Kad network

From Wikipedia, the free encyclopedia

The Kad network is a peer-to-peer (P2P) network which implements the Kademlia P2P overlay protocol.[1] The majority of users on the Kad Network are also connected to servers on the eDonkey network, and Kad Network clients typically query known nodes on the eDonkey network in order to find an initial node on the Kad network.


The Kad network uses a UDP-based protocol to:

  • Find sources for eD2k hashes.
  • Search for eD2k hashes based on keywords in the file name.
  • Find comments and ratings for files (hashes).
  • Provide buddy services for firewalled (Low ID) nodes.
  • Store locations, comments and (keywords out of) filenames.

Note that the Kad network is not used to actually transfer files across the P2P network. Instead, when a file transfer is initiated, clients connect directly to each other (using the standard public IP network). This traffic is susceptible to blocking/shaping/tracking by an ISP or any other opportunistic middle-man.[citation needed]

As with all decentralized networks, the Kad network requires no official or common servers. As such, it cannot be disabled by shutting down a given subset of key nodes. While the decentralization of the network prevents a simple shut-down, traffic analysis and deep packet inspection will more readily identify the traffic as P2P due to the high variable-destination packet throughput. The large packet volume typically causes a reduction in available CPU and/or network resources usually associated with P2P traffic.[citation needed]


Client search[edit]

The Kad network supports searching of files by name and a number of secondary characteristics such as size, extension, bit-rate, and more. Features vary based on client used.

Major clients[edit]

Only a few major clients currently support the Kad network implementation. However, they comprise over 80% of the user base and are probably closer to 95% of ed2k installations.

  • eMule: An open source Windows client which is the most popular, with 80% of network users. It also runs on Linux using the Wine libraries.

There are a number of minor variants, or forks, of eMule which support the same basic features as eMule itself. They include: aMule (A Linux client similar to eMule) and eMule Mods (not eMule Plus), possibly others.


  • TDL-4: A botnet virus that is reported to use this network as a backup for updates and new instructions if its Command and Control servers are taken down.[2]

See also[edit]


  1. ^ Wang, Peng; Tyra, James; Chain-Tin, Eric; Malchow, Tyson; Foo Kune, Denis; Hopper, Nicholas; Kim, Yongdae (September 2008). "Attacking the Kad network" (PDF). Proceedings of the 4th international conference on Security and privacy in communication netowrks. pp. 1–10. doi:10.1145/1460877.1460907. ISBN 9781605582412. S2CID 1767558. {{cite book}}: |journal= ignored (help)
  2. ^ "Botnet access to the Kad network". SecureList. 27 June 2011. Retrieved 30 June 2011.

External links[edit]