Study of Peer-to-Peer Network Based Cybercrime Investigation: Application on Botnet Technologies
Files in This Item:
|Scanlon_ucd_5090D_10186.pdf||11.47 MB||Adobe PDF||Download|
|Title:||Study of Peer-to-Peer Network Based Cybercrime Investigation: Application on Botnet Technologies||Authors:||Scanlon, Mark||Advisor:||Kechadi, M-Tahar||Permanent link:||http://hdl.handle.net/10197/10610||Date:||2013||Online since:||2019-05-22T10:56:39Z||Abstract:||The scalable, low overhead attributes of Peer-to-Peer (P2P) Internet protocols and networks lend themselves well to being exploited by criminals to execute a large range of cybercrimes. The types of crimes aided by P2P technology include copyright infringement, sharing of illicit images of children, fraud, hacking/cracking, denial of service attacks and virus/malware propagation through the use of a variety of worms, botnets, malware, viruses and P2P file sharing. This project is focused on study of active P2P nodes along with the analysis of the undocumented communication methods employed in many of these large unstructured networks. This is achieved through the design and implementation of an efficient P2P monitoring and crawling toolset.The requirement for investigating P2P based systems is not limited to the more obvious cybercrimes listed above, as many legitimate P2P based applications may also be pertinent to a digital forensic investigation, e.g, voice over IP, instant messaging, etc. Investigating these networks has become increasingly difficult due to the broad range of network topologies and the ever increasing and evolving range of P2P based applications. In this work we introduce the Universal P2P Network Investigation Framework (UP2PNIF), a framework which enables significantly faster and less labour intensive investigation of newly discovered P2P networks through the exploitation of the commonalities in P2P network functionality. In combination with a reference database of known network characteristics, it is envisioned that any known P2P network can be instantly investigated using the framework, which can intelligently determine the best investigation methodology and greatly expedite the evidence gathering process. A proof of concept tool was developed for conducting investigations on the BitTorrent network. A Number of investigations conducted using this tool are outlined in Chapter 6.||Type of material:||Doctoral Thesis||Publisher:||University College Dublin. School of Computer Science & Informatics||Qualification Name:||Ph.D.||Copyright (published version):||2013 the author||Keywords:||Botnets; Cybercrime Investigation; Digital Forensics; Peer-to-Peer Networks||Other versions:||http://dissertations.umi.com/ucd:10186||Language:||en||Status of Item:||Peer reviewed|
|Appears in Collections:||Computer Science Theses|
Show full item record
This item is available under the Attribution-NonCommercial-NoDerivs 3.0 Ireland. No item may be reproduced for commercial purposes. For other possible restrictions on use please refer to the publisher's URL where this is made available, or to notes contained in the item itself. Other terms may apply.