Overlay peer to peer networks are becoming more and more subject of study since they seem the ideal solution for providing large scale services instead of the traditional low scalable client-server model. In particular, completely distributed and structured peer to peer overlay networks such as Distributed Hash Table (DHT), have raised big interest for their scalability higher than any model which includes forms of centralization. The most common way to realize these networks is the Distributed Hash Table (DHT) and Chord protocol is one of the first DHT proposed. Not only DHT but more in general distributed overlay networks, being open and self organizing without central authority, imply serious concerns about security since, in theory, each participant is free to act maliciously. One of the most effective attacks on distributed overlay networks is the Eclipse attack, in which the attacker forces the victim nodes point to as many attacker’s nodes as possible. As a consequence, the victim nodes will involuntarily misroute the traffic towards attacker’s nodes allowing the attacker to eliminate, read, modify a large percentage of messages, even if the fraction of malicious nodes is very low. And given that distributed overlay networks can support a wide variety of online services and applications, it is of paramount importance to make these protocols secure especially against this kind of attacks. In this thesis we focus on the Eclipse attack in Chord protocol. In particular our work consists in devising possible solutions for two problems: 1) Identification of the attack: we propose a solution with which a Chord node can detect the Eclipse attack by relying just on local information and possibly on received messages. 2) Defense to the attack: we propose several distributed defenses and one non distributed defense for contrasting as much as possible the effect of the Eclipse attack, which is the capture of messages by the attacker. We mainly focused on distributed defenses in order to preserve the distributed high scalable nature of Chord protocol. Besides, since some our proposed defenses need to know the average internode key distance, we also devised a system for estimating such quantity in presence of unreliable routing information.
Le reti overlay peer to peer si stanno diffondendo sempre più in quanto soluzione ideale per fornire servizi di larga scala, in luogo del tradizionale poco scalabile modello client-server. In particolare le reti overlay peer to peer distribuite e strutturate, come quelle realizzate mediante Distributed Hash Tables (DHT), hanno suscitato un notevole interesse per la loro elevata scalabilità. Il protocollo Chord è una delle prime DHT proposte. Non solo le DHT ma più in generale le reti overlay distribuite, essendo aperte, auto-organizzanti senza un’autorità supervisionante, implicano seri problemi di sicurezza in quanto, in teoria, ogni utente ha la libertà di agire in modo maligno. Uno degli attacchi più efficaci nelle reti overlay distribuite è l’attacco Eclipse, in cui l’attaccante fa sì che i nodi vittima puntino il più possibile verso nodi controllati dall’attaccante. La conseguenza è che i nodi vittima dirottano involontariamente il traffico verso i nodi maligni, permettendo all’attaccante di eliminare, leggere o modificare un’elevata percentuale di messaggi anche se la percentuale di nodi maligni è molto bassa. E poiché le reti overlay distribuite possono supportare un’ampia varietà di applicazioni, è di capitale importanza renderle sicure, specialmente contro un attacco così compromettente. In questa tesi ci focalizziamo sull’attacco Eclipse al protocollo Chord. In particolare, il nostro lavoro consiste nel proporre possibili soluzioni a due problemi: 1) Identificazione dell’attacco: proponiamo una soluzione con cui un nodo Chord può identificare un attacco Eclipse soltanto affidandosi alle informazioni locali ed eventualmente osservando anche i messaggi ricevuti. 2) Difesa contro l’attacco: proponiamo diverse difese distribuite e una difesa non distribuita per contrastare il più possibile l’effetto dell’attacco Eclipse, che è la cattura dei messaggi da parte dell’attaccante. Ci siamo concentrati maggiormente sulle difese distribuite in modo da preservare la natura distribuita altamente scalabile del protocollo Chord. Inoltre, dato che alcune difese proposte necessitano la conoscenza della distanza media fra nodi nello spazio delle chiavi, abbiamo anche ideato un sistema per stimare tale quantità in presenza di informazioni di routing non affidabili.
Identificazione e difesa contro l'attacco Eclipse al protocollo Chord
PANZERI, ALESSANDRO;YAGNE TCHETNKOU, CONSTANTIN
2011/2012
Abstract
Overlay peer to peer networks are becoming more and more subject of study since they seem the ideal solution for providing large scale services instead of the traditional low scalable client-server model. In particular, completely distributed and structured peer to peer overlay networks such as Distributed Hash Table (DHT), have raised big interest for their scalability higher than any model which includes forms of centralization. The most common way to realize these networks is the Distributed Hash Table (DHT) and Chord protocol is one of the first DHT proposed. Not only DHT but more in general distributed overlay networks, being open and self organizing without central authority, imply serious concerns about security since, in theory, each participant is free to act maliciously. One of the most effective attacks on distributed overlay networks is the Eclipse attack, in which the attacker forces the victim nodes point to as many attacker’s nodes as possible. As a consequence, the victim nodes will involuntarily misroute the traffic towards attacker’s nodes allowing the attacker to eliminate, read, modify a large percentage of messages, even if the fraction of malicious nodes is very low. And given that distributed overlay networks can support a wide variety of online services and applications, it is of paramount importance to make these protocols secure especially against this kind of attacks. In this thesis we focus on the Eclipse attack in Chord protocol. In particular our work consists in devising possible solutions for two problems: 1) Identification of the attack: we propose a solution with which a Chord node can detect the Eclipse attack by relying just on local information and possibly on received messages. 2) Defense to the attack: we propose several distributed defenses and one non distributed defense for contrasting as much as possible the effect of the Eclipse attack, which is the capture of messages by the attacker. We mainly focused on distributed defenses in order to preserve the distributed high scalable nature of Chord protocol. Besides, since some our proposed defenses need to know the average internode key distance, we also devised a system for estimating such quantity in presence of unreliable routing information.| File | Dimensione | Formato | |
|---|---|---|---|
|
2013_04_Panzeri_Yagne_Tchetnkou.pdf
accessibile in internet per tutti
Descrizione: Testo della tesi
Dimensione
1.36 MB
Formato
Adobe PDF
|
1.36 MB | Adobe PDF | Visualizza/Apri |
I documenti in POLITesi sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/10589/83702