Title

Harnessing the power of BitTorrent for distributed denial-of-service attacks

Authors

Authors

L. Wu; J. Harrington; C. Kuwanoe;C. C. Zou

Comments

Authors: contact us about adding a copy of your work at STARS@ucf.edu

Abbreviated Journal Title

Secur. Commun. Netw.

Keywords

BitTorrent; distributed denial-of-service attack; peer-to-peer networks; Computer Science, Information Systems; Telecommunications

Abstract

BitTorrent is a popular peer-to-peer (P2P) file-sharing protocol that utilizes a central server, known as a 'tracker', to coordinate connections between peers in a 'swarm', a term used to describe a Bit Torrent ad-hoc file sharing network. The tracker of a swarm is specified by the original file distributor and trusted unconditionally by peers in the swarm. This central point of control provides an opportunity for a file distributor to deploy a modified tracker to provide peers in a swarm with malicious coordination data, directing peer connection traffic toward an arbitrary target machine on an arbitrary service port. Although such an attack does not generate huge amount of attack traffic, it would set up many connections with the victim server successfully, which could cause serious denial-of-service by exhausting the victim server's connection resource. In this paper, we present and demonstrate such an attack that is entirely tracker-based, requiring no modifications to Bit Torrent client software and could be deployed by an attacker right now. The results from both emulation and real-world experiments show the applicability of this attack. Due to the skyrocketing popularity of Bit Torrent and numerous large-scale swarms existed in the Internet, Bit Torrent swarms provide an intriguing platform for launching distributed denial-of-service (DDoS) attacks based on connection exhaustion. Copyright (C) 2010 John Wiley & Sons, Ltd.

Journal Title

Security and Communication Networks

Volume

4

Issue/Number

8

Publication Date

1-1-2011

Document Type

Article

Language

English

First Page

860

Last Page

870

WOS Identifier

WOS:000293256600006

ISSN

1939-0114

Share

COinS