Pushback for Overlay Networks: Protecting Against Malicious Insiders

Peer-To-Peer (P2P) overlay networks are a flexible way of creating decentralized services. Although resilient to external Denial of Service attacks, overlay networks can be rendered inoperable by simple flooding attacks generated from insider nodes. In this paper, the authors study detection and containment mechanisms against insider Denial of Service (DoS) attacks for overlay networks. To counter such attacks, they introduce novel mechanisms for protecting overlay networks that exhibit well defined properties due to their structure against non-conforming (abnormal) behavior of participating nodes. The authors use a lightweight distributed detection mechanism that exploits inherent structural invariants of DHTs to ferret out anomalous flow behavior.