A first approach to detect suspicious peers in the KAD P2P network

Thibault Cholez; Christopher Hénard; Isabelle Chrisment; Olivier Festor; Guillaume Doyen; Rida Khatoun

doi:10.1109/SAR-SSI.2011.5931383

A first approach to detect suspicious peers in the KAD P2P network

Thibault Cholez
, Christopher Hénard
, Isabelle Chrisment
, Olivier Festor
, Guillaume Doyen
, Rida Khatoun

Résultats de recherche: Le chapitre dans un livre, un rapport, une anthologie ou une collection › Contribution à une conférence › Revue par des pairs

Résumé

Several large scale P2P networks are based on a distributed hash table. They all suffer from a critical issue allowing malicious nodes to be inserted in specific places on the DHT for undesirable purposes (monitoring, DDoS, pollution, etc.). However, no study so far considered the actual deployment of such attacks. We propose a first approach to detect suspicious peers in the KAD P2P network. First, we describe and evaluate our crawler which can get an accurate view of the network. Then, we analyze the distances between the peers and the contents indexed in the DHT to detect suspicious peers. Our results show that hundreds of KAD entries are clearly under attack during our measurements.

langue originale	Anglais
titre	2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings
Les DOIs	https://doi.org/10.1109/SAR-SSI.2011.5931383
état	Publié - 1 août 2011
Modification externe	Oui
Evénement	2011 Conference on Network and Information Systems Security, SAR-SSI 2011 - Ile de Re, La Rochelle, France Durée: 18 mai 2011 → 21 mai 2011

Série de publications

Nom	2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings

Une conférence

Une conférence	2011 Conference on Network and Information Systems Security, SAR-SSI 2011
Pays/Territoire	France
La ville	Ile de Re, La Rochelle
période	18/05/11 → 21/05/11

Accès au document

10.1109/SAR-SSI.2011.5931383

Autres fichiers et liens

Lien vers la publication dans Scopus

Contient cette citation

Cholez, T., Hénard, C., Chrisment, I., Festor, O., Doyen, G., & Khatoun, R. (2011). A first approach to detect suspicious peers in the KAD P2P network. Dans 2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings Article 5931383 (2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings). https://doi.org/10.1109/SAR-SSI.2011.5931383

@inproceedings{faf812782d634bb1bd58c4d611bb96a1,

title = "A first approach to detect suspicious peers in the KAD P2P network",

abstract = "Several large scale P2P networks are based on a distributed hash table. They all suffer from a critical issue allowing malicious nodes to be inserted in specific places on the DHT for undesirable purposes (monitoring, DDoS, pollution, etc.). However, no study so far considered the actual deployment of such attacks. We propose a first approach to detect suspicious peers in the KAD P2P network. First, we describe and evaluate our crawler which can get an accurate view of the network. Then, we analyze the distances between the peers and the contents indexed in the DHT to detect suspicious peers. Our results show that hundreds of KAD entries are clearly under attack during our measurements.",

keywords = "DHT, KAD, Sybil attack, attack detection, monitoring, security",

author = "Thibault Cholez and Christopher H{\'e}nard and Isabelle Chrisment and Olivier Festor and Guillaume Doyen and Rida Khatoun",

year = "2011",

month = aug,

day = "1",

doi = "10.1109/SAR-SSI.2011.5931383",

language = "English",

isbn = "9781457707377",

series = "2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings",

booktitle = "2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings",

note = "2011 Conference on Network and Information Systems Security, SAR-SSI 2011 ; Conference date: 18-05-2011 Through 21-05-2011",

}

Cholez, T, Hénard, C, Chrisment, I, Festor, O, Doyen, G & Khatoun, R 2011, A first approach to detect suspicious peers in the KAD P2P network. Dans 2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings., 5931383, 2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings, 2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Ile de Re, La Rochelle, France, 18/05/11. https://doi.org/10.1109/SAR-SSI.2011.5931383

A first approach to detect suspicious peers in the KAD P2P network. / Cholez, Thibault; Hénard, Christopher; Chrisment, Isabelle et al.
2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings. 2011. 5931383 (2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings).

Résultats de recherche: Le chapitre dans un livre, un rapport, une anthologie ou une collection › Contribution à une conférence › Revue par des pairs

TY - GEN

T1 - A first approach to detect suspicious peers in the KAD P2P network

AU - Cholez, Thibault

AU - Hénard, Christopher

AU - Chrisment, Isabelle

AU - Festor, Olivier

AU - Doyen, Guillaume

AU - Khatoun, Rida

PY - 2011/8/1

Y1 - 2011/8/1

N2 - Several large scale P2P networks are based on a distributed hash table. They all suffer from a critical issue allowing malicious nodes to be inserted in specific places on the DHT for undesirable purposes (monitoring, DDoS, pollution, etc.). However, no study so far considered the actual deployment of such attacks. We propose a first approach to detect suspicious peers in the KAD P2P network. First, we describe and evaluate our crawler which can get an accurate view of the network. Then, we analyze the distances between the peers and the contents indexed in the DHT to detect suspicious peers. Our results show that hundreds of KAD entries are clearly under attack during our measurements.

AB - Several large scale P2P networks are based on a distributed hash table. They all suffer from a critical issue allowing malicious nodes to be inserted in specific places on the DHT for undesirable purposes (monitoring, DDoS, pollution, etc.). However, no study so far considered the actual deployment of such attacks. We propose a first approach to detect suspicious peers in the KAD P2P network. First, we describe and evaluate our crawler which can get an accurate view of the network. Then, we analyze the distances between the peers and the contents indexed in the DHT to detect suspicious peers. Our results show that hundreds of KAD entries are clearly under attack during our measurements.

KW - DHT

KW - KAD

KW - Sybil attack

KW - attack detection

KW - monitoring

KW - security

UR - https://www.scopus.com/pages/publications/79960751589

U2 - 10.1109/SAR-SSI.2011.5931383

DO - 10.1109/SAR-SSI.2011.5931383

M3 - Conference contribution

AN - SCOPUS:79960751589

SN - 9781457707377

T3 - 2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings

BT - 2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings

T2 - 2011 Conference on Network and Information Systems Security, SAR-SSI 2011

Y2 - 18 May 2011 through 21 May 2011

ER -

A first approach to detect suspicious peers in the KAD P2P network

Résumé

Série de publications

Une conférence

Accès au document

Autres fichiers et liens

Empreinte digitale

Contient cette citation