Security analysis of the micro transport protocol with a misbehaving receiver

Adamsky, F., Khayam, S. A., Jager, R. & Rajarajan, M. (2012). Security analysis of the micro transport protocol with a misbehaving receiver. Paper presented at the 2012 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discover, 10 - 12 October 2012, Sanya, China.

[img]
Preview
PDF
Download (225kB) | Preview

Abstract

BitTorrent is the most widely used Peer-to-Peer (P2P) protocol and it comprises the largest share of traffic in Europe. To make BitTorrent more Internet Service Provider (ISP) friendly, BitTorrent Inc. invented the Micro Transport Protocol (uTP). It is based on UDP with a novel congestion control called Low Extra Delay Background Transport (LEDBAT). This protocol assumes that the receiver always gives correct feedback, since otherwise this deteriorates throughput or yields to corrupted data. We show through experimental investigation that a misbehaving uTP receiver, which is not interested in data integrity, can increase the bandwidth of the sender by up to five times. This can cause a congestion collapse and steal large share of a victim’s bandwidth. We present three attacks, which increase the bandwidth usage significantly. We have tested these attacks in a real world environment and show its severity both in terms of number of packets and total traffic generated. We also present a countermeasure for protecting against the attacks and evaluate the performance of that defence strategy.

Item Type: Conference or Workshop Item (Paper)
Additional Information: © 2012 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works.
Subjects: Q Science > QA Mathematics > QA76 Computer software
Divisions: School of Informatics > Centre for Software Reliability
URI: http://openaccess.city.ac.uk/id/eprint/1967

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics