HAMACK: a Honeynet Architecture against MAlicious Contents in KAD - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Rapport (Rapport De Recherche) Année : 2009

HAMACK: a Honeynet Architecture against MAlicious Contents in KAD

Résumé

In this paper, we propose a new P2P Honeynet architecture called HAMACK that bypasses the Sybil attack protection mechanisms introduced recently in KAD. HAMACK is composed of distributed Honeypeers in charge of monitoring and acting on specific malicious contents in KAD by controlling the indexation of keywords and files. Our architecture allows to: (1) transparently monitor all the requests sent to the targeted contents in the network, (2) eclipse malicious entries of the DHT, and (3) attract the download requests of peers searching for malicious contents towards the Honeypeers by poisoning the DHT references with fake files and sources. Early results on the KAD network demonstrate the applicability and the efficiency of our approach.
Fichier principal
Vignette du fichier
RR-6994.pdf (591.69 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

inria-00406477 , version 1 (22-07-2009)

Identifiants

  • HAL Id : inria-00406477 , version 1

Citer

Thibault Cholez, Isabelle Chrisment, Olivier Festor. HAMACK: a Honeynet Architecture against MAlicious Contents in KAD. [Research Report] RR-6994, INRIA. 2009, pp.22. ⟨inria-00406477⟩
179 Consultations
493 Téléchargements

Partager

Gmail Facebook X LinkedIn More