In this paper we present real- world experiments of Gnutella-based DoS attacks to Web Servers. The second property comes from the fact that certain unstructured P2P systems seem to have a kind of "memory", retaining knowledge about (potentially false) queries for many days. This is a classic form of denial-of-service which also has two interesting characteristics: (a) it is hard to identify the originator of the attack, (b) it is even harder to stop the attack. Specifically, we show that a malicious node can coerce a large number of peers to perform requests to a target host that may not even be part of the P2P network, including downloading unwanted files from a target Web Server. We explore one such attack, that enables malicious users to use unstructured P2P systems to perform Denial of Service (DoS) attacks to third parties. However, the lack of structure can also be abused by mali- cious users. One fundamental property of these systems is the lack of structure, which allows decentral- ized operation and makes it easy for new users to join and participate in the system. Unstructured P2P systems have gained great popularity in recent years and are currently used by millions of users.
0 kommentar(er)
