Denial-of-service resilience in peer-to-peer file sharing systems

D. Dumitriu*, E. Knightly, A. Kuzmanovic, I. Stoica, W. Zwaenepoel

*Corresponding author for this work

Research output: Contribution to journalConference articlepeer-review

36 Scopus citations


Peer-to-peer (p2p) file sharing systems are characterized by highly replicated content distributed among nodes with enormous aggregate resources for storage and communication. These properties alone are not sufficient, however, to render p2p networks immune to denial-of-service (DoS) attack. In this paper, we study, by means of analytical modeling and simulation, the resilience of p2p file sharing systems against DoS attacks, in which malicious nodes respond to queries with erroneous responses. We consider the file-targeted attacks in current use in the Internet, and we introduce a new class of p2p-network-targeted attacks. In file-targeted attacks, the attacker puts a large number of corrupted versions of a single file on the network. We demonstrate that the effectiveness of these attacks is highly dependent on the clients' behavior. For the attacks to succeed over the long term, clients must be unwilling to share files, slow in removing corrupted files from their machines, and quick to give up downloading when the system is under attack. In network-targeted attacks, attackers respond to queries for any file with erroneous information. Our results indicate that these attacks are highly scalable: increasing the number of malicious nodes yields a hyperexponential decrease in system goodput, and a moderate number of attackers suffices to cause a near-collapse of the entire system. The key factors inducing this vulnerability are (i) hierarchical topologies with misbehaving "supernodes," (ii) high path-length networks in which attackers have increased opportunity to falsify control information, and (iii) power-law networks in which attackers insert themselves into high-degree points in the graph. Finally, we consider the effects of client counter-strategies such as randomized reply selection, redundant and parallel download, and reputation systems. Some counter-strategies (e.g., randomized reply selection) provide considerable immunity to attack (reducing the scaling from hyperexponential to linear), yet significantly hurt performance in the absence of an attack. Other counter-strategies yield little benefit (or penalty). In particular, reputation systems show little impact unless they operate with near perfection.

Original languageEnglish (US)
Pages (from-to)38-49
Number of pages12
JournalPerformance Evaluation Review
Issue number1
StatePublished - 2005
EventSIGMETRICS 2005: International Conference on Measurement and Modeling of Computer Systems - Banff, AB, Canada
Duration: Jun 6 2005Jun 10 2005


  • Denial of service
  • File pollution
  • Network-targeted attacks
  • Peer-to-peer

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications


Dive into the research topics of 'Denial-of-service resilience in peer-to-peer file sharing systems'. Together they form a unique fingerprint.

Cite this