Article Details

Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

Vulnerability of the Process Communication Model in Bittorrent Protocol

Author 1: Ahmed ElShafee

Download PDF

Digital Object Identifier (DOI) : 10.14569/IJACSA.2015.060412

Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 6 Issue 4, 2015.

Abstract: BitTorrent is the most extensively used protocol in peer-to-peer systems. Its clients are widely spread worldwide and account for a large fraction of today’s Internet traffic. This paper will discuss potential attack that exploits a certain vulnerability of BitTorrent based systems. Code injection refers to force a code – which may be malicious - to run inside another benign code, by inserting it into known process name or process ID. Operating systems supply API functions that can be used by third party to inject a few lines of malicious code inside the original running process, which can effectively damage or harm user resources. Ethernet is the most common internetwork layer for Local Area Networks; the shared medium of LAN enables all users on the same broadcasting domain to listen to all exchanged packets through the network (promiscuous mode), so any adversary can easily perform a simple packet sniffing process on the medium access layer of the network. By capturing and analyzing the sent packets from the P2P application, an adversary can use the revealed process ID by BitTorrent protocol to start the code injection action. So the adversary will be able to seize more machines from the network. Controlled machines can be used to perform many attacks. The study revealed that any adversary can exploit the vulnerability of the process communication model used in P2P by injecting any malicious process inside the BitTorrent application itself exposed by sniffing the exchanged BitTorrent packets through LAN.

Keywords: Peer-to-Peer security; BitTorrent protocol; Code injection; Packets sniffing, Ethernet LAN

Ahmed ElShafee, “Vulnerability of the Process Communication Model in Bittorrent Protocol” International Journal of Advanced Computer Science and Applications(IJACSA), 6(4), 2015. http://dx.doi.org/10.14569/IJACSA.2015.060412

@article{ElShafee2015,
title = {Vulnerability of the Process Communication Model in Bittorrent Protocol},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2015.060412},
url = {http://dx.doi.org/10.14569/IJACSA.2015.060412},
year = {2015},
publisher = {The Science and Information Organization},
volume = {6},
number = {4},
author = {Ahmed ElShafee}
}

IJACSA

Upcoming Conferences

Computing Conference 2021

15-16 July 2021

IntelliSys 2021

2-3 September 2021

Future Technologies Conference (FTC) 2021

28-29 October 2021

Future of Information and Communication Conference (FICC) 2022

3-4 March 2022