CN102299895A - DoS (Denial of Service) attack method based on BitTorrent network - Google Patents
DoS (Denial of Service) attack method based on BitTorrent network Download PDFInfo
- Publication number
- CN102299895A CN102299895A CN2010102071747A CN201010207174A CN102299895A CN 102299895 A CN102299895 A CN 102299895A CN 2010102071747 A CN2010102071747 A CN 2010102071747A CN 201010207174 A CN201010207174 A CN 201010207174A CN 102299895 A CN102299895 A CN 102299895A
- Authority
- CN
- China
- Prior art keywords
- bittorrent
- assailant
- message
- client
- dos attack
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention discloses a DoS (Denial of Service) attack method based on a BitTorrent network, and the method is mainly characterized in that connections are initiated for a current alive BitTorrent client by using a BitTorrent protocol, and are kept under the condition of no file data interaction. In the invention, the connections are kept mainly through continuously sending control messages of an Interested message and a Keepalive message in the BitTorrent protocol. When a large quantity of connections are initiated to a normal client and are kept under the condition of no file data interaction, the DoS attack is realized through occupying connections of the normal client. According to the invention, the DoS attack on alive nodes in the BitTorrent network is realized, thereby reducing the capacity of providing services by the alive nodes in the BitTorrent network. The invention provides certain assistance for the large-scale and autonomous control on the BitTorrent network.
Description
Technical field
The present invention relates to filed of network information security, be specifically related to a kind of DoS attack method based on the BitTorrent network.
Background technology
DoS (Denial of Service) is denial of service, and DoS attack is the attack that causes the DoS behavior, makes computer or network that normal service can't be provided.The DoS principle is simple and attack effect that cause is obvious, thereby becomes a kind of popular network attack mode.
BitTorrent is the file distributing agreement of a hot topic in recent years.The BitTorrent network is based on the transmission manner of BitTorrent agreement with P2P, builds on extensive, the self-organizing on the Internet, uncontrollable distributed collaborative network.The conduct of BitTorrent network is popular P2P file distributing network at present, as the channel of sharing mutually of file between Internet user.Because extensive, uncontrollable characteristic of BitTorrent network makes the BitTorrent network bring certain negative effect to society, as: file dispute over copyright, file secret protection etc.
The important supplier that live-vertex is served as the BitTorrent network in the BitTorrent network, thereby to reduce the ability that the BitTorrent network provides file-sharing service, must provide service ability to be controlled to live-vertex in the BitTorrent network.Because the BitTorrent network transmits data in the P2P mode, and can be divided into 2 classes at DoS attack with the node of P2P transmission means:
(1) bandwidth is attacked (Bandwidth Attack)
User among the normal Internet, network uplink and downlink bandwidth are limited.This type of attacks main structure assailant, and destination node is initiated to connect and download, and consumes the upstream bandwidth of destination node.Make the bandwidth of normal node request target node reduce, thereby reach the ability that destination node provides service that reduces.
(2) connect attack (Connection Attack)
As the normal users of transmitting data in the P2P mode, because the finiteness of system resource (port number, hard disk size etc.) is conditional to the number of users that request connects as P2P software.Connect attacking mainly is to the taking of the available linking number of destination node P2P software, to such an extent as to the linking number of normal node reduce, thereby reduce the ability that destination node provides normal service.
It is that downlink bandwidth to consume the assailant is a cost that bandwidth is attacked, and for the BitTorrent network of a large amount of live-vertexs, to these live-vertexs of management and control, it will be huge that bandwidth is attacked needed bandwidth.Cause easily simultaneously that the instantaneous flow of Internet increases, cause the shake of network traffics, may influence other non-destination node users among the Internet.Comparatively speaking, connect to attack and to use the very little network bandwidth, take a large amount of connection of destination node, realize reducing the ability that destination node provides service.
By contrast, in the network based on the P2P data transfer mode, realize control, connect the reduction that service ability is provided of attacking realizing with less bandwidth to destination node to live-vertex.Yet, in network,, do not have the down mutual of data in long-time, for this connection of transfer of data of optimizing network will disconnect if after connect setting up with the P2P data transfer mode.If not having to keep this connection under the situation of great amount of data transmission, then need to send some specific message and inform the other side, this connection remains active.
Summary of the invention
This invention has proposed a kind of DoS attack scheme based on the BitTorrent network.This scheme has mainly proposed a kind of BitTorrent of utilization agreement, and maintenance is connected with normal BitTorrent client.Scheme has realized under the situation of not carrying out normal file data transmission, sends the message maintenance of some BitTorrent agreement regulations and being connected of normal client.
Traditional DoS attack is a purpose with the system resource that consumes main frame, the main resource that consumes the BitTorrent client of this invention.The main linking number of realizing consuming the BitTorrent client, thus make the BitTorrent client provide the ability of service to reduce, the service ability that provides of live-vertex in the BitTorrent network is provided to a certain extent.
The technical scheme that this invention is adopted is: with normal BitTorrent network in node finish TCP shake hands be connected after, initiate BitTorrent connections of shaking hands, foundation is based on the connection of BitTorrent agreement.This invention DoS attack not only is based upon in the TCP connection, and is based upon on the BitTorrent network, uses the BitTorrent agreement to keep the connection of foundation.After the download state of statement self, Interested message and Keepalive message in the timed sending BitTorrent agreement keep this connection to be not easy to be disconnected by normal users.
Interested message and Keepalive message are as control messages in the BitTorrent agreement, and file data is not mutual.It is to inform the recipient that Interested message mainly acts on, and the recipient has the needed file data blocks of transmit leg, and transmit leg wishes to propose download request.It is not have in both sides' certain hour under the situation of interacting message that Keepalive message mainly acts on, and normal client can send this message, and the recipient is the same transmit leg Keepalive message of replying after receiving this message, informs to keep this connection.
This invention can make the interior for a long time maintenance of being connected of foundation, and the linking number that strengthens foundation can reach and align proper the taking of connection often in regular guest family.
Description of drawings
Fig. 1 is the DoS attack network topological diagram based on the BitTorrent network;
Fig. 2 is based on the whole attack strategies of the DoS of BitTorrent network;
Fig. 3 is the DoS attack flow chart based on the BitTorrent network;
Embodiment
Obtain destination node information (comprise IP address and Node B itTorrent client listening port number) based on the DoS attack of BitTorrent network, set up TCP with destination node and be connected.After confirming that destination node can connect, set up BitTorrent with destination node and be connected.When system resource is enough, constantly initiate being connected based on the BitTorrent agreement with destination node.To realize the DoS attack under the BitTorrent network.
Based on the BitTorrent agreement, set up the BitTorrent connection of shaking hands based on the DoS attack of BitTorrent network.Get nowhere if BitTorrent shakes hands to connect, will disconnect TCP and connect with conserve system resources.When finish BitTorrent shake hands finish after, the exchange of send state information and completion status information.The assailant sends Keepalive subsequently, and the opening timing device is waited for reception message simultaneously.After timing arrived, the assailant sent Interested message and at inferior startup timer.If the assailant receives the BitTorrent message of client, the assailant need handle the message that receives.If the assailant receives Keepalive message, the assailant replys Keepalive message at once.If the assailant receives other message, the assailant will not give a response.Timer time arrives after the assailant sends Interested message, and then sends Keepalive message, and starts timed sending Interested message.As shown in Figure 2.
DoS attack based on the BitTorrent network is to be based upon on the basis of BitTorrent agreement, and in the BitTorrent agreement, and Keepalive message is used to inform that both sides should connect whether keeps.After sending Interested message, the file that has transmit leg to need in expression the other side's the file content.Transmit leg may be replied Unchoke or Choke message, and whether expression allows the other side to propose download request.If the assailant receives Unchoke or Choke message does not process, destination node will not have corresponding action yet, just keep this connection.
Claims (8)
1. DoS attack method based on the BitTorrent network, in the BitTorrent network, take the connection of BitTorrent client, reach the reduction that the clothes ability is provided by the attack node, it is characterized in that: in the BitTorrent network, take the linking number of normal BitTorrent client.
2. DoS attack method as claimed in claim 1, it is characterized in that not carrying out under the mutual situation of file data, maintenance is connected with client, and the assailant only sends corresponding BitTorrent protocol message to destination node, and does not carry out normal file data request.
3. DoS attack method as claimed in claim 2 is characterized in that utilizing the control messages Ihterested message in the BitTorrent agreement to keep being connected with the long-time of normal client with Keepalive message; After setting up based on the connection of BitTorrent agreement, the assailant keeps with Interested message and is connected by regularly sending Keepalive message in turn, handles the message that the normal client that receives sends.
4. DoS attack method as claimed in claim 3, it is characterized in that setting up based on after being connected and finishing file status information mutual of BitTorrent agreement when assailant and destination node, when the assailant received the BitTorrent message of destination node transmission, the assailant need handle the BitTorrent message that receives; If receive Keepalive message, the assailant will reply Keepalive message immediately; If the assailant receives other BitTorrent message, the assailant will respond.
5. DoS attack method as claimed in claim 1 is characterized in that the assailant initiates a large amount of connections based on the BitTorrent agreement to destination node, causes target node b itTorrent client will be subjected to a large amount of connections from the assailant.
6. DoS attack method as claimed in claim 5, it is characterized in that after assailant and destination node are set up TCP and be connected, if the failure of BitTorrent handshake procedure promptly fails to set up the connection based on the BitTorrent agreement, the assailant will disconnect this TCP and connect to save system resource.
7. DoS attack method as claimed in claim 5, it is characterized in that when linking number that assailant and destination node are set up exceed that the assailant sets be connected restriction the time, the assailant will no longer connect; Assailant's linking number of keeping of inquiry regularly simultaneously, if when linking number is lower than the connection restriction of setting, the assailant will send connection request once more.
8. DoS attack method as claimed in claim 7, the connection that it is characterized in that the acquiescence acceptance of normal BitTorrent client limits the linking number that can set up less than a normal system, thereby initiate a large amount of connections to normal client based on the BitTorrent agreement by the assailant, make that normal client keeps being connected with a large amount of of assailant, take normal client connection realization DoS attack thereby reach.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102071747A CN102299895A (en) | 2010-06-23 | 2010-06-23 | DoS (Denial of Service) attack method based on BitTorrent network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102071747A CN102299895A (en) | 2010-06-23 | 2010-06-23 | DoS (Denial of Service) attack method based on BitTorrent network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102299895A true CN102299895A (en) | 2011-12-28 |
Family
ID=45360078
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010102071747A Pending CN102299895A (en) | 2010-06-23 | 2010-06-23 | DoS (Denial of Service) attack method based on BitTorrent network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102299895A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104394202A (en) * | 2014-11-13 | 2015-03-04 | 西安交通大学 | A node vitality quantifying method in a mobile social network |
-
2010
- 2010-06-23 CN CN2010102071747A patent/CN102299895A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104394202A (en) * | 2014-11-13 | 2015-03-04 | 西安交通大学 | A node vitality quantifying method in a mobile social network |
| CN104394202B (en) * | 2014-11-13 | 2018-01-05 | 西安交通大学 | A kind of node liveness quantization method in mobile community network |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Loreto et al. | Known issues and best practices for the use of long polling and streaming in bidirectional http | |
| EP2645636B1 (en) | Home gateway, cloud server, and method for communication therebetween | |
| JP5678198B2 (en) | Mobile Internet service realization method, gateway, proxy and system | |
| US20080008170A1 (en) | Communication system, communication method, and program | |
| WO2013097401A1 (en) | Method, gateway and communication system for browser client directly communicating with back-end server | |
| EP2856698B1 (en) | Network presence offload | |
| WO2006133651A1 (en) | Communication method between communication devices and communication apparatus | |
| WO2019128647A1 (en) | Message transmission method and device, storage medium and electronic device | |
| KR20080019717A (en) | System and method for establishing peer to peer connections between pcs and smart phones using networks with obstacles | |
| KR20080107989A (en) | Method and system for managing resource consumption by transport control protocol connections | |
| CN105262836A (en) | Information push method of server and push information reception method of client | |
| WO2019071681A1 (en) | P2p-based remote wakeup system and method | |
| WO2011015020A1 (en) | File transmission method, system and client | |
| Jin et al. | Reducing cellular signaling traffic for heartbeat messages via energy-efficient D2D forwarding | |
| US20170279922A1 (en) | Scaling persistent connections for cloud computing | |
| US8520694B1 (en) | Mobile handset power conservation using connection-release buffering | |
| WO2013120325A1 (en) | Browser-to-browser direct communication method, device and communication system | |
| CN105453509A (en) | Use of a datagram-based protocol to communicate with a VPN server | |
| Lim | C2CFTP: direct and indirect file transfer protocols between clients in client-server architecture | |
| JP2014023150A (en) | Multicast transmission using unicast protocol | |
| CN102984814A (en) | Large-scale GPRS (general packet radio service) terminal device networking method | |
| WO2009011968A1 (en) | Endpoint discriminator in network transport protocol startup packets | |
| CN102299895A (en) | DoS (Denial of Service) attack method based on BitTorrent network | |
| CN107820218A (en) | The establishing method and equipment of message transmissions mode | |
| Raj et al. | Energy adaptive mechanism for P2P file sharing protocols |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20111228 |