Kad network

The Kad network is a peer-to-peer (P2P) network which implements the Kademlia P2P overlay protocol.[1] The majority of users on the Kad Network are also connected to servers on the eDonkey network, and Kad Network clients typically query known nodes on the eDonkey network in order to find an initial node on the Kad network.

Usage

The Kad network uses a UDP-based protocol to:

  • Find sources for eD2k hashes.
  • Search for eD2k hashes based on keywords in the file name.
  • Find comments and ratings for files (hashes).
  • Provide buddy services for firewalled (Low ID) nodes.
  • Store locations, comments and (keywords out of) filenames.

Note that the Kad network is not used to actually transfer files across the P2P network. Instead, when a file transfer is initiated, clients connect directly to each other (using the standard public IP network). This traffic is susceptible to blocking/shaping/tracking by an ISP or any other opportunistic middle-man.

As with all decentralized networks, the Kad network requires no official or common servers. As such, it cannot be disabled by shutting down a given subset of key nodes. While the decentralization of the network prevents a simple shut-down, traffic analysis and deep packet inspection will more readily identify the traffic as P2P due to the high variable-destination packet throughput. The large packet volume typically causes a reduction in available CPU and/or network resources usually associated with P2P traffic.

Clients

The Kad network supports searching of files by name and a number of secondary characteristics such as size, extension, bit-rate, and more. Features vary based on client used.

Major clients

Only a few major clients currently support the Kad network implementation. However, they comprise over 80% of the user base and are probably closer to 95% of ed2k installations.

  • eMule: An open source Windows client which is the most popular, with 80% of network users. It also runs on Linux using the Wine libraries.

There are a number of minor variants, or forks, of eMule which support the same basic features as eMule itself. They include: aMule (A Linux client similar to eMule) and eMule Mods (not eMule Plus), possibly others.

Malware/virus

  • TDL-4: A botnet virus that is reported to use this network as a backup for updates and new instructions if its Command and Control servers are taken down.[2]

See also

References

  1. Wang, Peng; Tyra, James; Chain-Tin, Eric; Malchow, Tyson; Foo Kune, Denis; Hopper, Nicholas; Kim, Yongdae (September 2008). "Attacking the Kad network" (PDF). Proceedings of the 4th international conference on Security and privacy in communication netowrks. pp. 1–10. doi:10.1145/1460877.1460907. ISBN 9781605582412. S2CID 1767558. {{cite book}}: |journal= ignored (help)
  2. "Botnet access to the Kad network". SecureList. 27 June 2011. Retrieved 30 June 2011.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.