A First Approach to Detect Suspicious Peers in the KAD P2P Network

Thibault Cholez 1, 2 Christopher Hénard 1, 3 Isabelle Chrisment 4, 3 Olivier Festor 1, 5 Guillaume Doyen 1, 2 Rida Khatoun 6, 2
1 MADYNES - Management of dynamic networks and services
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
2 ERA - Environnement de Réseaux Autonomes
ICD - Institut Charles Delaunay
4 RESEDAS - Software Tools for Telecommunications and Distributed Systems
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : Several large scale P2P networks are based on a distributed hash table. They all suffer from a critical issue allowing malicious nodes to be inserted in specific places on the DHT for undesirable purposes (monitoring, DDoS, pollution, etc.). However, no study so far considered the actual deployment of such attacks. We propose a first approach to detect suspicious peers in the KAD P2P network. First, we describe and evaluate our crawler which can get an accurate view of the network. Then, we analyze the distances between the peers and the contents indexed in the DHT to detect suspicious peers. Our results show that hundreds of KAD entries are clearly under attack during our measurements.
Document type :
Conference papers
Complete list of metadatas

https://hal-utt.archives-ouvertes.fr/hal-02271755
Contributor : Jean-Baptiste Vu Van <>
Submitted on : Tuesday, August 27, 2019 - 11:08:46 AM
Last modification on : Monday, September 30, 2019 - 3:03:02 PM

Identifiers

  • HAL Id : hal-02271755, version 1

Collections

Citation

Thibault Cholez, Christopher Hénard, Isabelle Chrisment, Olivier Festor, Guillaume Doyen, et al.. A First Approach to Detect Suspicious Peers in the KAD P2P Network. SAR-SSI 2011 - Conference on Network and Information Systems Security, May 2011, La Rochelle, France. pp.1-8. ⟨hal-02271755⟩

Share

Metrics

Record views

16