Misusing Unstructured P2P Systems to Perform DoS Attacks: The Network That Never Forgets

  • Elias Athanasopoulos
  • Kostas G. Anagnostakis
  • Evangelos P. Markatos
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3989)


Unstructured P2P systems have gained great popularity in recent years and are currently used by millions of users. One fundamental property of these systems is the lack of structure, which allows decentralized operation and makes it easy for new users to join and participate in the system. However, the lack of structure can also be abused by malicious users. We explore one such attack, that enables malicious users to use unstructured P2P systems to perform Denial of Service (DoS) attacks to third parties. Specifically, we show that a malicious node can coerce a large number of peers to perform requests to a target host that may not even be part of the P2P network, including downloading unwanted files from a target Web Server. This is a classic form of denial-of-service which also has two interesting characteristics: (a) it is hard to identify the originator of the attack, (b) it is even harder to stop the attack. The second property comes from the fact that certain unstructured P2P systems seem to have a kind of “memory”, retaining knowledge about (potentially false) queries for many days. In this paper we present real-world experiments of Gnutella-based DoS attacks to Web Servers. We explore the magnitude of the problem and present a solution to protect innocent victims against this attack.


Malicious Node Port Number Request Rate Malicious Peer Query Packet 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Anonymously Launching a DDoS Attack via the Gnutella Network,
  2. 2.
    Apache web server,
  3. 3.
    Debian gnu/linux os,
  4. 4.
  5. 5.
    Daswani, N., Garcia-Molina, H.: Query-flood dos attacks in gnutella networks. In: ACM Conference on Computer and Communications Security (2002)Google Scholar
  6. 6.
    Mishra, M.: Cascade: an attack resistant peer-to-peer system. In: The 3rd New York Metro Area Networking Workshop (2003)Google Scholar
  7. 7.
    Paxson, V.: An analysis of using reflectors for distributed denial-of-service attacks. SIGCOMM Comput. Commun. Rev. 31(3), 38–47 (2001)CrossRefGoogle Scholar
  8. 8.
    Stutzbach, D., Rejaie, R.: Characterizing the two-tier gnutella topology. SIGMETRICS Perform. Eval. Rev. 33(1), 402–403 (2005)CrossRefGoogle Scholar
  9. 9.
    Sun, Q., Garcia-Molina, H.: Slic: A selfish link-based incentive mechanism for unstructured peer-to-peer networks. In: ICDCS 204: Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS 2004), Washington, DC, USA, pp. 506–515. IEEE Computer Society Press, Los Alamitos (2004)CrossRefGoogle Scholar
  10. 10.
    Zeinalipour-Yazti, D.: Exploiting the security weaknesses of the gnutella protocol. Technical Report CS260-2, Department of Computer Science, University of California (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Elias Athanasopoulos
    • 1
  • Kostas G. Anagnostakis
    • 2
  • Evangelos P. Markatos
    • 1
  1. 1.Institute of Computer Science (ICS), Foundation for Research & Technology Hellas (FORTH)Greece
  2. 2.Institute for Infocomm ResearchSingapore

Personalised recommendations