Driven by the growing popularity of digital media, such as e-books, digital music, movies, videogames, software applications and other digital content, use of file sharing peer-to-peer (P2P) networks increased significantly. P2P networks allow computers to communicate directly with one another rather than through a central server. BitComet® and μTorrent™ are examples of popular P2P networking applications. P2P networks usually use BitTorrent® protocol or other type of peering protocol for communication. These networking protocols allow peer computer nodes to send/receive requests for data objects, such as a file or groups of files, to/from other peer nodes within the P2P network. The requested data object is then downloaded in pieces from multiple source peer nodes and reassembled at a client peer node. The distributed architecture of the P2P networks provides enhanced scalability and service robustness.
However, the unregulated nature of P2P networks and the ever-growing number of the users makes these networks very vulnerable to the spread of malware, such as viruses, warms, Trojans, spyware and the like. The malware may be planted into file archives containing necessary network information or inserted into fraudulent copies of software applications, which are distributed between peer nodes. The current antivirus products usually operate by scanning objects distributed through the P2P networks only after these objects have been downloaded on user computer(s), thereby exposing user computer(s) to the downloaded malware and consuming network resources and time on the distribution of harmful objects. Accordingly, there is a need for a more effective technique for malware detection in P2P networks.