P2P网络测量与安全关键技术研究
|
摘要
当前,基于P2P技术的各类应用逐渐占据了互联网应用中的重要地位,对人类的生活习惯乃至思维模式都产生了不可忽视的影响。P2P技术的广泛应用也使得因特网的端到端的设计初衷面临了巨大挑战。P2P用户、P2P产业、传统服务提供商、网络运营商和政府部门之间存在巨大的利益博弈。为了尽可能地满足各方的利益,确保P2P技术在可控、安全、优化的前提下继续发展壮大,需要对P2P网络进行深入的测量和安全研究。
近年来,随着P2P协议设计、路由算法、搜索优化等技术的日趋成熟, P2P网络测量与P2P网络安全已经成为新的研究热点。P2P网络测量主要关注P2P网络的拓扑结构、流量特征和可用性三个方面,而P2P网络安全主要研究P2P网络共享内容、节点甚至外部用户面临的安全威胁以及对应的防御措施。这两个子领域是相互关联、相互依赖并相互促进的。本文在P2P网络的性能和安全测量、P2P网络漏洞的利用与防御、P2P网络的性能效用模型等方面进行了深入而细致的研究。本文工作的主要贡献和创新总结如下:
1. DHT网络中ID重复现象的测量与分析
由于DHT(Distrubited Hash Ttable,分布式散列表)网络中节点查询和资源搜索都依赖于ID匹配,因此在基于DHT的P2P系统中ID的唯一性是基本假设和重要保障。但是,在当前部署的许多DHT实现中,例如Kad和Mainline,并没有强制限定ID的唯一性。许多之前针对DHT网络的测量和研究工作都没有考虑到节点之间的ID可能不唯一。不幸的是,本文通过主动DHT快照测量工具观察到有相当数量的DHT节点(Kad网络中19.5%的路由节点,Mainline网络中4.0%的路由节点)都存在重复的ID。这类ID重复现象可能会误导针对这些网络的测量和建模研究。
考虑到Kad网络的广泛使用并且它的ID重复更严重,本文进而深入分析研究Kad网络中的ID重复现象。我们观察到有大量的Kad节点频繁改变其UDP端口,并且有部分重复ID所对应的全部节点都没有响应正常的Kad请求(本文称之为沉寂的组)。在简化设置下分析ID重复对Kad网络性能的影响表明,当前的重复程度降低了发布和搜索过程(publishing process and searching process)的性能,但对查询过程(lookup process)性能尚未造成明显影响。本文的测量和分析有助于进一步确定产生ID重复的根源,同时也有助于为没有强制ID唯一性限制的DHT网络选择最优的发布和搜索过程参数。
2. DHT网络中查询流量的测量与建模
在结构化的P2P网络中,查询过程对于节点定位和资源定位都很重要。本文测量和分析了Kad网络的查询流量特征。Kad是一个获得广泛使用的DHT网络,目前已经有一些工作对其用户行为进行了测量与研究。本文认为深入研究其流量特征也是十分有益的,因为它可以给出细化系统参数的详细反馈,帮助修复网络中的异常或者误用行为,并提供了真实的数据来建立P2P流量模型以模拟和评估将来的DHT设计。
为了高效地从更多Kad节点上获取查询请求,本文设计并部署了一个名为Rememj的主动流量监控工具。从其采集到的七天的数据中,本文发现并描述了一些有趣的现象。本文进一步根据采集的数据刻画了查询流量的特征,该特征描述可用于构建典型的流量模型以评估DHT优化或者设计。该模型挖掘了查询流量的异构特征,深入描述了发生在不同日期、不同物理区域(包括欧洲、亚洲和美州)或者一天中不同时刻的流量特征。测量和刻画的各种特征包括节点分布、请求负载分布、目标分布以及目标之间的相似度。
3.利用DHT网络实施大规模DDoS攻击的可行性与有效性研究
基于Kademlia协议的DHT实现,例如Kad、Mainline和Azureus,已经广泛部署在许多P2P应用中。这些网络中的同时在线用户数目已接近1000万。对于涉及到如此巨量用户的DHT协议,必须仔细分析和评估其鲁棒性与安全性。
本文分析了Kademlia协议,并发现其存在若干潜在的脆弱性。利用这些漏洞可以将DHT网络作为放大平台进行DDoS(Distributed Denial of Service,分布式拒绝服务)攻击。我们将可能的攻击分为三种类型:不对称反射攻击、路由表反射攻击和索引反射攻击。本文以Kad网络为例,设计并实现了一个DDoS攻击原型系统。通过在Kad网络上的真实实验表明,这些攻击可以将原始的攻击流量放大接近一千倍。本文还比较了不对称反射攻击与路由表反射攻击的性能和特点,并研究了攻击源的地理分布。本文最后讨论了若干放大上述攻击效果的方法和躲避检测的攻击策略,并列举了部分针对上述DDoS攻击的解决方案,分析了各种方案的利弊。
4.应用层DDoS攻击的轻量级防御机制的分析与研究
近年来,分布式拒绝服务攻击(DDoS)已经成为因特网上主机和网络的一个主要安全威胁。应用层拒绝服务攻击主要针对Web应用服务器,并且它从网络层报文和协议来看都是合法的,无法使用传统的网络层防御技术进行检测。如何有效检测并防御应用层DDoS攻击已成为当前学术界和工业界的一个研究热点。
本文针对应用层DDoS攻击中的会话泛洪攻击,提出了一个基于信任管理的轻量级防御机制TMH。TMH的核心思想是综合考虑客户端的短期信任、长期信任、消极信任和滥用信任,对其历史表现进行评价,建立全局可信度;然后根据全局可信度进行会话连接请求的调度。本文还建立了通用的合法用户模型和由四种攻击策略组成的攻击者模型,并通过基于客户端的License授权机制来确保TMH的轻量级和可移动性。License用于用户识别(包括位于NAT之后的用户)和信息缓存两个功能。本文将TMH实现为一个Java包。模拟结果表明,TMH可以有效地防御会话泛洪攻击。当攻击者数目达到正常用户数目的20倍时,TMH仍然能够确保99%以上的合法会话请求可以正常地获得服务;而无TMH时只有低于18%的合法会话能被接受。文章最后还将TMH扩展到了分布式协作模式。
5.利用DHT网络增强Web服务器能力的效用模型的分析与研究
当前,Web服务器饱受Flash Crowds和应用层DDoS攻击的困扰,大大降低了其服务的可用性。由于它们是协议一致的,要在实际应用中有效地检测并防御它们非常困难。P2P网络可以被误用于放大DDoS攻击,而本文相信,它们提供的大量可用资源(例如分布式存储和网络带宽)也可用于减小Flash Crowds和DDoS攻击的影响。本文提出了一个服务器端初始化的方法,将已有的P2P网络作为分布式Web缓存,从而大大降低最终到达Web服务器的流量。
作为实验,本文以Kad网络作为实现大规模分布式Web缓存的底层网络。我们在实现的原型系统上进行了深入的模拟和实验,以评估本文方法的可行性、有效性和鲁棒性。评估结果表明,本文模型在相同的连接和带宽消耗下,至少可以将待保护的Web服务器性能提高10倍。在节点波动性和特定DoS攻击下,缓存在Kad节点中的Web内容仍然具有很好的可达性;而用户访问延迟与正常情况下直接访问Web服务器相差不大;在Zipf分布的对象流行度下,该模型仍然可以获得较好的负载均衡性能。
P2P applications have become more and more important in Internet applications, and it takes unneglectable effect on the living custom and thinking scheme of human beings. The popularity of P2P techniques also brings big challenge for the point-to-point design of Internet. There are huge benefit tradeoffs among P2P users, P2P producers, traditional service providers, network service providers, as well as governments. To satisfy the benefits of all sides and develop of P2P technique with the controllability, security and optimization conditions, we need measure and research P2P networks widely and carefully.
In the past few years, The P2P techniques about protocol design, routing arithmetic and searching optimization have been widely investigated, and recently, the research on measurement and security of P2P networks has been two new hot topics. The measurement on P2P networks focuses on its topology structure, traffic characteristic and availability; whereas, the security of P2P networks pay more attention on the security risks and their defense methods of their shared content, their nodes, or even users outside the P2P networks. In this paper, we will investigate on the measurement of performance and security of P2P networks, the misuse and defense of vulnerabilities of P2P networks, and the exploiting of the utility model of P2P networks. Contributions and innovations in this paper can be briefly summarized as following:
1. Measurement and Analysis of ID Repetition in DHT NetworksDHT
ID uniqueness is essential in DHT-based systems, as peer lookup and resource searching rely on ID-matching. However, many DHT implementations in the wild, such as Kad and Mainline, do not enforce such uniqueness. Most previous works and measurements on DHTs do not take into account that IDs among peers may not be unique. Unfortunately, we observe that a significant portion of peers, i.e., 19.5% of the peers in Kad and 4.0% of the peers in Mainline, do not have unique IDs. These repetitions would mislead the measurements and modeling on those networks.
We further focus on investigating the repetition in Kad considering its wider usage and more serious situation of repetition. We observe that there are a large number of peers that frequently change their UDP ports, and there are a few IDs that repeat for a large number of times and all peers with these IDs do not respond to Kad protocol. We also analyze the effects of ID repetitions under simplified settings and find that the current repetition degrades Kad’s performance on publishing and searching, but has insignificant effect on lookup process. These measurement and analysis are useful to further determine the sources of repetitions and are also useful in finding suitable parameters in publishing and searching processes in DHT networks without compulsive ID uniqueness.
2. Measurement and Modeling of Lookup Traffic in a Large-scale DHT Netwrok
Lookup is crucial to locate peers and resources in structured P2P networks. In this paper, we measure and analyze the traffic characteristics of lookup in Kad, which is a widely used DHT network. Some previous works studied the user behaviors of Kad, yet we believe that investigating its traffic characteristics will also be beneficial, as it gives feedbacks to fine tune the system parameters, helps to uncover the abnormalities or misuses, and provides solid ground for synthesizing P2P traffic to evaluate future designs.
To track the lookup requests more efficiently and from more peers in Kad, we develop an active traffic monitor, named Rememj. From the one-week data it collected, we uncover some interesting phenomena. Moreover, we characterize the traffic characteristics from the collected data in a form that can be used for constructing representative synthetic workloads for evaluating DHT optimizations or designs. In particular, the analysis exposes heterogeneous behavior that occurs on different days, in different geographical regions (i.e., Europe, Asia, and America) or during different periods of the day. The workload measures include the distribution of peers, the distribution of request load, the distribution of targets, as well as the similarity among targets.
3. Analysis and Research on The Feasibility and Efficiency of Misusing Kademlia Protocol to Perform DDoS Attacks
Kademlia-based DHT implementations, such as Kad, Mainline and Azureus, have been widely deployed in many P2P applications. There are nearly ten millions of simultaneous online users in these DHT networks. For such a protocol that signifficantly involves so many users, its robustness and security must be evaluated carefully.
In this paper, we analyze the Kademlia protocol and identify several potential vulnerabilities. We classify potential attacks as three types: asymmetric attack, routing table reflection attack and index reflection attack. We take Kad as an example and develop a prototype to evaluate the efficiency of these attacks. Through limited real-world experiments on Kad, it is found that these attacks can enlarge the original traffic up to one thousand of times on average. We further compare asymmetric attack with routing table reflection attack, and investigate distribution of attacks. More large-scale DDoS attack can be performed by means of a little more efforts. We introduce some methods to amplify the effect of attacks and some strategies to escape detection. Finally, we discuss several solutions for these attacks.
4. Analysis and Research on Mitigating Application Layer DDoS Attacks Via Effective Trust Management
Nowadays, web servers are suffering from application layer DDoS attacks, to which network layer solutions is not applicable as attackers are indistinguishable based on packets or protocols.
In this paper, we propose Trust Management Helmet (TMH) as a partial solution to this problem, which is a lightweight mitigation mechanism that uses trust to differentiate legitimate users from attackers. Its key insight is that a server should give priority to protecting the connectivity of good users during application layer DDoS attacks, instead of identifying all the attack requests. The trust to clients is evaluated based on their visiting history, and used to schedule the service to their requests. We introduce license, for user identification (even beyond NATs) and storing the trust information at clients. The license is cryptographically secured against forgery or replay attacks. We realize this mitigation mechanism and implement it as a Java package and use it for evaluation. The simulation results show that TMH is effective in mitigating session flooding attack: even with 20 times number of attackers, more than 99% of the sessions from legitimate users are accepted with TMH; whereas less than 18% are accepted without it. Moreover, we found that the additional computation cost on the deployed server is neglectable and the bandwidth overhead is acceptable.
5. Analysis and Research on the Utility Model of Enhancing the Capability of Web Servers Using P2P Networks
Nowadays, web servers are suffering from flash crowds and application layer DDoS attacks that can severely degrade the availability of services. It is difficult to prevent them because they comply with the communication protocol. Peer-to-peer (P2P) networks have been exploited to amplify DDoS attacks, but we believe their available resource, such as distributed storage and network bandwidth, can be used to mitigate both flash crowds and DDoS attacks. In this paper, we propose a server initiated approach to employ deployed P2P networks as distributed web caches, so that the workload directed to web servers can be reduced.
In experiments, we use Kad as the particular P2P network for the realization of a large-scale distributed web cache. We performed comprehensive evaluation on the feasibility, efficiency and robustness of our scheme, through experiments and simulations on the prototype we implemented. The evaluation results show that our scheme can increase the capacity of the protected web servers at least 10 times at the same cost of connection and bandwidth consumption. The web contents cached in Kad remain reachable even under churn of peers and targeted DoS attack, and the access latency is comparable to normal direct access to web servers. It also achieves good load balancing under the heavy-tailed distribution of object popularity.
近年来,随着P2P协议设计、路由算法、搜索优化等技术的日趋成熟, P2P网络测量与P2P网络安全已经成为新的研究热点。P2P网络测量主要关注P2P网络的拓扑结构、流量特征和可用性三个方面,而P2P网络安全主要研究P2P网络共享内容、节点甚至外部用户面临的安全威胁以及对应的防御措施。这两个子领域是相互关联、相互依赖并相互促进的。本文在P2P网络的性能和安全测量、P2P网络漏洞的利用与防御、P2P网络的性能效用模型等方面进行了深入而细致的研究。本文工作的主要贡献和创新总结如下:
1. DHT网络中ID重复现象的测量与分析
由于DHT(Distrubited Hash Ttable,分布式散列表)网络中节点查询和资源搜索都依赖于ID匹配,因此在基于DHT的P2P系统中ID的唯一性是基本假设和重要保障。但是,在当前部署的许多DHT实现中,例如Kad和Mainline,并没有强制限定ID的唯一性。许多之前针对DHT网络的测量和研究工作都没有考虑到节点之间的ID可能不唯一。不幸的是,本文通过主动DHT快照测量工具观察到有相当数量的DHT节点(Kad网络中19.5%的路由节点,Mainline网络中4.0%的路由节点)都存在重复的ID。这类ID重复现象可能会误导针对这些网络的测量和建模研究。
考虑到Kad网络的广泛使用并且它的ID重复更严重,本文进而深入分析研究Kad网络中的ID重复现象。我们观察到有大量的Kad节点频繁改变其UDP端口,并且有部分重复ID所对应的全部节点都没有响应正常的Kad请求(本文称之为沉寂的组)。在简化设置下分析ID重复对Kad网络性能的影响表明,当前的重复程度降低了发布和搜索过程(publishing process and searching process)的性能,但对查询过程(lookup process)性能尚未造成明显影响。本文的测量和分析有助于进一步确定产生ID重复的根源,同时也有助于为没有强制ID唯一性限制的DHT网络选择最优的发布和搜索过程参数。
2. DHT网络中查询流量的测量与建模
在结构化的P2P网络中,查询过程对于节点定位和资源定位都很重要。本文测量和分析了Kad网络的查询流量特征。Kad是一个获得广泛使用的DHT网络,目前已经有一些工作对其用户行为进行了测量与研究。本文认为深入研究其流量特征也是十分有益的,因为它可以给出细化系统参数的详细反馈,帮助修复网络中的异常或者误用行为,并提供了真实的数据来建立P2P流量模型以模拟和评估将来的DHT设计。
为了高效地从更多Kad节点上获取查询请求,本文设计并部署了一个名为Rememj的主动流量监控工具。从其采集到的七天的数据中,本文发现并描述了一些有趣的现象。本文进一步根据采集的数据刻画了查询流量的特征,该特征描述可用于构建典型的流量模型以评估DHT优化或者设计。该模型挖掘了查询流量的异构特征,深入描述了发生在不同日期、不同物理区域(包括欧洲、亚洲和美州)或者一天中不同时刻的流量特征。测量和刻画的各种特征包括节点分布、请求负载分布、目标分布以及目标之间的相似度。
3.利用DHT网络实施大规模DDoS攻击的可行性与有效性研究
基于Kademlia协议的DHT实现,例如Kad、Mainline和Azureus,已经广泛部署在许多P2P应用中。这些网络中的同时在线用户数目已接近1000万。对于涉及到如此巨量用户的DHT协议,必须仔细分析和评估其鲁棒性与安全性。
本文分析了Kademlia协议,并发现其存在若干潜在的脆弱性。利用这些漏洞可以将DHT网络作为放大平台进行DDoS(Distributed Denial of Service,分布式拒绝服务)攻击。我们将可能的攻击分为三种类型:不对称反射攻击、路由表反射攻击和索引反射攻击。本文以Kad网络为例,设计并实现了一个DDoS攻击原型系统。通过在Kad网络上的真实实验表明,这些攻击可以将原始的攻击流量放大接近一千倍。本文还比较了不对称反射攻击与路由表反射攻击的性能和特点,并研究了攻击源的地理分布。本文最后讨论了若干放大上述攻击效果的方法和躲避检测的攻击策略,并列举了部分针对上述DDoS攻击的解决方案,分析了各种方案的利弊。
4.应用层DDoS攻击的轻量级防御机制的分析与研究
近年来,分布式拒绝服务攻击(DDoS)已经成为因特网上主机和网络的一个主要安全威胁。应用层拒绝服务攻击主要针对Web应用服务器,并且它从网络层报文和协议来看都是合法的,无法使用传统的网络层防御技术进行检测。如何有效检测并防御应用层DDoS攻击已成为当前学术界和工业界的一个研究热点。
本文针对应用层DDoS攻击中的会话泛洪攻击,提出了一个基于信任管理的轻量级防御机制TMH。TMH的核心思想是综合考虑客户端的短期信任、长期信任、消极信任和滥用信任,对其历史表现进行评价,建立全局可信度;然后根据全局可信度进行会话连接请求的调度。本文还建立了通用的合法用户模型和由四种攻击策略组成的攻击者模型,并通过基于客户端的License授权机制来确保TMH的轻量级和可移动性。License用于用户识别(包括位于NAT之后的用户)和信息缓存两个功能。本文将TMH实现为一个Java包。模拟结果表明,TMH可以有效地防御会话泛洪攻击。当攻击者数目达到正常用户数目的20倍时,TMH仍然能够确保99%以上的合法会话请求可以正常地获得服务;而无TMH时只有低于18%的合法会话能被接受。文章最后还将TMH扩展到了分布式协作模式。
5.利用DHT网络增强Web服务器能力的效用模型的分析与研究
当前,Web服务器饱受Flash Crowds和应用层DDoS攻击的困扰,大大降低了其服务的可用性。由于它们是协议一致的,要在实际应用中有效地检测并防御它们非常困难。P2P网络可以被误用于放大DDoS攻击,而本文相信,它们提供的大量可用资源(例如分布式存储和网络带宽)也可用于减小Flash Crowds和DDoS攻击的影响。本文提出了一个服务器端初始化的方法,将已有的P2P网络作为分布式Web缓存,从而大大降低最终到达Web服务器的流量。
作为实验,本文以Kad网络作为实现大规模分布式Web缓存的底层网络。我们在实现的原型系统上进行了深入的模拟和实验,以评估本文方法的可行性、有效性和鲁棒性。评估结果表明,本文模型在相同的连接和带宽消耗下,至少可以将待保护的Web服务器性能提高10倍。在节点波动性和特定DoS攻击下,缓存在Kad节点中的Web内容仍然具有很好的可达性;而用户访问延迟与正常情况下直接访问Web服务器相差不大;在Zipf分布的对象流行度下,该模型仍然可以获得较好的负载均衡性能。
P2P applications have become more and more important in Internet applications, and it takes unneglectable effect on the living custom and thinking scheme of human beings. The popularity of P2P techniques also brings big challenge for the point-to-point design of Internet. There are huge benefit tradeoffs among P2P users, P2P producers, traditional service providers, network service providers, as well as governments. To satisfy the benefits of all sides and develop of P2P technique with the controllability, security and optimization conditions, we need measure and research P2P networks widely and carefully.
In the past few years, The P2P techniques about protocol design, routing arithmetic and searching optimization have been widely investigated, and recently, the research on measurement and security of P2P networks has been two new hot topics. The measurement on P2P networks focuses on its topology structure, traffic characteristic and availability; whereas, the security of P2P networks pay more attention on the security risks and their defense methods of their shared content, their nodes, or even users outside the P2P networks. In this paper, we will investigate on the measurement of performance and security of P2P networks, the misuse and defense of vulnerabilities of P2P networks, and the exploiting of the utility model of P2P networks. Contributions and innovations in this paper can be briefly summarized as following:
1. Measurement and Analysis of ID Repetition in DHT NetworksDHT
ID uniqueness is essential in DHT-based systems, as peer lookup and resource searching rely on ID-matching. However, many DHT implementations in the wild, such as Kad and Mainline, do not enforce such uniqueness. Most previous works and measurements on DHTs do not take into account that IDs among peers may not be unique. Unfortunately, we observe that a significant portion of peers, i.e., 19.5% of the peers in Kad and 4.0% of the peers in Mainline, do not have unique IDs. These repetitions would mislead the measurements and modeling on those networks.
We further focus on investigating the repetition in Kad considering its wider usage and more serious situation of repetition. We observe that there are a large number of peers that frequently change their UDP ports, and there are a few IDs that repeat for a large number of times and all peers with these IDs do not respond to Kad protocol. We also analyze the effects of ID repetitions under simplified settings and find that the current repetition degrades Kad’s performance on publishing and searching, but has insignificant effect on lookup process. These measurement and analysis are useful to further determine the sources of repetitions and are also useful in finding suitable parameters in publishing and searching processes in DHT networks without compulsive ID uniqueness.
2. Measurement and Modeling of Lookup Traffic in a Large-scale DHT Netwrok
Lookup is crucial to locate peers and resources in structured P2P networks. In this paper, we measure and analyze the traffic characteristics of lookup in Kad, which is a widely used DHT network. Some previous works studied the user behaviors of Kad, yet we believe that investigating its traffic characteristics will also be beneficial, as it gives feedbacks to fine tune the system parameters, helps to uncover the abnormalities or misuses, and provides solid ground for synthesizing P2P traffic to evaluate future designs.
To track the lookup requests more efficiently and from more peers in Kad, we develop an active traffic monitor, named Rememj. From the one-week data it collected, we uncover some interesting phenomena. Moreover, we characterize the traffic characteristics from the collected data in a form that can be used for constructing representative synthetic workloads for evaluating DHT optimizations or designs. In particular, the analysis exposes heterogeneous behavior that occurs on different days, in different geographical regions (i.e., Europe, Asia, and America) or during different periods of the day. The workload measures include the distribution of peers, the distribution of request load, the distribution of targets, as well as the similarity among targets.
3. Analysis and Research on The Feasibility and Efficiency of Misusing Kademlia Protocol to Perform DDoS Attacks
Kademlia-based DHT implementations, such as Kad, Mainline and Azureus, have been widely deployed in many P2P applications. There are nearly ten millions of simultaneous online users in these DHT networks. For such a protocol that signifficantly involves so many users, its robustness and security must be evaluated carefully.
In this paper, we analyze the Kademlia protocol and identify several potential vulnerabilities. We classify potential attacks as three types: asymmetric attack, routing table reflection attack and index reflection attack. We take Kad as an example and develop a prototype to evaluate the efficiency of these attacks. Through limited real-world experiments on Kad, it is found that these attacks can enlarge the original traffic up to one thousand of times on average. We further compare asymmetric attack with routing table reflection attack, and investigate distribution of attacks. More large-scale DDoS attack can be performed by means of a little more efforts. We introduce some methods to amplify the effect of attacks and some strategies to escape detection. Finally, we discuss several solutions for these attacks.
4. Analysis and Research on Mitigating Application Layer DDoS Attacks Via Effective Trust Management
Nowadays, web servers are suffering from application layer DDoS attacks, to which network layer solutions is not applicable as attackers are indistinguishable based on packets or protocols.
In this paper, we propose Trust Management Helmet (TMH) as a partial solution to this problem, which is a lightweight mitigation mechanism that uses trust to differentiate legitimate users from attackers. Its key insight is that a server should give priority to protecting the connectivity of good users during application layer DDoS attacks, instead of identifying all the attack requests. The trust to clients is evaluated based on their visiting history, and used to schedule the service to their requests. We introduce license, for user identification (even beyond NATs) and storing the trust information at clients. The license is cryptographically secured against forgery or replay attacks. We realize this mitigation mechanism and implement it as a Java package and use it for evaluation. The simulation results show that TMH is effective in mitigating session flooding attack: even with 20 times number of attackers, more than 99% of the sessions from legitimate users are accepted with TMH; whereas less than 18% are accepted without it. Moreover, we found that the additional computation cost on the deployed server is neglectable and the bandwidth overhead is acceptable.
5. Analysis and Research on the Utility Model of Enhancing the Capability of Web Servers Using P2P Networks
Nowadays, web servers are suffering from flash crowds and application layer DDoS attacks that can severely degrade the availability of services. It is difficult to prevent them because they comply with the communication protocol. Peer-to-peer (P2P) networks have been exploited to amplify DDoS attacks, but we believe their available resource, such as distributed storage and network bandwidth, can be used to mitigate both flash crowds and DDoS attacks. In this paper, we propose a server initiated approach to employ deployed P2P networks as distributed web caches, so that the workload directed to web servers can be reduced.
In experiments, we use Kad as the particular P2P network for the realization of a large-scale distributed web cache. We performed comprehensive evaluation on the feasibility, efficiency and robustness of our scheme, through experiments and simulations on the prototype we implemented. The evaluation results show that our scheme can increase the capacity of the protected web servers at least 10 times at the same cost of connection and bandwidth consumption. The web contents cached in Kad remain reachable even under churn of peers and targeted DoS attack, and the access latency is comparable to normal direct access to web servers. It also achieves good load balancing under the heavy-tailed distribution of object popularity.
引文
[1] Peer-to-peer, http://en.wikipedia.org/wiki/Peer-to-peer.
[2] PPS, www.pps.tv.
[3] PPLive, www.pplive.com.
[4] 2007 NGN forum, http://www.catr.cn/zhthg/ngn/2007/.
[5] Cisco Expects P2P Traffic to Double by 2014, http://torrentfreak.com/cisco -expects-p2p-traffic-to-double-by-2014-100611/.
[6]黄庆凤.结构化P2P网络性能分析与搜索算法研究[博士学位论文],华中科技大学, 2008.
[7] I. Stoica, R. Morris, David Karger, et al. Chord: A scalable peer-to-peer lookup service for Internet applications. In Proceedings of SIGCOMM’01, 149-160, 2001.
[8] S. Ratnasamy, P. Franci, M. Handley, et al. A scalable content- addressable network. In Proceedings of SIGCOMM’01, 161-172, 2001.
[9] P. Maymounkov and D. Mazières. Kademlia: A Peer-to-Peer Information System Based on the XOR Metric, In Proceedings of the 1st International Workshop on Peer-to-Peer Systems (IPTPS'02), 53-65, 2002.
[10] Dongsheng Li, Xicheng Lu, and Jie Wu. FISSIONE: a scalable constant degree and low congestion DHT scheme based on Kautz graphs. In Proceedings of INFOCOM’05, 1677-1688, 2005.
[11]李东升,卢锡城. P2P网络中常量度数常量拥塞的DHT方法研究.中国科学E辑, 2004, 34(12): 1337-1358.
[12] Yiming Zhang, Dongsheng Li, Lei Chen, and Xicheng Lu. Flexible Routing in Grouped DHTs. In Proceedings P2P’08, 109-118, 2008.
[13] Q. Chen, L. Chen, X. Lian, Y. Liu, J. Yu. Indexable PLA for Efficient Similarity Search. International Conference on Very Large Data Bases (VLDB), Vienna, Austria, September 2007.
[14] J. Han and Y. Liu. Rumor Riding: Anonymizing Unstructured Peer-to-Peer Systems. IEEE ICNP, Santa Barbara, California, USA, November, 2006.
[15] X. Liao, H. Jin, Y. Liu, L. Ni, and D. Deng. AnySee: Peer-to-Peer Live Streaming. IEEE INFOCOM 2006, Barcelona, Spain, April 2006.
[16] Y. Liu, Z. Zhuang, L.Xiao, and L. Ni . A Distributed Approach to Solving Overlay Mismatching Problem. IEEE ICDCS 2004, Tokyo, Japan, March 2004.
[17] C. Wang, L. Xiao, Y. Liu, and P. Zheng. Distributed Caching and Adaptive Search in Multilayer P2P Networks. IEEE ICDCS 2004, Tokyo, Japan, March 2004.
[18] Y. Liu, X. Liu, L. Xiao, L. Ni, and X. Zhang. Location-Aware Topology Matching in P2P Systems. IEEE INFOCOM 2004, Hong Kong, China, March 2004.
[19] J. Li. Routing tradeoffs in dynamic peer-to-peer networks, Ph.D. Thesis, Massachusetts Institute of Technology, Nov 2005.
[20]喻梅.基于P2P系统的分布式查询算法的研究[博士学位论文],天津大学, 2008.
[21]王芳.对等网络有效资源搜索技术及其应用研究[硕士学位论文],山东师范大学, 2007.
[22]刘琼,徐鹏,杨海涛,彭芸. Peer-to-Peer文件共享系统的测量研究.软件学报, 2006, 17(10): 2131-2140.
[23] K. Cheung Sia. DDoS Vulnerability Analysis of Bittorrent Protocol, UCLA Tech. Report, 2006.
[24] L. Guo, S. Chen, Z. Xiao, E. Tan, X. Ding, and X. Zhang. Measurement, analysis, and modeling of BitTorrent-like systems. In Proceedings of IMC'05, 2005.
[25] G. Neglia, G. Reina, and H. Zhang. Availability in BitTorrent Systems. In Proceedings of INFOCOM'07, 2007.
[26] S. Crosby and D. Wallach. An analysis of bittorrent’s two kademlia-based DHTs, Tech. Rep., 2007.
[27] J. Falkner, M. Piatek, J. P. John, A. Krishnamurthy, and T. Anderson. Profiling a Million User DHT. In Proceedings of IMC'07, 2007.
[28] R. Jimenez, F. Osmani, and B. Knutsson. Connectivity Properties of Mainline BitTorrent DHT Nodes. In Proceedings of P2P'09, 2009.
[29] R. Bhagwan, S. Savage, and G. Voelker. Understanding availability. In Proceedings of the 2nd International Workshop on Peer-to-Peer Systems (IPTPS'03), pages 256--267, 2003.
[30] M. Steiner, T. En-Najjary, and E. W. Biersack. A global view of KAD. In Proc. Internet Measurement Conference (IMC), 2007.
[31] M. Steiner, E. W. Biersack, and T. Ennajjary. Actively monitoring peers in KAD. In Proceedings of the 6th International Workshop on Peer-to-Peer Systems (IPTPS'07), 2007.
[32] M. Steiner, E. W. Biersack, and T. En-Najjary. Exploiting KAD: Possible Uses and Misuses. Computer Communication Review, 37(5), 2007.
[33] M. Steiner, W. Effelsberg, T. En-Najjary, E. Biersack. Load Reduction in the KAD Peer-to-Peer System. In Proceedings of DBISP2P'07, 2007.
[34] M. Steiner, D. Carra, and E. W. Biersack. Long Term Study of Peer Behavior in the KAD DHT. IEEE/ACM Transactions on Networking, 2009.
[35] R. Brunner. A performance evaluation of the Kad-protocol, Master Thesis, 2006.
[36] L. M. Aiello, M. Milanesio, G. Ruffo, and R.Schifanella. Tempering Kademlia with a Robust Identity Based System. Proceedings of P2P'08, 2008.
[37] J. R. Douceur. The Sybil attack. In Proceedings of IPTPS'02, 2002.
[38] A. Singh, T. Ngan, P. Druschel, and D. Wallach. Eclipse attacks on overlays: Threats and defenses. In Proceedings of INFOCOM'06, 2006.
[39] P. Wang, J. Tyra, E. Chan-Tin, T. Malchow, D. F. Kune, N. Hopper, and Y. Kim. Attacking the Kad Network. In Proceedings of SecureComm’08, 2008.
[40] E. Athanasopoulos, K. Anagnostakis, and E. Markatos. Misusing Unstructured P2P systems to Perform DoS Attacks: The Network That Never Forgets, In Proceedings of ACNS’06, 2006.
[41] N. Naoumov and K. Ross. Exploiting P2P Systems for DDoS Attacks, In Proceedings of INFOSCALE’06, 2006.
[42] J. Liang, N. Naoumov, and K. W. Ross. The Index Poisoning Attack in P2P File Sharing Systems, In Proceedings of INFOCOM’06, 2006.
[43] K.El Defrawy, M.Gjoka, and A.Markopoulou. Bottorrent: Misusing BitTorrent to Launch DDoS Attacks, in Usenix SRUTI, Santa Clara, 2007.
[44] Y. Liu, X. Liu, W. Chen, and X. Li. Defending P2Ps from Overlay Flooding-based DDoS. In Proceedings of ICPP’07, 2007.
[45] X. Sun, R. Torres, and S. Rao. DDoS Attacks by Subverting Membership Management in P2P Systems, In Proceedings of NPSec’07, 2007.
[46] X. Sun, R. Torres, and S. Rao. Preventing DDoS Attacks with P2P Systems through Robust Membership Management, Tech. Rep., 2007.
[47] J. Harrington and C. Kuwanoe, C. Zou. A BitTorrent-Driven Distributed Denial-of-Service Attack. In Proceedings of SecureComm’07, 2007.
[48] J. Mirkovic and G. Prier. Attacking DDoS at the source. Proceedings of the 10th IEEE international Conference on Network Protocols, 312-321, 2002.
[49] U. Tupakula and V. Varadharajan. A Practical Method to Counteract Denial of Service Attacks. ACSC’03, 2003.
[50] R. Stone. CenterTrack: An IP Overlay Network for Tracking DoS Floods. In proceeding of 9th Usenix Security Symposium, 2002.
[51] Y. Chen, K. Hwang, and W. Ku. Collaborative Detection of DDoS Attacks over Multiple Network Domains. IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, TPDS-0228-0806, 2007.
[52] M. Walfish, M. Vutukuru, et al. DDoS Defense by Offense. SIGCOMM’06, 301~312, 2006.
[53] S. Ranjan, R. Swaminathan, M. Uysal, and E. Knightly. DDoS-Resilient Scheduling to Counter Application Layer Attacks under Imperfect Detection. INFOCOM’06, 2006.
[54] S. Khattab, S. Gobriel, R. Melhem, and D. Moss′e. Live Baiting for Service-levelDoS Attackers. INFOCOM’08, 2008.
[55] M. Varvello, C. Diot, and E. Biersack. P2P Second Life: experimental validation using Kad. In Proceedings of INFOCOM'09, 2009.
[56] T. Ristenpart, G. Maganis, A. Krishnamurthy, and T. Kohno. Privacy-preserving location tracking of lost or stolen devices: Cryptographic techniques and replacing trusted third parties with dhts. In Proc. of Usenix Security, 2008.
[57] R. Geambasu, T. Kohno, A. Levy, and H. M. Levy. Vanish: Increasing data privacy with self-destructing data. In Proc. of Usenix Security, 2009.
[58] L. M. Aiello, M. Milanesio, G. Ruffo, and R.Schifanella. Tempering Kademlia with a Robust Identity Based System. In Proceedings of P2P’08, 2008.
[59] K. Butler, S. Ryu, P. Traynor, and P. McDaniel. Leveraging Identity-based Cryptography for Node ID Assignment in Structured P2P Systems. IEEE Transactions on Parallel and Distributed Systems, 01 Dec. 2008.
[60] M. Castro, P. Druschel, A. Ganesh, A. Rowstron, and D. S. Wallach. Secure routing for structured peer-to-peer overlay networks. In Proceedings of OSDI’02, 2002.
[61] J. Dinger and H. Hartenstein. Defending the Sybil Attack in P2P Networks: Taxonomy, Challenges, and a Proposal for Self-Registration. In Proceedings of ARES’06, 2006.
[62] S.Rhea, D. Geels, T. Roscoe, and J. Kubiatowicz. Handling churn in a DHT. In USENIX Annual Tech. Conf., 2004.
[63] S. Crosby and D. Wallach. An analysis of bittorrents two kademlia-based DHTs, Tech. Rep., 2007.
[64] D.Stutzbach and R. Rejaie. Improving lookup performance over a widely-deployed DHT. In Proceedings of INFOCOM’06, 2006.
[65] J. Yu and Z. Li. Active Measurement of Routing Table in Kad. In Proceedings of DAS-P2P’09, 2009.
[66] K. Kutzner and T. Fuhrmann. Measuring large overlay networks– the overnet example. In Proceedings of KiVS’05, 2005.
[67] eMule,http://www.emule-project.net
[68] aMule,http://www.amule.org
[69] Second Life,http://secondlife.com/
[70] BitTorrent,http://www.bittorrent.com
[71] Flashget,http://www.flashget.com
[72] Xunlei,http://www.xunlei.com
[73] D. Shamma, S. Owsley, K. Hammond, S. Bradshaw, and J. Budzik. Network Arts: Exposing cultural reality. In Proceedings of WWW’04, 2004.
[74] G. Armitage. Inferring the extent of network address port translation atpublic/private因特网boundaries. Tech. Rep. CAIA TR 020712A, 2002.
[75] T. Holz, M. Steiner, F. Dahl, E. W. Biersack, and F. Freiling. Measurements and Mitigation of Peer-to-Peer-based Botnets: A Case Study on Storm Worm. First Usenix Workshop on Large-scale Exploits and Emergent Threats (LEET), 2008.
[76] C. Kanich, C. Kreibich, K. Levchenko, B. Enright, G. M. Voelker, V, Paxson, and S. Savage. Spamalytics: An Empirical Analysis of Spam Marketing Conversion. In Proceedings of ACM CCS’08, 2008.
[77] D.Stutzbach and R. Rejaie. Improving lookup performance over a widely-deployed DHT. In Proceedings of INFOCOM’06, 2006.
[78] R. Torres, M. Hajjat, M. Mellia, and M. Munafo. Inferring Undesirable Behavior from P2P Traffic Analysis. In Proceedings of Sigmetrics’09, 2009.
[79] G. Memon, R. Rejaie, Y. Guo, and D. Stutzbach. Large-Scale Monitoring of DHT Traffic. In Proceedings of IPTPS’09, 2009.
[80] K. Gummadi, R. Dunn, S. Saroiu, S. Gribble, H. Levy, and J. Zahorjan. Measurement, modeling, and analysis of a peer-to-peer file-sharing workload. In Proceedings of SOSP’03, 2003.
[81] A. Klemma, C. Lindemanna, M. Vernonb, and O. Waldhorsta. Characterizing the query behavior in peer-to-peer file sharing systems. In Proceedings of IMC’04, 2004.
[82] P. Dhungel, D. Wub, K. Ross. Measurement and mitigation of BitTorrent leecher attacks. Computer Communications, 32:(2009)1852-1861, 3009.
[83] H. Kang, E. Chan-Tin, N. Hopper, and Y. Kim. Why Kad Lookup Fails. In Proceedings of P2P’09, 2009.
[84] D. Karger and M. Ruhl. Simple Efficient Load Balancing Algorithms for Peer-to-Peer Systems. In Proceedings of IPTPS’04, 2004.
[85] A. Rao, K. Lakshminarayanan, S. Surana, R. Karp, and I. Stoica. Load Balancing in Structured P2P Systems. In Proceedings of IPTPS’03, 2003.
[86] H. Shen and C. Xu. Locality-Aware and Churn-Resilient Load-Balancing Algorithms in Structured Peer-to-Peer Networks. IEEE Transactions on Parallel and Distributed Systems, 2007.
[87] P. Jordi and G. Pedro. PlanetSim: An extensible simulation tool for peer-to-peer networks and services. In Proceedings of P2P’09, 2009.
[88] A. Montresor and M. Jelasity. PeerSim: A Scalable P2P Simulator. In Proceedings of P2P’09, 2009.
[89] J. Liang, R. Kumar, Y. Xi, and K.W. Ross. Pollution in P2P File Sharing Systems. In Proceedings of INFOCOM'05, 2005.
[90] X. Sun, R. Torres, and S. Rao. On the Feasibility of Exploiting P2P Systems to Launch DDoS Attacks, Springer Peer-to-Peer Networking and Applications,2009.
[91] J. Mirkovic, S. Dietrich, D. Dittrich, and P. Reiher.因特网Denial of Service: Attack and Defense Mechanisms, Prentice Hall PTR, 2004.
[92] China eMule, http://www.emule.com.cn/
[93] A. Stavrou, D. Rubenstein, and S. Sahu. Peer-to-Peer Caching Schemes to Address Flash Crowds. IEEE Journal on Selected Areas in Communications, 2002.
[94] M. Srivatsa, A. Iyengar, J. Yin, and L. Liu. Mitigating application-level denial of service attacks on Web servers: A client-transparent approach. ACM Transactions on the Web, 2008.
[95] Y. Xie and S. Yu. Monitoring the Application-Layer DDoS Attacks for Popular Websites. IEEE/ACM Transactions on Networking, 2009.
[96] M. Deshpande, A. Amit, and M. Chang. Flashback: A Peer-to-Peer Web Server for Flash Crowds. In Proceedings of ICDCS’07, 2007.
[97] M. Freedman, E. Freudenthal, and D. Mazires. Democratizing Content Publication with Coral. In Proceedings of OSDI’04, 2004.
[98] P. Linga, I. Gupta, and K. Birman. A Churn-Resistant Peer-to-Peer Web Caching System. In Proceedings of SSRS’03, 2003.
[99] S. Lyer, A. Rowstron, and P. Druschel. Squirrel: A decentralized peer to peer web cache. In Proceedings of PODC’02, 2002.
[100] W. Rao, L. Chen, A. Fu, and Y. Bu. Optimal Proactive Caching in Peer to Peer Network: Analysis and Application. In Proceedings of CIKM’07, 2007.
[101] T. Stading, P. Maniatis, and M. Baker. Peer-to-Peer Caching Schemes to Address Flash Crowds. In Proceedings of IPTPS’02, 2002.
[102] A. Stavrou, D. Rubenstein, and S. Sahu. Peer-to-Peer Caching Schemes to Address Flash Crowds. IEEE Journal on Selected Areas in Communications, 2002.
[103] J. Li and F. Dabek. F2F: reliable storage in open networks. In Proceedings of IPTPS’06, 2006.
[104] Q. Li, E. Chang and M. Chan. On the E?ectiveness of DDoS Attacks on Statistical Filtering, In Proceedings of INFOCOM'05, 2005.
[105] K. Li, W. Zhou, and S. Yu. E?ective metric for detecting distributed denial-of-service attacks based on information divergence, In IET Communications, 3(12):1851-1860, 2009.
[106] L. Mohammed and B. Issac. DoS attacks and defense mechanisms in wireless networks. In Proceedings IEE Mobility Conference'05, 2005.
[107] L. Lu, M. Chan and E. Chang. Analysis of a General Probabilistic Packet Marking Model for IP traceback. In Proceedings of ASIACCS'08, 2008.
[108] Y. Xiang, Y. Lin, W.L. Lei, and S.J. Huang. Detecting DDOS attack based on network self-similarity. In IEE Proc. Commun. 151(3):292-295, 2004.
[109] Y. Xie and S. Yu. A large-scale hidden semi-Markov model for anomaly detection on user browsing behaviors. IEEE/ACM Transactions on Networking, 2009.
[110] W. Yen and M. Lee. A framework for defending application layer DDoSattacks using an AI approach. In Proceedings of IASTED International Conference on Artiˉcial Intelligence and Applications, 2007.
[111] F. Cornelli, E. Damiani, S. Vimercati, S. Paraboschi, and P. Samarati. Choosing reputable servents in a p2p network. In Proceedings of WWW'02, 2002.
[112] M. Srivatsa, L. Xiong, and L. Liu. TrustGuard: Countering Vulnerabilities in Reputation Management for Decentralized Overlay Networks. In Proceedings of WWW'05, 2005.
[113] F. Douglis, A. Feldmannz, and B. Krishnamurthy. Rate of change and other metrics: a live study of the World Wide Web. In Proceedings of USENIX Symposium on Internet Working Technologies and Systems, 1997.
[114] M. Arlitt and C. Williamson. Web Server Workload Characterization: The Search for Invariants. In Proceedings of ACM SIGMETRICS'96, 1996.
[115] M. Natu and J. Mirkovic. Fine-Grained Capabilities for Flooding DDoS Defense Using Client Reputations. In Proceedings of LSAD'07, 2007.
[116] V.L.L. Thing, H.C.J. Lee and M. Sloman. Traffic Redirection Attack Protection System (TRAPS). In Proceedings of IFIP SEC'05, 2005.
[117] W.G. Morein, A.Stavrou, D.L. Cook, A.D. Keromytis, V. Misra and D. Rubenstein. Using graphical turing tests to counter automated DDoS attacks against web servers. In Proceedings of ACM CCS'03, 2003.
[118]蔡志平.基于主动和被动测量的网络测量技术、模型和算法研究[博士学位论文],国防科技大学, 2005.
[119]网络安全, http://en.wikipedia.org/wiki/Network_security
[120] S. Saroiu, P. Gummadi, and S. Gribble. A measurement study of peer-to-peer files sharing systems. In Proceedings of MMCN’02, 2002.
[121] M. Ripeanu, I Foster, and A Iamnitchi. Mapping the gnutella network: properties of large-scale peer-to-peer systems and implications for system design. IEEE Internet Computing Journal, 2002, 6(1):50-57.
[122] D. Stutzbach, R. Rejaie, and S. Sen. Characterizing unstructured overlay topologies in modern P2P file-sharing systems. In Proceedings of IMC’05, 2005.
[123] J. Liang, R. Kumar, and K. Ross. The KaZaA overlay: a measurement study. In Proceedings of ACCW’04, 2004.
[124] S. Sen, and J. Wang. Analyzing peer-to-peer traffic across large networks. InProceedings of IMC’02, 2002.
[125] Y. Zhang, L. Lei, and C. Chen. Characterizing peer-to-peer traffic across Internet. In Proceedings of GCC’03, 2003.
[126] L. Plissonneau, J. Costeux, and P. Brown. Analysis of peer-to-peer traffic on ADSL. In Proceedings of PAM’05, 2005.
[127] J. Chu, K Labonte, and B. Levine. Availability and locality measurements of peer-to-peer file systems. In Proceedings of ITCom’02, 2002.
[128] N. Christion, A. Weigend, and J. Chuang. Content availability, pollution and poisiong in peer-to-peer file sharing networks. In Proceedings of EC’05, 2005.
[129] S. Saroiu, S.D. Gribble and Henry M. Levy. Measurement and Analysis of Spyware in a University Environment. In Proceedings NSDI’04, 2004.
[130] Overpeer, http://www.overpeer.com
[131] R. Rodrigues and P. Druschel. Peer-to-Peer Systems. Communications of the ACM, 2010, 53(10):72-82.
[2] PPS, www.pps.tv.
[3] PPLive, www.pplive.com.
[4] 2007 NGN forum, http://www.catr.cn/zhthg/ngn/2007/.
[5] Cisco Expects P2P Traffic to Double by 2014, http://torrentfreak.com/cisco -expects-p2p-traffic-to-double-by-2014-100611/.
[6]黄庆凤.结构化P2P网络性能分析与搜索算法研究[博士学位论文],华中科技大学, 2008.
[7] I. Stoica, R. Morris, David Karger, et al. Chord: A scalable peer-to-peer lookup service for Internet applications. In Proceedings of SIGCOMM’01, 149-160, 2001.
[8] S. Ratnasamy, P. Franci, M. Handley, et al. A scalable content- addressable network. In Proceedings of SIGCOMM’01, 161-172, 2001.
[9] P. Maymounkov and D. Mazières. Kademlia: A Peer-to-Peer Information System Based on the XOR Metric, In Proceedings of the 1st International Workshop on Peer-to-Peer Systems (IPTPS'02), 53-65, 2002.
[10] Dongsheng Li, Xicheng Lu, and Jie Wu. FISSIONE: a scalable constant degree and low congestion DHT scheme based on Kautz graphs. In Proceedings of INFOCOM’05, 1677-1688, 2005.
[11]李东升,卢锡城. P2P网络中常量度数常量拥塞的DHT方法研究.中国科学E辑, 2004, 34(12): 1337-1358.
[12] Yiming Zhang, Dongsheng Li, Lei Chen, and Xicheng Lu. Flexible Routing in Grouped DHTs. In Proceedings P2P’08, 109-118, 2008.
[13] Q. Chen, L. Chen, X. Lian, Y. Liu, J. Yu. Indexable PLA for Efficient Similarity Search. International Conference on Very Large Data Bases (VLDB), Vienna, Austria, September 2007.
[14] J. Han and Y. Liu. Rumor Riding: Anonymizing Unstructured Peer-to-Peer Systems. IEEE ICNP, Santa Barbara, California, USA, November, 2006.
[15] X. Liao, H. Jin, Y. Liu, L. Ni, and D. Deng. AnySee: Peer-to-Peer Live Streaming. IEEE INFOCOM 2006, Barcelona, Spain, April 2006.
[16] Y. Liu, Z. Zhuang, L.Xiao, and L. Ni . A Distributed Approach to Solving Overlay Mismatching Problem. IEEE ICDCS 2004, Tokyo, Japan, March 2004.
[17] C. Wang, L. Xiao, Y. Liu, and P. Zheng. Distributed Caching and Adaptive Search in Multilayer P2P Networks. IEEE ICDCS 2004, Tokyo, Japan, March 2004.
[18] Y. Liu, X. Liu, L. Xiao, L. Ni, and X. Zhang. Location-Aware Topology Matching in P2P Systems. IEEE INFOCOM 2004, Hong Kong, China, March 2004.
[19] J. Li. Routing tradeoffs in dynamic peer-to-peer networks, Ph.D. Thesis, Massachusetts Institute of Technology, Nov 2005.
[20]喻梅.基于P2P系统的分布式查询算法的研究[博士学位论文],天津大学, 2008.
[21]王芳.对等网络有效资源搜索技术及其应用研究[硕士学位论文],山东师范大学, 2007.
[22]刘琼,徐鹏,杨海涛,彭芸. Peer-to-Peer文件共享系统的测量研究.软件学报, 2006, 17(10): 2131-2140.
[23] K. Cheung Sia. DDoS Vulnerability Analysis of Bittorrent Protocol, UCLA Tech. Report, 2006.
[24] L. Guo, S. Chen, Z. Xiao, E. Tan, X. Ding, and X. Zhang. Measurement, analysis, and modeling of BitTorrent-like systems. In Proceedings of IMC'05, 2005.
[25] G. Neglia, G. Reina, and H. Zhang. Availability in BitTorrent Systems. In Proceedings of INFOCOM'07, 2007.
[26] S. Crosby and D. Wallach. An analysis of bittorrent’s two kademlia-based DHTs, Tech. Rep., 2007.
[27] J. Falkner, M. Piatek, J. P. John, A. Krishnamurthy, and T. Anderson. Profiling a Million User DHT. In Proceedings of IMC'07, 2007.
[28] R. Jimenez, F. Osmani, and B. Knutsson. Connectivity Properties of Mainline BitTorrent DHT Nodes. In Proceedings of P2P'09, 2009.
[29] R. Bhagwan, S. Savage, and G. Voelker. Understanding availability. In Proceedings of the 2nd International Workshop on Peer-to-Peer Systems (IPTPS'03), pages 256--267, 2003.
[30] M. Steiner, T. En-Najjary, and E. W. Biersack. A global view of KAD. In Proc. Internet Measurement Conference (IMC), 2007.
[31] M. Steiner, E. W. Biersack, and T. Ennajjary. Actively monitoring peers in KAD. In Proceedings of the 6th International Workshop on Peer-to-Peer Systems (IPTPS'07), 2007.
[32] M. Steiner, E. W. Biersack, and T. En-Najjary. Exploiting KAD: Possible Uses and Misuses. Computer Communication Review, 37(5), 2007.
[33] M. Steiner, W. Effelsberg, T. En-Najjary, E. Biersack. Load Reduction in the KAD Peer-to-Peer System. In Proceedings of DBISP2P'07, 2007.
[34] M. Steiner, D. Carra, and E. W. Biersack. Long Term Study of Peer Behavior in the KAD DHT. IEEE/ACM Transactions on Networking, 2009.
[35] R. Brunner. A performance evaluation of the Kad-protocol, Master Thesis, 2006.
[36] L. M. Aiello, M. Milanesio, G. Ruffo, and R.Schifanella. Tempering Kademlia with a Robust Identity Based System. Proceedings of P2P'08, 2008.
[37] J. R. Douceur. The Sybil attack. In Proceedings of IPTPS'02, 2002.
[38] A. Singh, T. Ngan, P. Druschel, and D. Wallach. Eclipse attacks on overlays: Threats and defenses. In Proceedings of INFOCOM'06, 2006.
[39] P. Wang, J. Tyra, E. Chan-Tin, T. Malchow, D. F. Kune, N. Hopper, and Y. Kim. Attacking the Kad Network. In Proceedings of SecureComm’08, 2008.
[40] E. Athanasopoulos, K. Anagnostakis, and E. Markatos. Misusing Unstructured P2P systems to Perform DoS Attacks: The Network That Never Forgets, In Proceedings of ACNS’06, 2006.
[41] N. Naoumov and K. Ross. Exploiting P2P Systems for DDoS Attacks, In Proceedings of INFOSCALE’06, 2006.
[42] J. Liang, N. Naoumov, and K. W. Ross. The Index Poisoning Attack in P2P File Sharing Systems, In Proceedings of INFOCOM’06, 2006.
[43] K.El Defrawy, M.Gjoka, and A.Markopoulou. Bottorrent: Misusing BitTorrent to Launch DDoS Attacks, in Usenix SRUTI, Santa Clara, 2007.
[44] Y. Liu, X. Liu, W. Chen, and X. Li. Defending P2Ps from Overlay Flooding-based DDoS. In Proceedings of ICPP’07, 2007.
[45] X. Sun, R. Torres, and S. Rao. DDoS Attacks by Subverting Membership Management in P2P Systems, In Proceedings of NPSec’07, 2007.
[46] X. Sun, R. Torres, and S. Rao. Preventing DDoS Attacks with P2P Systems through Robust Membership Management, Tech. Rep., 2007.
[47] J. Harrington and C. Kuwanoe, C. Zou. A BitTorrent-Driven Distributed Denial-of-Service Attack. In Proceedings of SecureComm’07, 2007.
[48] J. Mirkovic and G. Prier. Attacking DDoS at the source. Proceedings of the 10th IEEE international Conference on Network Protocols, 312-321, 2002.
[49] U. Tupakula and V. Varadharajan. A Practical Method to Counteract Denial of Service Attacks. ACSC’03, 2003.
[50] R. Stone. CenterTrack: An IP Overlay Network for Tracking DoS Floods. In proceeding of 9th Usenix Security Symposium, 2002.
[51] Y. Chen, K. Hwang, and W. Ku. Collaborative Detection of DDoS Attacks over Multiple Network Domains. IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, TPDS-0228-0806, 2007.
[52] M. Walfish, M. Vutukuru, et al. DDoS Defense by Offense. SIGCOMM’06, 301~312, 2006.
[53] S. Ranjan, R. Swaminathan, M. Uysal, and E. Knightly. DDoS-Resilient Scheduling to Counter Application Layer Attacks under Imperfect Detection. INFOCOM’06, 2006.
[54] S. Khattab, S. Gobriel, R. Melhem, and D. Moss′e. Live Baiting for Service-levelDoS Attackers. INFOCOM’08, 2008.
[55] M. Varvello, C. Diot, and E. Biersack. P2P Second Life: experimental validation using Kad. In Proceedings of INFOCOM'09, 2009.
[56] T. Ristenpart, G. Maganis, A. Krishnamurthy, and T. Kohno. Privacy-preserving location tracking of lost or stolen devices: Cryptographic techniques and replacing trusted third parties with dhts. In Proc. of Usenix Security, 2008.
[57] R. Geambasu, T. Kohno, A. Levy, and H. M. Levy. Vanish: Increasing data privacy with self-destructing data. In Proc. of Usenix Security, 2009.
[58] L. M. Aiello, M. Milanesio, G. Ruffo, and R.Schifanella. Tempering Kademlia with a Robust Identity Based System. In Proceedings of P2P’08, 2008.
[59] K. Butler, S. Ryu, P. Traynor, and P. McDaniel. Leveraging Identity-based Cryptography for Node ID Assignment in Structured P2P Systems. IEEE Transactions on Parallel and Distributed Systems, 01 Dec. 2008.
[60] M. Castro, P. Druschel, A. Ganesh, A. Rowstron, and D. S. Wallach. Secure routing for structured peer-to-peer overlay networks. In Proceedings of OSDI’02, 2002.
[61] J. Dinger and H. Hartenstein. Defending the Sybil Attack in P2P Networks: Taxonomy, Challenges, and a Proposal for Self-Registration. In Proceedings of ARES’06, 2006.
[62] S.Rhea, D. Geels, T. Roscoe, and J. Kubiatowicz. Handling churn in a DHT. In USENIX Annual Tech. Conf., 2004.
[63] S. Crosby and D. Wallach. An analysis of bittorrents two kademlia-based DHTs, Tech. Rep., 2007.
[64] D.Stutzbach and R. Rejaie. Improving lookup performance over a widely-deployed DHT. In Proceedings of INFOCOM’06, 2006.
[65] J. Yu and Z. Li. Active Measurement of Routing Table in Kad. In Proceedings of DAS-P2P’09, 2009.
[66] K. Kutzner and T. Fuhrmann. Measuring large overlay networks– the overnet example. In Proceedings of KiVS’05, 2005.
[67] eMule,http://www.emule-project.net
[68] aMule,http://www.amule.org
[69] Second Life,http://secondlife.com/
[70] BitTorrent,http://www.bittorrent.com
[71] Flashget,http://www.flashget.com
[72] Xunlei,http://www.xunlei.com
[73] D. Shamma, S. Owsley, K. Hammond, S. Bradshaw, and J. Budzik. Network Arts: Exposing cultural reality. In Proceedings of WWW’04, 2004.
[74] G. Armitage. Inferring the extent of network address port translation atpublic/private因特网boundaries. Tech. Rep. CAIA TR 020712A, 2002.
[75] T. Holz, M. Steiner, F. Dahl, E. W. Biersack, and F. Freiling. Measurements and Mitigation of Peer-to-Peer-based Botnets: A Case Study on Storm Worm. First Usenix Workshop on Large-scale Exploits and Emergent Threats (LEET), 2008.
[76] C. Kanich, C. Kreibich, K. Levchenko, B. Enright, G. M. Voelker, V, Paxson, and S. Savage. Spamalytics: An Empirical Analysis of Spam Marketing Conversion. In Proceedings of ACM CCS’08, 2008.
[77] D.Stutzbach and R. Rejaie. Improving lookup performance over a widely-deployed DHT. In Proceedings of INFOCOM’06, 2006.
[78] R. Torres, M. Hajjat, M. Mellia, and M. Munafo. Inferring Undesirable Behavior from P2P Traffic Analysis. In Proceedings of Sigmetrics’09, 2009.
[79] G. Memon, R. Rejaie, Y. Guo, and D. Stutzbach. Large-Scale Monitoring of DHT Traffic. In Proceedings of IPTPS’09, 2009.
[80] K. Gummadi, R. Dunn, S. Saroiu, S. Gribble, H. Levy, and J. Zahorjan. Measurement, modeling, and analysis of a peer-to-peer file-sharing workload. In Proceedings of SOSP’03, 2003.
[81] A. Klemma, C. Lindemanna, M. Vernonb, and O. Waldhorsta. Characterizing the query behavior in peer-to-peer file sharing systems. In Proceedings of IMC’04, 2004.
[82] P. Dhungel, D. Wub, K. Ross. Measurement and mitigation of BitTorrent leecher attacks. Computer Communications, 32:(2009)1852-1861, 3009.
[83] H. Kang, E. Chan-Tin, N. Hopper, and Y. Kim. Why Kad Lookup Fails. In Proceedings of P2P’09, 2009.
[84] D. Karger and M. Ruhl. Simple Efficient Load Balancing Algorithms for Peer-to-Peer Systems. In Proceedings of IPTPS’04, 2004.
[85] A. Rao, K. Lakshminarayanan, S. Surana, R. Karp, and I. Stoica. Load Balancing in Structured P2P Systems. In Proceedings of IPTPS’03, 2003.
[86] H. Shen and C. Xu. Locality-Aware and Churn-Resilient Load-Balancing Algorithms in Structured Peer-to-Peer Networks. IEEE Transactions on Parallel and Distributed Systems, 2007.
[87] P. Jordi and G. Pedro. PlanetSim: An extensible simulation tool for peer-to-peer networks and services. In Proceedings of P2P’09, 2009.
[88] A. Montresor and M. Jelasity. PeerSim: A Scalable P2P Simulator. In Proceedings of P2P’09, 2009.
[89] J. Liang, R. Kumar, Y. Xi, and K.W. Ross. Pollution in P2P File Sharing Systems. In Proceedings of INFOCOM'05, 2005.
[90] X. Sun, R. Torres, and S. Rao. On the Feasibility of Exploiting P2P Systems to Launch DDoS Attacks, Springer Peer-to-Peer Networking and Applications,2009.
[91] J. Mirkovic, S. Dietrich, D. Dittrich, and P. Reiher.因特网Denial of Service: Attack and Defense Mechanisms, Prentice Hall PTR, 2004.
[92] China eMule, http://www.emule.com.cn/
[93] A. Stavrou, D. Rubenstein, and S. Sahu. Peer-to-Peer Caching Schemes to Address Flash Crowds. IEEE Journal on Selected Areas in Communications, 2002.
[94] M. Srivatsa, A. Iyengar, J. Yin, and L. Liu. Mitigating application-level denial of service attacks on Web servers: A client-transparent approach. ACM Transactions on the Web, 2008.
[95] Y. Xie and S. Yu. Monitoring the Application-Layer DDoS Attacks for Popular Websites. IEEE/ACM Transactions on Networking, 2009.
[96] M. Deshpande, A. Amit, and M. Chang. Flashback: A Peer-to-Peer Web Server for Flash Crowds. In Proceedings of ICDCS’07, 2007.
[97] M. Freedman, E. Freudenthal, and D. Mazires. Democratizing Content Publication with Coral. In Proceedings of OSDI’04, 2004.
[98] P. Linga, I. Gupta, and K. Birman. A Churn-Resistant Peer-to-Peer Web Caching System. In Proceedings of SSRS’03, 2003.
[99] S. Lyer, A. Rowstron, and P. Druschel. Squirrel: A decentralized peer to peer web cache. In Proceedings of PODC’02, 2002.
[100] W. Rao, L. Chen, A. Fu, and Y. Bu. Optimal Proactive Caching in Peer to Peer Network: Analysis and Application. In Proceedings of CIKM’07, 2007.
[101] T. Stading, P. Maniatis, and M. Baker. Peer-to-Peer Caching Schemes to Address Flash Crowds. In Proceedings of IPTPS’02, 2002.
[102] A. Stavrou, D. Rubenstein, and S. Sahu. Peer-to-Peer Caching Schemes to Address Flash Crowds. IEEE Journal on Selected Areas in Communications, 2002.
[103] J. Li and F. Dabek. F2F: reliable storage in open networks. In Proceedings of IPTPS’06, 2006.
[104] Q. Li, E. Chang and M. Chan. On the E?ectiveness of DDoS Attacks on Statistical Filtering, In Proceedings of INFOCOM'05, 2005.
[105] K. Li, W. Zhou, and S. Yu. E?ective metric for detecting distributed denial-of-service attacks based on information divergence, In IET Communications, 3(12):1851-1860, 2009.
[106] L. Mohammed and B. Issac. DoS attacks and defense mechanisms in wireless networks. In Proceedings IEE Mobility Conference'05, 2005.
[107] L. Lu, M. Chan and E. Chang. Analysis of a General Probabilistic Packet Marking Model for IP traceback. In Proceedings of ASIACCS'08, 2008.
[108] Y. Xiang, Y. Lin, W.L. Lei, and S.J. Huang. Detecting DDOS attack based on network self-similarity. In IEE Proc. Commun. 151(3):292-295, 2004.
[109] Y. Xie and S. Yu. A large-scale hidden semi-Markov model for anomaly detection on user browsing behaviors. IEEE/ACM Transactions on Networking, 2009.
[110] W. Yen and M. Lee. A framework for defending application layer DDoSattacks using an AI approach. In Proceedings of IASTED International Conference on Artiˉcial Intelligence and Applications, 2007.
[111] F. Cornelli, E. Damiani, S. Vimercati, S. Paraboschi, and P. Samarati. Choosing reputable servents in a p2p network. In Proceedings of WWW'02, 2002.
[112] M. Srivatsa, L. Xiong, and L. Liu. TrustGuard: Countering Vulnerabilities in Reputation Management for Decentralized Overlay Networks. In Proceedings of WWW'05, 2005.
[113] F. Douglis, A. Feldmannz, and B. Krishnamurthy. Rate of change and other metrics: a live study of the World Wide Web. In Proceedings of USENIX Symposium on Internet Working Technologies and Systems, 1997.
[114] M. Arlitt and C. Williamson. Web Server Workload Characterization: The Search for Invariants. In Proceedings of ACM SIGMETRICS'96, 1996.
[115] M. Natu and J. Mirkovic. Fine-Grained Capabilities for Flooding DDoS Defense Using Client Reputations. In Proceedings of LSAD'07, 2007.
[116] V.L.L. Thing, H.C.J. Lee and M. Sloman. Traffic Redirection Attack Protection System (TRAPS). In Proceedings of IFIP SEC'05, 2005.
[117] W.G. Morein, A.Stavrou, D.L. Cook, A.D. Keromytis, V. Misra and D. Rubenstein. Using graphical turing tests to counter automated DDoS attacks against web servers. In Proceedings of ACM CCS'03, 2003.
[118]蔡志平.基于主动和被动测量的网络测量技术、模型和算法研究[博士学位论文],国防科技大学, 2005.
[119]网络安全, http://en.wikipedia.org/wiki/Network_security
[120] S. Saroiu, P. Gummadi, and S. Gribble. A measurement study of peer-to-peer files sharing systems. In Proceedings of MMCN’02, 2002.
[121] M. Ripeanu, I Foster, and A Iamnitchi. Mapping the gnutella network: properties of large-scale peer-to-peer systems and implications for system design. IEEE Internet Computing Journal, 2002, 6(1):50-57.
[122] D. Stutzbach, R. Rejaie, and S. Sen. Characterizing unstructured overlay topologies in modern P2P file-sharing systems. In Proceedings of IMC’05, 2005.
[123] J. Liang, R. Kumar, and K. Ross. The KaZaA overlay: a measurement study. In Proceedings of ACCW’04, 2004.
[124] S. Sen, and J. Wang. Analyzing peer-to-peer traffic across large networks. InProceedings of IMC’02, 2002.
[125] Y. Zhang, L. Lei, and C. Chen. Characterizing peer-to-peer traffic across Internet. In Proceedings of GCC’03, 2003.
[126] L. Plissonneau, J. Costeux, and P. Brown. Analysis of peer-to-peer traffic on ADSL. In Proceedings of PAM’05, 2005.
[127] J. Chu, K Labonte, and B. Levine. Availability and locality measurements of peer-to-peer file systems. In Proceedings of ITCom’02, 2002.
[128] N. Christion, A. Weigend, and J. Chuang. Content availability, pollution and poisiong in peer-to-peer file sharing networks. In Proceedings of EC’05, 2005.
[129] S. Saroiu, S.D. Gribble and Henry M. Levy. Measurement and Analysis of Spyware in a University Environment. In Proceedings NSDI’04, 2004.
[130] Overpeer, http://www.overpeer.com
[131] R. Rodrigues and P. Druschel. Peer-to-Peer Systems. Communications of the ACM, 2010, 53(10):72-82.