Denial of Service

Flooding Attack

A flooding attack is the most direct form of denial-of-service. The attacker overwhelms peers with excessive messages, connections, or requests, exhausting CPU, memory, and bandwidth.

Three flood vectors: PubSub topic flooding (100+ msgs/sec), connection flooding (50+ attempts/sec), and direct message flooding (200+ msgs/sec).

Controls

14 nodes
Honest
Malicious
Victim
Isolated

Network Metrics

LIVE
Health100%
Delivery100%
Attack0%
14
Honest
0
Malicious
Simulation Steps1 / 5

Normal Traffic

The network operates under normal message load. Each peer handles a moderate number of PubSub messages, DHT queries, and connection requests. Resource usage is well within limits.

Flood Nodes Join

Multiple attacker nodes join the network and subscribe to popular PubSub topics. They establish connections to as many honest peers as possible, preparing to broadcast floods from multiple directions simultaneously.

Msg Rate
10/s
Resources
20%

Message Flood Begins

Attackers begin sending 100+ messages per second per topic — PubSub floods, direct message floods, and connection attempt floods. Honest peers' message queues fill up, CPU spikes processing invalid messages, and bandwidth saturates.

Msg Rate
10/s
Resources
20%

Network Degradation

At sustained flood rates, honest peers exhaust their resource budgets. Connection Manager starts pruning connections to free resources. Message delivery drops below 50% as queues overflow. Some peers crash or become unresponsive.

Msg Rate
10/s
Resources
20%

Defense: Resource Manager

libp2p's Resource Manager provides layered defense: (1) Per-peer stream/connection limits cap any single peer's resource usage; (2) Per-protocol rate limiting throttles PubSub message rates; (3) Transient scope limits prevent resource exhaustion during connection setup; (4) GossipSub's peer scoring penalizes peers that send excessive messages, pruning them from the mesh.

Msg Rate
10/s
Resources
20%

Flooding Vectors

PubSub Flood

Publish garbage messages to popular topics at 100+ msgs/sec, filling subscriber message queues and exhausting bandwidth.

Connection Flood

Open connections rapidly (50+ attempts/sec), consuming handshake resources. Noise/TLS handshakes are particularly CPU-intensive.

Direct Message Flood

Send 200+ direct messages/sec to specific peers, bypassing PubSub topic limits and targeting specific resource manager scopes.

DoS Mitigation

libp2p uses a hierarchy of limits to mitigate flooding. The Resource Manager applies limits at the system, transient, service, protocol, peer, and connection scopes. When a limit is reached, subsequent requests are rejected before resources are consumed.