On Monday, May 14, 2012 Vijay K. Gurbani wrote:
> This looks like Pirate Pay is injecting multiple sybils into the
> DHT with node-IDs close to the info-hash of the file, thus making
> the sybils responsible for the file.  This assures that all queries
> are sent to the sybils, allowing the sybils to sent out false
> information to the other peers.
>
> A couple of years ago, some of my colleagues did work on this
> in the context of p2p localization.  Their paper [1] describes their
> results in much more detail.
>
> [1] http://www.moritzsteiner.de/papers/dht_traffic_localization.pdf

So old-fashioned non-DHT trackers should be unaffected by this? Maybe
using these as a fallback together with DHT tracking might be a good
idea - and fortunately, this paper says that only 35-40% of BitTorrent
nodes were relying exclusively on DHTs when the data for the paper was
collected (was it 2011 or 2010?)

Anyway, it sounds like whatever these guys are claiming to their
investors, they might have a bit of a problem killing BitTorrent,
unless they are also doing something else that would be unrelated
to DHT poisoning.

Best wishes -
S.Osokine.
14 May 2012.


-----Original Message-----
From: [email protected] 
[mailto:[email protected]] On Behalf Of Vijay K. Gurbani
Sent: Monday, May 14, 2012 6:36 AM
To: David Barrett
Cc: [email protected]
Subject: Re: [p2p-hackers] Pirate Pay

On 05/13/2012 10:20 PM, David Barrett wrote:
> Any idea how this thing works (if any)?
>
> http://torrentfreak.com/microsoft-funded-startup-aims-to-kill-bittorrent-traffic-120513/
>
> Is it basically a DoS where it just simulates an overwhelming number
> of fake clients that send garbage data at an incredibly slow rate, or
> something more clever?

This looks like Pirate Pay is injecting multiple sybils into the
DHT with node-IDs close to the info-hash of the file, thus making
the sybils responsible for the file.  This assures that all queries
are sent to the sybils, allowing the sybils to sent out false
information to the other peers.

A couple of years ago, some of my colleagues did work on this
in the context of p2p localization.  Their paper [1] describes their
results in much more detail.

[1] http://www.moritzsteiner.de/papers/dht_traffic_localization.pdf

Thanks,

- vijay
--
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA)
Email: vkg@{bell-labs.com,acm.org} / [email protected]
Web:   http://ect.bell-labs.com/who/vkg/
_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers

Confidentiality notice:  This message may contain confidential information.  It 
is intended only for the person to whom it is addressed. If you are not that 
person, you should not use this message.  We request that you notify us by 
replying to this message, and then delete all copies including any contained in 
your reply.  Thank you.
_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers

Reply via email to