Measurement And Analysis System Based On Kad

In recent years, the number of Internet users in China is increasing, P2 P has become more and more popular with the increasing demand of users’ shared files. As a P2 P network, it should extensively apply to Kademlia protocol. The network is filled with data. Meanwile, a large number of malicious nodes in the KAD network frequent activities, and constantly launched Sybil attacks, DDos attacks,etc. So it is meaningful for the entire network stability and KAD network assessment to collect nodes and analyze their characteristics. By analyzing node characteristics and safety factors influencing KAD network, this paper proposed the malware detection and optimization scheme based on real-time measurement.Firstly this paper analyzed the relevant background and protocols of KAD network. By comparing different KAD network strategies, this paper eventually proposed the measurement scheme based on node K bucket depth. Using the collected nodes as a priori, this paper calculated the average depth of the node K bucket, so that the entire measuring process would be better. By combining theory and measurement strategies of KAD network, we designed a crawler system that uses the strategy of active diffusion and passive monitor to collect nodes.By analyzing the experiment results, we conclude that this system can ensure a better performance of collecting nodes. It can reach tens of millions of magnitude.Secondly, this paper have analyzed nodes characteristics based on repeatedly gathering KAD network data. By statistics of nodes’ geographical distribution, the majority of KAD users lie in China and Europe, such as Italy, Spain and France. By statistics of the availability rate and repetition rate of node K bucket, we concluded that the query performance of KAD network is relatively excellent at present.Finally, this paper proposed the establishment of an open, real-time updates of data sets, based on the nodes’ spatial characteristics, the numbers of request jump to nodes, and K bucket depth, in order to guide the user’s query, reducing the probability of a request to the malicious node.