Teletraffic Analysis of DoS and Malware Cyber Attacks on P2P Networks under Exponential Assumptions

Abstract

Peer-to-peer (P2P) networks are distributed systems with a communication model in which no central authority governs the behavior of individual peers. These networks currently account for a considerable percentage of all bandwidth worldwide. However, this communication model also has a clear disadvantage: it has a multitude of vulnerabilities and security threats. The nature of the P2P philosophy itself means that there is no centralized server responsible for uploading, storing, and verifying the authenticity of the shared files and packets. A direct consequence of this is that P2P networks are a good choice for hackers for the spread of malicious software or malware in general since there is no mechanism to control what content is shared. In this paper, we present a mathematical model for P2P networks to study the effect of two different attacks on these systems, namely, malware and denial of service. To analyze the behavior of the cyber attacks and identify important weaknesses, we develop different Markov chains that reflect the main dynamics of the system and the attacks. Specifically, our model considers the case in which a certain number of nodes are infected with a cyber worm that is spread throughout the network as the file is shared among peers. This allows observation of the final number of infected peers when an initial number (we evaluate the system for from 1 to 14 initial nodes) of malicious nodes infect the system. For the DoS attack, our model considers the portion of peers that are unable to communicate and the average attack duration to study the performance degradation of such an attack. A two-pronged approach was used to study the impact of the attacks on P2P networks; the first focused only on the P2P network, and the second focused on the attacks and the network.