作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2009, Vol. 35 ›› Issue (13): 134-136. doi: 10.3969/j.issn.1000-3428.2009.13.046

• 安全技术 • 上一篇    下一篇

eMule协议的安全性研究

刘简达,施 勇,薛 质   

  1. (上海交通大学信息安全工程学院,上海 200240)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2009-07-05 发布日期:2009-07-05

Research on eMule Protocol’s Security Characteristic

LIU Jian-da, SHI Yong, XUE Zhi   

  1. (School of Information Security Engineering, Shanghai Jiaotong University, Shanghai 200240)
  • Received:1900-01-01 Revised:1900-01-01 Online:2009-07-05 Published:2009-07-05

摘要: 研究eMule协议在安全性设计方面所存在的缺陷和不足,指出eMule软件在用户隐私泄露、用户积分欺诈和恶意代码攻击3个方面对用户造成的风险,给出改进方案。针对eMule协议在Ed2k链接格式上的2个漏洞提出一种新的攻击方式,设计攻击流程,并进行模拟攻击实验,实验结果表明该攻击方式的成功率达到100%。

关键词: 安全保密, eMule协议, 网络攻击, P2P技术

Abstract: This paper studies the limitation and shortage of eMule protocol’s security design. Based on the study, the eMule software can bring risk to users in three aspects such as privacy leaking, credit cheating and malicious code attack. The suggestions for improvement are proposed accordingly. A new attack method which is based on two leaks of the Ed2k link format is established. It designs the attack flow, and an attack simulation experiment is processed, which shows that the success ratio of this attack method is 100%.

Key words: security and secrecy, eMule protocol, network attack, Peer-to-Peer(P2P) technology

中图分类号: