we propose a novel and scalable P2P address space slicing strategy (PASS) to efficiently mitigate attacks in overlays that host hundreds of thousands of peers. Moreover, we integrate and evaluate diversely designed lookup variants to assess their network overhead and mitigation rates. The proposed PASS approach shows mitigation rates reaching up to 100%.","PeriodicalId":244925,"journal":{"name":"2015 IEEE 34th Symposium on Reliable Distributed Systems (SRDS)","volume":"311 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"PASS: An Address Space Slicing Framework for P2P Eclipse Attack Mitigation\",\"authors\":\"Daniel Germanus, Hatem Ismail, N. Suri\",\"doi\":\"10.1109/SRDS.2015.14\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The decentralized design of Peer-to-Peer (P2P) protocols inherently provides for fault tolerance to non-malicious faults. However, the base P2P scalability and decentralization requirements often result in design choices that negatively impact their robustness to varied security threats. A prominent vulnerability are Eclipse attacks that aim at information hiding and consequently perturb a P2P overlay's reliable service delivery. Divergent lookups constitute an advocated mitigation technique but are size-limited to overlay networks with tens of thousands of peers. In this work, building upon divergent lookups, we propose a novel and scalable P2P address space slicing strategy (PASS) to efficiently mitigate attacks in overlays that host hundreds of thousands of peers. Moreover, we integrate and evaluate diversely designed lookup variants to assess their network overhead and mitigation rates. The proposed PASS approach shows mitigation rates reaching up to 100%.\",\"PeriodicalId\":244925,\"journal\":{\"name\":\"2015 IEEE 34th Symposium on Reliable Distributed Systems (SRDS)\",\"volume\":\"311 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-09-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE 34th Symposium on Reliable Distributed Systems (SRDS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SRDS.2015.14\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE 34th Symposium on Reliable Distributed Systems (SRDS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SRDS.2015.14","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
PASS: An Address Space Slicing Framework for P2P Eclipse Attack Mitigation
The decentralized design of Peer-to-Peer (P2P) protocols inherently provides for fault tolerance to non-malicious faults. However, the base P2P scalability and decentralization requirements often result in design choices that negatively impact their robustness to varied security threats. A prominent vulnerability are Eclipse attacks that aim at information hiding and consequently perturb a P2P overlay's reliable service delivery. Divergent lookups constitute an advocated mitigation technique but are size-limited to overlay networks with tens of thousands of peers. In this work, building upon divergent lookups, we propose a novel and scalable P2P address space slicing strategy (PASS) to efficiently mitigate attacks in overlays that host hundreds of thousands of peers. Moreover, we integrate and evaluate diversely designed lookup variants to assess their network overhead and mitigation rates. The proposed PASS approach shows mitigation rates reaching up to 100%.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
