The invention relates generally to network monitoring devices and methods for the protection of intellectual property and more particularly, but not by way of limitation, to the detection and halting of peer-to-peer communications between computer systems.
A peer-to-peer (“P2P”) computer network is a network that relies primarily on the collective computing power and bandwidth of the network's individual nodes rather than concentrating it's computational power in a relatively few dedicated systems or servers. P2P networks are typically used for connecting nodes via largely ad hoc connections for sharing files (e.g., audio and video data files) and realtime data (e.g., Internet telephony traffic).
Because of its decentralized nature, ease of use and wide-spread distribution, P2P technology has become one of the principal means by which Internet users share and distribute information. Organizations (e.g., businesses and academic institutions) have recognized the danger unregulated use of P2P operations pose to the function of their networks. These dangers include, but are not limited to, exposing the organization's network to the introduction of viruses (programs that are loaded onto a user's computer without their knowledge and that usually perform malicious actions), spyware (software that covertly gathers user information and transmits that information to an unknown third party) and malware (software that is intentionally included or inserted in a system for a harmful purpose), the excessive use of network storage facilities, the loss of proprietary data (e.g., trade secrets) and the liability associated with their users (e.g., employees and students) sharing and distributing copyrighted material without the owners consent.
Current attempts to limit or prevent use of P2P technology (and related technologies such as, for example, “IRC” or Internet Relay Chat) rely on published “rules” that users must agree to for the privilege of using an organization's network and/or network administrator-based monitoring. In the former, one's agreement to forgo use of P2P technology does not in itself prevent such use. In the latter, it is incumbent upon the network's administrator (and their staff) to police, detect and enforce the organization's P2P policies. The rapid and acknowledged use of P2P technology for the widespread distribution of copyrighted and other proprietary material attests to the limited ability of these approaches to satisfactorily deal with the use of P2P networks. Thus, it would be beneficial to provide a mechanism to automatically detect and halt peer-to-peer communications to, or from, an organization's network.