{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,14]],"date-time":"2026-02-14T12:53:00Z","timestamp":1771073580320,"version":"3.50.1"},"reference-count":20,"publisher":"MDPI AG","issue":"1","license":[{"start":{"date-parts":[[2022,12,30]],"date-time":"2022-12-30T00:00:00Z","timestamp":1672358400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"FCT\u2014Foundation for Science and Technology","award":["UIDB\/00308\/2020"],"award-info":[{"award-number":["UIDB\/00308\/2020"]}]},{"name":"FCT\u2014Foundation for Science and Technology","award":["UIDB\/05583\/2020"],"award-info":[{"award-number":["UIDB\/05583\/2020"]}]},{"name":"FCT\u2014Foundation for Science and Technology","award":["POCI-01-0145-FEDER-028040"],"award-info":[{"award-number":["POCI-01-0145-FEDER-028040"]}]},{"name":"Research Centre in Digital Services (CISeD)","award":["UIDB\/00308\/2020"],"award-info":[{"award-number":["UIDB\/00308\/2020"]}]},{"name":"Research Centre in Digital Services (CISeD)","award":["UIDB\/05583\/2020"],"award-info":[{"award-number":["UIDB\/05583\/2020"]}]},{"name":"Research Centre in Digital Services (CISeD)","award":["POCI-01-0145-FEDER-028040"],"award-info":[{"award-number":["POCI-01-0145-FEDER-028040"]}]},{"name":"Polytechnics of Viseu and Coimbra","award":["UIDB\/00308\/2020"],"award-info":[{"award-number":["UIDB\/00308\/2020"]}]},{"name":"Polytechnics of Viseu and Coimbra","award":["UIDB\/05583\/2020"],"award-info":[{"award-number":["UIDB\/05583\/2020"]}]},{"name":"Polytechnics of Viseu and Coimbra","award":["POCI-01-0145-FEDER-028040"],"award-info":[{"award-number":["POCI-01-0145-FEDER-028040"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Electronics"],"abstract":"<jats:p>A Distributed Denial-of-Service attack uses multiple sources operating in concert to attack a network or site. A typical DDoS flood attack on a website targets a web server with multiple valid requests, exhausting the server\u2019s resources. The participants in this attack are usually compromised\/infected computers controlled by the attackers. There are several variations of this kind of attack, and torrent index poisoning is one. A Distributed Denial-of-Service (DDoS) attack using torrent poisoning, more specifically using index poisoning, is one of the most effective and disruptive types of attacks. These web flooding attacks originate from BitTorrent-based file-sharing communities, where the participants using the BitTorrent applications cannot detect their involvement. The antivirus and other tools cannot detect the altered torrent file, making the BitTorrent client target the webserver. The use of reverse proxy servers can block this type of request from reaching the web server, preventing the severity and impact on the service of the DDoS. In this paper, we analyze a torrent index poisoning DDoS to a higher education institution, the impact on the network systems and servers, and the mitigation measures implemented.<\/jats:p>","DOI":"10.3390\/electronics12010165","type":"journal-article","created":{"date-parts":[[2022,12,30]],"date-time":"2022-12-30T03:18:18Z","timestamp":1672370298000},"page":"165","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Torrent Poisoning Protection with a Reverse Proxy Server"],"prefix":"10.3390","volume":"12","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1146-464X","authenticated-orcid":false,"given":"Ant\u00f3nio","family":"Godinho","sequence":"first","affiliation":[{"name":"Coimbra Polytechnic, Coimbra Institute of Engineering, Rua Pedro Nunes, Quinta da Nora, 3030-199 Coimbra, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5610-7147","authenticated-orcid":false,"given":"Jos\u00e9","family":"Rosado","sequence":"additional","affiliation":[{"name":"Coimbra Polytechnic, Coimbra Institute of Engineering, Rua Pedro Nunes, Quinta da Nora, 3030-199 Coimbra, Portugal"},{"name":"INESC Coimbra\u2014Instituto de Engenharia de Sistemas e Computadores de Coimbra, Rua S\u00edlvio Lima, P\u00f3lo II, 3030-790 Coimbra, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7846-8397","authenticated-orcid":false,"given":"Filipe","family":"S\u00e1","sequence":"additional","affiliation":[{"name":"Coimbra Polytechnic, Coimbra Institute of Engineering, Rua Pedro Nunes, Quinta da Nora, 3030-199 Coimbra, Portugal"},{"name":"CISeD\u2014Research Centre in Digital Services, 3504-510 Viseu, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7558-2330","authenticated-orcid":false,"given":"Filipe","family":"Caldeira","sequence":"additional","affiliation":[{"name":"CISeD\u2014Research Centre in Digital Services, 3504-510 Viseu, Portugal"},{"name":"Viseu Polytechnic, School of Technology and Management of Viseu, Av. Cidade Polit\u00e9cnica, 3504-510 Viseu, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3916-5182","authenticated-orcid":false,"given":"Filipe","family":"Cardoso","sequence":"additional","affiliation":[{"name":"INESC Coimbra\u2014Instituto de Engenharia de Sistemas e Computadores de Coimbra, Rua S\u00edlvio Lima, P\u00f3lo II, 3030-790 Coimbra, Portugal"},{"name":"Viseu Polytechnic, School of Technology and Management of Viseu, Av. Cidade Polit\u00e9cnica, 3504-510 Viseu, Portugal"}]}],"member":"1968","published-online":{"date-parts":[[2022,12,30]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"2046","DOI":"10.1109\/SURV.2013.031413.00127","article-title":"A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks","volume":"15","author":"Zargar","year":"2013","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_2","unstructured":"Criscuolo, P.J. (2000). Distributed Denial of Service, Tribe Flood Network 2000, and Stacheldraht CIAC-2319."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"e814","DOI":"10.7717\/peerj-cs.814","article-title":"Real-time DDoS flood attack monitoring and detection (RT-AMD) model for cloud computing","volume":"7","author":"Bamasag","year":"2022","journal-title":"PeerJ Comput. Sci."},{"key":"ref_4","unstructured":"Santos, F.R., da Costa Cordeiro, W.L., Gaspary, L.P., and Barcellos, M.P. (2010, January 19\u201323). Choking polluters in BitTorrent file sharing communities. Proceedings of the 2010 IEEE Network Operations and Management Symposium\u2014NOMS 2010, Osaka, Japan."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Langille, M.G., and Eisen, J.A. (2010). BioTorrents: A file sharing service for scientific data. PLoS ONE, 5.","DOI":"10.1371\/journal.pone.0010071"},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Ranjan, S., Swaminathan, R., Uysal, M., and Knightly, E. (2006, January 23\u201329). DDoS-Resilient Scheduling to Counter Application Layer Attacks under Imperfect Detection. Proceedings of the IEEE INFOCOM 2006, 25th IEEE International Conference on Computer Communications, Barcelona, Spain.","DOI":"10.1109\/INFOCOM.2006.127"},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"643","DOI":"10.1016\/j.comnet.2003.10.003","article-title":"DDoS attacks and defense mechanisms: Classification and state-of-the-art","volume":"44","author":"Douligeris","year":"2004","journal-title":"Comput. Netw."},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Liang, J., Naoumov, N., and Ross, K.W. (2006, January 23\u201329). The Index Poisoning Attack in P2P File Sharing Systems. Proceedings of the IEEE INFOCOM 2006, 25th IEEE International Conference on Computer Communications, Barcelona, Spain.","DOI":"10.1109\/INFOCOM.2006.232"},{"key":"ref_9","first-page":"1","article-title":"Bottorrent: Misusing BitTorrent to Launch DDoS Attacks","volume":"7","author":"Defrawy","year":"2007","journal-title":"SRUTI"},{"key":"ref_10","unstructured":"Kiner, E., and Konduru, S. (2022, December 04). How Google Cloud Blocked Largest Layer 7 Ddos Attack Yet, 46 Million RPS|Google Cloud Blog. Available online: https:\/\/cloud.google.com\/blog\/products\/identity-security\/how-google-cloud-blocked-largest-layer-7-ddos-attack-at-46-million-rps."},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Cardoso, F., Godinho, A., Rosado, J., Caldeira, F., and S\u00e1, F. (July, January 29). Proposal of a technological cluster to support eLearning platform. Proceedings of the 2022 31st Annual Conference of the European Association for Education in Electrical and Information Engineering (EAEEIE), Coimbra, Portugal.","DOI":"10.1109\/EAEEIE54893.2022.9820369"},{"key":"ref_12","unstructured":"Rescorla, E. (2022, October 25). The Transport Layer Security (TLS) Protocol Version 1.3. Internet Society. Available online: https:\/\/www.rfc-editor.org\/rfc\/rfc8446."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Shbair, W.M., Cholez, T., Fran\u00e7ois, J., and Chrisment, I. (2016, January 27\u201330). Improving SNI-Based HTTPS Security Monitoring. Proceedings of the 2016 IEEE 36th International Conference on Distributed Computing Systems Workshops (ICDCSW), Nara, Japan.","DOI":"10.1109\/ICDCSW.2016.21"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Bradatsch, L., Haeberle, M., Steinert, B., Kargl, F., and Menth, M. (2022, January 26\u201329). Secure Service Function Chaining in the Context of Zero Trust Security. Proceedings of the 2022 IEEE 47th Conference on Local Computer Networks (LCN), Edmonton, AB, Canada.","DOI":"10.1109\/LCN53696.2022.9843821"},{"key":"ref_15","unstructured":"Skrba, D. (2022, October 25). The World\u2019s Fastest and Most Widely Used Software Load Balancer. HAProxy Technologies. Available online: https:\/\/www.haproxy.com\/."},{"key":"ref_16","unstructured":"Anicas, M. (2022, May 31). An Introduction to HAProxy and Load Balancing Concepts. DigitalOcean. Available online: https:\/\/www.digitalocean.com\/community\/tutorials\/an-introduction-to-haproxy-and-load-balancing-concepts."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"829","DOI":"10.1007\/s10586-018-2850-3","article-title":"New solutions for exposing clustered applications deployed in the cloud","volume":"22","author":"Kozik","year":"2019","journal-title":"Clust. Comput."},{"key":"ref_18","first-page":"510","article-title":"Impact analysis of SYN flood DDoS attack on HAProxy and NLB cluster-based web servers","volume":"19","author":"Zeebaree","year":"2020","journal-title":"Indones. J. Electr. Eng. Comput. Sci."},{"key":"ref_19","unstructured":"Tarreau, W. (2022, December 05). HAProxy\u2014Configuration Manual. Retrieved 5. Available online: http:\/\/cbonte.github.io\/haproxy-dconv\/2.4\/configuration.html."},{"key":"ref_20","first-page":"1","article-title":"Sequence-order-independent network profiling for detecting application layer DDoS attacks","volume":"2011","author":"Lee","year":"2011","journal-title":"J. Wirel. Com Netw."}],"container-title":["Electronics"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2079-9292\/12\/1\/165\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T01:56:03Z","timestamp":1760147763000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2079-9292\/12\/1\/165"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,12,30]]},"references-count":20,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2023,1]]}},"alternative-id":["electronics12010165"],"URL":"https:\/\/doi.org\/10.3390\/electronics12010165","relation":{},"ISSN":["2079-9292"],"issn-type":[{"value":"2079-9292","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,12,30]]}}}