Security

Attacks

Poisoning attacks

• e.g: providing files whose contents are different from the description.

Polluting attacks

• e.g: inserting "bad" chunks/packets into an otherwise valid file on the network.

Freeloaders

• e.g: Users or software that make use of the network without contributing resources to it.

Insertion of viruses to carried data

• e.g: downloaded or carried files may be infected with viruses or other malware.

Malware in the peer-to-peer network software itself

• e.g: distributed software may contain spyware.

Denial of service attacks

• Attacks may make the network run very slowly or break completely.

Filtering

• Network operators may attempt to prevent peer-to-peer network data from being carried.

Identity attacks

• e.g: tracking down the users of the network and harassing or legally attacking them.

Spamming

• e.g: sending unsolicited information across the network, not necessarily as a denial of service attack.

Countermeasures

Most attacks can be defeated or controlled by careful design of the peer-to-peer network and through the use of encryption.

• However, almost any network will fail when the majority of its peers are trying to damage it.

Anonymity

• Some peer-to-peer protocols (such as Freenet) attempt to hide the identity of network users by passing all traffic through intermediate nodes.

Encryption

• Some peer-to-peer networks encrypt the traffic flows between peers.

  • Make it harder for an ISP to detect that peer-to-peer technology is being used (as some artificially limit bandwidth).

  • Hide the contents of the file from eavesdroppers.

  • Impede efforts towards law enforcement or censorship of certain kinds of material.

  • Authenticate users and prevent man-in-the-middle attacks on protocols.

  • Aid in maintaining anonymity.