add missing highlighting of attack type

master
Trolli Schmittlauch 3 years ago
parent a226a3830c
commit 97b0694410
  1. BIN
      paper_hashtag_federation.pdf
  2. 2
      paper_hashtag_federation.tex

BIN
paper_hashtag_federation.pdf (Stored with Git LFS)

Binary file not shown.

@ -700,7 +700,7 @@ Instances subscribe to tags on behalf of their users, they hide the interests of
While \ac{DHT} networks provide an efficient way of structuring a \ac{P2P} lookup network with only knowing a small subset of its nodes and no central authority, exactly this missing global view and lack of central trust anchor poses several security challenges.
Urdaneta et al. \cite{urdanetaSurveyDHTSecurity2011} provide a broad survey of common security threats in \ac{DHT} security and attempts of solving them. \\
\textbf{Routing attacks} try to alter or disrupt the routing process within a \ac{DHT} to prevent the resolution of keys, let them point to invalid nodes or even to relay the combined lookup requests on a popular ID to a third party server as a Distributed \ac{DoS}. Storage attacks attempt to alter or forge the stored payload data returned under a key by impersonating the responsible node or taking over the relevant key space.
\textbf{Routing attacks} try to alter or disrupt the routing process within a \ac{DHT} to prevent the resolution of keys, let them point to invalid nodes or even to relay the combined lookup requests on a popular ID to a third party server as a Distributed \ac{DoS}. \textbf{Storage attacks} attempt to alter or forge the stored payload data returned under a key by impersonating the responsible node or taking over the relevant key space.
In this system, controlling the data returned from a key allows taking over responsibility for the storage or relaying of certain hashtags. Such attackers can then deliberately drop or insert posts for a hashtag. \\
An important mean or precondition for many of these targeted manipulations are \textbf{Sybil attacks}: By enabling a single attacker to join the \ac{DHT} with a large number of identities, posing as independent nodes, it can subvert mechanisms based on the assumption of one entity only controlling a low fraction of nodes, like majority voting systems. Additionally, introducing a large number of node identities increases the number of keys handled by the attacker and the likelihood of controlling a certain key or being included into a finger table, especially if node IDs are equally distributed. \\
A similar attack scenario are the \textbf{node ID attacks} (also called \textit{node squatting}), where attackers try to control a certain keyspace or disrupt the routing by deliberately positioning a node close to or even directly at a certain ID. \\

Loading…
Cancel
Save