Harnessing the power of BitTorrent for distributed denial-of-service attacks
Abbreviated Journal Title
Secur. Commun. Netw.
BitTorrent; distributed denial-of-service attack; peer-to-peer networks; Computer Science, Information Systems; Telecommunications
BitTorrent is a popular peer-to-peer (P2P) file-sharing protocol that utilizes a central server, known as a 'tracker', to coordinate connections between peers in a 'swarm', a term used to describe a Bit Torrent ad-hoc file sharing network. The tracker of a swarm is specified by the original file distributor and trusted unconditionally by peers in the swarm. This central point of control provides an opportunity for a file distributor to deploy a modified tracker to provide peers in a swarm with malicious coordination data, directing peer connection traffic toward an arbitrary target machine on an arbitrary service port. Although such an attack does not generate huge amount of attack traffic, it would set up many connections with the victim server successfully, which could cause serious denial-of-service by exhausting the victim server's connection resource. In this paper, we present and demonstrate such an attack that is entirely tracker-based, requiring no modifications to Bit Torrent client software and could be deployed by an attacker right now. The results from both emulation and real-world experiments show the applicability of this attack. Due to the skyrocketing popularity of Bit Torrent and numerous large-scale swarms existed in the Internet, Bit Torrent swarms provide an intriguing platform for launching distributed denial-of-service (DDoS) attacks based on connection exhaustion. Copyright (C) 2010 John Wiley & Sons, Ltd.
Security and Communication Networks
"Harnessing the power of BitTorrent for distributed denial-of-service attacks" (2011). Faculty Bibliography 2010s. 2110.