How does torrent poisoning work?

Torrent poisoning means that peers join the swarm which don't contribute to it and only use up resources.

One method is an evil peer which claims to be seeding the whole file. However, instead of returning valid data, it returns garbage. The clients won't notice this until they received the whole chunk and verified the checksum, which means that they wasted time and bandwidth. Another variant is to accept all requests, but then not send any data at all until the connection times out.

At the same time, the bogus peers request chunks from legitimate seeds even though they don't need them. This takes up bandwidth and connection slots which would otherwise be available to legitimate peers.

By flooding the swarm with a large number of such peers it can become impossible for the leachers to find any real seeds to obtain legit chunks of the file.

This can not be prevented tracker-sided, because each of these interactions is directly between peers. A mechanism for reporting such abusive peers to the tracker or a 3rd party would be counter-productive because it could be abused by the malicious peers to accuse legit peers and knock them off the network. The only possible countermeasure is to have the bit torrent client identify the IP addresses of malicious peers and block any connections with them.

Tags:

Torrent