Poisoning the Kad Network

  • Thomas Locher
  • David Mysicka
  • Stefan Schmid
  • Roger Wattenhofer
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5935)


Since the demise of the Overnet network, the Kad network has become not only the most popular but also the only widely used peer-to-peer system based on a distributed hash table. It is likely that its user base will continue to grow in numbers over the next few years as, unlike the eDonkey network, it does not depend on central servers, which increases scalability and reliability. Moreover, the Kad network is more efficient than unstructured systems such as Gnutella. However, we show that today’s Kad network can be attacked in several ways by carrying out several (well-known) attacks on the Kad network. The presented attacks could be used either to hamper the correct functioning of the network itself, to censor contents, or to harm other entities in the Internet not participating in the Kad network such as ordinary web servers. While there are simple heuristics to reduce the impact of some of the attacks, we believe that the presented attacks cannot be thwarted easily in any fully decentralized peer-to-peer system without some kind of a centralized certification and verification authority.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Athanasopoulos, E., Anagnostakis, K.G., Markatos, E.P.: Misusing Unstructured P2P Systems to Perform DoS Attacks: The Network That Never Forgets. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 130–145. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  2. 2.
    Awerbuch, B., Scheideler, C.: Towards a Scalable and Robust DHT. In: Proc. SPAA (2006)Google Scholar
  3. 3.
    Awerbuch, B., Scheideler, C.: Towards Scalable and Robust Overlay Networks. In: Proc. 6th Int. Workshop on Peer-to-Peer Systems, IPTPS (2007)Google Scholar
  4. 4.
    Baruch, A., Christian, S.: Robust Random Number Generation for Peer-to-Peer Systems. Theor. Comput. Sci. 410(6-7), 453–466 (2009)MATHCrossRefGoogle Scholar
  5. 5.
    Castro, M., Druschel, P., Ganesh, A., Rowstron, A., Wallach, D.S.: Secure Routing for Structured Peer-to-Peer Overlay Networks. In: Proc. OSDI (2002)Google Scholar
  6. 6.
    El Defrawy, K., Gjoka, M., Markopoulou, A.: BotTorrent: Misusing BitTorrent to Launch DDoS Attacks. In: Proc. 3rd Workshop on Steps to Reducing Unwanted Traffic on the Internet, SRUTI (2007)Google Scholar
  7. 7.
    Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, p. 251. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  8. 8.
    Liang, J., Naoumov, N., Ross, K.W.: The Index Poisoning Attack in P2P File Sharing Systems. In: Proc. INFOCOM (2006)Google Scholar
  9. 9.
    Locher, T., Moor, P., Schmid, S., Wattenhofer, R.: Free Riding in BitTorrent is Cheap. In: Proc. HotNets (2006)Google Scholar
  10. 10.
    Maymounkov, P., Mazières, D.: A Peer-to-Peer Information System Based on the XOR Metric. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  11. 11.
    Naoumov, N., Ross, K.: Exploiting P2P Systems for DDoS Attacks. In: Proc. 1st International Conference on Scalable Information Systems, INFOSCALE (2006)Google Scholar
  12. 12.
    Nielson, S.J., Crosby, S.A., Wallach, D.S.: A taxonomy of rational attacks. In: Castro, M., van Renesse, R. (eds.) IPTPS 2005. LNCS, vol. 3640, pp. 36–46. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. 13.
    Christian, S.: How to Spread Adversarial Nodes?: Rotate!. In: Proc. STOC (2005)Google Scholar
  14. 14.
    Singh, A., Ngan, T.-W.J., Druschel, P., Wallach, D.S.: Eclipse Attacks on Overlay Networks: Threats and Defenses. In: Proc. INFOCOM (2006)Google Scholar
  15. 15.
    Steiner, M., Biersack, E.W., Ennajjary, T.: Actively Monitoring Peers in the KAD. In: Proc. 6th Int. Workshop on Peer-to-Peer Systems, IPTPS (2007)Google Scholar
  16. 16.
    Steiner, M., En-Najjary, T., Biersack, E.W.: Exploiting KAD: Possible Uses and Misuses. SIGCOMM Comput. Commun. Rev. 37(5), 65–70 (2007)CrossRefGoogle Scholar
  17. 17.
    Stutzbach, D., Rejaie, R.: Improving Lookup Performance over a Widely-Deployed DHT. In: Proc. INFOCOM (2006)Google Scholar
  18. 18.
    Stutzbach, D., Rejaie, R.: Understanding Churn in Peer-to-Peer Networks. In: Proc. 6th Internet Measurement Conference, IMC (2006)Google Scholar
  19. 19.
    Sun, X., Torres, R., Rao, S.: Preventing DDoS Attacks with P2P Systems through Robust Membership Management. Technical Report TR-ECE-07-13, Purdue University (2007)Google Scholar
  20. 20.
    Wallach, D.S.: A Survey of Peer-to-Peer Security Issues. In: International Symposium on Software Security (2002)Google Scholar
  21. 21.
    Zhou, L., Zhang, L., McSherry, F., Immorlica, N., Costa, M., Chien, S.: A first look at peer-to-peer worms: Threats and defenses. In: Castro, M., van Renesse, R. (eds.) IPTPS 2005. LNCS, vol. 3640, pp. 24–35. Springer, Heidelberg (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Thomas Locher
    • 1
  • David Mysicka
    • 1
  • Stefan Schmid
    • 2
  • Roger Wattenhofer
    • 1
  1. 1.Computer Engineering and Networks Laboratory (TIK)ETH ZurichZurichSwitzerland
  2. 2.Deutsche Telekom LaboratoriesTU BerlinBerlinGermany

Personalised recommendations