Study of Peer-to-Peer Network Based Cybercrime Investigation: Application on Botnet Technologies

Files in This Item:
File Description SizeFormat 
Scanlon_ucd_5090D_10186.pdf11.47 MBAdobe PDFDownload
Title: Study of Peer-to-Peer Network Based Cybercrime Investigation: Application on Botnet Technologies
Authors: Scanlon, Mark
Advisor: Kechadi, M-Tahar
Permanent link: http://hdl.handle.net/10197/10610
Date: 2013
Online since: 2019-05-22T10:56:39Z
Abstract: The scalable, low overhead attributes of Peer-to-Peer (P2P) Internet protocols and networks lend themselves well to being exploited by criminals to execute a large range of cybercrimes. The types of crimes aided by P2P technology include copyright infringement, sharing of illicit images of children, fraud, hacking/cracking, denial of service attacks and virus/malware propagation through the use of a variety of worms, botnets, malware, viruses and P2P file sharing. This project is focused on study of active P2P nodes along with the analysis of the undocumented communication methods employed in many of these large unstructured networks. This is achieved through the design and implementation of an efficient P2P monitoring and crawling toolset.The requirement for investigating P2P based systems is not limited to the more obvious cybercrimes listed above, as many legitimate P2P based applications may also be pertinent to a digital forensic investigation, e.g, voice over IP, instant messaging, etc. Investigating these networks has become increasingly difficult due to the broad range of network topologies and the ever increasing and evolving range of P2P based applications. In this work we introduce the Universal P2P Network Investigation Framework (UP2PNIF), a framework which enables significantly faster and less labour intensive investigation of newly discovered P2P networks through the exploitation of the commonalities in P2P network functionality. In combination with a reference database of known network characteristics, it is envisioned that any known P2P network can be instantly investigated using the framework, which can intelligently determine the best investigation methodology and greatly expedite the evidence gathering process. A proof of concept tool was developed for conducting investigations on the BitTorrent network. A Number of investigations conducted using this tool are outlined in Chapter 6.
Type of material: Doctoral Thesis
Publisher: University College Dublin. School of Computer Science & Informatics  
Qualification Name: Ph.D.
Copyright (published version): 2013 the author
Keywords: BotnetsCybercrime InvestigationDigital ForensicsPeer-to-Peer Networks
Other versions: http://dissertations.umi.com/ucd:10186
Language: en
Status of Item: Peer reviewed
Appears in Collections:Computer Science Theses

Show full item record

Google ScholarTM

Check


This item is available under the Attribution-NonCommercial-NoDerivs 3.0 Ireland. No item may be reproduced for commercial purposes. For other possible restrictions on use please refer to the publisher's URL where this is made available, or to notes contained in the item itself. Other terms may apply.