P2P based intrusion detection
Zoltán Czirkos, Gábor Hosszú
This paper presents a novel security method. The software entities utilizing this method create a peer-to-peer application level network, which is then used to share information about intrusion attempts detected. Data collected this way is then used to enhance the protection of all participants. The system is completely decentralized, thus it remains functional over an unstable network or when many peers are attacked at once. The Kademlia P2P overlay is found to be the most suitable to create such a network. The stability of the overlay and the broadcast algorithms are both analyzed in this article.