Attacking the Kad network-real world evaluation and high fidelity simulation using DVN

The Kad network, an implementation of the Kademlia DHT protocol, supports the popular eDonkey peer-to-peer file sharing network and has over 1 million concurrent nodes. We describe several attacks that exploit critical design weaknesses in Kad to allow an attacker with modest resources to cause a significant fraction of all searches to fail. We measure the cost and effectiveness of these attacks against a set of 16000 nodes connected to the operational Kad network. Using our large-scale simulator, DVN, we successfully scaled up to a 200000 node experiment. We also measure the cost of previously proposed, generic DHT attacks against the Kad network and find that our attacks are much more cost effective. Finally, we introduce and evaluate simple mechanisms to significantly increase the cost of these attacks. Copyright (c) 2010 John Wiley & Sons, Ltd.