Statistical Detection of Downloaders in Freenet

Images posted to file-sharing networks without a person’s permission can remain available indefinitely. When the image is sexually explicit and involves a child, the scale of this privacy violation grows tremendously worse and can have repercussions for the victim’s whole life. Providing investigators with tools that can identify the perpetrators of child pornography (CP) trafficking is critical to addressing these violations. Investigators are interested in identifying these perpetrators on Freenet, which supports the anonymous publication and retrieval of data and is widely used for CP trafficking. We confirmed that 70,000 manifests posted to public forums dedicated to child sexual abuse contained tens of thousands of known CP images including infants and toddlers. About 35% of traffic on Freenet was for these specific manifests. In this paper, we propose and evaluate a novel approach for investigating these privacy violations. In particular, our approach aims to distinguish whether a neighboring peer is the actual requester of a file or just forwarding the requests for other peers. Our method requires only a single peer that passively analyzes the traffic it is sent by a neighbor. We derive a Bayesian framework that models the observer’s decision for whether the neighbor is the downloader, and we show why the sum traffic from downloaders relayed by the neighbor is not a significant source of false positives. We validate our model in simulation, finding near perfect results, and we validate our approach by applying it to real CP-related manifests and actual packet data from Freenet, for which we find a false positive rate of about 2%. Given these results, we argue that our method is an effective investigative method for addressing privacy violations resulting from CP published on Freenet.

[1]  Juston Moore,et al.  Characterization of contact offenders and child exploitation material trafficking on five peer-to-peer networks. , 2016, Child abuse & neglect.

[2]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[3]  Brian Neil Levine,et al.  Forensic investigation of the OneSwarm anonymous filesharing system , 2011, CCS '11.

[4]  David Hinkley,et al.  Bootstrap Methods: Another Look at the Jackknife , 2008 .

[5]  Paul E Mullen,et al.  Psychopathology in a large cohort of sexually abused children followed up to 43 years. , 2010, Child abuse & neglect.

[6]  M. Seto,et al.  Contact Sexual Offending by Men With Online Sexual Offenses , 2011, Sexual abuse : a journal of research and treatment.

[7]  Michael L. Bourke,et al.  The use of tactical polygraph with sex offenders , 2015 .

[8]  Zhenhai Duan,et al.  A Routing Table Insertion (RTI) Attack on Freenet , 2012, 2012 International Conference on Cyber Security.

[9]  Ramesh Govindan,et al.  Using the small-world model to improve Freenet performance , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.

[10]  Zhenhai Duan,et al.  A traceback attack on Freenet , 2013, 2013 Proceedings IEEE INFOCOM.

[11]  Stefanie Roos,et al.  Measuring Freenet in the Wild: Censorship-Resilience under Observation , 2014, Privacy Enhancing Technologies.

[12]  Janis Wolak,et al.  Trends in Arrests of "Online Predators". , 2009 .

[13]  Zhenhai Duan,et al.  Using randomized routing to counter routing table insertion attack on Freenet , 2013, 2013 IEEE Global Communications Conference (GLOBECOM).

[14]  M. L. Bourke,et al.  The ‘Butner Study’ Redux: A Report of the Incidence of Hands-on Child Victimization by Child Pornography Offenders , 2009, Journal of Family Violence.

[15]  Zhenhai Duan,et al.  Reroute on loop in anonymous peer-to-peer content sharing networks , 2014, 2014 IEEE Conference on Communications and Network Security.

[16]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[17]  Ian Clarke,et al.  Protecting Free Expression Online with Freenet , 2002, IEEE Internet Comput..

[18]  Stefanie Roos,et al.  Inferring obfuscated values in Freenet , 2015, 2015 International Conference and Workshops on Networked Systems (NetSys).

[19]  Brian Neil Levine,et al.  Forensic Identification of Anonymous Sources in OneSwarm , 2017, IEEE Transactions on Dependable and Secure Computing.

[20]  Thomas E. Anderson,et al.  Privacy-preserving P2P data sharing with OneSwarm , 2010, SIGCOMM '10.

[21]  Duncan J. Watts,et al.  Collective dynamics of ‘small-world’ networks , 1998, Nature.

[22]  Zhenhai Duan,et al.  Thwarting traceback attack on Freenet , 2013, 2013 IEEE Global Communications Conference (GLOBECOM).