Efficacy of ADDIE Model in Peer-to-Peer Networks: Digital Evidence Investigation

While the need for content distribution proliferates - becoming more mammoth and complex on the Internet - the P2P network perseveres as one of the best avenues to service the demand for content distribution. It enjoys a wide range of clients that transport data in bits securely, making it susceptible to moving dubious contents, hence becoming exposed to varying security threats that require credible digital investigation to address. The tools and techniques used in performing digital investigations are still mostly lagging, successfully slowing down law enforcement agencies in general. The acquisition of digital evidence over the Internet is still elusive in the battle against cybercrime. This paper considers a new technique for detecting passive peers that participate in a P2P network. As part of our study, we crawled the µTorrent P2P client over 10 days while logging all participating peers. We then employed digital forensic techniques to analyze the popular users and generate evidence within them with high accuracy. Finally, we evaluated our proposed approach against the standard Analysis, Design, Development, Implementation, and Evaluation, or ADDIE model for digital investigation to arrive at the credible digital evidence presented in this paper.