Skip to main content
SpringerLink
Log in

An SDN approach to detect targeted attacks in P2P fully connected overlays

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Pollution attacks are one of the major concerns facing P2P networks. They have a tremendous impact on push-based fully connected overlays, in which each peer receives an exclusive chunk from the source and is also the only one responsible for relaying it to the rest of the peers. In this study, we propose a novel technique to identify and expel malicious peers which involves using trusted peers, software-defined networking (SDN) and proactive moving target defense. Experiments to obtain the accuracy and effectiveness of the implemented methods, as well as an analysis of the performance concerns, were carried out through simulation using a Mininet network emulator. The experiments demonstrate the feasibility of our proposal, which provides high rates of detection, not only in pure SDN environments but also in mixed ones.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

Notes

  1. TPs are able to verify whether a message is legitimate or missing, and they will report any bad behavior if necessary.

  2. The full version of the code is available as open source at https://github.com/P2PSP/SDN-P2P.

  3. In this discussion, the ports of the EPs have been ignored for the sake of simplicity.

References

  1. Selcuk, A.A., Uzun, E., Pariente, M.R.: A reputation-based trust management system for p2p networks. In: IEEE International Symposium on Cluster Computing and the Grid, 2004. CCGrid 2004, pp. 251–258. IEEE (2004)

  2. Marti, S., Garcia-Molina, H.: Limited reputation sharing in p2p systems. In: Proceedings of the 5th ACM Conference on Electronic Commerce, pp. 91–101. ACM (2004)

  3. Su, X., Dhaliwal, S.K.: Incentive mechanisms in p2p media streaming systems. IEEE Internet Comput. 14(5), 74–81 (2010)

    Article  Google Scholar 

  4. Wang, E.K., Li, Y., Ye, Y., Yiu, S.M., Hui, L.C.K.: A dynamic trust framework for opportunistic mobile social networks. IEEE Trans. Netw. Serv. Manag. 15(1), 319–329 (2018)

    Article  Google Scholar 

  5. Medina-López, C., González-Ruiz, V., Casado, L.G.: On mitigating pollution and free-riding attacks by shamir’s secret sharing in fully connected p2p systems. In: 2017 13th International on Wireless Communications and Mobile Computing Conference (IWCMC), pp. 711–716. IEEE (2017)

  6. Medina-López, C., Shakirov, I., Casado, L.G., González-Ruiz, V.: On pollution attacks in fully connected P2P networks using trusted peers. In: Intelligent Systems Design and Applications, pp. 144–153, Springer, Cham, Porto (2017)

  7. P2PSP Team. Peer to peer straightforward protocol. https://p2psp.org/. Accessed 28 June 2019

  8. Yang, S., Jin, H., Li, B., Liao, X.: A modeling framework of content pollution in peer-to-peer video streaming systems. Comput. Netw. 53(15), 2703–2715 (2009)

    Article  Google Scholar 

  9. Markowitch, O., Roggeman, Y.: Probabilistic non-repudiation without trusted third party. Second Conf. Secur. Commun. Netw. 99, 25–36 (1999)

    Google Scholar 

  10. Wang, C., Lu, Z.: Cyber deception: overview and the road ahead. IEEE Secur. Priv. 16(2), 80–85 (2018)

    Article  Google Scholar 

  11. Albanese, M., Huang, D.: MTD 2018: 5th ACM workshop on moving target defense (MTD). In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS ’18, pp. 2175–2176. ACM (2018)

  12. Zheng, J., Namin, A.S.: A survey on the moving target defense strategies: an architectural perspective. J. Comput. Sci. Technol. 34(1), 207–233 (2019)

    Article  Google Scholar 

  13. Zhou, X., Lu, Y., Wang, Y., Yan, X.: Overview on moving target network defense. In: 2018 IEEE 3rd International Conference on Image, Vision and Computing (ICIVC), pp. 821–827 (2018)

  14. Antonatos, S., Akritidis, P., Markatos, E.P., Anagnostakis, K.G.: Defending against hitlist worms using network address space randomization. Comput. Netw. 51(12), 3471–3490 (2007)

    Article  Google Scholar 

  15. Jafarian, J.H., Al-Shaer, E., Duan, Q.: Openflow random host mutation: transparent moving target defense using software defined networking. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks, pp. 127–132. ACM (2012)

  16. Cai, G., Wang, B., Wang, X., Yuan, Y., Li, S.: An introduction to network address shuffling. In: 2016 18th International Conference on Advanced Communication Technology (ICACT), pp. 185–190. IEEE (2016)

  17. Ryu SDN Framework. https://osrg.github.io/ryu/. Accessed 28 June 2019

  18. McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., Shenker, S., Turner, J.: Openflow: enabling innovation in campus networks. ACM SIGCOMM Comput. Commun. Rev. 38(2), 69–74 (2008)

    Article  Google Scholar 

  19. Green, M., MacFarland, D.C., Smestad, D.R., Shue, C.A.: Characterizing network-based moving target defenses. In: Proceedings of the Second ACM Workshop on Moving Target Defense, pp. 31–35. ACM (2015)

  20. MacFarland, D.C., Shue, C.A.: The sdn shuffle: creating a moving-target defense using host-based software-defined networking. In: Proceedings of the Second ACM Workshop on Moving Target Defense, pp. 37–41. ACM (2015)

  21. Pfaff, B., Lantz, B., Heller, B., Barker, C., Beckmann, C., Cohn, D., Talayco, D., Erickson, D., McDysan, D., Ward, D., et al.: Openflow switch specification v1.3.1 (2012)

  22. Killi, B.P.R., Rao, S.V.: Capacitated next controller placement in software defined networks. IEEE Trans. Netw. Serv. Manag. 14(3), 514–527 (2017)

    Article  Google Scholar 

  23. Lantz, B., Heller, B., McKeown, N.: A network in a laptop: rapid prototyping for software-defined networks. In: Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks, Hotnets-IX, pp. 19:1–19:6. ACM, New York (2010)

  24. Carroll, T.E., Crouse, M., Fulp, E.W., Berenhaut, K.S.: Analysis of network address shuffling as a moving target defense. In: 2014 IEEE International Conference on Communications (ICC), pp. 701–706. IEEE (2014)

Download references

Acknowledgements

The authors gratefully thank the referees for the constructive comments and recommendations which certainly helped to improve the quality of the paper.

Funding

This paper has been supported by the Spanish Ministry (RTI2018-095993-B-100), in part financed by the European Regional Development Fund (ERDF). This publication has emanated from research supported in part by a research Grant from Science Foundation Ireland (SFI) under Grant Numbers 13/SIRG/2178 and 16/RC/3918. Cristóbal Medina-López is supported by an FPU Fellowship (FPU14/00635) from the Spanish Ministry of Education (MECD).

Author information

Authors and Affiliations

  1. University of Almería (CeiA3), Almería, Spain

    Cristóbal Medina-López, L. G. Casado & Vicente González-Ruiz

  2. Athlone Institute of Technology, Athlone, Ireland

    Yuansong Qiao

Authors
  1. Cristóbal Medina-López
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. L. G. Casado
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Vicente González-Ruiz
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yuansong Qiao
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Cristóbal Medina-López.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical approval

This paper does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Medina-López, C., Casado, L.G., González-Ruiz, V. et al. An SDN approach to detect targeted attacks in P2P fully connected overlays. Int. J. Inf. Secur. 20, 245–255 (2021). https://doi.org/10.1007/s10207-020-00499-3

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-020-00499-3

Keywords

Search

Navigation