Distributed Hash Table-based overlays are widely used to support efficient information routing and storage in structured peerto- peer networks, but they are also subject to numerous attacks aimed at disrupting their correct functioning. In this paper we analyze the impact of the Eclipse attack on a Chord-based overlay in terms of number of key lookups intercepted by a collusion of malicious nodes. We propose a detection algorithm for the individuation of ongoing attacks to the Chord network, relying on features that can be independently estimated by each network peer, which are given as input to a C4.5-based binary classifier. Moreover, we propose some modifications to the Chord routing protocol in order to mitigate the effects of such attacks. The countermeasures can operate in a distributed fashion or assume the presence of a centralized trusted entity and introduce a limited traffic overhead. The effectiveness of the proposed mitigation techniques has been shown through numerical results.
Detection and mitigation of the eclipse attack in chord overlays / Rottondi, C.; Panzeri, A.; Yagne, C. T.; Verticale, G.. - In: INTERNATIONAL JOURNAL OF COMPUTATIONAL SCIENCE AND ENGINEERING. - ISSN 1742-7185. - ELETTRONICO. - 13:2(2016), pp. 111-121. [10.1504/IJCSE.2016.078440]
Detection and mitigation of the eclipse attack in chord overlays
Rottondi, C.;
2016
Abstract
Distributed Hash Table-based overlays are widely used to support efficient information routing and storage in structured peerto- peer networks, but they are also subject to numerous attacks aimed at disrupting their correct functioning. In this paper we analyze the impact of the Eclipse attack on a Chord-based overlay in terms of number of key lookups intercepted by a collusion of malicious nodes. We propose a detection algorithm for the individuation of ongoing attacks to the Chord network, relying on features that can be independently estimated by each network peer, which are given as input to a C4.5-based binary classifier. Moreover, we propose some modifications to the Chord routing protocol in order to mitigate the effects of such attacks. The countermeasures can operate in a distributed fashion or assume the presence of a centralized trusted entity and introduce a limited traffic overhead. The effectiveness of the proposed mitigation techniques has been shown through numerical results.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2722686
Attenzione
Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo