doc/book: add section on network security

doc/src/architecture/p2p-network.md

@@ -46,3 +46,20 @@ such as wakeup requests.
 Sleeping slots are woken up periodically by the session. They can be forcefully woken up
 by calling `session.wakeup()`.
 
+## Security
+
+* **Backoff/falloff**. This is the strategy implemented in Bitcoin. This can be bad when arbitrary limits are implemented
+  since we slow down traffic for no reason.
+* **Choking controller**. BitTorrent no longer uses naive tit-for-tat, instead libtorrent implements an anti-leech seeding algo
+  from the paper [Improving BitTorrent: A Simple Approach](https://qed.usc.edu/papers/ChowGM08.pdf), which is focused on distributing
+  bandwidth to all peers. See also [libtorrent/src/choker.cpp](https://github.com/arvidn/libtorrent/blob/RC_2_0/src/choker.cpp).
+* **Smart ban**. Malicious peers which violate protocols are hard banned. For example sending the wrong data for a chunk.
+* **uTP congestion control**. BitTorrent implements a UDP protocol with its own congestion control. We could do such a similar strategy
+  with the addition of removing ordering. This reduces protocol latency mitigating attacks. See [libtorrent.org/utp.html](https://libtorrent.org/utp.html)
+  for more info.
+    * Maybe less important if we use alternative networks like Tor or i2p.
+* **White, gray and black lists**. See section 2.2 of [Exploring the Monero P2P Network](https://eprint.iacr.org/2019/411.pdf) for
+  details of this algorithm. This aids with network connectivity, avoiding netsplits which could make the network more susceptible to
+  eclipse/sybil attacks (large scale MiTM).
+    * For this we would need a function to connect to a host, send a ping, receive a pong and disconnect to test node connectivity.
+