µTorrent Community Forums

iru

Member

Has any research been done on protecting the swarm from this ?

Subject is about these and other similar methods:
http://torrentfreak.com/microsoft-funde … ic-120513/

Knowing a bit about how the bittorrent protocol works. I've known long that it might be possible to affect the swarm in this manner especially if the bittorrent clients are not aware of it.

But have anyone done any research of how these techniques really affect the swarm ?
Any theories of how we could protect against these sorts of illegal attacks ?

Could some sort of signing of the packets work ?
To detect that the packet is coming from the source it say its coming from ?

The method used needs to be tempering fool proof and more importantly not make peers identifiable.

Have the time come for the clients to force full encryption with second layer encryption for every single peer connected transfer on the bittorrent traffic ?

Have the utorrent devs done any thinking on improving the security and stability of the protocol at all ?

iru

Member

Re: Has any research been done on protecting the swarm from this ?

Is this not the right place to discuss this serious issue ?
I was hoping the utorrent devs stood on the users side here.

Should i ask the devs of the open source bittorrent clients instead ?

DreadWingKnight

I never claimed to be nice.

Re: Has any research been done on protecting the swarm from this ?

http://www.geek.com/articles/news/forme … -20120515/

Honestly, I doubt the attack will actually work beyond the ritual first 5-15 minutes on a torrent.

---

FAQ and Search - Use them.
If guides ask for info, provide it before I have to ask for it.

iru

Member

Re: Has any research been done on protecting the swarm from this ?

While the link do take up a few good points common sense tells us;
It's better to act than to always react.
It's harder to hit a moving / evolving target that a stationary one.

http://torrentfreak.com/anti-piracy-out … ol-120519/

My spidey-sense seemed to be on the right track.
The illegal use of spamming and dos attacks on sharing protocol traffic are getting more popular.

It's only a matter of time until it gets worse. News tells us that even shady anti-competitive microsoft is planning this.

The only real way of preventing these kinds of attacks is to update the protocol with better security now. Waiting to the point when it gets to be a problem is stupid and naive.

Even as simple as a spam detection system ( implemented in bittorrent client ) that shares a list of ip addresses that spam comes from would make it better.
The ip list could be shared among the swarm of the current torrent. So if an ip starts to spam or in other ways corrupt the torrent it will be detected and the swarm would be notified and block the ip for that torrent.
Might not be the best idea since it also can be exploited but with some extra security it might work. So polluting the ip list would also be detected and blocked.

There are many ways of getting the protocol up to date and more secure both for protecting the swarm (to keep it healthy) and the peers (data traffic).
Like layered encryption to harden the connection between each peer.
Mandatory encryption (currently its user optional and set to unencrypted as default (WTF?!), most users do not understand security at all so they will not change it).

DreadWingKnight

I never claimed to be nice.

Re: Has any research been done on protecting the swarm from this ?

The ip list could be shared among the swarm of the current torrent. So if an ip starts to spam or in other ways corrupt the torrent it will be detected and the swarm would be notified and block the ip for that torrent.

Which would be even more abusable than whatever methods are being implemented in the above article.

---

FAQ and Search - Use them.
If guides ask for info, provide it before I have to ask for it.

iru

Member

Re: Has any research been done on protecting the swarm from this ?

The ip list could be shared among the swarm of the current torrent. So if an ip starts to spam or in other ways corrupt the torrent it will be detected and the swarm would be notified and block the ip for that torrent.

Which would be even more abusable than whatever methods are being implemented in the above article.

Sure but it depends on the implementation too. Of course a naive implementation would not work.
There are many ways to detect and protect against abuse by using the knowledge of the swarm.
For instance storing the ip of the reporter and keeping an eye on that ip too for misuse by talking to the other peers. Behavioral heuristics. It can become quite complicated and advanced. Not many capable of creating and implementing such a system correctly without flaws.

We could make it simple too. Analyze how the protocol can be abused and add recommended behavior and actions to the torrent standard that clients can implement and use to prevent or limit the attack effectiveness.

I'm trying to get a discussion going on this topic. If i gave an idea, however bad it is in real use, somebody might come with a better idea and so on.
If you got a better idea, i'm all ears.

kotekzot

Banned

Re: Has any research been done on protecting the swarm from this ?

saying "behavioral heuristics" isn't really an idea. you're proposing a massive investment of effort that would require many different development teams to work together to combat a vague, potential threat. that doesn't seem like the best use of resources (although it couldn't be worse than bloating utorrent with more useless features, but i digress).