1,367 research outputs found
BitTorrent Sync: Network Investigation Methodology
The volume of personal information and data most Internet users find
themselves amassing is ever increasing and the fast pace of the modern world
results in most requiring instant access to their files. Millions of these
users turn to cloud based file synchronisation services, such as Dropbox,
Microsoft Skydrive, Apple iCloud and Google Drive, to enable "always-on" access
to their most up-to-date data from any computer or mobile device with an
Internet connection. The prevalence of recent articles covering various
invasion of privacy issues and data protection breaches in the media has caused
many to review their online security practices with their personal information.
To provide an alternative to cloud based file backup and synchronisation,
BitTorrent Inc. released an alternative cloudless file backup and
synchronisation service, named BitTorrent Sync to alpha testers in April 2013.
BitTorrent Sync's popularity rose dramatically throughout 2013, reaching over
two million active users by the end of the year. This paper outlines a number
of scenarios where the network investigation of the service may prove
invaluable as part of a digital forensic investigation. An investigation
methodology is proposed outlining the required steps involved in retrieving
digital evidence from the network and the results from a proof of concept
investigation are presented.Comment: 9th International Conference on Availability, Reliability and
Security (ARES 2014
On Constructing Persistent Identifiers with Persistent Resolution Targets
Persistent Identifiers (PID) are the foundation referencing digital assets in
scientific publications, books, and digital repositories. In its realization,
PIDs contain metadata and resolving targets in form of URLs that point to data
sets located on the network. In contrast to PIDs, the target URLs are typically
changing over time; thus, PIDs need continuous maintenance -- an effort that is
increasing tremendously with the advancement of e-Science and the advent of the
Internet-of-Things (IoT). Nowadays, billions of sensors and data sets are
subject of PID assignment. This paper presents a new approach of embedding
location independent targets into PIDs that allows the creation of
maintenance-free PIDs using content-centric network technology and overlay
networks. For proving the validity of the presented approach, the Handle PID
System is used in conjunction with Magnet Link access information encoding,
state-of-the-art decentralized data distribution with BitTorrent, and Named
Data Networking (NDN) as location-independent data access technology for
networks. Contrasting existing approaches, no green-field implementation of PID
or major modifications of the Handle System is required to enable
location-independent data dissemination with maintenance-free PIDs.Comment: Published IEEE paper of the FedCSIS 2016 (SoFAST-WS'16) conference,
11.-14. September 2016, Gdansk, Poland. Also available online:
http://ieeexplore.ieee.org/document/7733372
BitTorrent Sync: First Impressions and Digital Forensic Implications
With professional and home Internet users becoming increasingly concerned
with data protection and privacy, the privacy afforded by popular cloud file
synchronisation services, such as Dropbox, OneDrive and Google Drive, is coming
under scrutiny in the press. A number of these services have recently been
reported as sharing information with governmental security agencies without
warrants. BitTorrent Sync is seen as an alternative by many and has gathered
over two million users by December 2013 (doubling since the previous month).
The service is completely decentralised, offers much of the same
synchronisation functionality of cloud powered services and utilises encryption
for data transmission (and optionally for remote storage). The importance of
understanding BitTorrent Sync and its resulting digital investigative
implications for law enforcement and forensic investigators will be paramount
to future investigations. This paper outlines the client application, its
detected network traffic and identifies artefacts that may be of value as
evidence for future digital investigations.Comment: Proc. of Digtial Forensics Research Workshop (DFRWS EU 2014
Broadcasting in Prefix Space: P2P Data Dissemination with Predictable Performance
A broadcast mode may augment peer-to-peer overlay networks with an efficient,
scalable data replication function, but may also give rise to a virtual link
layer in VPN-type solutions. We introduce a simple broadcasting mechanism that
operates in the prefix space of distributed hash tables without signaling. This
paper concentrates on the performance analysis of the prefix flooding scheme.
Starting from simple models of recursive -ary trees, we analytically derive
distributions of hop counts and the replication load. Extensive simulation
results are presented further on, based on an implementation within the OverSim
framework. Comparisons are drawn to Scribe, taken as a general reference model
for group communication according to the shared, rendezvous-point-centered
distribution paradigm. The prefix flooding scheme thereby confirmed its widely
predictable performance and consistently outperformed Scribe in all metrics.
Reverse path selection in overlays is identified as a major cause of
performance degradation.Comment: final version for ICIW'0
- …