http://iet.metastore.ingenta.com
1887

Hijacking the Vuze BitTorrent network: all your hop are belong to us

Hijacking the Vuze BitTorrent network: all your hop are belong to us

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Vuze is a popular file-sharing client. When looking for content, Vuze selects from its list of neighbours, a set of 20 nodes to be contacted; the selection is performed such that the neighbours closest to the content in terms of Vuze ID are contacted first. To improve efficiency of its searches, Vuze implements a network coordinate system: from the set of 20 to-be-contacted nodes, queries are sent to the closest nodes in terms of network distance, which is calculated by the difference in network coordinates. However, network coordinate systems are inherently insecure and a malicious peer can lie about its coordinate to appear closest to every peer in the network. This allows the malicious peer to bias next-hop choices for victim peers such that queries will be sent to the attacker, thus hijacking every search query. In our experiments, almost 20% of the search queries are hijacked; the cost of performing this attack is minimal – less than $112/month.

References

    1. 1)
      • 1. Dabek, F., Cox, R., Kaashoek, F., Morris, R.: ‘Vivaldi: a decentralized network coordinate system’. SIGCOMM ’mt04: Proc. of the 2004 Conf. on Applications, Technologies, Architectures, and Protocols for Computer Communications, ACM, New York, NY, USA, 2004, pp. 1526.
    2. 2)
      • 2. Eugene Ng, T.S., Zhang, H.: ‘Predicting internet network distance with coordinates-based approaches’. IEEE INFOCOM, 2001, pp. 170179.
    3. 3)
      • 3. Agarwal, S., Lorch, J.R.: ‘Matchmaking for online games and other latency-sensitive P2P systems’. SIGCOMM ’mt09: Proc. of the ACM SIGCOMM 2009 Conf. on Data Communication, ACM, New York, NY, USA, 2009, pp. 315326.
    4. 4)
      • 4. Vuze. http://azureus.sourceforge.net.
    5. 5)
    6. 6)
      • 6. Douceur, J.R.: ‘The sybil attack’. IPTPS ’mt01: Revised Papers from the First Int. Workshop on Peer-to-Peer Systems, Springer-Verlag, London, UK, 2002, pp. 251260.
    7. 7)
      • 7. Bazzi, R.A., Konjevod, G.: ‘On the establishment of distinct identities in overlay networks’. PODC'05: Proc. of the 24th Annual ACM Symp. on Principles of Distributed Computing, ACM, New York, NY, USA, 2005, pp. 312320.
    8. 8)
      • 8. Tor. http://www.torproject.org.
    9. 9)
      • 9. Sherr, M., Blaze, M., Loo, B.T.: ‘Scalable link-based relay selection for anonymous routing’. PETS ’mt09: Proc. of the Ninth Int. Symp. on Privacy Enhancing Technologies, Springer-Verlag, Berlin, Heidelberg, 2009, pp. 7393.
    10. 10)
      • 10. Abraham, I., Malkhi, D.: ‘Compact routing on euclidian metrics’. PODC ‘04: Proc. of the 23rd Annual ACM Symp. on Principles of Distributed Computing, ACM, New York, NY, USA, 2004, pp. 141149.
    11. 11)
      • 11. Cowling, J., Ports, D., Liskov, B., Popa, R.A., Gaikwad, A.: ‘Census: location-aware membership management for large-scale distributed systems’. Proc. of USENIX Annual Technical Conf., 2009.
    12. 12)
      • 12. Ledlie, J., Gardner, P., Seltzer, M.: ‘Network coordinates in the wild’. Proc. of USENIX Symp. on Networked Systems Design and Implementation (NSDI)07, 2007.
    13. 13)
      • 13. BitTorrent. http://bittorrent.com.
    14. 14)
      • 14. Maymounkov, P., Maźıeres, D.: ‘Kademlia: A peer-to-peer information system based on the xor metric’. IPTPS, 2001.
    15. 15)
      • 15. Geambasu, R., Kohno, T., Levy, A., Levy, H.M.: ‘Vanish: Increasing data privacy with self-destructing data’. Proc. of the 18th USENIX Security Symp., 2009.
    16. 16)
      • 16. Geambasu, R., Levy, A., Kohno, T., Krishnamurthy, A., Levy, H.M.: ‘Comet: An active distributed key/value store’. Proc. of OSDI, 2010.
    17. 17)
      • 17. Singh, A., Castro, M., Druschel, P., Rowstron, A.: ‘Defending against eclipse attacks on overlay networks’. EW11, 2004.
    18. 18)
      • 18. Sit, E., Morris, R.: ‘Security considerations for peer-to-peer distributed hash tables’. IPTPS, 2002.
    19. 19)
      • 19. Castro, M., Druschel, P., Ganesh, A., Rowstron, A., Wallach, D.S.: ‘Secure routing for structured peer-to-peer overlay networks’. OSDI, 2002.
    20. 20)
      • 20. Wang, P., Tyra, J., Chan-Tin, E., et al: ‘Attacking the kad network’. Proc. of the Fourth Int. Conf. on Security and Privacy in Communication Netowrks, SecureComm ‘08, ACM, New York, NY, USA, 2008, pp. 23:123:10.
    21. 21)
      • 21. Stoica, I., Morris, R., Liben-Nowell, D., et al: ‘Chord: A scalable peer-to-peer lookup service for internet applications’. ACM Special Interest Group on Data Communication (SIGCOMM), 2001.
    22. 22)
      • 22. Rowstron, A.I.T., Druschel, P.: ‘Pastry: Scalable, decentralized object location, and routing for large-scale peer-to-peer systems’. Middleware’mt01: Proc. of the IFIP/ACM Int. Conf. on Distributed Systems Platforms Heidelberg, Springer-Verlag, London, UK, 2001, pp. 329350.
    23. 23)
      • 23. Kaafar, M.A., Mathy, L., Turletti, T., Dabbous, W.: ‘Real attacks on virtual networks: Vivaldi out of tune’. LSAD ’mt06: Proc. of the 2006 SIGCOMM Workshop on Large-scale Attack Defense, ACM, New York, NY, USA, 2006, pp. 139146.
    24. 24)
      • 24. Zage, D.J., Nita-Rotaru, C.: ‘On the accuracy of decentralized virtual coordinate systems in adversarial networks’. CCS’mt07: Proc. of the 14th ACM Conf. on Computer and Communications Security, ACM, New York, NY, USA, 2007, pp. 214224.
    25. 25)
      • 25. Chan-Tin, E., Feldman, D., Kim, Y., Hopper, N.: ‘The frog-boiling attack: limitations of anomaly detection for secure network coordinates’. SecureComm, 2009.
    26. 26)
      • 26. Eugene Ng, T.S., Zhang, H.: ‘A network positioning system for the internet’. ATEC’mt04: Proc. of the Annual Conf. on USENIX Annual Technical Conf., USENIX Association, Berkeley, CA, USA, 2004, p. 11.
    27. 27)
      • 27. Ledlie, J., Pietzuch, P., Seltzer, M.: ‘Stable and accurate network coordinates’. ICDCS’mt06: Proc. of the 26th IEEE Int. Conf. on Distributed Computing Systems, IEEE Computer Society, Washington, DC, USA, 2006, p. 74.
    28. 28)
      • 28. Kaune, S., Lauinger, T., Kovacevic, A., Pussep, K.: ‘Embracing the peer next door: Proximity in kademlia’. Proc. of the 2008 Eighth Int. Conf. on Peer-to-Peer Computing, P2P ’mt08, IEEE Computer Society, 2008, pp. 343350.
    29. 29)
      • 29. PlanetLab. http://planet-lab.org.
    30. 30)
      • 30. Amazon EC2. http://aws.amazon.com/.
    31. 31)
      • 31. Chan-Tin, E., Hopper, N.: ‘Accurate and provably secure latency estimation with treeple’. Network and Distributed System Security (NDSS) Symp., 2011.
    32. 32)
      • 32. Chan-Tin, E., Hopper, N.: ‘KoNKS: Konsensus-style network koordinate system’ (ACM ASIACCS, 2012).
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2014.0337
Loading

Related content

content/journals/10.1049/iet-ifs.2014.0337
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address