DOCSLIB.ORG

Towards the Detection of Encrypted Peer-To-Peer File Sharing Traffic

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Towards the Detection of Encrypted Peer-to-Peer File Sharing Traffic and Peer-to-Peer TV Traffic Using Deep Packet Inspection Methods August 2009 ! David Alexandre Milheiro de Carvalho Towards the Detection of Encrypted Peer-to-Peer File Sharing Traffic and Peer-to-Peer TV Traffic Using Deep Packet Inspection Methods DISSERTATION Submitted to University of Beira Interior in partial fulfillment of the requirements for the Degree of MASTER OF SCIENCE in Information Systems and Technologies by David Alexandre Milheiro de Carvalho (5-year Bachelor of Science) Network and Multimedia Computing Group Department of Computer Science University of Beira Interior Covilhã, Portugal www.di.ubi.pt Copyright c 2009 by David Alexandre Milheiro de Carvalho. All right reserved. No part of this publication can be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the previous written permission of the author. Title image: Heraldry of the University of Beira Interior. Towards the Detection of Encrypted Peer-to-Peer File Sharing Traffic and Peer-to-Peer TV Traffic Using Deep Packet Inspection Methods Author: David Alexandre Milheiro de Carvalho Student Number: 2274 E-mail: [email protected] Abstract This dissertation is devoted to the study of Peer-to-Peer (P2P) network traffic iden- tification, using Deep Packet Inspection (DPI) methods. The approach followed in this work is based on the analysis of the content of a packet payload, being paid particular attention to the cases where encryption or obfuscation is used. The protocols and applications under study along this dissertation are organized into two main categories: P2P file sharing (BitTorrent, Gnutella and eDonkey) and P2P TV (Livestation, TVU Player and Goalbit). The history of P2P and its major milestones are briefly presented, along with their classification according to the func- tionalities they provide and the network protocol architectures being used by them. Studies on the evolution and current state in the detection of P2P traffic are particu- larly detailed, as they were the main motivation towards the detection of both encrypted P2P file sharing and P2P TV traffic. The detection of Peer-to-Peer traffic is accomplished by using a set of open source tools, emphasizing Snort, Wireshark and Tcpdump. Snort is used for triggering the alerts concerning this kind of traffic, by using a specified set of rules. These are man- ually created, based on the observed P2P traffic protocol signatures and patterns, by using Wireshark and Tcpdump. For the storage and visualization of the triggered alerts in a user friendly manner, two open source tools were used, respectively, MySQL and BASE. Finally, the main conclusions achieved in this work are briefly exposed. A section dedicated to future work contains possible directions that may be followed in order to improve this work. Supervisor: Dr. Mário Marques Freire, Full Professor at the Department of Computer Science, University of Beira Interior. Preface First of all, I would like to thank to my supervisor, Professor Mário Marques Freire, for giving me the opportunity and credit for integrating his dynamic investigation team. During the period when I was working in the MsC thesis, his support, guidance and most important, motivation, were a constant presence whether regarding technical issues or any other matter. He also provided the means so I could perform all the activities, without having limitations of any kind. This work has been partially funded by Fundação para a Ciência e a Tecnologia through TRAMANET Project contract PTDC/EIA/73072/2006. I am also grateful to University of Beira Interior, particularly to the Department of Computer Science and to the Network and Multimedia Computing Group, for providing excellent work conditions and such a pleasant environment for researchers and students. I would also like to express my gratitude to Pedro Ricardo de Morais Inácio and João Vasco Paulo Gomes, both PhD students under the supervision of Professor Mário Marques Freire, for expressing their support for this work. Precious tips about the LATEX formatting system were provided to me by Professor Simão Melo de Sousa, which allowed me to improve the writing of this thesis. He also guided me for several times, allowing me achieve the pretended results, for which I would like to express my sincere gratitude. A special thank you to my mother Maria Deolinda and my brother Luís Miguel, for having faith in me through all these years, not only regarding my academic or professional course, but also in every single personal project in which I was involved in. Finally, I would like to thank to my wife Elisabete for her motivation, support and understanding during this first year of our marriage, in which, unfortunately, I could not be as present as I would like to. For many months, most of my free time was dedicated to this work, abdicating on many opportunities of spending time. For her, my truly gratitude and love. David Alexandre Milheiro de Carvalho Covilhã, Portugal iii Contents Preface iii Contents v List of Figures ix List of Tables x 1 Introduction 1 1.1 Focus . 1 1.2 Problem Definition and Goals . 2 1.3 Thesis Organization . 3 1.4 Main Contributions . 4 2 Peer-to-Peer Systems 5 2.1 Brief Perspective of P2P History . 5 2.2 P2P Definition . 9 2.3 Classification . 10 2.3.1 Functionalities . 10 2.3.2 Architecture . 10 2.4 P2P Traffic Evolution . 20 2.4.1 CAIDA . 20 2.4.2 ipoque . 21 2.5 State of Art in P2P Detection . 27 2.5.1 Legal Issues . 27 2.5.2 Classification of Mechanisms for P2P Traffic Detection . 28 2.5.3 Currently Available DPI Software . 30 2.5.4 Currently Available DPI Hardware . 35 v CONTENTS 3 Experimental Testbed 39 3.1 Introduction . 39 3.2 Lab of the Network and Multimedia Computing Group . 39 3.3 Hardware . 41 3.4 Network Configurations . 42 3.4.1 Firewalls . 42 3.4.2 Traffic Forwarding . 44 3.5 DPI and Network Software . 46 3.5.1 Snort . 46 3.5.2 Barnyard . 51 3.5.3 Apache . 53 3.5.4 MySQL . 53 3.5.5 BASE . 54 3.5.6 Wireshark . 56 3.6 P2P File Sharing Protocols and Applications . 57 3.6.1 BitTorrent Protocol . 58 3.6.2 eDonkey . 59 3.6.3 Gnutella . 60 3.7 P2P TV . 61 3.7.1 LiveStation . 62 3.7.2 TVU Player . 63 3.7.3 Octoshape . 64 3.7.4 Goalbit . 65 3.7.5 Joost . 65 4 P2P Traffic Detection 67 4.1 Introduction . 67 4.2 BitTorrent . 68 4.2.1 BitTorrent Application . 68 4.2.2 Vuze Application . 71 4.3 Gnutella . 76 4.3.1 LimeWire . 76 4.3.2 GTK-Gnutella . 82 4.4 eDonkey . 86 4.4.1 eMule . 86 4.4.2 aMule . 92 4.5 P2P TV . 95 4.5.1 Livestation . 95 4.5.2 TVU Player . 97 4.5.3 Goalbit . 101 vi CONTENTS 5 Conclusions and Future Work 105 5.1 Conclusions . 105 5.1.1 BitTorrent . 106 5.1.2 Gnutella . 106 5.1.3 eDonkey . 107 5.1.4 P2P TV . 108 5.2 Future Work . 109 5.2.1 Combining DPI and Behavior Methods . 110 5.2.2 Mobile P2P . 110 5.2.3 Defeating Encryption . 110 5.2.4 Snort Inline . 111 5.2.5 Snort Performance Measurement . 112 Bibliography 113 Appendix 119 A Snort rules for eDonkey 121 A.1 Client/Server TCP . 121 A.2 Client/Server UDP . 124 A.3 Client/Client TCP . 126 A.4 Extended Client/Client TCP . 130 A.5 Extended Client/Client UDP . 132 A.6 KAD Client/Client UDP . 133 B Snort Rules for Gnutella 139 B.1 General Gnutella TCP . 139 B.2 LimeWire TCP . 140 B.3 LimeWire UDP . 141 B.4 GTK-Gnutella UDP . 143 C Snort Rules for BitTorrent 145 C.1 General BitTorrent TCP . 145 C.2 Vuze Plain Encryption TCP . 146 C.3 External TCP Rules . 147 C.4 General BitTorrent UDP . 148 C.5 Vuze UDP . 149 C.6 External UDP Rules . 150 D Snort Rules for Livestation 151 E Snort Rules for TVU Player 153 E.1 TVU Player UDP . ..
Recommended publications
  • Security Analytics 8.1.X Reference Guide

    Security Analytics 8.1.X Reference Guide

    Security Analytics 8.1.x Reference Guide Updated: Friday, November 15, 2019 Security Analytics Reference Guide Security Analytics 8.1 Copyrights, Trademarks, and Intellectual Property Copyright © 2019 Symantec Corp. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Blue Coat, and the Blue Coat logo are trademarks or registered trademarks of Symantec Corp. or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE. SYMANTEC CORPORATION PRODUCTS, TECHNICAL SERVICES, AND ANY OTHER TECHNICAL DATA REFERENCED IN THIS DOCUMENT ARE SUBJECT TO U.S. EXPORT CONTROL AND SANCTIONS LAWS, REGULATIONS AND REQUIREMENTS, AND MAY BE SUBJECT TO EXPORT OR IMPORT REGULATIONS IN OTHER COUNTRIES. YOU AGREE TO COMPLY STRICTLY WITH THESE LAWS, REGULATIONS AND REQUIREMENTS, AND ACKNOWLEDGE THAT YOU HAVE THE RESPONSIBILITY TO OBTAIN ANY LICENSES, PERMITS OR OTHER APPROVALS THAT MAY BE REQUIRED IN ORDER TO EXPORT, RE-EXPORT, TRANSFER IN COUNTRY OR IMPORT AFTER DELIVERY TO YOU.
  • Uila Supported Apps

    Uila Supported Apps

    Uila Supported Applications and Protocols updated Oct 2020 Application/Protocol Name Full Description 01net.com 01net website, a French high-tech news site. 050 plus is a Japanese embedded smartphone application dedicated to 050 plus audio-conferencing. 0zz0.com 0zz0 is an online solution to store, send and share files 10050.net China Railcom group web portal. This protocol plug-in classifies the http traffic to the host 10086.cn. It also 10086.cn classifies the ssl traffic to the Common Name 10086.cn. 104.com Web site dedicated to job research. 1111.com.tw Website dedicated to job research in Taiwan. 114la.com Chinese web portal operated by YLMF Computer Technology Co. Chinese cloud storing system of the 115 website. It is operated by YLMF 115.com Computer Technology Co. 118114.cn Chinese booking and reservation portal. 11st.co.kr Korean shopping website 11st. It is operated by SK Planet Co. 1337x.org Bittorrent tracker search engine 139mail 139mail is a chinese webmail powered by China Mobile. 15min.lt Lithuanian news portal Chinese web portal 163. It is operated by NetEase, a company which 163.com pioneered the development of Internet in China. 17173.com Website distributing Chinese games. 17u.com Chinese online travel booking website. 20 minutes is a free, daily newspaper available in France, Spain and 20minutes Switzerland. This plugin classifies websites. 24h.com.vn Vietnamese news portal 24ora.com Aruban news portal 24sata.hr Croatian news portal 24SevenOffice 24SevenOffice is a web-based Enterprise resource planning (ERP) systems. 24ur.com Slovenian news portal 2ch.net Japanese adult videos web site 2Shared 2shared is an online space for sharing and storage.
  • The Wealth of Networks How Social Production Transforms Markets and Freedom

    The Wealth of Networks How Social Production Transforms Markets and Freedom

    Name /yal05/27282_u00 01/27/06 10:25AM Plate # 0-Composite pg 3 # 3 The Wealth of Networks How Social Production Transforms Markets and Freedom Yochai Benkler Yale University Press Ϫ1 New Haven and London 0 ϩ1 Name /yal05/27282_u00 01/27/06 10:25AM Plate # 0-Composite pg 4 # 4 Copyright ᭧ 2006 by Yochai Benkler. All rights reserved. Subject to the exception immediately following, this book may not be repro- duced, in whole or in part, including illustrations, in any form (beyond that copy- ing permitted by Sections 107 and 108 of the U.S. Copyright Law and except by reviewers for the public press), without written permission from the publishers. The author has made an online version of the book available under a Creative Commons Noncommercial Sharealike license; it can be accessed through the author’s website at http://www.benkler.org. Printed in the United States of America. Library of Congress Cataloging-in-Publication Data Benkler, Yochai. The wealth of networks : how social production transforms markets and freedom / Yochai Benkler. p. cm. Includes bibliographical references and index. ISBN-13: 978-0-300-11056-2 (alk. paper) ISBN-10: 0-300-11056-1 (alk. paper) 1. Information society. 2. Information networks. 3. Computer networks—Social aspects. 4. Computer networks—Economic aspects. I. Title. HM851.B457 2006 303.48'33—dc22 2005028316 A catalogue record for this book is available from the British Library. The paper in this book meets the guidelines for permanence and durability of the Committee on Production Guidelines for Book Longevity of the Council on Library Resources.
  • Étude De La Pratique Du Téléchargement Légal Et Illégal Sur Internet

    Étude De La Pratique Du Téléchargement Légal Et Illégal Sur Internet

    Étude de la pratique du téléchargement légal et illégal sur Internet Travail de Bachelor réalisé en vue de l’obtention du Bachelor HES par : Julien MARIETHOZ Conseiller au travail de Bachelor : (David Billard, Professeur HES) Genève, le 12 mai 2010 Haute École de Gestion de Genève (HEG-GE) Informatique de Gestion Déclaration Ce travail de Bachelor est réalisé dans le cadre de l’examen final de la Haute école de gestion de Genève, en vue de l’obtention du titre d’ « informaticien de gestion ». L’étudiant accepte, le cas échéant, la clause de confidentialité. L'utilisation des conclusions et recommandations formulées dans le travail de Bachelor, sans préjuger de leur valeur, n'engage ni la responsabilité de l'auteur, ni celle du conseiller au travail de Bachelor, du juré et de la HEG. « J’atteste avoir réalisé seul le présent travail, sans avoir utilisé des sources autres que celles citées dans la bibliographie. » Fait à Genève, le 12 mai 2010 Julien MARIETHOZ Étude de la pratique du téléchargement légal et illégal sur Internet MARIETHOZ, Julien iv Remerciements Dans le cadre de la réalisation de ce travail, je tiens à remercier tous ceux qui ont pu y contribuer directement ou indirectement : M. David Billard pour son encadrement et ses conseils. Carole, ma femme, qui a pris le temps de s’occuper de notre petit qui est né le jour après la date de début officiel, me permettant de me concentrer sur ce travail. Tous ceux qui ont pris le temps de répondre à mon questionnaire, en me fournissant les données nécessaires à ce rapport.
  • OPEN SOURCE Software Enter the World Of

    OPEN SOURCE Software Enter the World Of

    OPEN SOURCE Software http://www.bacula.org http://eraser.heidi.ie Eraser is a secure data Bacula is a set removal tool for Win- of computer programs that permit manag- dows. It completely removes sensitive data ing backup, recovery, and verification of from your hard drive by overwriting it several computer data across a network of com- times with carefully selected patterns. Eraser puters of different kinds. Based on Source is currently supported under Windows XP Forge downloads, Bacula is the most popu- lar Open Source backup program. (with Service Pack 3), Windows Server 2003 (with Service Pack 2), Windows Vista, Win- dows Server 2008, Windows 7 and Windows Server 2008 R2. http://www.emule-project.net e M u l e is a filesharing client which is based on http://shareaza.sourceforge.net/ the eDonkey2000 network but offers more features than the standard client. Shareaza is a very powerful multi-network eMule is one of the biggest and most peer-to-peer ( P2P ) file-sharing client sup- reliable peer-to-peer file sharing clients porting Gnutella² ( G2 ), Gnutella ( G1 ), around the world. eDonkey2000 ( eMule ), DC++, HTTP, FTP and BitTorrent protocols for Windows (or Wine). It allows you to download any file-type For more OSS, visit sourceforge found on several popular P2P networks. Shareaza is FREE & contains NO Spyware or third-party products. http://www.scintilla.org Scintilla is a free source code editing compo- nent which includes useful features such as syntax styling, error indicators, folding, code completion and call tips. The project includes SciTE (SCIntilla based Text Editor).
  • The Edonkey File-Sharing Network

    The Edonkey File-Sharing Network

    The eDonkey File-Sharing Network Oliver Heckmann, Axel Bock, Andreas Mauthe, Ralf Steinmetz Multimedia Kommunikation (KOM) Technische Universitat¨ Darmstadt Merckstr. 25, 64293 Darmstadt (heckmann, bock, mauthe, steinmetz)@kom.tu-darmstadt.de Abstract: The eDonkey 2000 file-sharing network is one of the most successful peer- to-peer file-sharing applications, especially in Germany. The network itself is a hybrid peer-to-peer network with client applications running on the end-system that are con- nected to a distributed network of dedicated servers. In this paper we describe the eDonkey protocol and measurement results on network/transport layer and application layer that were made with the client software and with an open-source eDonkey server we extended for these measurements. 1 Motivation and Introduction Most of the traffic in the network of access and backbone Internet service providers (ISPs) is generated by peer-to-peer (P2P) file-sharing applications [San03]. These applications are typically bandwidth greedy and generate more long-lived TCP flows than the WWW traffic that was dominating the Internet traffic before the P2P applications. To understand the influence of these applications and the characteristics of the traffic they produce and their impact on network design, capacity expansion, traffic engineering and shaping, it is important to empirically analyse the dominant file-sharing applications. The eDonkey file-sharing protocol is one of these file-sharing protocols. It is imple- mented by the original eDonkey2000 client [eDonkey] and additionally by some open- source clients like mldonkey [mlDonkey] and eMule [eMule]. According to [San03] it is with 52% of the generated file-sharing traffic the most successful P2P file-sharing net- work in Germany, even more successful than the FastTrack protocol used by the P2P client KaZaa [KaZaa] that comes to 44% of the traffic.
  • University of South Florida

    University of South Florida

    Case Study www.ellacoya.com University of South Florida University of South Florida (USF), one of the top research universities in the US, is INTRODUCTION committed to formulating bold ideas and creating innovative solutions for its global community of 45,000 students, staff, and faculty. To provide its community with reliable, quality network service, USF needed an effective, flexible, and scalable way to prevent aggressive peer-to-peer (P2P) applications from using more than their fair share of bandwidth, to enable sophisticated control of individual abusers, and to support significant growth in traffic volumes. University of South Florida turned to Ellacoya’s IP Service Control System for an effective, flexible and scalable way to control bandwidth congestion in its network. As of late 2002, USF was experiencing significant network congestion due to P2P traffic. THE TRAFFIC CONTROL Its network was hit particularly hard by KaZaA 2.0, which USF’s enterprise-class PROBLEM appliance application could not reliably detect, and by a new P2P application its current firmware failed to detect at all. Network administrators also began to realize the limitations of application-based aggregate traffic management in the face of increasingly evasive emerging applications and the desirability of being able to enforce policies on specific individuals. Additionally, USF was in the process of upgrading its Internet connection to Gigabit speeds and needed a platform with the capacity for Gigabit throughput and the flexibility to scale with the university’s growing needs. Like many universities, USF had initially used an enterprise-class appliance to control EARLY ATTEMPTS TO P2P traffic, but the device was unable to consistently classify KaZaA traffic.
  • Digital Fountain Erasure-Recovery in Bittorrent

    Digital Fountain Erasure-Recovery in Bittorrent

    UNIVERSITÀ DEGLI STUDI DI BERGAMO Facoltà di Ingegneria Corso di Laurea Specialistica in Ingegneria Informatica Classe n. 35/S – Sistemi Informatici Digital Fountain Erasure Recovery in BitTorrent: integration and security issues Relatore: Chiar.mo Prof. Stefano Paraboschi Correlatore: Chiar.mo Prof. Andrea Lorenzo Vitali Tesi di Laurea Specialistica Michele BOLOGNA Matricola n. 56108 ANNO ACCADEMICO 2007 / 2008 This thesis has been written, typeset and prepared using LATEX 2". Printed on December 5, 2008. Alla mia famiglia “Would you tell me, please, which way I ought to go from here?” “That depends a good deal on where you want to get to,” said the Cat. “I don’t much care where —” said Alice. “Then it doesn’t matter which way you go,” said the Cat. “— so long as I get somewhere,” Alice added as an explanation. “Oh, you’re sure to do that,” said the Cat, “if you only walk enough.” Lewis Carroll Alice in Wonderland Acknowledgments (in Italian) Ci sono molte persone che mi hanno aiutato durante lo svolgimento di questo lavoro. Il primo ringraziamento va ai proff. Stefano Paraboschi e Andrea Vitali per la disponibilità, la competenza, i consigli, la pazienza e l’aiuto tecnico che mi hanno saputo dare. Grazie di avermi dato la maggior parte delle idee che sono poi confluite nella mia tesi. Un sentito ringraziamento anche a Andrea Rota e Ruben Villa per l’aiuto e i chiarimenti che mi hanno gentilmente fornito. Vorrei ringraziare STMicroelectronics, ed in particolare il gruppo Advanced System Technology, per avermi offerto le infrastrutture, gli spa- zi e tutto il necessario per svolgere al meglio il mio periodo di tirocinio.
  • Simulacijski Alati I Njihova Ograničenja Pri Analizi I Unapređenju Rada Mreža Istovrsnih Entiteta

    Simulacijski Alati I Njihova Ograničenja Pri Analizi I Unapređenju Rada Mreža Istovrsnih Entiteta

    SVEUČILIŠTE U ZAGREBU FAKULTET ORGANIZACIJE I INFORMATIKE VARAŽDIN Tedo Vrbanec SIMULACIJSKI ALATI I NJIHOVA OGRANIČENJA PRI ANALIZI I UNAPREĐENJU RADA MREŽA ISTOVRSNIH ENTITETA MAGISTARSKI RAD Varaždin, 2010. PODACI O MAGISTARSKOM RADU I. AUTOR Ime i prezime Tedo Vrbanec Datum i mjesto rođenja 7. travanj 1969., Čakovec Naziv fakulteta i datum diplomiranja Fakultet organizacije i informatike, 10. listopad 2001. Sadašnje zaposlenje Učiteljski fakultet Zagreb – Odsjek u Čakovcu II. MAGISTARSKI RAD Simulacijski alati i njihova ograničenja pri analizi i Naslov unapređenju rada mreža istovrsnih entiteta Broj stranica, slika, tablica, priloga, XIV + 181 + XXXVIII stranica, 53 slike, 18 tablica, 3 bibliografskih podataka priloga, 288 bibliografskih podataka Znanstveno područje, smjer i disciplina iz koje Područje: Informacijske znanosti je postignut akademski stupanj Smjer: Informacijski sustavi Mentor Prof. dr. sc. Željko Hutinski Sumentor Prof. dr. sc. Vesna Dušak Fakultet na kojem je rad obranjen Fakultet organizacije i informatike Varaždin Oznaka i redni broj rada III. OCJENA I OBRANA Datum prihvaćanja teme od Znanstveno- 17. lipanj 2008. nastavnog vijeća Datum predaje rada 9. travanj 2010. Datum sjednice ZNV-a na kojoj je prihvaćena 18. svibanj 2010. pozitivna ocjena rada Prof. dr. sc. Neven Vrček, predsjednik Sastav Povjerenstva koje je rad ocijenilo Prof. dr. sc. Željko Hutinski, mentor Prof. dr. sc. Vesna Dušak, sumentor Datum obrane rada 1. lipanj 2010. Prof. dr. sc. Neven Vrček, predsjednik Sastav Povjerenstva pred kojim je rad obranjen Prof. dr. sc. Željko Hutinski, mentor Prof. dr. sc. Vesna Dušak, sumentor Datum promocije SVEUČILIŠTE U ZAGREBU FAKULTET ORGANIZACIJE I INFORMATIKE VARAŽDIN POSLIJEDIPLOMSKI ZNANSTVENI STUDIJ INFORMACIJSKIH ZNANOSTI SMJER STUDIJA: INFORMACIJSKI SUSTAVI Tedo Vrbanec Broj indeksa: P-802/2001 SIMULACIJSKI ALATI I NJIHOVA OGRANIČENJA PRI ANALIZI I UNAPREĐENJU RADA MREŽA ISTOVRSNIH ENTITETA MAGISTARSKI RAD Mentor: Prof.
  • Conducting and Optimizing Eclipse Attacks in the Kad Peer-To-Peer Network

    Conducting and Optimizing Eclipse Attacks in the Kad Peer-To-Peer Network

    Conducting and Optimizing Eclipse Attacks in the Kad Peer-to-Peer Network Michael Kohnen, Mike Leske, and Erwin P. Rathgeb University of Duisburg-Essen, Institute for Experimental Mathematics, Ellernstr. 29, 45326 Essen [email protected], [email protected], [email protected] Abstract. The Kad network is a structured P2P network used for file sharing. Research has proved that Sybil and Eclipse attacks have been possible in it until recently. However, the past attacks are prohibited by newly implemented secu- rity measures in the client applications. We present a new attack concept which overcomes the countermeasures and prove its practicability. Furthermore, we analyze the efficiency of our concept and identify the minimally required re- sources. Keywords: P2P security, Sybil attack, Eclipse attack, Kad. 1 Introduction and Related Work P2P networks form an overlay on top of the internet infrastructure. Nodes in a P2P network interact directly with each other, i.e., no central entity is required (at least in case of structured P2P networks). P2P networks have become increasingly popular mainly because file sharing networks use P2P technology. Several studies have shown that P2P traffic is responsible for a large share of the total internet traffic [1, 2]. While file sharing probably accounts for the largest part of the P2P traffic share, also other P2P applications exist which are widely used, e.g., Skype [3] for VoIP or Joost [4] for IPTV. The P2P paradigm is becoming more and more accepted also for professional and commercial applications (e.g., Microsoft Groove [5]), and therefore, P2P technology is one of the key components of the next generation internet.
  • Diapositiva 1

    Diapositiva 1

    TRANSFERENCIA O DISTRIBUCIÓN DE ARCHIVOS ENTRE IGUALES (peer-to-peer) Características, Protocolos, Software, Luis Villalta Márquez Configuración Peer-to-peer Una red peer-to-peer, red de pares, red entre iguales, red entre pares o red punto a punto (P2P, por sus siglas en inglés) es una red de computadoras en la que todos o algunos aspectos funcionan sin clientes ni servidores fijos, sino una serie de nodos que se comportan como iguales entre sí. Es decir, actúan simultáneamente como clientes y servidores respecto a los demás nodos de la red. Las redes P2P permiten el intercambio directo de información, en cualquier formato, entre los ordenadores interconectados. Peer-to-peer Normalmente este tipo de redes se implementan como redes superpuestas construidas en la capa de aplicación de redes públicas como Internet. El hecho de que sirvan para compartir e intercambiar información de forma directa entre dos o más usuarios ha propiciado que parte de los usuarios lo utilicen para intercambiar archivos cuyo contenido está sujeto a las leyes de copyright, lo que ha generado una gran polémica entre defensores y detractores de estos sistemas. Las redes peer-to-peer aprovechan, administran y optimizan el uso del ancho de banda de los demás usuarios de la red por medio de la conectividad entre los mismos, y obtienen así más rendimiento en las conexiones y transferencias que con algunos métodos centralizados convencionales, donde una cantidad relativamente pequeña de servidores provee el total del ancho de banda y recursos compartidos para un servicio o aplicación. Peer-to-peer Dichas redes son útiles para diversos propósitos.
  • Psichogios.Pdf

    Psichogios.Pdf

    1 ΠΑΝΕΠΙΣΤΗΜΙΟ ΠΕΙΡΑΙΩΣ Τμήμα Ψηφιακών Συστημάτων «Διαχείριση κατανεμημένου πολυμεσικού περιεχομένου με χρήση υπηρεσιοστρεφών αρχιτεκτονικών » ΨΥΧΟΓΥΙΟΣ ΕΥΣΤΑΘΙΟΣ Η εργασία υποβάλλεται για την μερική κάλυψη των απαιτήσεων με στόχο την απόκτηση του Μεταπτυχιακού Διπλώματος Σπουδών στα Ψηφιακά Συστήματα του Πανεπιστήμιο Πειραιώς 2 ΠΙΝΑΚΑΣ ΠΕΡΙΕΧΟΜΕΝΩΝ ΠΙΝΑΚΑΣ ΠΕΡΙΕΧΟΜΕΝΩΝ ............................................................................... 2 ΠΕΡΙΛΗΨΗ ............................................................................................................. 4 ΚΑΤΑΛΟΓΟΣ ΣΧΗΜΑΤΩΝ .................................................................................. 5 ΕΙΣΑΓΩΓΗ .............................................................................................................. 6 ΜΕΡΟΣ ΠΡΩΤΟ ..................................................................................................... 7 0 ΚΕΦΑΛΑΙΟ 1 - ΥΠΗΡΕΣΙΕΣ ΠΑΓΚΟΣΜΙΟΥ ΙΣΤΟΥ ........................................ 7 ΥΠΗΡΕΣΙΕΣ ΠΑΓΚΟΣΜΙΟΥ ΙΣΤΟΥ – ΕΙΣΑΓΩΓΗ ........................................... 7 ΥΠΗΡΕΣΙΕΣ ΠΑΓΚΟΣΜΙΟΥ ΙΣΤΟΥ – ΠΛΕΟΝΕΚΤΗΜΑΤΑ ............................. 9 ΥΠΗΡΕΣΙΕΣ ΠΑΓΚΟΣΜΙΟΥ ΙΣΤΟΥ – ΠΑΡΑΔΕΙΓΜΑΤΑ................................ 10 ΥΠΗΡΕΣΙΕΣ ΠΑΓΚΟΣΜΙΟΥ ΙΣΤΟΥ – ΤΙ ΑΛΛΑΖΕΙ; ....................................... 11 ΥΠΗΡΕΣΙΕΣ ΠΑΓΚΟΣΜΙΟΥ ΙΣΤΟΥ – TO ΜΕΛΛΟΝ ΤΟΥΣ ΣΤΗΝ ΕΛΛΑΔΑ .. 12 ΤΕΧΝΙΚΑ ΧΑΡΑΚΤΗΡΙΣΤΙΚΑ – ΟΡΙΣΜΟΣ ....................................................ΠΕΙΡΑΙΑ 14 ΤΕΧΝΙΚΑ ΧΑΡΑΚΤΗΡΙΣΤΙΚΑ – ΜΟΝΤΕΛΟ ..................................................