Tracking Contraband Files Transmitted Using Bittorrent
نویسندگان
چکیده
This paper describes a digital forensic tool that uses an FPGA-based embedded software application to identify and track contraband digital files shared using the BitTorrent protocol. The system inspects each packet on a network for a BitTorrent Handshake message, extracts the “info hash” of the file being shared, compares the hash against a list of known contraband files and, in the event of a match, adds the message to a log file for forensic analysis. Experiments demonstrate that the system is able to successfully capture and process BitTorrent Handshake messages with a probability of at least 99.0% under a network traffic load of 89.6 Mbps on a 100 Mbps network.
منابع مشابه
An FPGA-based system for tracking digital information transmitted via Peer-to-Peer protocols
At issue for any organization is the illicit dissemination of sensitive information using file sharing applications within a network, and tracking terrorist cells or criminal organizations that are covertly communicating using Voice over IP (VoIP) applications. This paper presents a field programmable gate array (FPGA)-based embedded software tool designed to process file transfers using the Bi...
متن کاملDetecting Pedophile Activity in BitTorrent Networks
The wide spread of Peer-to-Peer networks makes multimedia files available to users all around the world. However, Peer-to-Peer networks are often used to spread illegal material, while keeping the source of the data and the acquiring users anonymous. In this paper we analyze activity measurements in the BitTorrent network and examine child sex abuse activity through the Mininova web portal. We ...
متن کاملFakeDetector: A measurement-based tool to get rid out of fake content in your BitTorrent Downloads
Fake content represents an important portion of those files shared in BitTorrent. In this paper we conduct a large scale measurement study in order to analyse the fake content publishing phenomenon in the BitTorrent Ecosystem. Our results reveal that a few tens of users are responsible for 90% of the fake content. Furthermore, more than 99% of the analysed fake files are linked to either malwar...
متن کاملOn swarm-level resource allocation in BitTorrent communities
BitTorrent is a peer-to-peer computer network protocol for sharing content in an efficient and scalable way. Modeling and analysis of the popular private BitTorrent communities has become an active area of research. In these communities users are strongly incentivized to contribute their resources, i.e., to share their files. In BitTorrent terminology, users who have finished downloading files ...
متن کاملA Methodology and Tool for Investigation of Artifacts Left by the BitTorrent Client
The BitTorrent client application is a popular utility for sharing large files over the Internet. Sometimes, this powerful utility is used to commit cybercrimes, like sharing of illegal material or illegal sharing of legal material. In order to help forensics investigators to fight against these cybercrimes, we carried out an investigation of the artifacts left by the BitTorrent client. We prop...
متن کامل