相互通信に着目した暗号化P2Pトラヒックの弁別手法

૬ޓ௨৴ʹண໨ͨ͠҉߸Խ

P2P

τϥώοΫͷหผख๏

ླ໦ক࢙

†

Ѩ෦༸ৎ

††

Ԭ෦ਖ਼޾

†††

കଜګ࢘

† P2P ϑΝΠϧڞ༗ΞϓϦέʔγϣϯʹΑΔ৘ใ࿙Ӯ΍ஶ࡞ݖ৵֐ɼҰ෦ͷϔϏʔϢʔβʹΑΔτϥ ώοΫ઎༗͸େ͖ͳ໰୊ͱͳ͍ͬͯΔɽ͜ͷͨΊɼ௨৴τϥώοΫ͔Β P2P ͷ௨৴Λหผ͢Δ͜ͱ Ͱ্هͷ໰୊Λ཈ࢭ͢Δ͜ͱ͕ٻΊΒΕ͍ͯΔɽ͜ΕΛ͏͚༷ͯʑͳหผख๏͕ఏҊ͞Ε͍ͯΔ͕ɼ ैདྷͷหผख๏Ͱ͸௨৴͕҉߸Խ͞Εͨ৔߹ʹ P2P τϥώοΫΛหผ͢Δ͜ͱ͕ࠔ೉Ͱ͋Δͱ͍ͬ ͨ໰୊͕ੜ͡Δɽͦ͜ͰຊߘͰ͸ P2P τϥοΫͷ૬ޓ઀ଓੑʹண໨͠ɼ҉߸Խ͞Εͨ௨৴Ͱ΋ P2P τϥώοΫΛหผͰ͖Δख๏ΛఏҊ͢Δɽ·ͨɼఏҊख๏ʹରͯ͠҉߸Խ͞Εͨ P2P τϥώοΫΛ ༻͍ͯධՁΛߦ͏ɽ͞ΒʹɼPlanetlab Λ༻͍ͯ޿ҬωοτϫʔΫͰͷଌఆΛߦ͍ɼఏҊख๏ͷద༻ ൣғΛ໌Β͔ʹ͢Δɽ

An analytical method for the pure P2P traffic

that focus attention on a bidirectional

connection for encrypted connection

Masashi Suzuki,

†

_{Hirotake Abe,}

††

_{Masayuki Okabe}

†††

and Kyoji Umemura

†

Today, There are problems such as the information leak and the copyright infringement by the peer-to-peer file-sharing application, and the traffic occupation by some heavy users. For these reasons, P2P communication discrimination becomes necessary to suppress the above problems. As a result, various discrimination techniques have been proposed. However, if the communication is encrypted, it is usually difficult to distinguish P2P traffic from ordinal traffic by the existing discrimination technique. In this paper, we propose a technique to detect P2P traffic in encrypted communications, focusing on the inter-connecting behaving of P2P traffic. We have evaluated using the proposed methodology for an encrypted P2P traffic. In addition, by measurement in the wide-area networks using planetlab, we have discussed the limitation of the proposed methodology.

1. ͸ ͡ Ί ʹ

1.1 എ ܠ ۙ೥ɼWinnyͳͲͷP2PϑΝΠϧڞ༗ΞϓϦέʔ γϣϯͰ͸৘ใྲྀग़΍ஶ࡞ݖ৵֐ͳͲͷ໰୊͕ൃੜ͠ ͍ͯΔɽ·ͨɼ͜ͷ΄͔ͷ໰୊ͱͯ͠P2PϑΝΠϧ ڞ༗ΞϓϦέʔγϣϯʹΑͬͯಈը΍ԻָͳͲڊେͳ αΠζͷϑΝΠϧަ׵͕ߦΘΕΔͨΊɼωοτϫʔΫ τϥώοΫ͕େ෯ʹ૿େ͓ͯ͠ΓɼΠϯϑϥ΁ͷଟେ † ๛ڮٕज़Պֶେֶ৘ใ޻ֶܥ

Information and Computer Science, Toyohashi Univer-sity of Technology

†† େࡕେֶαΠόʔϝσΟΞηϯλʔ

Cybermedia Center, Osaka University

††† ๛ڮٕज़Պֶେֶ৘ใϝσΟΞج൫ηϯλʔ

Information and Media Center, Toyohashi University of Technolog ͳෛ୲ͱͳ͍ͬͯΔ5)_{ɽ͜ͷͨΊɼP2PϑΝΠϧڞ༗} ΞϓϦέʔγϣϯͷτϥώοΫΛಛఆ͠ɼ্هͷ໰୊ Λ཈ࢭ͢Δ͜ͱ͕ظ଴͞Ε͍ͯΔɽ ɹ͜ΕΛ͏͚ͯP2PϑΝΠϧڞ༗ΞϓϦέʔγϣϯΛ ಛఆ͢ΔͨΊʹ͍͔ͭ͘ͷݚڀ͕ͳ͞Ε͍ͯΔɽྫ͑ ͹ύέοτͷϖΠϩʔυΛղੳ͢Δ͜ͱʹΑͬͯP2P ϑΝΠϧڞ༗ΞϓϦέʔγϣϯΛಛఆ͢ΔOne Point Wall3)_{͕͋Δɽ͜Ε͸ϖΠϩʔυ෦ʹؚ·ΕΔP2P} ϑΝΠϧڞ༗ΞϓϦέʔγϣϯಛ༗ͷϏοτύλʔϯ Λݕग़͢Δํ๏Ͱ͋Δɽ͜ͷ΄͔ʹ΋τϥϯεϙʔ τ૚ͷϔομ৘ใ͔ΒಘΒΕΔ৘ใΛར༻ͯ͠ɼP2P ϑΝΠϧڞ༗ΞϓϦέʔγϣϯͷτϥώοΫύλʔϯ Λหผ͢Δํ๏΋͋Δ4)_{ɽ͔͠͠ɼ͜ΕΒͷղੳख๏} Ͱ͸τϥϯεϙʔτ૚Ͱͷ҉߸Խ͕ࢪ͞Εͯ͠·ͬͨ ৔߹ɼղੳ͢ΔͨΊͷ৘ใ͕ಡΈऔΕͳ͘ͳͬͯ͠· ͏ɽͦͷͨΊɼ্هͰڍ͛ͨหผख๏Ͱ͸҉߸Խ௨৴

ͱ͍͏৚݅ԼͰ͸P2PτϥώοΫΛਖ਼͘͠หผ͢Δ ͜ͱ͕Ͱ͖ͳ͍ͱ͍ͬͨՄೳੑ΋ੜ͡Δɽ 1.2 ຊݚڀͷ໨త લઅͰड़΂ͨΑ͏ʹطଘͷղੳख๏Ͱ͸҉߸Խ͞Ε ͨ௨৴͔ΒP2PτϥώοΫΛหผ͢Δ͜ͱ͕೉͍͠ ͜ͱ͕Θ͔Δɽͦ͜Ͱɼզʑ͸P2PϑΝΠϧڞ༗Ξϓ Ϧέʔγϣϯͷ૒ํ޲௨৴ʹண໨ͯ͠P2PτϥώοΫ ղੳΛߦ͏ɽ͜ͷख๏͸௨৴͕҉߸Խ͞Ε͍ͯͳ͍৚ ݅Ͱͷղੳख๏2)_{͕ఏҊ͞Ε͍ͯΔɽຊߘͰ͸͜ͷख} ๏Λ֦ு͠ɼτϥϯεϙʔτ૚Ͱͷ҉߸Խ͕ࢪ͞Εͨ ৚݅ԼͰ΋P2PτϥώοΫΛหผͰ͖Δख๏ΛఏҊ ͢Δɽͳ͓ɼ͜ͷख๏͸1)_{Λ΋ͱʹ͓ͯ͠Γɼ࣮σʔ} λͷଌఆΛ΋ͱʹվྑͨ͠΋ͷͰ͋Δɽ 1.3 ຊߘͷߏ੒ ຊߘ͸શ5ষͰߏ੒͞ΕΔɽ ɹୈ1ষͰ͸ɼຊݚڀͷഎܠͱ໨తʹ͍ͭͯड़΂ͨɽ ɹୈ2ষͰ͸ɼຊݚڀͷϕʔεͱͳΔP2Pτϥώο Ϋหผख๏ͱɼຊݚڀͰఏҊ͢ΔP2PτϥώοΫห ผख๏ʹ͍ͭͯड़΂Δɽ ɹୈ3ষͰ͸ɼ҉߸ԽΛࢪͨ͠௨৴ʹରͯ͠ຊݚڀͷ ख๏Λ༻͍ͨ৔߹ʹݒ೦͞ΕΔ໰୊఺ʹ͍ͭͯड़΂Δɽ ͦͯ͠ɼ͜ΕΒͷ໰୊఺ʹର͢ΔղܾࡦΛࣔ͢ɽ ɹୈ4ষͰ͸ɼ༷ʑͳτϥώοΫʹରͯ͠ຊݚڀͷख ๏Λద༻ͨ݁͠ՌΛࣔ͢ɽ͜ΕʹΑΓɼຊݚڀͷख๏ ͕༗ޮͰ͋Δ͔Ͳ͏͔Λݕ౼͢Δɽ ɹୈ5ষͰ͸ɼຊݚڀͷ݁࿦Λड़΂Δɽ

2. ૒ํ޲௨৴ʹண໨ͨ͠ P2P τϥώοΫห

ผख๏

2.1 ϕʔεݚڀʹ͍ͭͯ ௨ৗͷαʔόͱΫϥΠΞϯτؒͷ௨৴Ͱ͸ɼΫϥΠ Ξϯτଆ͔Βαʔόଆ΁௨৴࿏ͷཱ֬Λߦ͏ɽ͜ͷΑ ͏ͳ௨৴Ϟσϧ͸ΫϥΠΞϯταʔόϞσϧͱݺ͹Ε Δɽ͔͠͠ɼҰ෦ͷϐϡΞP2Pͷ௨৴Ͱ͸ΫϥΠΞϯ τಉ࢜Ͱ૒ํ޲ʹ௨৴࿏Λཱ֬͢Δඞཁ͕͋ΔͨΊɼ ֤ϊʔυؒͰ޲͖ͷҟͳΔೋຊͷ௨৴࿏͕ଘࡏ͢Δ͜ ͱʹͳΔɽ·ͨP2P௨৴Ͱ͸֤ϊʔυ͕ࣗ༝ʹࢀՃɼ ཭୤Ͱ͖ΔͨΊɼසൟʹϊʔυؒͰ௨৴࿏Λཱ֬͢Δ ඞཁ͕͋Δɽ͜ͷΑ͏ͳ௨৴Ϟσϧ͸ϐϡΞP2PϞ σϧͱݺ͹ΕΔɽ͜ͷΑ͏ʹසൟʹ૒ํ޲ʹ௨৴࿏Λ ཱ֬͢ΔΑ͏ͳ௨৴͸αʔόͱΫϥΠΞϯτʹΑΔ௨ ৴Ͱ͸ଘࡏͤͣɼϐϡΞP2PͰͷ௨৴Ҏ֎ʹ͸͋· Γଘࡏ͠ͳ͍ɽͦ͜Ͱ͜ͷ૒ํ޲௨৴ʹண໨͢Δ͜ͱ ͰɼΫϥΠΞϯταʔόϞσϧͱϐϡΞP2PϞσϧ Λ۠ผͯ͠P2PτϥώοΫͷหผΛߦ͏ɽ ͔͠͠ɼ ͜ͷϕʔεݚڀͰ͸TCPͷϔομ৘ใΛ༻͍ͯ௨৴ ࿏ͷཱ֬Λ൑ผ͍ͯ͠ΔͨΊɼ௨৴͕҉߸Խ͞Εͯ͠ ·ͬͨ৔߹ʹ͸P2PτϥώοΫΛหผ͢Δ͜ͱ͕Ͱ ͖ͳ͍ͱ͍͏໰୊͕͋Δɽ 2.2 ҉߸Խ௨৴͓͚ΔP2PτϥώοΫหผͷఏ Ҋख๏ ௨৴࿏ͷཱ֬Λߦ͏ͨΊʹωΰγΤʔγϣϯΛߦ͏ɽ ͜ͷωΰγΤʔγϣϯͷखॱ͸εϦʔ΢ΣΠϋϯυγΣ ΠΫͱݺ͹ΕΔɽεϦʔ΢ΣΠϋϯυγΣΠΫ͸σʔ λ௨৴ʹઌཱͬͯSYNύέοτɼSYN/ACKύέο τɼACKύέοτͷॱʹ3ճͷ௨৴Λߦ͏ɽ͜ΕΒ ͷύέοτͷૹड৴ޙʹ௨৴࿏ཱ͕֬͞ΕΔɽ ɹ ϕ ʔ ε ݚ ڀ ͷ ख ๏ Ͱ ͸ ͜ ͷ SYN ύ έοτ ΍ SYN/ACKύέοτΛTCPͷϔομ৘ใΛݟΔ͜ ͱͰ֬ೝ͍ͯͨ͠ɽ͔͠͠ɼ҉߸Խ͞Εͨ௨৴Ͱ͸ TCPͷϔομ৘ใ͕Θ͔Βͳ͍ͨΊɼ ϕʔεݚڀͷ Α͏ʹSYNύέοτ΍SYN/ACKύέοτΛ֬ೝ ͢Δ͜ͱ͸Ͱ͖ͳ͍ɽͦ͜ͰຊߘͰ͸ɼࣄલʹௐࠪ͠ ͨSYNύέοτͱSYN/ACKύέοτͷִ࣌ؒؒ Ћͱɼ૬ޓʹεϦʔ΢ΣΠϋϯυγΣΠΫ͕ߦΘΕΔ ִ࣌ؒؒЌɼͦΕͱSYNύέοτͱSYN/ACKύ έοτͷύέοτ௕Λ΋ͱʹP2PτϥώοΫΛหผ ͢Δɽ͜ΕΒͷִ࣌ؒؒΛਤ1ʹࣔ͢ɽ ɹҎ্ͷಛ௃ྔΛ༻͍ͯP2PτϥώοΫΛหผ͢Δɽ ·ͣεϦʔ΢ΣΠϋϯυγΣΠΫͷ൑ఆ৚݅͸SYN ύέοτͱSYN/ACKύέοτͷύέοτ௕͕ڞʹ 62byteͰ͋Δ͜ͱ͔Βɼ62byteͷύέοτ͕ૹ৴͞ Ε͔ͯΒִ࣌ؒؒЋͷؒʹ62byteͷύέοτ͕ฦ৴ ͞Εͨ৔߹ʹεϦʔ΢ΣΠϋϯυγΣΠΫͰ͋Δͱ൑ ఆ͢Δɽͦͷޙɼִ࣌ؒؒЌҎ಺ʹ൓ରଆͷϗετ͔ Β࠶౓্هͷ൑ఆํ๏ͰεϦʔ΢ΣΠϋϯυγΣΠΫ Λߦ͍ͬͯΔ͜ͱ͕൑ఆ͞ΕΕ͹ɼP2P௨৴Ͱ͋Δͱ ൑ఆ͢Δɽ ɹ͜ΕʹΑΓɼͨͱ͑҉߸ԽʹΑͬͯTCPͷϔομ ৘ใΛಡΈऔΔ͜ͱ͕Ͱ͖ͳ͘ͱ΋ɼύέοτ௕ͱ࣌ ִؒؒЋɼЌΛ༻͍Δ͜ͱͰεϦʔ΢ΣΠϋϯυγΣ ΠΫΛ൑ผͰ͖ΔͨΊɼP2PτϥώοΫΛหผ͢Δ ͜ͱ͕Ͱ͖Δͱߟ͑ΒΕΔɽ·ͨɼִ࣌ؒؒЋɼЌ͸ P2PΞϓϦέʔγϣϯͷ௨৴ΛΩϟϓνϟͨ͠τϥ ώοΫΛ΋ͱʹܾͯ͠ΊΔ(۩ମతʹ͸ޙड़͢Δ)

3. ҉߸Խ௨৴ʹ͍ͭͯ

3.1 ҉߸Խʹ͍ͭͯ ຊߘͰ͸௨৴ͷ҉߸Խʹ࢖༻͢Δ҉߸Խϓϩτίϧ ͱͯ͠IPsec6)_{Λ૝ఆ͢ΔɽIPsec͸ෳ਺ͷ҉߸Խํ} ࣜΛ࠾༻͢Δ͜ͱ͕Ͱ͖ΔͷͰɼ௨৴૬खͱͷؒͰ௨

ਤ 1 P2P τϥώοΫͷಛ௃ྔ ৴ͷઃఆΛ߹ΘͤΔͨΊʹύϥϝʔλΛڞ༗͢Δඞ ཁ͕͋Δɽ͜ͷͱ͖௨৴૬खͱڞ༗͢ΔύϥϝʔλΛ SAͱݺͿɽSAʹ͸༷ʑͳύϥϝʔλ͕͋Δ͕ɼॏ ཁͳύϥϝʔλͱͳΔͷ͕ηΩϡϦςΟϓϩτίϧͱ ϞʔυͰ͋ΔɽηΩϡϦςΟϓϩτίϧʹ͸ESPͱ AH͕͋Δ7)_{ɽESP͸ύέοτͷ҉߸ԽػೳΛఏڙ͠ɼ} AH͸ൃ৴ݩͷೝূɼ׬શੑೝূΛఏڙ͢ΔɽϞʔυ ʹ͸τϥϯεϙʔτϞʔυͱτϯωϧϞʔυͷ2͕ͭ ͋ΔɽτϥϯεϙʔτϞʔυ͸ϖΠϩʔυ͚ͩΛɼτ ϯωϧϞʔυ͸IPύέοτશମΛΧϓηϧԽ͢Δɽ ɹຊߘͰ͸ηΩϡϦςΟϓϩτίϧʹESPɼϞʔυʹ τϥϯεϙʔτϞʔυΛબ୒ͯٞ͠࿦ΛਐΊΔɽηΩϡ ϦςΟϓϩτίϧΛESPͱͨ͠ཧ༝ͱͯ͠͸ɼAHͰ ͸௨৴ͷ҉߸Խ͕Ͱ͖ͣೝূ͔͠ఏڙ͞Ε͍ͯͳ͍ͨ ΊͰ͋Δɽ·ͨɼτϥϯεϙʔτϞʔυΛબ୒ͨ͠ཧ ༝͸ɼࠓճ͸IPϔομ·Ͱ҉߸Խ͢ΔΘ͚Ͱ͸ͳ͘ɼ TCPϔομ·Ͱ҉߸Խ͢Δ͜ͱΛ૝ఆ͍ͯ͠ΔͨΊ Ͱ͋Δɽͳ͓ɼτϥϯεϙʔτϞʔυΛબ୒͔ͨ͠Β ͱ͍ͬͯɼύέοτ௕͕୹͍ύέοτ͸୹͘ɼ௕͍ύ έοτ͸௕͍͜ͱʹมΘΓ͸ͳ͍ɽ͞ΒʹIPϔομ ͕҉߸Խ͞Εͨ৔߹Ͱ΋ɼPoint-to-PointͰP2PϑΝ Πϧڞ༗ΞϓϦέʔγϣϯ͕௨৴Λߦ͍ͬͯΔ͜ͱ͸ ൑ผͰ͖Δɽ͜ͷͨΊɼτϥϯεϙʔτϞʔυΛબ୒ ͔ͨ͠Βͱ͍ͬͯɼҰൠੑ͕ࣦΘΕΔ͜ͱ͸ͳ͍ɽ 3.2 ௨৴ͷ҉߸ԽʹΑΔ໰୊఺ͱରࡦ 3.2.1 ύέοτ௕ͷมߋʹΑΔӨڹ IPsecʹΑͬͯ҉߸ԽΛߦ͏৔߹ɼύέοτʹର͠ ͯ҉߸ԽͷͨΊͷσʔλ͕෇Ճ͞ΕΔɽͦͷͨΊɼτ ϥώοΫหผͰඞཁͳಛ௃ྔͰ͋Δύέοτ௕͕มԽ ͯ͠͠·͏ͱ͍ͬͨ໰୊͕͋Δɽ ɹͦ͜ͰɼWindows XPͰར༻Ͱ͖ΔIPsecʹΑͬ ͯ҉߸Խ͞Εͨ௨৴ΛΩϟϓνϟͯ͠ɼ҉߸Խ͞Εͯ ͍ͳ͍௨৴ͱ҉߸Խ͞Εͨ௨৴Λൺֱͯ͠ύέοτ௕ ਤ 2 3 ΢ΣΠϋϯυγΣΠΫͷִ࣌ؒؒͷൺֱ ͷ૿ՃΛௐ΂ͨɽ݁Ռͱͯ͠ɼ͢΂ͯͷύέοτ௕͕ 32byteͣͭ૿Ճ͍ͯ͠Δ͜ͱ͕Θ͔ͬͨɽ͜Ε͕ଞ ͷ؀ڥͰ͋ͬͨͱͯ͠΋ɼύέοτ௕ͷ૿Ճ͸ϓϩτ ίϧʹґଘ͢ΔͨΊʹͦΕ΄ͲมԽ͸ͳ͍ɽ͜ΕʹΑ Γɼ҉߸Խ͞Εͨ௨৴ʹରͯ͠ຊߘͷख๏Λ༻͍Δʹ ͸ɼಛ௃ྔͱͯ͠༻͍Δύέοτ௕Λ32byte૿Ճ͞ ͤΕ͹͍͍͜ͱ͕Θ͔ͬͨɽ 3.2.2 ҉߸ԽॲཧʹΑΔ஗ԆͷӨڹ ҉߸Խ௨৴Λߦ͏ࡍʹ͸҉߸Խ΍෮߸Խॲཧ͕ඞ ཁͱͳΔɽ͜ͷॲཧʹΑͬͯϥ΢ϯυτϦοϓλΠ ϜʢRTTʣ͕૿Ճ͢Δ͜ͱ͕૝ఆ͞ΕΔɽRTT ͕ ૿Ճͯ͠͠·ͬͨ৔߹ɼSYNύέοτΛૹ͔ͬͯΒ SYN/ACKύέοτ͕ฦͬͯ͘Δִ͕࣌ؒؒ௕͘ͳ ΓɼτϥώοΫͷหผʹରͯ͠Өڹ͕ͰΔՄೳੑ͕͋ Δɽ ɹલઅͱಉ༷ʹWindows XPΛར༻ͨ͠IPsecʹΑͬ ͯ҉߸Խ͞ΕͨτϥώοΫͱ҉߸Խ͞Ε͍ͯͳ͍τϥ ώοΫ͔ΒͦΕͧΕ1000݅ͷεϦʔ΢ΣΠϋϯυγΣ ΠΫΛநग़͠ɼͦΕͧΕͷִ࣌ؒؒͱൺֱͨ͠ɽ݁Ռ Λਤ2ʹࣔ͢ɽਤ2͔Β҉߸ॲཧʹΑΔฏۉͷ஗Ԇ࣌ ؒ͸໿0.001ඵͰ͋Δ͜ͱ͕Θ͔ͬͨ

4. ධ Ձ ࣮ ݧ

4.1 ҉߸Խ௨৴ʹର͢Δหผख๏ͷධՁ࣮ݧ ຊઅͰ͸ɼΑ͘஌ΒΕͨϐϡΞP2PϑΝΠϧڞ༗Ξ ϓϦέʔγϣϯͰ͋ΔWinny8)_{Λ༻͍࣮ͯݧΛߦ͏ɽ} ࣮ݧͰ͸IPsecʹΑͬͯ҉߸Խ͞Εͨ௨৴Λ༻͍ͯຊ ߘͷหผख๏͕҉߸Խ௨৴ʹରͯ͠༗ޮੑ͕͋Δ͔Ͳ ͏͔ݕ౼͢Δɽ·ͨɼ҉߸Խϓϩτίϧʹ͸Windows XPͰར༻͢Δ͜ͱ͕Ͱ͖ΔIPsecΛ༻͍Δɽ

ɹ࣮ݧʹ͸ɼWinnyʹΑΔ௨৴ͷΈΛΩϟϓνϟͨ͠ ̎छྨͷτϥώοΫͱɼWinnyʹΑΔ௨৴ύέοτΛ ؚ·ͳ͍̍छྨͷτϥώοΫΛ༻͍ΔɽWinnyͷΈ ͷ௨৴ΛΩϟϓνϟͨ͠τϥώοΫ͸ɼ ௨৴͕҉߸Խ ͞ΕͨτϥώοΫʢIPsecτϥώοΫʣͱɼ௨৴͕҉ ߸Խ͞Ε͍ͯͳ͍τϥώοΫʢnonIPsecτϥώοΫʣ ͕͋Δɽ·ͨɼWinnyʹΑΔ௨৴ύέοτΛؚ·ͳ ͍௨৴τϥώοΫʢnonP2PτϥώοΫʣ͸ɼ҉߸Խ ͞Ε͍ͯͳ͍௨৴ΛΩϟϓνϟͨ͠΋ͷͰ͋Δɽ͜Ε ΒͷτϥώοΫͷҰཡΛද1ʹࣔ͢ɽ ɹલड़ͷ֤τϥώοΫʹରͯ͠หผख๏Λద༻͢Δ͜ ͱͰɼหผख๏ͷ༗ޮੑΛݕ౼͢Δɽ࣮ݧͷྲྀΕΛҎ Լʹࣔ͢ɽ ( 1 ) WinnyͷΈͷ௨৴τϥώοΫΛޙड़͢Δ࣮ݧ؀ ڥ͔Βऔಘ͢ΔɽWinnyύέοτΛؚ·ͳ͍τϥώο Ϋ͸ݚڀࣨͷτϥώοΫ͔Βऔಘ͢Δɽ֤τϥώοΫ ͷଌఆ࣌ؒ͸ͦΕͧΕ3࣌ؒͱͨ͠ ( 2 ) P2PτϥώοΫ͔Βಛ௃ྔЋɼЌΛܾఆͨ͠ɽ ۩ମతͳ಺༰͸ޙड़͢Δ ( 3 ) ಛ௃ྔЋɼЌΛ༻͍ͯτϥώοΫͷ൑ఆ৚݅Λ ઃఆͨ͠ɽ͜ͷ৚݅ʹैͬͯͦΕͧΕͷτϥώοΫʹ ରͯ͠หผख๏Λ༻͍ͨ݁Ռ͔Βหผख๏ΛධՁ͢Δ 4.1.1 P2PτϥώοΫऩूͷͨΊͷ࣮ݧ؀ڥ ࣮ݧ؀ڥʹ͸ϗετOSͱͯ͠Linux(Ubuntu9.04) ΛΠϯετʔϧͨ͠5୆ͷϚγϯΛ༻ҙͨ͠ɽ͜ͷ͏ ͪ4୆ͷϗετϚγϯʹ͸Ծ૝؀ڥͱͯ͠VMware ServerΛಋೖ͠ɼ࢒ΓҰ୆ΛύέοτΩϟϓνϟͷͨ ΊͷϚγϯͱͨ͠ɽVMware ServerΛಋೖͨ͠4୆ ͷϗετϚγϯ্ͰɼͦΕͧΕ2୆ͣͭͷԾ૝Ϛγϯ Λಈ࡞ͤ͞ɼ͜ͷԾ૝Ϛγϯ্ͰWinnyΛಈ࡞ͤ͞ Δ͜ͱʹΑͬͯWinnyʹΑΔ௨৴ͷΈΛΩϟϓνϟ ͨ͠τϥώοΫΛऔಘͨ͠ɽ্هͷߏ੒Λਤ3ʹࣔ͢ɽ 4.1.2 ಛ௃ྔͰ͋Δִ࣌ؒؒЋͷܾఆ ࣮ݧ؀ڥ͔Βऔಘͨ͠P2PτϥώοΫ͔Β150݅ ͷεϦʔ΢ΣΠϋϯυγΣΠΫΛநग़ͯ͠ɼSYNύ έοτͱSYN/ACKύέοτͷ௨৴ִؒΛܭଌͨ͠ɽ ܭଌ݁ՌΛਤ4ʹࣔ͢ɽਤ4͔ΒSYNύέοτͱ SYN/ACKύέοτͷִ࣌ؒؒ͸࠷௕Ͱ0.0418ඵͰ ͋ͬͨɽ͜Ε͔Βִ࣌ؒؒЋΛЋ=0.042ͱͨ͠ɽ͜ ͷΑ͏ʹઃఆͨ͠ཧ༝͸ɼεϦʔ΢ΣΠϋϯυγΣΠ ΫΛݟಀ͞ͳ͍Α͏ʹ͢ΔͨΊͰ͋Δɽ·ͨЋΛ௕͘ ઃఆͨ͠ͱͯ͠΋ִ࣌ؒؒЌʹΑͬͯP2Pτϥώο ද 1 τϥώοΫҰཡ ਤ 3 ࣮ݧ؀ڥͷߏ੒ ਤ 4 ִ࣌ؒؒЋͷଌఆ Ϋࣗମͷޡݕग़͸๷͙͜ͱ͕Ͱ͖Δ 4.1.3 ಛ௃ྔͰ͋Δִ࣌ؒؒЌͷܾఆ ૬ޓʹεϦʔ΢ΣΠϋϯυγΣΠΫΛߦ͏ִ࣌ؒؒ ЌΛܭଌ͢Δɽ࣮ݧ؀ڥͰಘͨP2PτϥώοΫ͔Β ૬ޓʹεϦʔ΢ΣΠϋϯυγΣΠΫΛߦ͏ࡍͷ࣌ؒؒ ִΛ320݅؍ଌͨ͠ɽ؍ଌ݁Ռ͕ਤ5Ͱ͋Δɽਤ5͔ Β૬ޓʹεϦʔ΢ΣΠϋϯυγΣΠΫΛߦ͏ִ࣌ؒؒ ͸࠷௕Ͱ0.307ඵͰ͋ͬͨɽЋͰ͸࠷௕ΑΓ௕͍࣌ؒ ͱ͕ͨ͠ɼЌ͸͜ͷΑ͏ʹ͢Δ͜ͱ͸ద੾Ͱ͸ͳ͍ɽ ִ࣌ؒؒЌΛେ͖ͳ஋ʹઃఆ͢Δ৔߹ɼޡݕग़͕େ͖ ͘ͳΔՄೳੑ͕͋ΔɽͦͷͨΊɼROCΧʔϒΛ࡞੒ ͢Δ͜ͱͰ࠷దͳಛ௃ྔЌΛಛఆͨ͠ɽύέοτ௕Λ 62byteɼಛ௃ྔЋΛ0.042ͱ͠ɼಛ௃ྔЌΛ0.01ؒ ִͰ0ඵ͔Β0.25ඵมԽͤͨ͞ͱ͖ͷnonIPsecτ ϥώοΫͷݕग़཰Λy࣠ɼnonP2PτϥώοΫͷݕग़ ཰Λx࣠ͱͯ͠ϓϩοτͨ͠ਤΛਤ6ʹࣔ͢ɽਤ6͔

ਤ 5 ִ࣌ؒؒЌͷଌఆ ਤ 6 ִ࣌ؒؒЌͷ ROC Χʔϒ Βݕग़཰ͷߴ͘ɼޡݕग़ͷগͳ͍ͱ͖ͷЌͷύϥϝʔ λ͸0.048Ͱ͋ͬͨ 4.1.4 ҉߸Խ͞Εͨ௨৴ʹର͢Δหผ݁Ռ औ ಘ ͠ ͨ τ ϥ ώοΫ ͔ Β ห ผ ख ๏ Λ ධ Ձ ͢ Δ ɽ nonP2PτϥώοΫͱnonIPsecτϥώοΫʹରͯ͠ ͷಛ௃ྔΛЋ=0.042ɼЌ=0.048ɼύέοτ௕=62ͱ ͨ͠ɽ·ͨɼIPsecτϥώοΫʹରͯ͠ͷಛ௃ྔЋɼЌ ͸3ɽ2ষͷ݁࿦͔Β஗Ԇ࣌ؒΛߟྀͯ͠ЋΛ0.001ඵ ૿Ճͤ͞ɼЌΛ0.003ඵ૿Ճͤͨ͞ɽЌΛ0.003ඵ૿Ճ ͤͨ͞ཧ༝ͱͯ͠1ճ໨ͷεϦʔ΢ΣΠϋϯυγΣΠ Ϋ͔Β2ճ໨ͷεϦʔ΢ΣΠϋϯυγΣΠΫ͕ߦΘΕ Δ·ͰʹACKύέοτɼSYNύέοτɼSYN/ACK

ύέοτ͕ૹ৴͞ΕΔͨΊͰ͋Δɽ͜ͷͨΊIPsecτ ϥώοΫʹରͯ͠ͷಛ௃ྔ͸Ћ=0.043ɼЌ=0.051ɼύ έοτ௕=94ͱͨ͠ɽ֤τϥώοΫͷหผ݁ՌΛද2 ʹࣔ͢ɽ ɹIPsecτϥώοΫ͸௨৴͕҉߸Խ͞Εͯ͠·͍ͬͯ ΔͨΊɼεϦʔ΢ΣΠϋϯυγΣΠΫ͕ߦΘΕͨճ਺ Λਖ਼֬ʹ͸೺Ѳ͢Δ͜ͱ͕Ͱ͖ͳ͍͕ɼҎԼͷΑ͏ʹ ߟ͑ͯॲཧͨ͠ɽIPsecτϥώοΫͱnonIPsecτϥ ώοΫ͸ಉ༷ͷ؀ڥͰಉ༷ͷ͚࣌ؒͩΩϟϓνϟͨ͠ τϥώοΫͰ͋ΔͨΊɼWinny͕௨৴Λߦͬͨճ਺ ͸ಉఔ౓ʹͳΔͱߟ͑ͨɽ͜ΕΛ౿·͑ͯIPsecτ ϥώοΫͱnonIPsecτϥώοΫͷ݁ՌΛൺֱ͢Δͱɼ nonIPsecτϥώοΫͷݕग़਺ʹൺ΂ͯIPsecτϥώο Ϋͷݕग़਺͸໿1/4·ͰԼ͕ͬͯ͠·͍ͬͯΔɽͨͩɼ nonP2PτϥώοΫͷ݁Ռ͔ΒΘ͔ΔΑ͏ʹϑΥʔϧ εϙδςΟϒϨʔτʢFPRʣ͸0.5064%ͱ௿͍ͷͰɼ IPsecτϥώοΫͷݕग़਺͕গͳ͘ͳͬͨͱͯ͠΋ɼ Winny௨৴Λߦ͍ͬͯΔτϥώοΫΛൃݟ͢Δ͜ͱ ͕Ͱ͖Δͱߟ͑ΒΕΔɽ ද 2 ֤τϥώοΫ΁ͷหผख๏ͷద༻ 4.2 ஗Ԇ࣌ؒΛߟྀͨ͠หผख๏ͷධՁ ্هͷ࣮ݧͰ͸ϩʔΧϧ؀ڥʹ͓͚ΔఏҊख๏ͷධ ՁΛߦͬͨɽϧʔςΟϯά͕҆ఆ͍ͯ͠Δ؀ڥͰຊํ ࣜ͸༗ޮͱߟ͑ΒΕΔ͕ɼϧʔςΟϯά͕ෳࡶͳΠϯ λʔωοτͳͲͷ؀ڥͰ͸ɼϩʔΧϧ؀ڥͷΑ͏ʹ҆ ఆͰ୹͍஗Ԇ࣌ؒͱ͸ͳΒͳ͍͜ͱ͕༧૝͞ΕΔɽͦ ͷͨΊɼΠϯλʔωοτͷςετϕουͰ͋Δ Plan-etlabΛར༻ͯ͠Πϯλʔωοτʹ͍ۙ؀ڥͰͷωο τϫʔΫ஗ԆΛௐ΂Δ͜ͱͰຊߘͷఏҊ͢Δํ๏ͷద ༻ͷݶքΛݕ౼͢Δɽ 4.3 Planetlab্ͰͷωοτϫʔΫ஗ԆͷӨڹ ࣮ݧ؀ڥͱPlanetlab্ͰͦΕͧΕ100݅ͷεϦʔ ΢ΣΠϋϯυγΣΠΫͷ஗Ԇ࣌ؒΛ؍ଌͨ͠ɽ Plan-etlabͰ࢖༻ͨ͠ϊʔυ͸pl2ɽPlanetlab.ics.tut.ac.jp (133.15.59.2)ͱɼplanetlab-02.naist.jp (163.221.11.72) Ͱ͋ΔɽͦΕͧΕͷ؀ڥͰ؍ଌͨ͠஗Ԇ࣌ؒͷฏۉͱ ෼ࢄΛද3ʹࣔ͢ɽද3͔Β࣮ݧ؀ڥͱPlanetlab ͷ஗Ԇ࣌ؒͷฏۉΛൺֱ͢Δͱɼ࣮ݧ؀ڥʹൺ΂ͯɼ Planetlabͷ஗Ԇ࣌ؒͷฏۉ͕େมେ͖͍͜ͱ͕Θ͔ Δɽ·ͨ෼ࢄʹؔͯ͠΋࣮ݧ؀ڥ͕҆ఆ͍ͯ͠Δ͜ͱ ʹൺ΂ͯɼPlanetlabͷ؍ଌσʔλʹ͸͹Β͖͕ͭ͋ Δ͜ͱ͕Θ͔Δɽ͜͜ͰɼͦΕͧΕͷ؍ଌ݁ՌΛϓϩο τͨ͠΋ͷΛਤ7ʹࣔ͢ɽ͜ͷσʔλ͔ΒΘ͔ΔΑ͏ ʹɼฏۉ஋͔Βʶ0.02ͷൣғͰ͸࣮ݧ؀ڥ͸90%ͷ

ਤ 7 Planetlab ͱ࣮ݧ؀ڥ্ͰͷωοτϫʔΫ஗Ԇͷ؍ଌ݁Ռ ؍ଌσʔλ͕ू·͍ͬͯΔ͜ͱʹର͠ɼPlanetlabͰ ͸30%΄Ͳͷ؍ଌσʔλ͔͠ͳ͍͜ͱ͕Θ͔Δɽ͞Β ʹɼ৔߹ʹΑͬͯେ͖ͳ஗Ԇ͕ൃੜ͢ΔɽͦͷͨΊ޿ ҬωοτϫʔΫʹରͯ͠͸ִ͚࣌ؒؒͩͰ͸৘ใ͕ෆ ଍͍ͯ͠Δ͜ͱ͕Θ͔ͬͨ

5. ݁

࿦

ຊߘͰ͸௨৴͕҉߸Խ͞ΕͨP2PτϥώοΫΛห ผ͢Δख๏Λઆ໌͠ɼͦͷख๏ͷ༗ޮੑΛௐࠪͨ͠ɽ IPsecʹΑͬͯ҉߸Խ͞Εͨ௨৴τϥώοΫʹରͯ͠ 2.2ষͰड़΂ͨหผख๏Λద༻ͨ͠ɽP2PʹΑΔ௨৴ Λؚ·ͳ͍τϥώοΫʹΑͬͯޡݕग़Λௐ΂ͨ݁Ռɼ ϑΥʔϧεϙδςΟϒϨʔτ͕0.5064%ͱେม௿͔ͬ ͨɽ௨৴͕҉߸Խ͞Εͨ৔߹Ͱ͸ɼ௨৴͕҉߸Խ͞Ε ͍ͯͳ͍৔߹ʹൺ΂ͯP2PΞϓϦέʔγϣϯʹΑͬͯ ཱ֬͞ΕͨίωΫγϣϯͷݕग़਺͕໿1/4·ͰԼ͕ͬ ͕ͨɼ௨৴͕҉߸Խ͞Εͨঢ়ଶͰ΋ɼϩʔΧϧωοτ ͷ؀ڥͳΒ͹ຊख๏͸P2PτϥώοΫΛݕग़͢Δख ๏ͱͯ͠ଥ౰Ͱ͋ΔͱΘ͔ͬͨɽ ɹ͞ΒʹɼPlanetlabΛ༻͍ͯΠϯλʔωοτʹ͍ۙ ؀ڥͰͷ஗Ԇ࣌ؒΛௐ΂Δ͜ͱͰɼఏҊख๏͕ద༻Ͱ ͖ΔൣғΛௐࠪͨ͠ɽ݁Ռͱ࣮ͯ͠ݧ؀ڥͰͷ஗Ԇ࣌ ؒͷฏۉ஋ʹൺ΂ͯPlanetlab্Ͱͷ஗Ԇ࣌ؒͷฏۉ ஋͕େ͖͍͜ͱ͕Θ͔ͬͨɽ͞ΒʹɼPlanetlabͰ͸ ࣮ݧ؀ڥʹൺ΂ͯ؍ଌσʔλʹ͹Β͖ͭ͸͋Δ͜ͱ͕ ද 3 ஗Ԇ࣌ؒͷฏۉͱ෼ࢄ Θ͔ͬͨɽҎ্ͷ݁Ռ͔Βɼฏۉ஋͔Β͸ͣΕͨσʔ λ͕ଟ͘ͳΔ޿ҬωοτϫʔΫʹ͓͍ͯ͸ɼຊߘͷఏ Ҋख๏Λͦͷ··࢖༻͢Δ͜ͱʹ໰୊͕͋Δ͜ͱ͕൑ ໌ͨ͠ɽ

ࢀ

ߟ

จ

ݙ

1) ࡾӜ໌೔߳ɼകଜګ࢘ɼѨ෦༸ৎɼԬ෦ਖ਼޾: SYN ύέοτͷݺԠʹண໨ͨ͠P2PτϥώοΫͷදࣔɼ ৘ใॲཧֶձશࠃେձߨԋ࿦จूɼpp.239-240 (2009) 2) দాᜁɼ தଜจོɼ एݪګɼ ాதྑ໌:૬ޓ ઀ଓʹ͓͚Δॱٯ઀ଓִؒΛར༻ͨ͠P2Pτϥ ώοΫ෼ผख๏ɼ ৴ֶٕใɼNo.NS2006-237ɼ pp.415-420 (2007)

3) ”One Point Wall” http://www.onepointwall.jp/ 4) দాᜁɼ தଜจོɼ एݪګɼ ాதྑ໌ɼ େ ࡚३ɼ ઍాߒҰɼ Ճ౻ܓɼ ൧௩ਖ਼: PureP2P ϑΝΠϧڞ༗τϥώοΫͷಛੑղੳɼ ৴ֶٕใɼ No.NS2005-2ɼpp.5-8 (2005) 5) ُҪ૱: P2Pٕज़͕ωοτϫʔΫΠϯϑϥʹٴ ΅͢Өڹͱ՝୊ɼ ίϯϐϡʔλιϑτ΢ΣΞɼ Vol.22ɼNo.3ɼpp.8-18ɼ ೔ຊιϑτ΢ΣΞՊ ֶձ, (2005)

6) ”Security Architecture for the Internet Proto-col”, RFC 4301, IETF

7) ”Cryptographic Algorithm Implementation Requirements for Encapsulating Security Pay-load (ESP) and Authentication Header (AH)”, RFC 4305, IETF