DOCSLIB.ORG

Bittorrent's Mainline DHT Security Assessment

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Bittorrent's Mainline DHT Security Assessment BitTorrent’s Mainline DHT Security Assessment Juan Pablo Timpanaro, Thibault Cholez, Isabelle Chrisment, Olivier Festor To cite this version: Juan Pablo Timpanaro, Thibault Cholez, Isabelle Chrisment, Olivier Festor. BitTorrent’s Mainline DHT Security Assessment. NTMS - 4th IFIP International Conference on New Technologies, Mobility and Security - 2011, TELECOM ParisTECH, CNRS/LIMOS Laboratory, LIP6, Feb 2011, Paris, France. 10.1109/NTMS.2011.5721044. inria-00577043 HAL Id: inria-00577043 https://hal.inria.fr/inria-00577043 Submitted on 16 Mar 2011 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. BitTorrent’s Mainline DHT Security Assessment Juan Pablo Timpanaro, Thibault Cholez, Isabelle Chrisment*, Olivier Festor INRIA Nancy-Grand Est, France *LORIA - ESIAL, Henri Poincare´ University, Nancy 1, France Email: {juanpablo.timpanaro, thibault.cholez,olivier.festor}@inria.fr Email: {isabelle.chrisment}@loria.fr Abstract—BitTorrent is a widely deployed P2P file sharing • We propose a distributed architecture used to launch a protocol, extensively used to distribute digital content and soft- series of evaluation on the real network. ware updates, among others. Recent actions against torrent and • We adapt and analyse a set of protections mechanisms tracker repositories have fostered the move towards a fully distributed solution based on a distributed hash table to support proposed for the KAD DHT network [2], in order to fulfill both torrent search and tracker implementation. In this paper the security problems. we present a security study of the main decentralized tracker in • Along with the work done by Wolchok et al. [15], we BitTorrent, commonly known as the Mainline DHT. We show that complete the security view of BitTorrent’s decentralized the lack of security in Mainline DHT allows very efficient attacks trackers. that can easily impact the operation of the whole network. We also provide a peer-ID distribution analysis of the network, so as Even though these evaluations could have been done from a to adapt previous protection schemes to the Mainline DHT. The single computer, very basic rules to limit the number of peers mechanisms are assessed through large scale experiments on the per IP could easily mitigate a one-computer attack. Therefore, real DHT-based BitTorrent tracker. we chose a distributed approach. Index Terms—BitTorrent, Distributed Tracker, Mainline DHT, Security Assessment, Protection Mechanisms. The document is organized as follows. Section II presents a set of works in the area, regarding the BitTorrent protocol and a set of attacks, including monitoring. Section III details I. INTRODUCTION the distributed architecture proposed as well as the targeting BitTorrent [3] is a peer-to-peer protocol developed by Bram component of BitTorrent, its decentralized tracker. Section Cohen. A recent study [5] shows that between 43% and 70% of IV introduces how we exploit some vulnerabilities in this all Internet traffic is generated from BitTorrent clients, which alternative tracker and section V presents some mechanisms makes it the most popular peer-to-peer protocol. However, to avoid these attacks. Section VI concludes the paper. there have been several legal issues and complaints from music II. RELATED WORKS and movie companies, putting in jeopardy the continuity of its Regarding decentralized tracking, Crosby et al. [4] present success. Moreover, in some countries, there have already been a complete study about the two decentralized trackers in legal actions to successfully shut-down major trackers site, BitTorrent. They examine a variety of aspects, such as latency, such as The Pirate Bay or Mininova. Without a central server and detect problems mainly in the routing algorithms, and pro- to retrieve the peers participating in the download of a given posed a better maintenance of the routing table to avoid dead torrent, there is no possibility to join the network. However, an nodes. However they do not address any security problems. alternative tracking approach has already been implemented, Monitoring the BitTorrent network has been investigated in the decentralized tracking. Every peer in the network acts as several ways. [9] proposes a simple, but yet effective way a small tracker, allowing a fully-decentralized architecture, in of spying BitTorrent users, through exploiting the tracker’s which there is no central component to attack. Notwithstand- infrastructure. Piatek et al. [11] show how exploiting this ing, decentralized tracking in BitTorrent has major security infrastructure properly, can lead to implicate arbitrary network problems. In BitTorrent, there are two implementations of endpoints in illegal content sharing. Saganos et al. [12] analyse decentralized tracking, both based on the Kademlia DHT [10]. a set of top torrents in order to blacklist BitTorrent’s monitors. The Azureus DHT came first, and it is only used for this client. Both BitTorrent components, the tracker and the swarm In second place, the Mainline client introduced its DHT after itself, have been the core study in many research works. around a month later and it was adopted by several clients. This is not the case for the decentralized tracking. Jetter Being today the largest decentralized tracker in BitTorrent, et al. [6] propose a self-registration mechanism, as a way we restrict the focus in this study to the Mainline DHT. to avoid a Sybil attack in the BitTorrent DHT. They limit In this work, we make the following contributions as a way the number of peers per IP, so as to avoid an attacker to to protect the alternative tracking in BitTorrent, the Mainline launch several peers from a single machine. However, their decentralized tracking network: solution does not maintain backward compatibility, and using • We show the major security problems in the Mainline a distributed architecture will bypass this protection. On the DHT Network. other hand, Wolchok et al. [15] conduct a monitoring study on the Azureus DHT. They clearly show how the Azureus DHT can be crawled thanks to a Sybil attack, so as to rebuild from scratch a BitTorrent search engine as well as to monitor pirate’s behaviour. To our knowledge, we present the first security study in the Mainline DHT. This paper completes the work of Wolchok et al. by analysing Mainline DHT and its security characteristics. We extend our previous analysis in [2] to the Mainline DHT network in order to determinate if the security mechanisms can be applied. III. BITTORRENT ARCHITECTURE Fig. 1: BitTorrent DHT A. Overview of BitTorrent Architecture • Connection Obfuscation Considering BitTorrent and its architecture, the following We will focus on one extension, the Distributed Tracker. components can be described: This extension aims to replace the way a peer retrieves the • Tracker: Entity responsible for helping peers to find each list of peers sharing a file. Instead of using a central tracker, other by using a central tracker or a DHT service. a peer can use a decentralized service, where every peer is • Peers: Depending on if they have the entire file or only responsible to index a group of torrents. a part of it, can be respectively called ”Seeders” or There are two protocols to operate a distributed tracker in ”Leechers”. BitTorrent. The distributed tracker of Azureus, which is only • Swarm: The group of peers sharing the file. It is com- used by the Azureus client, now called Vuze, and the one of the posed of Seeders and Leechers. Mainline client. Both are based on the Kademlia Protocol, but • Torrent File: Contains Metadata describing the file to are incompatible between them. As we mentioned in section share. I we will focus our attention on the distributed tracker of the The torrent file contains mainly two parts. The first one Mainline client, commonly known as Mainline DHT. is normally a list of trackers, which will have indexed the In decentralized tracking, every peer is in charge of indexing torrent file. The second part, the info part, describes the file a group of torrents, mainly, those torrents that are close to to be shared and it contains a list of parts composing the file, the peer. The concept of closeness, as stated in Kademlia, is along with a piece-hash for later verification. based on the XOR distance between a peer ID and the torrent There are two steps when trying to download a file. ID. While the peer ID is chosen randomly, the torrent ID is In the first, a user wants to download a given file, which obtained by hashing the info part of the torrent file. has a torrent file associated. Once this user retrieves the torrent In Figure 1 we can observe the basic procedure to announce file, normally from a website that distributes them, it loads it a torrent and then retrieve the list of peers sharing it. into a BitTorrent client. Secondly, the BitTorrent client will Let’s assume Peer 9 is sharing the Nirvana file. It an- contact the trackers or the distributed tracker, and retrieve a nounces the torrent through an Announce message, specifying list of peers already sharing the file. Finally, the client will that it is sharing the torrent. In this case Peer 52 is responsible start contacting every peer to join the swarm. Contacting the to index this torrent and save the entry, because its ID is the tracker will make the peer to be added to the list of peers closest. Then, Peer 75 wants to download the Nirvana file, sharing the torrent.
Load more

Recommended publications
  • Digital Fountain Erasure-Recovery in Bittorrent
    UNIVERSITÀ DEGLI STUDI DI BERGAMO Facoltà di Ingegneria Corso di Laurea Specialistica in Ingegneria Informatica Classe n. 35/S – Sistemi Informatici Digital Fountain Erasure Recovery in BitTorrent: integration and security issues Relatore: Chiar.mo Prof. Stefano Paraboschi Correlatore: Chiar.mo Prof. Andrea Lorenzo Vitali Tesi di Laurea Specialistica Michele BOLOGNA Matricola n. 56108 ANNO ACCADEMICO 2007 / 2008 This thesis has been written, typeset and prepared using LATEX 2". Printed on December 5, 2008. Alla mia famiglia “Would you tell me, please, which way I ought to go from here?” “That depends a good deal on where you want to get to,” said the Cat. “I don’t much care where —” said Alice. “Then it doesn’t matter which way you go,” said the Cat. “— so long as I get somewhere,” Alice added as an explanation. “Oh, you’re sure to do that,” said the Cat, “if you only walk enough.” Lewis Carroll Alice in Wonderland Acknowledgments (in Italian) Ci sono molte persone che mi hanno aiutato durante lo svolgimento di questo lavoro. Il primo ringraziamento va ai proff. Stefano Paraboschi e Andrea Vitali per la disponibilità, la competenza, i consigli, la pazienza e l’aiuto tecnico che mi hanno saputo dare. Grazie di avermi dato la maggior parte delle idee che sono poi confluite nella mia tesi. Un sentito ringraziamento anche a Andrea Rota e Ruben Villa per l’aiuto e i chiarimenti che mi hanno gentilmente fornito. Vorrei ringraziare STMicroelectronics, ed in particolare il gruppo Advanced System Technology, per avermi offerto le infrastrutture, gli spa- zi e tutto il necessario per svolgere al meglio il mio periodo di tirocinio.
    [Show full text]
  • Connectivity Properties of Mainline Bittorrent DHT Nodes
    IEEE P2P'09 - Sept. 9-11, 2009 Connectivity Properties of Mainline BitTorrent DHT Nodes Raul Jimenez Flutra Osmani Bj¨orn Knutsson Royal Institute of Technology (KTH) ICT/TSLAB Stockholm, Sweden {rauljc, flutrao, bkn}@kth.se Abstract raises some concerns about the scalability and resilience of the technology. The birth and evolution of Peer-to-Peer (P2P) protocols Our work is part of the P2P-Next[1] project, which is have, for the most part, been about peer discovery. Napster, supported by many partners including the EBU2 who claims one of the first P2P protocols, was basically FTP/HTTP to have more than 650 million viewers weekly. In the face plus a way of finding hosts willing to send you the file. Since of such load, scalability and resilience become vital compo- then, both the transfer and peer discovery mechanisms have nents of the underlying technology. improved, but only recently have we seen a real push to In BitTorrent, content is distributed in terms of objects, completely decentralized peer discovery to increase scal- consisting of one or more files, and these objects are de- ability and resilience. scribed by a torrent-file. The clients (peers)participatingin Most such efforts are based on Distributed Hash Tables the distribution of one such object form a swarm. (DHTs), with Kademlia being a popular choice of DHT im- Aswarmiscoordinatedbyatracker,whichkeepstrack plementation. While sound in theory, and performing well of every peer in the swarm. In order to join a swarm, a peer in simulators and testbeds, the real-world performance of- must contact the tracker, which registers the new peer and ten falls short of expectations.
    [Show full text]
  • Kademlia on the Open Internet
    Kademlia on the Open Internet How to Achieve Sub-Second Lookups in a Multimillion-Node DHT Overlay RAUL JIMENEZ Licentiate Thesis Stockholm, Sweden 2011 TRITA-ICT/ECS AVH 11:10 KTH School of Information and ISSN 1653-6363 Communication Technology ISRN KTH/ICT/ECS/AVH-11/10-SE SE-164 40 Stockholm ISBN 978-91-7501-153-0 SWEDEN Akademisk avhandling som med tillstånd av Kungl Tekniska högskolan framlägges till offentlig granskning för avläggande av Communication Systems fredag den 9 december 2011 klockan 10.00 i C2, Electrum, Kungl Tekniska högskolan, Forum, Isafjordsgatan 39, Kista. © Raul Jimenez, December 2011 This work is licensed under a Creative Commons Attribution 2.5 Sweden License. http://creativecommons.org/licenses/by/2.5/se/deed.en Tryck: Universitetsservice US AB iii Abstract Distributed hash tables (DHTs) have gained much attention from the research community in the last years. Formal analysis and evaluations on simulators and small-scale deployments have shown good scalability and per- formance. In stark contrast, performance measurements in large-scale DHT overlays on the Internet have yielded disappointing results, with lookup latencies mea- sured in seconds. Others have attempted to improve lookup performance with very limited success, their lowest median lookup latency at over one second and a long tail of high-latency lookups. In this thesis, the goal is to to enable large-scale DHT-based latency- sensitive applications on the Internet. In particular, we improve lookup la- tency in Mainline DHT, the largest DHT overlay on the open Internet, to identify and address practical issues on an existing system.
    [Show full text]
  • Bittorrent Protocol the Mainline Dht
    Università degli Studi di Pisa Dipartimento di Informatica P2P Systems and Blockchains Spring 2021, instructor: Laura Ricci [email protected] Lesson 6: BITTORRENT PROTOCOL THE MAINLINE DHT 4/3/2021 Dipartimento di Informatica Laura Ricci Università degli Studi di Pisa The Bittorrent Protocol, the Mainline DHT, 1 BITTORRENT: OVERVIEW key idea: in 2002, Bran Cohen content popularity exhibits temporal locality (Flash Crowds) e.g. CNN on 9/11, new movie/game release,... goal: efficient content distribution system initially focused on distributing content efficiently, not on searching distribute the same file to all peers throughput increases with the number of downloaders an efficient use of network bandwidth single publisher, multiple downloaders later introduce also searching functionality: Kademlia has many “legal” publishers Blizzard Entertainment using it to distribute the beta of their new game Dipartimento di Informatica Laura Ricci Università degli Studi di Pisa The Bittorrent Protocol, the Mainline DHT, 2 THE CLIENT SERVER MODEL Dipartimento di Informatica Laura Ricci Università degli Studi di Pisa The Bittorrent Protocol, the Mainline DHT, 3 BITTORRENT IN A NUTSHELL more nodes can serve the content, not only one server needs a mechanism to detect which node is currently providing the content introducing the tracker taking trace of who is currently providing the content Joe connects to the tracker announcing the content the tracker now knows Joe is providing the file only for a better visualization nodes are arranged
    [Show full text]
  • Towards a Basic DHT Service: Analyzing Network Characteristics of a Widely Deployed DHT
    Towards a Basic DHT Service: Analyzing Network Characteristics of a Widely Deployed DHT Konrad Junemann,¨ Philipp Andelfinger, and Hannes Hartenstein Steinbuch Centre for Computing (SCC) Karlsruhe Institute of Technology (KIT), Germany {juenemann, hartenstein}@kit.edu, philipp.andelfi[email protected] Abstract—Distributed Hash Tables (DHTs) prove valuable for DHT-based applications without having to worry about DHT distributed architectures by providing distributed information deployment, running OpenDHT nodes on PlanetLab entailed lookup, routing, and data storage while promising good scala- two disadvantages: first, the DHT did not scale with growing bility and robustness at the same time. From this point of view, a DHT could be seen as a basic service that can be used to numbers of clients as the DHT consisted of a fixed number of build distributed applications. Whereas today no widely deployed (centrally administered) PlanetLab nodes only and clients did and publicly accessible basic DHT service exists and thus DHT- not contribute to the DHT. Second, the OpenDHT nodes had based applications have to deploy their very own DHT networks, to be maintained. DHTs consisting of millions of peers are formed by file sharing Simultaneously, the file-sharing community started lever- clients. Although the interfaces of typical DHTs used for file sharing are too narrow, a basic DHT service could probably be aging DHTs to replace centralized components within their created by bundling a suitable client implementation with file file sharing networks. Therefore, DHT clients were bundled sharing software. In this paper, we evaluate whether a basic with file sharing clients, resulting in widely deployed DHTs DHT service could suit the needs of DHT-based applications introduced by clients like Azureus [31], eDonkey or the Bit- in terms of stability, number of participating peers, the peers’ Torrent Mainline client [13].
    [Show full text]
  • A Pragmatic Analysis of Peer to Peer Networks and Protocols for Security and Confidentiality
    http://www.ijccr.com International Manuscript ID : ISSN2249054X-V2I6M7-112012 VOLUME 2 ISSUE 6 November 2012 A PRAGMATIC ANALYSIS OF PEER TO PEER NETWORKS AND PROTOCOLS FOR SECURITY AND CONFIDENTIALITY Anil Saroliya 1, Upendra Mishra 2, Ajay Rana 3 1Department of Computer Science, Amity University Rajasthan, Jaipur, India; 2Department of Mathematics, Amity University Rajasthan, Jaipur, India; 3Department of Computer Science, Amity University Utter Pradesh, Noida, India; ABSTRACT The internet as we ought to understand it is a dramatized environment that links together various information, networks and communication channels. However, the bitter truth lies in the fact that the Internet has largely grown into a drone that lacks essential centralized control. Putting into simpler terms, with the day by day growth of the Internet, it is simply beginning to lack any hierarchical control. With this growth, comes the need of large scale data distribution, content sharing and multicasting applications. In other words, the need of the hour lays in extensive use of Peer-to-Peer (P2P) networks. The P2P networks are loaded with the abilities to provide many handy features such as selection of most accurately reachable peers, powerful search mechanisms or location of data together with hierarchical name stay. The P2P networks have the special ability to organize and handle self-framed routing architecture that also helps in measuring massive scalability and hence provides a robust and efficient load balance of the world wide network or simply the Internet. Despite the numerous merits of P2P Networks over the near obsolete client- server mechanisms, there have also been some shortcomings in the same.
    [Show full text]
  • Deployment of NAT Vs. Ipv6 in Bittorrent
    Deployment of NAT vs. IPv6 in BitTorrent Simon Müller Elgg, Switzerland Student ID: 12-715-389 – Communication Systems Group, Prof. Dr. Burkhard Stiller HESIS T Supervisor: Andri Lareida, Thomas Bocek ACHELOR B Date of Submission: December 5, 2016 University of Zurich Department of Informatics (IFI) Binzmühlestrasse 14, CH-8050 Zürich, Switzerland ifi Bachelor Thesis Communication Systems Group (CSG) Department of Informatics (IFI) University of Zurich Binzmühlestrasse 14, CH-8050 Zürich, Switzerland URL: http://www.csg.uzh.ch/ Abstract Der globale IPv4 Adressraum ist fast komplett ersch¨opft. Dies stellt fur¨ Internet Service Provider (ISPs) eine grosse Herausforderung dar. Der Nachfolger, IPv6, wurde als L¨osung fur¨ dieses Problem entwickelt. Trotzdem bieten viele ISPs noch immer nur IPv4 Verbin- dungen mit Ubergangsl¨ ¨osungen wie Netzwerkadressubersetzung¨ (NAT) an, um das Pro- blem der Adressraumersch¨opfung zu umgehen. In dieser Arbeit wurde VIOLA, ein Messsy- stem fur¨ das BitTorrent-Netzwerk, mit IPv6 Unterstutzung¨ erweitert, um eine einw¨ochige Messung des BitTorrent-IPv6-Netzwerks durchzufuhren.¨ Selbst wenn das Streaming von Video- und Audiodaten mittlerweile den Hauptteil des weltweiten Internetverkehrs aus- machen, so macht der Peer-to-peer Verkehr doch noch einen deutlichen Anteil davon aus. Mit den Messdaten wurde die Frage beantwortet, ob es einen Zusammenhang zwischen dem Anteil an NAT der in einer Region gemessen wird und der Anzahl an verfugbaren¨ IPv6 Adressen gibt. Die Resultate machen deutlich, dass dem nicht so ist. Mit den ge- sammelten Daten wird zudem ein umfassender Uberblick¨ uber¨ das aktuelle Stadium und die Evolution von IPv6 im BitTorrent-Netzwerk gegeben. The global IPv4 address space is almost completely exhausted.
    [Show full text]
  • Summary of the Bittorrent Protocol
    Summary of the BitTorrent Protocol Guest lecturer: Petri Savolainen Discussion on modelling and BitTorrent BitTorrent BitTorrent is based on the notion of a torrent, which is a smallish file that contains metadata about a host, the tracker, that coordinates the file distribution and files that are shared A peer that wishes to make data available must first find a tracker for the data, create a torrent, and then distribute the torrent file. Other peers can then using information contained in the torrent file assist each other in downloading the file The download is coordinated by the tracker. In BitTorrent terminology, peers that provide a complete file with all of its pieces are called seeders BitTorrent: Downloading Files Torrent server 1. Upload torrent file Search 2. Provide first seed Seeder Tracker engine Torrent file 4. Contact tracker Torrent file points to List of peers tracker 3. Post search request and 5. Contact seeder for pieces retrieve link to torrent file Peer 6. Trade pieces with peers Peer Difference to HTTP A BitTorrent file download differs from an HTTP request in the following ways: – BitTorrent uses multiple parallel connections to improve download rates, whereas Web browsers typically use a single TCP Socket to transfer HTTP requests and responses – BitTorrent is peer-assisted whereas HTTP request is strictly client-server – BitTorrent uses the random or rarest-first mechanisms to ensure data availability, whereas HTTP is incremental Characteristics of the BitTorrent protocol I/II • Peer selection is about selecting peers who are willing to share files back to the current peer – Tit for tat in peer selection based on download-speed.
    [Show full text]
  • Bittorrent (Protocol) 1 Bittorrent (Protocol)
    BitTorrent (protocol) 1 BitTorrent (protocol) BitTorrent is a peer-to-peer file sharing protocol used for distributing large amounts of data over the Internet. BitTorrent is one of the most common protocols for transferring large files and it has been estimated that peer-to-peer networks collectively have accounted for roughly 43% to 70% of all Internet traffic (depending on geographical location) as of February 2009.[1] Programmer Bram Cohen designed the protocol in April 2001 and released a first implementation on July 2, 2001.[2] It is now maintained by Cohen's company BitTorrent, Inc. There are numerous BitTorrent clients available for a variety of computing platforms. As of January 2012 BitTorrent has 150 million active users according to BitTorrent Inc.. Based on this the total number of monthly BitTorrent users can be estimated at more than a quarter billion.[3] At any given instant of time BitTorrent has, on average, more active users than YouTube and Facebook combined. (This refers to the number of active users at any instant and not to the total number of unique users.)[4][5] Description The BitTorrent protocol can be used to reduce the server and network impact of distributing large files. Rather than downloading a file from a single source server, the BitTorrent protocol allows users to join a "swarm" of hosts to download and upload from each other simultaneously. The protocol is an alternative to the older single source, multiple mirror sources technique for distributing data, and can work over networks with lower bandwidth so many small computers, like mobile phones, are able to efficiently distribute files to many recipients.
    [Show full text]
  • Measuring Large-Scale Distributed Systems: Case of Bittorrent
    13-th IEEE International Conference on Peer-to-Peer Computing Measuring Large-Scale Distributed Systems: Case of BitTorrent Mainline DHT Liang Wang and Jussi Kangasharju Department of Computer Science University of Helsinki, Finland Abstract—Peer-to-peer networks have been quite thoroughly methods, we show what the causes of the errors are and that measured over the past years, however it is interesting to note that by fixing those issues, correct results can be obtained. the BitTorrent Mainline DHT has received very little attention Additionally, we obtain a comprehensive picture of users even though it is by far the largest of currently active overlay of Mainline DHT, which is the largest DHT network in the systems, as our results show. As Mainline DHT differs from other systems, existing measurement methodologies are not appropriate Internet. Although our focus is not on presenting the actual for studying it. In this paper we present an efficient methodology measurement data from Mainline DHT, we will briefly present for estimating the number of active users in the network. We have the main findings regarding the number of nodes and the churn identified an omission in previous methodologies used to measure patterns, since previous reports on these have been inaccurate. the size of the network and our methodology corrects this. Our The contributions of this paper are as follows: method is based on modeling crawling inaccuracies as a Bernoulli process. It guarantees a very accurate estimation and is able to 1) We identify a systematic error in previous works mea- provide the estimate in about 5 seconds.
    [Show full text]
  • Crawling Bittorrent Dhts for Fun and Profit
    Crawling BitTorrent DHTs for Fun and Profit Scott Wolchok and J. Alex Halderman The University of Michigan {swolchok, jhalderm}@eecs.umich.edu Abstract major torrent discovery sites and the major trackers [1,29] is feasible. Though a boon to copyright enforcement, this This paper presents two kinds of attacks based on crawl- capability reduces the privacy of BitTorrent downloaders ing the DHTs used for distributed BitTorrent tracking. by making it much harder to “hide in the crowd.” First, we show how pirates can use crawling to rebuild The BitTorrent community has responded to these BitTorrent search engines just a few hours after they are trends by deploying decentralizing tracking systems based shut down (crawling for fun). Second, we show how on distributed hash tables (DHTs). So far, their impact content owners can use related techniques to monitor pi- on privacy and copyright enforcement has been unclear. rates’ behavior in preparation for legal attacks and negate Distributed tracking is harder to disrupt through legal any perceived anonymity of the decentralized BitTorrent threats, but users still rely on centralized torrent discov- architecture (crawling for profit). ery sites that remain relatively easy targets. Some might We validate these attacks and measure their perfor- expect that decentralizing the tracking architecture would mance with a crawler we developed for the Vuze DHT. enhance privacy by making monitoring more difficult, but We find that we can establish a search engine with over the question has received little research attention to date. one million torrents in under two hours using a single In this work, we demonstrate how deployed distributed desktop PC.
    [Show full text]
  • Desarrollo De Una Aplicación Bittorrent (En Pharo-Smalltalk)
    Desarrollo de una aplicación BitTorrent (en Pharo-Smalltalk) Trabajo Final de Grado David Gracia Celemendi Director: Jordi Delgado Pin Departamento de Ciencias de la Computación (CS) Fecha de defensa: octubre de 2015 Titulación: Grado en Ingeniería Informática Especialidad: Computación Facultad de Informática de Barcelona (FIB) página en blanco 1 Resumen Desde principios del 2000, el uso de redes peer-to-peer ha experimentado un gran crecimiento. Gran parte del tráfico de Internet lo generan las apli- caciones BitTorrent. BitTorrent especifica un protocolo para el intercambio de ficheros usando un modelo peer-to-peer que se caracteriza por su gran escalabilidad y robustez. Este proyecto consiste en el desarrollo de una apli- cación BitTorrent desde cero con el sistema Pharo-Smalltalk. Primero se hace un repaso a la historia del intercambio de ficheros desde sus inicios hasta la actualidad. Después se comparan las redes cliente-servidor con las redes peer-to-peer, y se distingue dentro de éstas últimas entre redes estruc- turadas y redes no estructuradas. Se da una explicación del funcionamiento de BitTorrent y, por último, se profundiza en el diseño y la implementación de la aplicación. Abstract Since 2000 peer-to-peer networks use has increased very fast. Most Internet traffic is generated by BitTorrent applications. BitTorrent specify a file sharing protocol over peer-to-peer model whose strength is scalability and robustness. This project is about developing a BitTorrent application from scratch with Pharo-Smalltalk system. First of all, a file sharing history review is done from beginning up to now. Next, client-server and peer- to-peer models are compared, and peer-to-peer networks are classified in unstructured and structured.
    [Show full text]