Abstract: This paper studies the limitation and shortage of eMule protocol’s security design. Based on the study, the eMule software can bring risk to users in three aspects such as privacy leaking, credit cheating and malicious code attack. The suggestions for improvement are proposed accordingly. A new attack method which is based on two leaks of the Ed2k link format is established. It designs the attack flow, and an attack simulation experiment is processed, which shows that the success ratio of this attack method is 100%.

Key words: security and secrecy, eMule protocol, network attack, Peer-to-Peer(P2P) technology

摘要： 研究eMule协议在安全性设计方面所存在的缺陷和不足，指出eMule软件在用户隐私泄露、用户积分欺诈和恶意代码攻击3个方面对用户造成的风险，给出改进方案。针对eMule协议在Ed2k链接格式上的2个漏洞提出一种新的攻击方式，设计攻击流程，并进行模拟攻击实验，实验结果表明该攻击方式的成功率达到100%。

关键词: 安全保密, eMule协议, 网络攻击, P2P技术

CLC Number: 

• TP393.08