HAMACK: a Honeynet Architecture against MAlicious Contents in KAD

Thibault Cholez 1 Isabelle Chrisment 1 Olivier Festor 1
1 MADYNES - Management of dynamic networks and services
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : In this paper, we propose a new P2P Honeynet architecture called HAMACK that bypasses the Sybil attack protection mechanisms introduced recently in KAD. HAMACK is composed of distributed Honeypeers in charge of monitoring and acting on specific malicious contents in KAD by controlling the indexation of keywords and files. Our architecture allows to: (1) transparently monitor all the requests sent to the targeted contents in the network, (2) eclipse malicious entries of the DHT, and (3) attract the download requests of peers searching for malicious contents towards the Honeypeers by poisoning the DHT references with fake files and sources. Early results on the KAD network demonstrate the applicability and the efficiency of our approach.
Type de document :
Rapport
[Research Report] RR-6994, INRIA. 2009, pp.22
Liste complète des métadonnées

Littérature citée [18 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/inria-00406477
Contributeur : Thibault Cholez <>
Soumis le : mercredi 22 juillet 2009 - 14:42:25
Dernière modification le : jeudi 11 janvier 2018 - 06:19:49
Document(s) archivé(s) le : lundi 15 octobre 2012 - 15:36:45

Fichier

RR-6994.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : inria-00406477, version 1

Collections

Citation

Thibault Cholez, Isabelle Chrisment, Olivier Festor. HAMACK: a Honeynet Architecture against MAlicious Contents in KAD. [Research Report] RR-6994, INRIA. 2009, pp.22. 〈inria-00406477〉

Partager

Métriques

Consultations de la notice

285

Téléchargements de fichiers

554