Attacks on Correlated Peer-to-Peer Networks: An Analytical Study Animesh Srivastava Department of CSE IIT Kharagpur, India asrivastava@cse.iitkgp.ernet.in Bivas Mitra CNRS Paris, France bivas.mitra@iscpif.fr Fernando Peruani MPI-PKS Dresden, Germany peruani@pks.mpg.de Niloy Ganguly Department of CSE IIT Kharagpur, India niloy@cse.iitkgp.ernet.in Abstract—Analysis of attacks on real-world p2p networks and their impact on the topology of the network is difficult as the interconnections among the peers are not random; rather they evolve based on the needs of the connected peers and this brings in degree-degree correlation in the network. We develop an analytical framework to analyze the change in topology of a correlated network and propose a generalized model based on percolation theory to measure the resilience of a correlated network against any arbitrary attack. We present the results and analysis mainly on correlated superpeer networks and correlated bimodal networks. Some of the intricate questions on the stability of real-world superpeer network that we answer analytically are: (a) dependence of percolation threshold of a superpeer network on its peer degree, superpeer degree at different levels of degree- degree correlation (b) minimum peer degree required to make a superpeer topology more resilient. All our theoretical results are validated through simulations and the results are in very good agreement. I. I NTRODUCTION Popular peer-to-peer networks like Gnutella, Kazaa are increasingly subjected to various kinds of attacks like De- nial of Service attack (DoS), DDoS attack, Eclipse attack, Sybil attack etc [1]. All these attacks try to interrupt the network-wide peer communication by disrupting the activities of the highly connected (resourceful) nodes. Besides, the continuous churn of the constituent nodes may also lead to interruption in the network-wide communication. Analytical work predicting the outcome of such churn and attack on large dynamic networks has been studied in depth [2]–[5], in the last decade. The results are primarily based upon the concept of percolation theory whereby the relation between component size and attack is established. These works have been successfully extended in the domain of p2p networks [6], [7], where Mitra et al. developed a generalized analytical framework to measure the deformed degree-distribution and stability of uncorrelated superpeer networks. (Note: Most of the popular p2p networks maintain a superpeer architecture comprising of some very powerful ultrapeers and the rest low bandwidth peers). However, we observe that although the framework quite accurately predicts the changes in Gnutella 1 (taken as representative real-life superpeer network) topology 1 The snapshots have been obtained from the Multimedia & Internetworking Research Group of University of Oregon, USA [8]. The snapshot is obtained by the research group during September 2004 and the size of the network simulated from the snapshot is of 1, 31, 869 nodes. under random failure (fig. 1(a)), there is a distinct deviation in case of intentional attack (fig. 1(b)). Current research reveals that superpeer networks (like most real networks) evolve through the complex and unsupervised interactions among peer nodes and this eventually leads to network heterogeneity. These complex interactions among the peers of the network make the vulnerability analysis very difficult as they behave differently under given conditions. For example, it has been observed in many real networks, that a relatively localized damage in one network may lead to failure in another, triggering a disruptive avalanche of cascading and escalating failures. In [9], Vespignani showed that this kind of dangerous vulnerability is indeed due to the heterogeneity present in the network. In [10], Buldyrev et al. addressed this issue and showed that analyzing complex systems as a set of interdependent networks destabilizes the most basic assump- tions that network theory has relied on for single networks. Hence, in the design of resilient infrastructures, understanding the fragility induced by multiple interdependencies is presently one of the major challenges. In superpeer networks, beyond the heterogeneity of de- grees, it is observed that the interconnections between the nodes are not entirely random; rather “disassortative”. For example high-degree nodes tend to be connected to low- degree nodes [11]. The real-world representative snapshots of commercial Gnutella networks accordingly exhibits negative degree correlation with assortativity coefficient r = −0.792. Hence to understand the exact impact of attacks, the interde- pendence of degree heterogeneity and degree-degree correla- tion need to be taken into consideration. In order to achieve that, we propose a generalized frame- work for correlated network using tools from percolation theory and the apparatus of generating functions. We show that our framework is able to correctly assess the network properties like topological deformation as well as estimate the resilience of the network. We show that the framework can be applied to real-world networks by accurately predicting the topology deformation in the simulated real-world Gnutella network. II. ENVIRONMENT DEFINITION Apart from using the snapshot of Gnutella network, we model the superpeer networks with bimodal network for our The First International Workshop on Security in Computers, Networking and Communications 978-1-4244-9920-5/11/$26.00 ©2011 IEEE 1093