CN101436926A - Method, network node and system for preventing aggression in P2P network - Google Patents
Method, network node and system for preventing aggression in P2P network Download PDFInfo
- Publication number
- CN101436926A CN101436926A CN200710124641.8A CN200710124641A CN101436926A CN 101436926 A CN101436926 A CN 101436926A CN 200710124641 A CN200710124641 A CN 200710124641A CN 101436926 A CN101436926 A CN 101436926A
- Authority
- CN
- China
- Prior art keywords
- node
- malicious
- malicious act
- notification message
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- 230000016571 aggressive behavior Effects 0.000 title 1
- 238000011144 upstream manufacturing Methods 0.000 claims abstract description 22
- 230000004044 response Effects 0.000 claims description 36
- 230000006399 behavior Effects 0.000 claims description 30
- 230000005540 biological transmission Effects 0.000 claims description 15
- 238000001514 detection method Methods 0.000 claims description 5
- 230000003542 behavioural effect Effects 0.000 claims description 2
- 238000005516 engineering process Methods 0.000 description 6
- 230000000977 initiatory effect Effects 0.000 description 4
- 238000004364 calculation method Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1001—Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
- H04L67/1004—Server selection for load balancing
- H04L67/1023—Server selection for load balancing based on a hash applied to IP addresses or costs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1001—Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention belongs to the technical field of P2P and discloses a method for preventing attack in a P2P network, a network node and a system thereof. When another node in the P2P network is detected to make malicious act in the node, evidence proving that the node makes the malicious act is sent to an upstream node of the node making the malicious act; the upstream node records the information about the node making the malicious act and the times that the node are informed for making malicious act; when a data message is needed to transmit, a node with no record or less times of the malicious act is selected for transmitting the data message, thereby effectively reducing or avoiding the influence of the node making the malicious act on the whole P2P network.
Description
Technical field
The present invention relates to the P2P technical field, relate in particular to a kind of method, network node and system of attacking of in the P2P network, preventing.
Background technology
Peer-to-peer network (Peer to Peer, P2P) be a kind of distributed network, the participant of network (Peer) shares a part of hardware resource (disposal ability, storage capacity, network concatenation ability, printer etc.) that they are had, these shared resources need provide service and content by network, can directly be visited by other peer node (Peer) and need not through intermediate entities.Participant in this network is the supplier (Server) of resource (service and content), be again resource (service and content) obtain taker (Client).P2P has broken traditional client/server, and (status of each node in the network all is reciprocity for Client/Server, C/S) pattern.Each node had both served as server, for other nodes provide service, also accepted the service that other nodes provide simultaneously.
The P2P technology makes full use of the ability of each node in the system, and service is provided mutually.Use the P2P technology will improve the utilance of these nodes greatly, thereby further promote the efficient of network, equipment and information service.The P2P network further comprises structuring, destructuring and loose structure several types.
The characteristics of structured P 2 P network are that the issue of resource and network topology are closely related, and resource is distributed in the network accurately according to the logical address in the P2P topology.Each node in this class network all has virtual logical address, and makes all nodes constitute a relatively stable and topological structure closely according to the address.In the structural P 2 P, the value of resource being carried out the generation of Hash (hash algorithm) back is key, and it is right that the key of generation and its corresponding resource are designated as key/value.Resource is distributed in the structured P 2 P network according to the mapping relations of this key and P2P node, can find this resource in this P2P network by this key.That is to say that each Peer needs to be responsible for one section key value scope of storage in the P2P network, this section key value scope is that (Distributed Hash Table DHT) calculates according to the distributed hash algorithm.This section key value scope that different DHT algorithm computation is come out is also different.With the chord algorithm is example: in the chord algorithm, suppose that Peer a and Peer b are neighbours, and the ID of Peer a is less than the ID of Peer b, then the key value scope be responsible for of Peer a is exactly the key value from Peer a ID to this hop count value scope of Peer b ID.
The route that critical function is a message of P2P, message is wanted and can be routed to the destination through several peer (node) according to key according to certain algorithm in structured P 2 P system.
Yet, in the P2P network, because Peer is any one user, the user of some malice just may appear also among these users, deliberately destroy these algorithmic rules, and cause other user's the request can not be successful.Perhaps reach other user's of deception purpose by these special means.It is exactly wherein a kind of attack that identity is attacked (Identity Attack), and the principle of this attack is: receive a user's request when malicious node after, know it oneself is not to be responsible for right root node (the root node of key/value that asked perfectly well.Be responsible for the right node of certain key/value according to the DHT algorithmic rule), but malicious node no longer continues to continue to be routed to real root node according to the DHT algorithmic rule, but claim oneself to be exactly root node unbearably, and give to initiate requesting users and return and oneself want any response of returning, can further implement " phishing attack " like this.Can not know that the root node of key is being the node which is determined, so just may implement to attack by victim because in the P2P network, initiate requesting users.
A kind of method of finding that identity is attacked is provided in the prior art, each node is all selected several cooperative nodes (its number can specifically be determined according to network size) in overlay, cooperative node can be some the specific node in the network, it also can be the node of selecting according to certain rule, as, from NodeID, select wherein n position and be Hash and obtain.A general cooperative node can be responsible for a plurality of node perpetuation of testimonys.After node is reached the standard grade at every turn, produce an own online evidence and send to these cooperative nodes, and and these cooperative nodes maintenance keep-alives (keep-alive) relations.After request of a node initiation meets with a response, initiate the space of the node of request according to the NodeId of node distribution situation estimation root node in the routing table of oneself, go out the cooperative node of this space interior nodes then according to this SPATIAL CALCULATION, send a request of obtaining evidence again to cooperative node, if cooperative node finds to have one more near the node existence of key value, then this evidence is returned to the node of the request of initiation.The prerequisite of doing like this is: all messages will be signed, and all messages all have timestamp.The evidence that the node of initiating to ask is sent the response message and the cooperative node of acquisition compares, if it should be root node that the evidence proof has the node more approaching than responsive node, think that then this responsive node is a malicious node, if the evidence that the returns proof not node more approaching than this node is responsible for this key value, think that then the message of current request response is effective.
This scheme only provides a kind of method that identity is attacked that detects, and promptly only is used to find the malicious act of malicious node, but this malicious node is not handled, and can not avoid the request of next time attacked by the identity of same malicious node.
Summary of the invention
In order to solve the problems of the technologies described above, the embodiment of the invention provides a kind of method of attacking of preventing in the P2P network, comprising:
Receive the malicious act notification message, carry node malicious act information in the described malicious act notification message;
After determining that described malicious act notification message is legal, write down the node malicious act information of carrying in the described malicious act notification message;
Send out the P2P data message according to the mean no harm node of behavior or the less node of malicious act record of the node malicious act Information Selection of record as next redirect.
The another kind that the embodiment of the invention provides prevents from the method for attacking to comprise in the P2P network: receive the malicious node notification message, carry malicious node information in the described malicious node notification message;
After determining that described malicious node notification message is legal, write down the malicious node information of carrying in the described malicious node notification message;
Non-malicious node of malicious node Information Selection or the less node of malice record according to record are sent out the P2P data message as next redirect.
The embodiment of the invention also provides a kind of network node, comprising:
Receiving element is used for receiving node malicious act notification message;
First judging unit is used to judge the legitimacy of the node malicious act notification message that receiving element receives;
First memory cell is used for determining the legal back of node malicious act notification message memory node malicious act information at judging unit that described malicious act information comprises that node is confirmed as the number of times of malice.
The another kind of network node that the embodiment of the invention provides comprises:
Receiving element is used to receive the malicious node notification message;
First judging unit is used to judge the legitimacy of the malicious node notification message that receiving element receives;
First memory cell is used for determining the legal back storage of malicious node notification message malicious node information at judging unit that described malicious node information comprises that malicious node is confirmed as the number of times of malice;
Transmitting element is used to select the less node of non-malicious node or malice record to send out the P2P data message as next redirect.
The P2P network system that the embodiment of the invention provides, comprise first node and Section Point, described first node is used to judge whether the node that sends response message is malicious node, and when the node of described transmission response message is malicious node, sends the malicious node notification message to Section Point;
Described Section Point is the upstream node of malicious node, described Section Point is used to receive described malicious node notification message, judge the legitimacy of described malicious node notification message, when described malicious node notification message is legal, write down described malicious node information, and after receiving data message, send out data message described as next redirect according to the less node of the non-malicious node of malicious node Information Selection of record or malice record.
The another kind of P2P network system that the embodiment of the invention provides, comprise first node and Section Point, described first node is used to judge whether the behavior of the node that sends response message is malicious act, and when the behavior of the node of described transmission response message is malicious act, to Section Point sending node malicious act notification message;
Described Section Point is a upstream node of making the node of malicious act, described Section Point is used to receive described node malicious act notification message, judge the legitimacy of described node malicious act notification message, when described node malicious act notification message is legal, write down described node malicious act information, and select the node of the behavior that means no harm or the less node of malicious act record to send out the P2P data message as next redirect according to the evil node meaning joint behavioural information of record.
The embodiment of the invention is when having other nodes to make malicious act in the P2P network in node detection, the evidence of this node of proof being made malicious act sends to the upstream node that this makes the node of malicious act, the information and the notified number of times of making malicious act of this node of the node of malicious act made in the upstream node record, and when needs are transmitted data message, selection does not have the node or the less node for data forwarding message of malicious act number of times of malicious act record, effectively reduces or avoids once making the influence of the node of malicious act to whole P2P network.
Description of drawings
Fig. 1 is the first embodiment flow chart that prevents the method for attacking in the P2P network of the present invention;
Fig. 2 is the first embodiment flow chart that prevents the method for attacking in the P2P network of the present invention;
Fig. 3 is the structural representation of network node of the present invention;
Fig. 4 is the system schematic of P2P network system of the present invention.
Embodiment
The embodiment of the invention provides a kind of method of attacking of preventing in the P2P network, and prevents P2P network and the network node attacked.When in the P2P network, having other nodes to make malicious act in node detection, the evidence of this node of proof being made malicious act sends to the upstream node that this makes the node of malicious act, the information and the notified number of times of making malicious act of this node of the node of malicious act made in the upstream node record, and when needs are transmitted data message, selection does not have the node or the less node for data forwarding message of malicious act record number of times of malicious act record, reaches minimizing or avoids once making the purpose of the node of malicious act to the influence of whole P2P network.
Describe the present invention below in conjunction with drawings and Examples.
As shown in Figure 4, be the system schematic of P2P network system of the present invention.By the decision of P2P network configuration characteristics, node A-G bears same work in the P2P network, and in the P2P network, data message transmits clockwise along the direction of A-G.For the ease of understanding, suppose in a data processing procedure, A is for initiating the node of request, F is the storage right root node of key/value that A asked, D is the node of the request of response A, C is the upstream node of D, and dotted line represents to ask the path of transmitting, and solid line is represented the notification message that node A sends.
As shown in Figure 1, be the first embodiment flow chart that in the P2P network, prevents the method for attacking of the present invention.Described method operates in the system shown in Figure 4, specifically may further comprise the steps:
S11, node A initiate to obtain the request message of resource in the P2P network, this request message carries the mark value key of resource.This request message transmits in the P2P network according to the routing rule of P2P.
After S12, node D receive this resource request message, send response message as root node to node A with own.
After S13, node A received the response message of node D transmission, whether the behavior that decision node D sends response message was malicious act.
Whether the behavior that the scheme decision node D that node A can utilize background technology of the present invention partly to provide sends response message is malicious act, being node A learns that by cooperative node node D is not the root node of the key that asked of responsible node A, repeats no more here.
After S14, node A judge that the behavior of determining node D transmission response message is malicious act, the upstream node of computing node D.
Preferably, can also to preserve the behavior that node D sends response message be the evidence of malicious act to node A.This evidence can comprise that the response message of node D signature and the node D that cooperative node sends are not the evidences of being responsible for the root node of the key that asked.
S15, node A send the malicious act notification message to node C, and notice node D makes malicious act.The behavior that can carry proof node D transmission response message in this malicious act notification message is the evidence of malicious act.
After S16, node C receive the malicious act notification message of node A transmission, judge whether this malicious act notification message is legal, if it is legal, execution in step S17 then, if not legal, can abandon or disregard this malicious act notification message, also can be when this malicious act notification message to be illegal, malicious act is confirmed as in the behavior that node A is sent this notification message.
Judge the malicious act notification message whether legal can whether be that the node of being trusted carries out according to node A, perhaps the behavior that sends response message according to the proof node D that carries in the malicious act notification message is that the evidence of malicious act carries out.If it is not the root node of the key that asked of responsible node A that this evidence can prove node D, think that then the behavior that node D sends response message is a malicious act.
The malicious act information of S17, node C record node D.This malicious act information comprises information and the notified number of times of making malicious act of node D of node D.
S18, node C at first calculate possible next-hop node after receiving the request of transmitting the P2P data message, select not have the node of malicious act record or the less node of malicious act record to transmit this data message then from these nodes.
As shown in Figure 2, be the second embodiment flow chart that in the P2P network, prevents the method for attacking of the present invention.Described method operates in the system shown in Figure 4 equally, specifically may further comprise the steps:
S21, node A initiate to obtain the request message of resource in the P2P network, this request message carries the mark value key of resource.This request message transmits in the P2P network according to the routing rule of P2P.
After S22, node D receive this resource request message, send response message as root node to node A with own.
After S23, node A received the response message of node D transmission, whether decision node D was malicious node.
Whether node A can utilize scheme decision node D that background technology of the present invention partly provides is the root node of the key that asked of responsible node A, if not, think that then node D is a malicious node.
After S24, node A judge that definite node D is malicious node, the upstream node of computing node D.
Preferably, node A can also preserve the evidence that node D is a malicious node.This evidence can comprise that the response message of node D signature and the node D that cooperative node sends are not the evidences of being responsible for the root node of the key that asked.
S25, node A send the malicious node notification message to node C, and notice node D is a malicious node.Can carry the evidence of proof node D malicious node in this malicious node notification message.
After S16, node C receive the malicious node notification message of node A transmission, judge whether this malicious node notification message is legal, if it is legal, execution in step S17 then, if not legal, can abandon or disregard this malicious node notification message, can think that also the node A that sends this notification message is a malicious node.
Judge the malicious node notification message whether legal can whether be that the node of being trusted carries out according to node A, be that the evidence of malicious node carries out perhaps according to the proof node D that carries in the malicious node notification message.If it is not the root node of the key that asked of responsible node A that this evidence can prove node D, think that then node D is a malicious node.
S27, node C record node D is a malicious node.Can also write down simultaneously that node D is notified to be the number of times of malicious node.
S18, node C at first calculate possible next-hop node after receiving the request of transmitting the P2P data message, select non-malicious node then or notifiedly transmit this data message for the less node of malicious node number of times from these nodes.
As shown in Figure 3, be the structural representation of network node of the present invention.By the decision of the design feature of P2P network, this network node can be any one node among the A-G among Fig. 4.This node comprises:
Receiving element is used to receive the malicious act notification message;
First judging unit is used to judge the legitimacy of the malicious act notification message that receiving element receives;
First memory cell is used for determining the legal back of malicious act notification message memory node malicious act information at judging unit that described malicious act information comprises that nodes ' behavior is confirmed as the number of times of malice;
Second judging unit is used to judge whether the behavior of the node that sends response message is malicious act;
Second memory cell is used for storing the evidence that described behavior is a malicious act after second judging unit determines that the behavior of the node of transmission response message is malicious act;
Computing unit is used to calculate the upstream node of the node of making malicious act;
Transmitting element is used for sending the malicious act notification message to the upstream node of the node of making malicious act; The mean no harm node of behavior or the less node of malicious act record of selection sent out the P2P data message as next redirect.
Corresponding to another embodiment of the present invention, the receiving element in the network node of the present invention also is used to receive the malicious node notification message; First judging unit also is used to judge the legitimacy of the malicious node notification message that receiving element receives; First memory cell is used for also determining the legal back storage of malicious node notification message malicious node information at judging unit that described malicious node information comprises that node is confirmed as the number of times of malice; Second judging unit is used to also judge whether the node that sends response message is malicious node; Second memory cell also is used for storing the evidence that described node is a malicious node after second judging unit determines that the node of transmission response message is malicious node; Computing unit also is used to calculate the upstream node of malicious node; Transmitting element also is used for sending the malicious node notification message to the upstream node of malicious node; Select the less node of non-malicious node or malice record to send out the P2P data message as next redirect.
By implementing the above embodiment of the present invention, can effectively reduce or avoid once making of the influence of the node (malicious node) of malicious act to whole P2P network.
The above only is a preferred implementation of the present invention; should be pointed out that for those skilled in the art, under the prerequisite that does not break away from the principle of the invention; any modification of being made, be equal to and replace and improve, all should be encompassed within protection scope of the present invention.
Claims (14)
1, a kind of method of attacking of preventing in the P2P network is characterized in that, comprising:
Receive the malicious act notification message, carry node malicious act information in the described malicious act notification message;
After determining that described malicious act notification message is legal, write down the node malicious act information of carrying in the described malicious act notification message;
Send out the P2P data message according to the mean no harm node of behavior or the less node of malicious act record of the node malicious act Information Selection of record as next redirect.
2, according to the described method of attacking of in the P2P network, preventing of claim 1, it is characterized in that the upstream node that described reception malicious act notification message is specially the node of making malicious act receives described malicious act notification message.
3, according to claim 1 or the 2 described methods of attacking of in the P2P network, preventing, it is characterized in that, before the step of described reception malicious act notification message, further comprise the step of detection node malicious act.
4, the method for attacking of preventing in the P2P network according to claim 3 is characterized in that the step of described detection node malicious act specifically comprises:
After the node of initial request messages receives response message, whether the node that judge to send described response message is the root node of being responsible for the mark value key that carries in the described request message, if not, then the behavior of definite described transmission response message is the node malicious act.
5, the method for attacking of preventing in the P2P network according to claim 4 is characterized in that, also comprises after the step of described detection node malicious act:
The described node malicious act of the nodes records of initial request messages information, the upstream node transmission malicious act notification message to the node of making described malicious act carries described malicious act information and proves that the behavior is the evidence of malicious act.
6, the method for attacking of in the P2P network, preventing according to claim 5, it is characterized in that the evidence that described proof is malicious act the behavior comprises the response message of this node signature and proves that this node is not an evidence of being responsible for the root node of the mark value key that carries in the described request message.
7, according to claim 5 or the 6 described methods of attacking of in the P2P network, preventing, it is characterized in that the evidence that described this nodes ' behavior of proof of determining that the legal upstream node that specifically is meant the node of making malicious act of described malicious act notification message determines that the node of initial request messages sends is a malicious act is legal.
8, a kind of network node is characterized in that, comprising:
Receiving element is used to receive the malicious act notification message;
First judging unit is used to judge the legitimacy of the malicious act notification message that receiving element receives;
First memory cell is used for determining the legal back of malicious act notification message memory node malicious act information at judging unit that described malicious act information comprises that nodes ' behavior is confirmed as the number of times of malice.
9, network node according to claim 8 is characterized in that, also comprises:
Second judging unit is used to judge whether the behavior of the node that sends response message is malicious act;
Second memory cell is used for storing the evidence that described behavior is a malicious act after second judging unit determines that the behavior of the node of transmission response message is malicious act.
10, network node according to claim 9 is characterized in that, also comprises:
Computing unit is used to calculate the upstream node of the node of making malicious act;
Transmitting element is used for sending the malicious act notification message to the upstream node of the node of making malicious act; The mean no harm node of behavior or the less node of malicious act record of selection sent out the P2P data message as next redirect.
11, a kind of method of attacking of preventing in the P2P network is characterized in that, comprising:
Receive the malicious node notification message, carry malicious node information in the described malicious node notification message;
After determining that described malicious node notification message is legal, write down the malicious node information of carrying in the described malicious node notification message;
Non-malicious node of malicious node Information Selection or the less node of malice record according to record are sent out the P2P data message as next redirect.
12, a kind of network node is characterized in that, comprising:
Receiving element is used to receive the malicious node notification message;
First judging unit is used to judge the legitimacy of the malicious node notification message that receiving element receives;
First memory cell is used for determining the legal back storage of malicious node notification message malicious node information at judging unit that described malicious node information comprises that malicious node is confirmed as the number of times of malice;
Transmitting element is used to select the less node of non-malicious node or malice record to send out the P2P data message as next redirect.
13, a kind of P2P network system, comprise first node and Section Point, it is characterized in that described first node is used to judge whether the node that sends response message is malicious node, and when the node of described transmission response message is malicious node, send the malicious node notification message to Section Point;
Described Section Point is the upstream node of malicious node, described Section Point is used to receive described malicious node notification message, judge the legitimacy of described malicious node notification message, when described malicious node notification message is legal, write down described malicious node information, and after receiving data message, send out data message described as next redirect according to the less node of the non-malicious node of malicious node Information Selection of record or malice record.
14, a kind of P2P network system, comprise first node and Section Point, it is characterized in that, described first node is used to judge whether the behavior of the node that sends response message is malicious act, and when the behavior of the node of described transmission response message is malicious act, send the malicious act notification message to Section Point;
Described Section Point is a upstream node of making the node of malicious act, described Section Point is used to receive described malicious act notification message, judge the legitimacy of described malicious act notification message, when described malicious act notification message is legal, write down described node malicious act information, and select the node of the behavior that means no harm or the less node of malicious act record to send out the P2P data message as next redirect according to the evil node meaning joint behavioural information of record.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200710124641.8A CN101436926B (en) | 2007-11-16 | 2007-11-16 | Method, network node and system for preventing aggression in P2P network |
PCT/CN2008/072506 WO2009062429A1 (en) | 2007-11-16 | 2008-09-25 | Method, net node and system avoiding attacks in p2p network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200710124641.8A CN101436926B (en) | 2007-11-16 | 2007-11-16 | Method, network node and system for preventing aggression in P2P network |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101436926A true CN101436926A (en) | 2009-05-20 |
CN101436926B CN101436926B (en) | 2011-11-16 |
Family
ID=40638338
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200710124641.8A Active CN101436926B (en) | 2007-11-16 | 2007-11-16 | Method, network node and system for preventing aggression in P2P network |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN101436926B (en) |
WO (1) | WO2009062429A1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102291371A (en) * | 2010-06-21 | 2011-12-21 | 中兴通讯股份有限公司 | Routing attack defense method and device |
CN106611137A (en) * | 2015-10-22 | 2017-05-03 | 阿里巴巴集团控股有限公司 | Risk control method and device |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7051102B2 (en) * | 2002-04-29 | 2006-05-23 | Microsoft Corporation | Peer-to-peer name resolution protocol (PNRP) security infrastructure and method |
US7656810B2 (en) * | 2005-03-25 | 2010-02-02 | Microsoft Corporation | System and method for monitoring and reacting to peer-to-peer network metrics |
CN100471199C (en) * | 2005-06-09 | 2009-03-18 | 清华大学 | Method for establishing local trust model based on binary opinion in a peer-to-peer network |
-
2007
- 2007-11-16 CN CN200710124641.8A patent/CN101436926B/en active Active
-
2008
- 2008-09-25 WO PCT/CN2008/072506 patent/WO2009062429A1/en active Application Filing
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102291371A (en) * | 2010-06-21 | 2011-12-21 | 中兴通讯股份有限公司 | Routing attack defense method and device |
CN102291371B (en) * | 2010-06-21 | 2015-09-16 | 中兴通讯股份有限公司 | A kind of routing attack defense method and device |
CN106611137A (en) * | 2015-10-22 | 2017-05-03 | 阿里巴巴集团控股有限公司 | Risk control method and device |
Also Published As
Publication number | Publication date |
---|---|
WO2009062429A1 (en) | 2009-05-22 |
CN101436926B (en) | 2011-11-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Baumgart et al. | S/kademlia: A practicable approach towards secure key-based routing | |
EP1361728B1 (en) | Peer-to-peer name resolution protocol (pnrp) security infrastructure and method | |
EP2230802B1 (en) | A method and apparatus for maintaining route information | |
CN101534309B (en) | A node registration method, a routing update method, a communication system and the relevant equipment | |
JP5048134B2 (en) | Packet routing method, system, apparatus, and backup resource selection method, system | |
US20070233832A1 (en) | Method of distributed hash table node ID collision detection | |
CN104247371A (en) | Name-based neighbor discovery and multi-hop service discovery in information-centric networks | |
US8612618B2 (en) | Peer-to-peer DNS networking method | |
CN101436926B (en) | Method, network node and system for preventing aggression in P2P network | |
CN101729362A (en) | Method, equipment and system for realizing topology optimization of structural P2P network | |
JP2012186519A (en) | Communication system | |
Cervera et al. | Security issues in link state routing protocols for MANETs | |
Bender et al. | Fighting spam with the NeighborhoodWatch DHT | |
Salim et al. | A survey: Optimal node routing strategies in MANET | |
CN102148847B (en) | Based on the method and system of the client access peer-to-peer network of RELOAD | |
Singh et al. | Agyaat: Providing mutually anonymous services over structured p2p networks | |
Lee et al. | DDoS attack by file request redirection in Kad P2P network | |
Park et al. | Proximity based peer-to-peer overlay networks (P3ON) with load distribution | |
Warneke et al. | Load balancing in p2p networks: Using statistics to fight data and execution skew | |
Fujii et al. | Security analysis for p2p routing protocols | |
Saboori et al. | Dual-Path Peer-to-Peer Anonymous Approach | |
Yajima et al. | Hub node reinforcement against forwarding obstruction attacks in peer-to-peer networks | |
Bo | Optimizing the network topology in gnutella p2p networks | |
JP2012186520A (en) | Communication system | |
Perrig et al. | Control Plane |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20211224 Address after: 450046 Floor 9, building 1, Zhengshang Boya Plaza, Longzihu wisdom Island, Zhengdong New Area, Zhengzhou City, Henan Province Patentee after: xFusion Digital Technologies Co., Ltd. Address before: 518129 intellectual property department, third floor, Huadian, Longgang District, Shenzhen District, Guangdong, Bantian Patentee before: HUAWEI TECHNOLOGIES Co.,Ltd. |