skip to main content
research-article

Modeling and Defending against Adaptive BitTorrent Worms in Peer-to-Peer Networks

Published:01 March 2014Publication History
Skip Abstract Section

Abstract

BitTorrent (BT) is one of the most common Peer-to-Peer (P2P) file sharing protocols. Rather than downloading a file from a single source, the protocol allows users to join a swarm of peers to download and upload from each other simultaneously. Worms exploiting information from BT servers or trackers can cause serious damage to participating peers, which unfortunately has been neglected previously. In this article, we first present a new worm, called Adaptive BitTorrent worm (A-BT worm), which finds new victims and propagates sending forged requests to trackers. To reduce its abnormal behavior, the worm estimates the ratio of infected peers and adaptively adjusts its propagation speed. We then build a hybrid model to precisely characterize the propagation behavior of the worm. We also propose a statistical method to automatically detect the worm from the tracker by estimating the variance of the time intervals of requests. To slow down the worm propagation, we design a safe strategy in which the tracker returns secured peers when receives a request. Finally, we evaluate the accuracy of the hybrid model, and the effectiveness of our detection method and containment strategy through simulations.

References

  1. Barbera, M., Lombardo, A., Schembra, G., and Tribastone, M. 2005. A markov model of a freerider in a bittorrent p2p network. In Proceedings of the IEEE Global Telecommunications Conference (GLOBECOM’05). Vol. 2. 985--989.Google ScholarGoogle Scholar
  2. Briesemeister, L., Lincoln, P., and Porras, P. 2003. Epidemic profiles and defense of scale-free networks. In Proceedings of the ACM CCS Workshop on Rapid Malcode (WORM’03). Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Chen, G. and Gray, R. S. 2006. Simulating non-scanning worms on peer-to-peer networks. In Proceedings of the 1st International Conference on Scalable Information Systems (INFOSCALE’06). Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Douglas, M., Micael, P., and Evangelos, K. 2008. di-jest: Autonomic neighbour management for worm resilience in p2p systems. In Proceedings of the International Symposium World of Wireless, Mobile and Multimedia Networks (WoWMoM’08). 1--6. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Engle, M. and Khan, J. I. 2006. Vulnerabilities of p2p systems and a critical look at their solutions. Tech. rep., Internetworking and Media Communications Research Laboratories, Department of Computer Science, Kent State University.Google ScholarGoogle Scholar
  6. Ernesto. 2009. Bittorrent still king of p2p traffic. Torrentfreak.Google ScholarGoogle Scholar
  7. Freitas, F., Rodrigues, R., Ribeiro, C., Ferreira, P., and Rodrigues, L. 2007. Verme: Worm containment in peer-to-peer overlays. In Proceedings of the 6th International Workshop on Peer-to-Peer Systems (IPTPS’07).Google ScholarGoogle Scholar
  8. Guo, L., Chen, S., Xiao, Z., Tan, E., Ding, X., and Zhang, X. 2005. Measurements, analysis, and modeling of bittorrent-like systems. In Proceedings of the Internet Measurement Conference. (IMC’05). 35--48. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Jesi, G. P. and Patarin, S. 2005. PeerSim HOWTO: Build a new protocol for the PeerSim 1.0 simulator. Peersim.surcefge.net.Google ScholarGoogle Scholar
  10. Khiat, N., Carlinet, Y., and Agoulmine, N. 2006. The emerging threat of peer-to-peer worms. In Proceedings of the IEEE/IST Workshop on Monitoring, Attack Detection and Mitigation (MonAM’06).Google ScholarGoogle Scholar
  11. Luo, J., Xiao, B., Liu, G., Xiao, Q., and Zhou, S. 2009. Modeling and analysis of self-stopping bt worms using dynamic hit list in p2p networks. In Proceedings of the 5th International Workshop on Security in Systems and Networks (SSN’09). Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Ma, J., Voelker, G. M., and Savage, S. 2005. Self-stopping worms. In Proceedings of the ACM Workshop on Rapid Malcode (WORM’05). ACM, New York, 12--21. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Ma, J., Chen, X., and Xiang, G. 2006. Modeling passive worm propagation in peer-to-peer system. In Proceedings of the International Conference on Computational Intelligence and Security (CIS’06). 1129--1132.Google ScholarGoogle Scholar
  14. Qiu, D. and Srikant, R. 2004. Modeling and performance analysis of Bittorrent-like peer-to-peer networks. In Proceedings of the ACM SIGCOMM Conference on Data Communication (SIGCOMM’04). 367--378. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Ramachandran, K. and Sikdar, B. 2006. Modeling malware propagation in gnutella type peer-to-peer networks. In Proceedings of the Parallel and Distributed Processing Symposium. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Singer, M. 2002. “Benjamin” worm plagues Kazaa. Tech. rep., siliconvalley.internet.com.Google ScholarGoogle Scholar
  17. Tang, Y., Luo, J., Xiao, B., and Wei, G. 2009. Concept, characteristics and defending mechanism of worms. IEICE Trans. Inf. Syst. E92-D, 5, 799--809.Google ScholarGoogle ScholarCross RefCross Ref
  18. Thommes, R. and Coates, M. 2006. Epidemiological modeling of peer-to-peer viruses and pollution. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM’06).Google ScholarGoogle Scholar
  19. Vamosi, R. 2001. Gnutella worm: How to deal with it. http://www.zdnet.com/gnutella-worm-how-to-deal-with-it-3002084706/.Google ScholarGoogle Scholar
  20. Wu, K. and Feng, Y. 2006. Proactive worm prevention based on p2p networks. Int. J. Comput. Sci. Netw. Security, 6.Google ScholarGoogle Scholar
  21. Yao, Y., Luo, X., Gao, F., and Ai, S. 2006. Research of a potential worm propagation model based on pure p2p principle. In Proceedings of the International Conference on Communication Technology (ICCT’06). 1--4.Google ScholarGoogle Scholar
  22. Yao, Y., Wu, L., Gao, F., Yang, W., and Yu, G. 2008. A waw model of p2p-based anti-worm. In Proceedings of the IEEE International Conference on Networking, Sensing and Control (ICNSC’08). 1131--1136.Google ScholarGoogle Scholar
  23. Zhou, L., Zhang, L., Mcsherry, F., Immorlica, N., Costa, M., and Chien, S. 2005. A first look at peer-to-peer worms: Threats and defenses. In Proceeding of the 4th International Workshop on Peer-to-Peer Systems (IPTPS’05). Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Zhou, Y., Wu, Z., Wang, H., Zhong, J., Feng, Y., and Zhu, Z. 2006. Breaking monocultures in p2p networks for worm prevention. In Proceedings of the 5th International Conference on Machine Learning and Cybernetics (ICMLC’06).Google ScholarGoogle Scholar

Index Terms

  1. Modeling and Defending against Adaptive BitTorrent Worms in Peer-to-Peer Networks

              Recommendations

              Comments

              Login options

              Check if you have access through your login credentials or your institution to get full access on this article.

              Sign in

              Full Access

              • Article Metrics

                • Downloads (Last 12 months)3
                • Downloads (Last 6 weeks)0

                Other Metrics

              PDF Format

              View or Download as a PDF file.

              PDF

              eReader

              View online with eReader.

              eReader
              About Cookies On This Site

              We use cookies to ensure that we give you the best experience on our website.

              Learn more

              Got it!