论文信息 - Network investigation methodology for BitTorrent Sync: A Peer-to-Peer based file synchronisation service

Network investigation methodology for BitTorrent Sync: A Peer-to-Peer based file synchronisation service

High availability is no longer just a business continuity concern. Users are increasingly dependant on devices that consume and produce data in ever increasing volumes. A popular solution is to have a central repository which each device accesses after centrally managed authentication. This model of use is facilitated by cloud based file synchronisation services such as Dropbox, OneDrive, Google Drive and Apple iCloud. Cloud architecture allows the provisioning of storage space with "always-on" access. Recent concerns over unauthorised access to third party systems and large scale exposure of private data have made an alternative solution desirable. These events have caused users to assess their own security practices and the level of trust placed in third party storage services. One option is BitTorrent Sync, a cloudless synchronisation utility provides data availability and redundancy. This utility replicates files stored in shares to remote peers with access controlled by keys and permissions. While lacking the economies brought about by scale, complete control over data access has made this a popular solution. The ability to replicate data without oversight introduces risk of abuse by users as well as difficulties for forensic investigators. This paper suggests a methodology for investigation and analysis of the protocol to assist in the control of data flow across security perimeters.

M. Tahar Kechadi | Mark Scanlon | Jason Farina

[1] Robert Tappan Morris,et al. Comparing the Performance of Distributed Hash Tables Under Churn , 2004, IPTPS.

[2] Walid Dabbous,et al. Spying the World from Your Laptop: Identifying and Profiling Content Providers and Big Downloaders in BitTorrent , 2010, LEET.

[3] Karl T. Muth. Googlestroika: Five Years Later , 2015 .

[4] M. Tahar Kechadi,et al. BitTorrent Sync: First Impressions and Digital Forensic Implications , 2014, Digit. Investig..

[5] M. Tahar Kechadi,et al. Leveraging Decentralization to Extend the Digital Evidence Acquisition Window: Case Study on Bittorrent Sync , 2014, J. Digit. Forensics Secur. Law.

[6] Taieb Znati,et al. Modeling Churn in P2P Networks , 2007, 40th Annual Simulation Symposium (ANSS'07).

[7] B. Cohen,et al. Incentives Build Robustness in Bit-Torrent , 2003 .

[8] Kim-Kwang Raymond Choo,et al. Cloud storage forensics: ownCloud as a case study , 2013, Digit. Investig..

[9] Robert Tappan Morris,et al. Security Considerations for Peer-to-Peer Distributed Hash Tables , 2002, IPTPS.

[10] Mark Scanlon,et al. A Week in the Life of the Most Popular BitTorrent Swarms , 2010 .

[11] Sangjin Lee,et al. Digital forensic investigation of cloud storage services , 2012, Digit. Investig..