NeighborTrust: A trust-based scheme for countering Distributed Denial-of-Service attacks in P2P networks

Abstract

Peer-to-peer (P2P) networks are vulnerable to Distributed Denial-of-Service (DDoS) attacks, which cause invalid packets to be flooded through the P2P network, preventing valid packets from being delivered. This causes a disruption of the services provided by the P2P network. Since, anonymity and lack of centralized control/censorship are the salient features of P2P networks; it often encourages malicious behavior by participating peers. To ensure that P2P applications can progress beyond file-sharing applications to active resource sharing and be widely adopted by organizations, it is essential that all vulnerabilities be addressed by the research community. This research paper presents a trust-based scheme to counter DDoS attacks in P2P networks. Our completely decentralized trust-based scheme, ?NeighborTrust? maintains trust values only for neighboring peers, instead of maintaining global trust and reputation values, as is done by existing schemes, greatly reducing the computational and communication overheads. By linking trust ratings of a participating peer with its privilege of establishing connections with existing peers and the rate at which it can inject traffic into the P2P network, the DDoS attacks are effectively limited. Moreover, malicious peers are identified and disconnected from the network.