worm blog: Security Applications of Peer-to-Peer Networks

« Worms: How to stop them? | Main | Worms as Attack Vectors: Theory, Threats, and Defenses »

Security Applications of Peer-to-Peer Networks

An interesting approach describing a P2P architecture to provide both distributed detection and qualification, letting the mesh of systems do the alert aggregation, and then automatic defense instantiation.

Open networks are often insecure and provide an opportunity for viruses and DDOS activities to spread. To make such networks more resilient against these kind of threats, we propose the use of a peer-to-peer architecture whereby each peer is responsible for: (a) detecting whether a virus or worm is uncontrollably propagating through the network resulting in an epidemic; (b) automatically dispatching warnings and information to other peers of a security-focused group; and (c) taking specific precautions for protecting their host by automatically hardening their security measures during the epidemic. This can lead to auto-adaptive secure operating systems that automatically change the trust level of the services they provide. We demonstrate our approach through a prototype application based on the JXTA peer-to-peer infrastructure.

Source: Security Applications of Peer-to-Peer Networks, Vasileios Vlachos, Stephanos Androutsellis-Theotokis, and Diomidis Spinellis. A later version of this paper was published in Computer Networks (Elsevier Science), Volume 45, Issue 2, pp 195-205, June 2004. Also see their JXTA project page for the tool described in the paper, NetBiotic.

July 28, 2005 in defense, detection, papers, Peer To Peer, tools | Permalink
Tell others: digg submit | del.icio.us this | Reddit