P2P attacks

Unfortunately, without a central trusted authority, it is not possible to convincingly
stop Sybil attacks [10]. Maybe carefully configured reputation-based
systems might be able to slow the attack down, but it will not do much more.
Indeed, once the attacker has legally validated a certain amount of identities,
he can validate the rest.
A good defense is to render a Sybil attack unattractive by making it impossible
to place malicious identities in strategic positions. We have already seen that
structured P2P networks are more resilient to worm propagation. For the same
reasons it is a good defense mechanism here, as an attacker will not be able to
place his identities where he wishes. Randomly dispersed malicious identities
are far less dangerous than strategically placed ones, especially if the P2P network
is of considerable size.
Another proposition could be to include the node’s IP in it’s identifier. A malicious
node would thus not be able to spoof fake identities as he would be bound
to a limited number of IPs and could be noticed and denounced if he created
more identities. Yet this solution is far from simple as other attacks are rendered
possible, such as generating fake identities for other nodes and then accusing
them of being malicious. This is why we will not consider this defense as it adds
a layer of complexity to the existing protocol whilst generating other potential
Several papers propose a central trusted authority as a solution, as well as a
complicated public-private key based protocol [11]. Each node should sign his
messages, and respond to a challenge by the authority every now and then. It
is clear that an attacker simulating many identities would need enormous resources
in order to be able to answer all the challenges periodically submitted
to each of his identities. While this certainly tries to solve the problem, it is unsatisfactory:
this solution breaks the P2P model by reintroducing a centralized
point of failure, which can easily be attacked.

No comments:

Post a Comment

Hi thank you for comment in Assignment Lanka " Book Mark on me' To future references.

Note: Only a member of this blog may post a comment.


" Temporary " means that every project has a definite beginning and a definite end. The end is reached when the project's ob...

Assignment Lanka Populer Posts ever